60: The Great Odwalla Flavor Change of 2013


00:00:00   [MUSIC]

00:00:02   Stop! Hammer time!

00:00:03   Oh, is that what we missed? Son of a...

00:00:05   Oh, man. Excellent track. Excellent track.

00:00:09   Yeah, that was my... that was one of my first cassettes that I ever bought.

00:00:14   Was MC Hammer?

00:00:15   Yeah, it was "Please Hammer, Don't Hurt Him."

00:00:17   Did you end up having him sign that cassette when you met him many years later?

00:00:21   No, I did not have it with me in Manhattan.

00:00:23   It's poor planning.

00:00:25   When he was promoting Dance Jam. I did not.

00:00:27   I did and I was promoting Tumblr.

00:00:29   Yeah. Is that still a thing? Is Dance Jam still a thing? I have no clue.

00:00:33   I don't know. I've never even even even that day. I didn't even look it up. Dance Jam has come to an end.

00:00:39   Thank you all for the participation over the years, but Dance Jam has come to an end. I guess they sunset their brand.

00:00:45   They're aligning their visions with with their platform umbrella. Oh, just stop. Just stop. You're hurting my ears.

00:00:52   John, let's talk about how you can sell tickets quickly.

00:00:57   Last show we talked about how they would sell WWDC tickets this year.

00:01:02   Of course, in the grand tradition of our Wednesday recording of our Friday show, Apple announced

00:01:07   how they were going to sell tickets after we had recorded the episode, so that was fun.

00:01:13   One of the options was a lottery.

00:01:14   That's what Apple ended up doing.

00:01:18   Some feedback on Twitter, someone saying that it was really difficult to do a system that

00:01:25   won't crash due to the onslaught of people wanting to buy tickets.

00:01:28   And on the previous show I had said that this is a bounded problem.

00:01:32   It's not like Facebook where in theory everyone on the earth with an internet connection could

00:01:35   get an account.

00:01:37   There is limited interest in WWDC.

00:01:38   We were trying to think how many people could there possibly be, maybe one million is an

00:01:42   upper bound, a crazy upper bound for this conference of 5,000 people.

00:01:45   And I said surely someone could design a system that can handle the onslaught of 1,000 people

00:01:51   basically serve them on a first-come, first-serve basis.

00:01:55   No guarantees.

00:01:56   You may still get blocked out, but it's a way of potentially

00:01:58   increasing your odds versus a lottery, a truly random lottery,

00:02:03   where there's no way of increasing your odds.

00:02:04   It doesn't matter when you enter.

00:02:05   It doesn't matter what you do.

00:02:07   You're just one of another whole pile of people.

00:02:11   And so someone said, well, that's what Google did too,

00:02:13   because apparently even the mighty Google couldn't put up

00:02:17   a service for their I/O conference

00:02:18   that would withstand that.

00:02:19   lottery instead. I don't think Google did a lottery because they couldn't provide a service

00:02:23   that's withstood the onslaught. It's conceivable that Google did the same mistake that Apple has

00:02:28   made where underestimating what the demand would be and put a wimpy system out there and the wimpy

00:02:31   system fell down. But I think it is entirely within Google's technical expertise to make a

00:02:36   system that would allow a million or so people to try to sign up for a conference all at the same

00:02:42   time. And as evidence of this, someone on Twitter pointed me to Shmoo Khan. I hope I'm pronouncing

00:02:47   it correctly. I guess it could be—yeah, ShmooCon, right?

00:02:50   >> As in short for "shmooze." >> Yeah, this is from the description on their

00:02:54   website. It's an annual East Coast hacker convention, hell-bent on offering three days

00:02:58   of an interesting atmosphere for demonstrating technology exploitation, blah, blah, blah,

00:03:02   blah, blah. Anyway, it's, you know, by tech nerds, for tech nerds. Presumably it's a

00:03:06   small conference, but they did pretty much what I described on the previous show, which

00:03:10   is like, well, just make something simple and straightforward without anything fancy

00:03:14   in it and have a system whereby everyone just floods it all at once and everyone, you know,

00:03:19   first come first serve and that's all there is to it.

00:03:22   And it's not a guarantee and you could still be the very first person to click the button

00:03:26   and still not get a ticket because of the vagaries of the way servers work, but at least

00:03:29   you're increasing your odds and their servers don't fall down.

00:03:32   And this ShmooCon obviously is small and what they did is they did a series of rounds where

00:03:35   they would release 650 tickets at once, like, you know, I don't know how long the rounds

00:03:41   were separated by, maybe an hour or whatever.

00:03:43   And then if you reserve your spot, then you have like five minutes to check out or something

00:03:48   like that.

00:03:49   And if you decide not to buy the ticket, it goes back into the pool.

