Chaos Lever Podcast

 Step into the Wild World of Telephones! 🛠️📞
In this episode of Chaos Lever, we’re dialing up a fascinating exploration of telephony with special guest Sarah Autumn! Sarah, a volunteer engineer at the Connections Museum in Seattle, takes us on a journey through the evolution of telephone systems, from the quirky mechanical marvels of the early 20th century to the legacy technology that still shapes our communication today. Spoiler: it’s as much magic as it is science.

📌 Highlights from this week’s episode include:

 - A behind-the-scenes look at the Connections Museum and its rare treasures.
- The history of telephone exchanges, old-school "operators," and why area codes exist.
- The surprising origins of familiar sounds like dial tones and busy signals.
- Stories of mechanical ingenuity, including a phone system powered by steel balls (!).

Whether you're a tech enthusiast or someone just curious about how we got from crank phones to iPhones, this episode is packed with history, humor, and a touch of chaos.

🎧 Links Mentioned in the Show:

- Connections Museum: Learn more or plan your visit. (http://www.telcomhistory.org/connections-museum-seattle/)
- Connections Museum YouTube Channel: Dive deeper into the inner workings of telephony. (http://www.telcomhistory.org/connections-museum-seattle/)
- Want to suggest a guest or topic? Head to https://chaoslever.com.

Don’t forget to like, comment, and subscribe to keep the chaos going every week! 🎙️ 

 From AI's stumbling progress to groundbreaking tools and cyber threats, here’s what you need to know for this week:

All The Major AI Models Continue To Lose Money AND Stop Advancing:
Is the golden age of AI innovation already behind us? Reports from OpenAI, Google, and Anthropic suggest that we may have hit a plateau. With increasing costs and diminishing returns, the financial and technical outlook for large AI models is looking bleak. Can ChatGPT 5—or any model—break through the ceiling? Or are we seeing the limits of what these technologies can achieve? (https://www.bloomberg.com/news/articles/2024-11-13/openai-google-and-anthropic-are-struggling-to-build-more-advanced-ai).

LocalStack Snags $25M for Public Cloud Emulation:
Say goodbye to accidental cloud overspending! LocalStack, an innovative tool that emulates public cloud environments locally, has just secured $25M in funding. From speeding up development cycles to saving on costs, LocalStack is making cloud development smarter and more efficient. Is this the future of cloud testing? (https://blog.localstack.cloud/series-a-announcement/).

FBI Investigates China-Based Cyberhacking of US Telecom Networks:
The FBI and CISA have revealed chilling details about China-linked cyberattacks targeting US telecom networks. Dubbed "Flax Typhoon," these attacks weaponize over 200,000 consumer devices to infiltrate critical infrastructure. What does this mean for national security—and your home devices? (https://www.newsweek.com/fbi-chinese-cyber-espionage-multiple-telecom-networks-1985617).

Dapr Graduates the CNCF: 
Dapr, Microsoft’s open-source distributed application runtime, has officially graduated from the CNCF, signaling its maturity and widespread adoption. With its modular approach to cloud-native app development, Dapr is redefining how microservices communicate securely and flexibly. What’s next for this trailblazing project? (https://techcrunch.com/2024/11/12/dapr-graduates-to-become-a-cncf-top-level-project/).

 Ah, passwords—the not-so-secret keys to our digital world. In this episode, we dig into the fascinating (and flawed) history of passwords, from their Roman origins to their debut in 1960s computing, and the constant struggle between ease and security ever since. Why are we still relying on passwords that can be hacked in seconds? And what are the latest recommendations from the National Institute of Standards and Technology (NIST) to make our digital identities safer?

Join us as we cover: 

🔒 How passwords began, and why they’re so easily abused 
🔒 The hilarious and painful ways users circumvent complex password rules 
🔒 NIST's latest guidelines for making passwords simpler yet safer 
🔒 The growing importance of passkeys, MFA, and password managers 
🔒 Alternatives to passwords that may finally lead to better security for all 

If you’re tired of juggling endless passwords or getting locked out because you can’t remember your “favorite childhood pet,” this is the episode for you. 

Links: 

• https://www.wired.com/2012/01/computer-password/
• https://www.troyhunt.com/passwords-evolved-authentication-guidance-for-the-modern-era/
• https://www.nytimes.com/1981/07/26/business/case-of-the-purloined-password.html 
• https://nvlpubs.nist.gov/nistpubs/Legacy/FIPS/fipspub112.pdf 
• https://neal.fun/password-game/ 
• https://pages.nist.gov/800-63-4/sp800-63b.html#password 

 In this episode of Chaos Lever, we dig into the latest tech updates and industry moves, from Amazon's ambitious push to rival OpenAI to Qualcomm’s plans for ARM-powered Windows laptops. We’ll also explore MacOS’s tricky approach to app sandboxing and debate whether Notepad really needs AI.