00:03:52   And everyone who didn't get a reservation gets put in a queue for any tickets that people

00:03:58   don't buy, and they do a series of rounds or whatever.

00:04:01   So anyway, the person who was haranguing me about this on Twitter was telling me in a

00:04:08   slightly condescending tone that I didn't know what I was talking about.

00:04:11   I'm pretty sure after, what, 20 years of doing web development, I know what is and isn't

00:04:15   possible in web development on this scale.

00:04:18   It is possible to make a system that gives you slightly increased odds of getting a ticket

00:04:24   if you are one of the first people waiting to click the button.

00:04:27   Again, no guarantees, and it's not going to be perfect, but you can make a server that

00:04:30   doesn't crash under this kind of load, and apparently these people have done it.

00:04:33   And I was, you know, and they were going back and forth on Twitter about this, and there

00:04:36   was a lot of goalposts moving and hemming and hawing, but the bottom line is that I think

00:04:41   Apple and Google both have slightly more financial and technical resources than ShmooCon.

00:04:45   And ShmooCon is doing 650 ticket rounds. So Apple could just use the ShmooCon technology,

00:04:53   which is probably like one Linux server and one programmer, they could use that technology to do

00:04:58   like seven or eight rounds and fill up WWDC. Or they could use a little bit of the bazillions of

00:05:03   dollars they have and do something similar. Anyway, regardless of... As I said in the

00:05:09   in the preview show, and a lottery is by far the best system for Apple, and Apple tends

00:05:13   to do what's best for Apple, and they did what was best for Apple. So this is all kind

00:05:16   of a moot point, but I wanted to bring it up again, because there is an actual example

00:05:19   right down to the sort of very simple text-only, not very fancy-looking stuff, written I think

00:05:25   by one or two people who were sending me messages on Twitter. So it can be done.

00:05:30   Honestly, I would love the chance to try to write something like that, just because I

00:05:34   I would take it as a, just like the,

00:05:37   whenever there's a big keynote that is not livestreamed

00:05:41   and everybody clogs the hell out of the various blogs

00:05:45   that have live chat transcripts of what's going on.

00:05:47   I always thought it would be cool to attempt

00:05:51   to design one of those things and see

00:05:52   like how much it stood up to.

00:05:54   - Yeah, you remember all those things crashing?

00:05:57   Ars Technica had the same problem

00:05:58   'cause they kept trying different vendors

00:05:59   and then they hired someone named Lee,

00:06:01   who was a pro programmer, and he by himself

00:06:04   wrote the new Ars Technica system for handling live blogs

00:06:07   and they've been using it ever since with no problems.

00:06:08   One person, probably a couple months of development.

00:06:11   So there you go.

00:06:13   - Oh yeah, I mean, like if you custom tailor it

00:06:17   to exactly your needs and no more,

00:06:19   and you do it right, taking advantage of things like S3

00:06:23   and CDNs to alleviate a lot of the load

00:06:25   and the spreading out the load and stuff like that,

00:06:28   you can do it, it'd be really cool anyway.

00:06:31   So I think this kind of thing,

00:06:33   I would love the chance to design this kind of system

00:06:35   and see how could it handle the rush

00:06:38   from a 5,000 ticket conference of 50,000 people

00:06:42   trying to get into it or whatever the number might be.

00:06:46   - If you were in a class, like a college course,

00:06:48   about this topic, this would be one of your homework

00:06:50   assignments or one of your midterm project or whatever.

00:06:53   Design a system that could withstand X, Y,

00:06:55   and they would have a test harness that would subject

00:06:57   your system to these stresses and you'd have some

00:06:59   given amount of hardware that you had to use

00:07:01   efficiently or whatever.

00:07:02   Like it doesn't get much more straightforward than this.

00:07:06   Say you don't even have to do the purchase part,

00:07:07   just do the reservation part.

00:07:08   Like that is almost the simplest possible problem

00:07:11   you could have and it would be a great idea to like,

00:07:12   let me try using Node.js,

00:07:13   let me try using a NoSQL database,

00:07:15   let me use a relation database,

00:07:17   let me try it with flat files,

00:07:18   let me try it with shared memory, like you could try it.

00:07:20   - I think if you're using a database at all,

00:07:21   you already lost.

00:07:22   I mean, my solution would be memcache

00:07:24   and using the atomic operations within memcache cleverly

00:07:27   to make it basically an all memcache solution.

00:07:31   that there would be the exercise would be like within a given set of hardware all these

00:07:34   different technologies and how well do they take advantage of the hardware or don't they,

00:07:39   you know? And you'd probably be given like more hardware than you need, but like you

00:07:41   would have to have something that's scaled out horizontally. Like it's a good object

00:07:45   lesson because it's a very simple thing that you're trying to do. I wish I could actually

00:07:49   talk about, I think I have scaling way down the notes anyway. But anyway, continuing the

00:07:52   follow up.