*Amazon to Invest in Anthropic AI to Compete with OpenAI—But There's a Catch* 
Amazon is making a big move into the AI arena by deepening its investment in Anthropic, aiming to challenge Microsoft-backed OpenAI. AWS will further integrate Anthropic’s AI tech into its offerings, expanding on a 2023 partnership that also made AWS an Anthropic services provider. Interestingly, Amazon’s deal may require Anthropic to shift from NVIDIA chips to Amazon’s own "Trainium" and "Inferentia" chips, doubling up on revenue potential. Is this strategy genius or misguided? (https://www.tomsguide.com/ai/amazon-eyeing-multibillion-dollar-investment-in-claude-maker-anthropic-heres-why-its-a-big-deal)

*Qualcomm Promotes 58 Models of ARM-Based Windows Laptops* 
Qualcomm is shaking up the laptop market with 58 new ARM-powered Windows models launching soon, partnering with brands like Dell, HP, and Samsung. These ARM-based laptops promise better battery life, but compatibility challenges still haunt Windows ARM. Some users, however, report smoother experiences with recent Windows updates and compatibility improvements. Can these new laptops finally compete with Intel and AMD? (https://www.theregister.com/2024/11/07/qualcomm_triples_windows_on_arm/) 

*MacOS App Sandboxing: More Complicated Than It Seems* 
Apple's approach to app sandboxing in MacOS sounds good in theory—limiting apps’ access to sensitive system areas—but its execution has loopholes. Certain processes can escape these sandbox restrictions, making it less reliable for security. This issue has been linked to several CVEs, sparking discussions on how Apple could improve MacOS sandboxing to catch up with BSD. (https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/) 

*Notepad Gets an AI Update—But Do We Really Need It?* 
Notepad, a trusty go-to for Windows users, is getting an AI update in the latest Windows 11 Preview. Users can now rewrite text with AI suggestions, though many wonder why a simple tool needs AI features. The new addition, which requires a Microsoft login, raises questions about the need for AI in every corner of the OS. Sometimes, simple is better! (https://blogs.windows.com/windows-insider/2024/11/06/new-ai-experiences-for-paint-and-notepad-begin-rolling-out-to-windows-insiders/) 

 In today’s episode, we’re diving into one of IT’s murkiest topics: Attack Surface Management, or ASM. Can ASM be fun? Maybe. Is it critical for modern security? Absolutely. If you’ve ever wondered what ASM actually does, or why it’s more than just the latest buzzword, we’ve got answers (and helping handfuls of snark).

We explore how ASM helps businesses stay on top of their digital perimeters—those tricky-to-manage spaces outside the traditional data center walls. From spotting exposed IPs and misconfigured servers to reining in shadow IT, ASM aims to give organizations continuous visibility into their “attack surface.” And while ASM can’t replace yearly pen tests or manage itself like a SOAR, it’s an invaluable tool for identifying vulnerabilities before hackers do.

Join us as we untangle ASM’s purpose, benefits, and its place in a security stack alongside tools like SIEM and SOAR. Could ASM be your best defense against hidden threats? Tune in to find out! And remember, in security, making the news is rarely a good thing. 

LINKS: 

- Gartner’s Insights into Attack Surface Management (https://www.gartner.com/en/documents/5341663) 
- BlueKeep: Still Crazy (Good at Being Used for Hacking RDP) After All These Years (https://www.cisa.gov/news-events/cybersecurity-advisories/aa19-168a) 

 In this week’s *Chaos Lever Tech News*, we’re diving into groundbreaking—and sometimes just plain weird—developments in the tech world.

Gene Therapy + Data Storage: Remember the days of 3.5" floppy disks with 1.44MB capacity? Today’s microSDs blow that out of the water, but there’s a limit to how much data we can fit on silicon. Enter DNA as a storage medium, where a single gram theoretically holds 215,000TB. Scientists are inching closer with "epi-bits," though the read/write speeds are still...less than ideal. (https://www.nature.com/articles/s41586-024-08040-5)

Government vs. C/C++: The Cybersecurity and Infrastructure Security Agency is officially not a fan of “memory unsafe” languages like C and C++. They've issued a stern warning for any organization handling critical infrastructure: modernize your code or be prepared for the consequences. Even C++ creator Bjarne Stroustrup seems to be (quietly) on board with making his language safer. (https://www.cisa.gov/resources-tools/resources/product-security-bad-practices)

The McFlurry Machine Crisis Might End Soon: Yes, you read that right. Thanks to a copyright exemption, McDonald’s will finally be allowed to fix its own infamously finicky ice cream machines without waiting on a Taylor-certified tech. iFixIt and Public Knowledge made it happen, so you may soon get that elusive McFlurry on demand. (https://arstechnica.com/tech-policy/2024/10/us-copyright-office-frees-the-mcflurry-allowing-repair-of-ice-cream-machines/)

Microsoft’s ‘Recall’ Feature…Delayed Again: Microsoft’s questionable “Recall” feature, which quietly screenshots your desktop, is delayed *again.* Promises of full encryption and an opt-in option are on the table, but whether anyone *wants* this feature remains debatable. (https://www.theverge.com/2024/10/31/24284572/microsoft-recall-delay-december-windows-insider-testing) 

Get ready for a *spooktacular* look at one of the least spooky (but incredibly powerful) tools ever made: Microsoft Excel. It's Excel’s 40th anniversary, so we're diving into its history, quirks, and how this humble spreadsheet app has managed to shape business, science, finance, and... espionage? Yes, you read that right.

Excel may not sound thrilling, but trust us, it's one of the most impactful tech tools of the last 40 years. From financial firms to scientific research, sports leagues, and even British intelligence, Excel’s endless versatility has led to some, let’s say... *interesting* mishaps along the way. We’ll explore:
- The origins of the spreadsheet concept dating back to ancient Mesopotamian clay tablets (yes, seriously)
- Landmark moments like the creation of VisiCalc, Lotus 1-2-3, and Excel’s first big splash
- Iconic Excel fails, from the JP Morgan $6.2B blunder to national policy mistakes—Excel giveth, and Excel taketh away!
- The rise of VBA, Excel World Cup, and how Excel thrives today in the cloud era

So grab a pumpkin spice latte, sit back, and open a workbook with a mini-golf game embedded. You’ll never look at spreadsheets the same way again. 💀

 Links: 
- https://www.qashqade.com/insights/the-worst-financial-services-excel-errors-of-all-time 
- https://www.teampay.co/blog/biggest-excel-mistakes-of-all-time 
- https://sheetcast.com/articles/ten-memorable-excel-disasters 
- https://www.bbc.com/news/business-39870485 
- https://infotech.commons.gc.cuny.edu/2016/01/25/new/ 
- https://www.historyofinformation.com/detail.php?id=5478 
- https://spinpasta.fandom.com/wiki/Hall_of_Tortured_Souls 
- https://fmworldcup.com/excel-esports/microsoft-excel-world-championship/ 

 This week, we dive into the Internet Archive's recovery after cyberattacks compromised user data and targeted public knowledge institutions. IBM faces a tough quarter, with mainframe sales lagging but Red Hat growth keeping optimism alive. Broadcom issues another critical patch for vCenter, addressing a persistent flaw that remains a major security concern. Plus, Bluesky secures $15M in funding, positioning itself as a safer alternative for those leaving Twitter.

Links: 
- https://www.sfchronicle.com/sf/article/internet-archive-hack-19851974.php 
- https://newsroom.ibm.com/2024-10-23-ibm-releases-third-quarter-results 
- https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24968 
- https://techcrunch.com/2024/10/24/bluesky-raises-15m-series-a-plans-to-launch-subscriptions/ 

In this episode, we dive deep into the wild world of cyber insurance and the massive changes that have unfolded between 2020 and 2023. Remember when we said cyber risks would increase and insurance applications would get tougher? Well, they sure did! And that’s just the start. Join us as we break down how cyber insurance policies have evolved—from simple yes/no questions to intense multi-page interrogations.

But wait, there’s more! Like the Joker sequel no one asked for, this episode takes an unexpected turn, and we’ll spend some quality time discussing Incident Response Plans—the unsung hero of cybersecurity that can make or break your insurance prospects. Not sure what a real IR plan looks like? Spoiler: "Call Dave to fix it" won’t cut it.

Get ready for a deep, sometimes sarcastic, but always insightful exploration of the policies and plans that protect your business—and your sanity—in the face of rising cyber threats.

🎙️ Topics Covered:

• The evolution of cyber insurance policies (2020 vs. 2023)
• What insurers are looking for now (and what’s expected from you)
• Why Incident Response Plans matter more than ever
• NIST’s framework for a solid IR plan and how to actually use it

Links:

•  https://csrc.nist.gov/projects/incident-response 

This week, we're diving into the surprising moves by some tech giants in the world of nuclear energy! Amazon has invested in small modular reactors (SMRs) to help power their datacenters, joining the likes of Google and Microsoft in the nuclear energy race. SMRs promise safer, more scalable energy, but don’t expect to see these reactors online until the 2030s. Can nuclear energy meet the growing power needs of AI and cloud computing?

Plus, we honor the legacy of BBS co-creator Ward Christensen, who sadly passed away at 78. Learn about his contributions to tech history, including his pioneering work with XMODEM and BBS systems.

Also, major changes are coming for Microsoft Exchange Server users as the end of support looms with no clear replacement in sight. Find out what this means for on-prem email servers and Microsoft’s push for Exchange Online.

Lastly, Anguilla’s domain extension, .ai, is making waves in the tech world! The tiny island is cashing in on the AI boom, making millions from domain registrations. How long will this windfall last?

Links:
 - https://techcrunch.com/2024/10/16/amazon-jumps-on-nuclear-power-bandwagon-by-investing-in-x-energy-and-promising-small-reactors
 - https://arstechnica.com/gadgets/2024/10/ward-christensen-bbs-inventor-and-architect-of-our-online-age-dies-at-age-78/
 - https://www.theregister.com/2024/10/16/microsoft_end_of_support_wave_widens/
 - https://apnews.com/article/anguilla-artificial-intelligence-ai-internet-29d4ca2bb740d0425ffb8355811a6976