00:07:53   That'll be a quick topic.

00:07:55   (laughing)

00:07:57   All right, and then do you wanna talk about how,

00:08:01   anything else regarding the signup process,

00:08:04   specifically like the followup area?

00:08:06   - Oh no, we have to say how we all did in the WWDC lottery,

00:08:11   but I don't have any more followup on this signup thing.

00:08:13   - We are sponsored this week by our friends at Transporter.

00:08:16   Transporter is a special external hard drive

00:08:19   that you own and control,

00:08:20   like any other external hard drive.

00:08:22   But it has these awesome cloud and network features

00:08:25   But it's a private cloud that allows

00:08:28   you to have sharing and sync and a whole bunch of other cloud

00:08:30   benefits without the files actually

00:08:32   being stored on the cloud.

00:08:33   The files are stored on this drive that's in your house

00:08:36   or in your garage or in your closet or whatever.

00:08:38   And you own and control that drive.

00:08:40   So like Dropbox, you can access your files

00:08:43   from any of your computers or your iOS or Android devices.

00:08:47   All your transport files are available from anywhere

00:08:49   that has internet access, assuming your home connection

00:08:52   is online, of course, so we can get to it.

00:08:54   You can share individual files or folders

00:08:57   with web accessible share links,

00:08:58   no matter how large those files are.

00:09:00   If you have multiple transporters,

00:09:02   or if you have one and your friend has one,

00:09:04   or a coworker has one,

00:09:06   multiple transporters can replicate each other.

00:09:08   You can set it to replicate the whole thing,

00:09:09   or just a folder.

00:09:11   This is a great way to collaborate with projects,

00:09:14   or to provide an easy offsite backup.

00:09:15   Like if you have, you can have one at home, one at work,

00:09:18   one at a friend's, or your parent's house,

00:09:20   or whatever the case may be.

00:09:23   So if you wanted to sync just one folder, for instance,

00:09:25   you and a friend or a coworker can collaborate on one folder

00:09:29   and collaborate on a project.

00:09:30   And those files always remain in sync

00:09:31   no matter how big they are,

00:09:33   minus time it takes to actually transfer them.

00:09:36   So your data with Transporter is secure.

00:09:39   It's never stored on cloud servers.

00:09:41   You don't have to worry about like,

00:09:43   if it's stored on Dropbox and Dropbox has access to it

00:09:46   and maybe government stuff might get in the way.

00:09:48   With Transporter, your data is stored on your hard drive

00:09:52   in your house. When data is transferred, it's transferred directly between

00:09:55   transporters and end-to-end encryption is used. So there's nobody in the middle who

00:10:00   can read it, although we'll have to talk about the hard-plea bug in a few minutes,

00:10:03   but I'm pretty sure they already said they were not vulnerable to that. So your

00:10:08   data is very secure with Transporter. So how do you get one of these things? Go to

00:10:11   filetransporterstore.com. They have a handful of models here that you can get

00:10:16   500 gigs for just $199, 1 terabyte for $249, and 2 terabytes for $349.

00:10:23   And they had this other model called the Transporter Sync, which is this little $99, almost like

00:10:27   a puck kind of thing, and it just has a USB port on one side and a network port on the

00:10:31   other.

00:10:32   And so you plug in any USB hard drive you already own, and then it gains all the features

00:10:37   of a Transporter with hard drive you already have.

00:10:40   That's the Transporter Sync for just $99.

00:10:41   And all these prices take another 10% off by using

00:10:45   coupon code ATP.

00:10:47   Now best of all, once you buy it, that's it.

00:10:49   There are no monthly fees, unlike almost any cloud

00:10:52   solution you can think of.

00:10:54   You buy the transporter upfront, and that's it.

00:10:56   No matter how much data you store, as long as it fits on

00:10:59   there, that's it.

00:11:00   You're paying no monthly fees.

00:11:03   And if you look, for example, let's say you get the

00:11:04   two-terabyte model.

00:11:06   If you look to see how much it costs to store two terabytes

00:11:09   photos on a cloud service, you're gonna pretty quickly see the benefits here. So

00:11:12   go to filetransporter.com for more info, and if you go to filetransporterstore.com

00:11:18   to buy these things, don't forget to use coupon code ATP to get 10% off. Thanks a

00:11:23   lot to Transporter for sponsoring our show once again. All right, so we should

00:11:26   probably talk about WWDC tickets and what came of that. So all three of us

00:11:34   registered for tickets. We were registered for the opportunity to spend

00:11:38   $1600. Marco, did you get a ticket?

00:11:42   I won the chance to spend $1600, and I took that chance.

00:11:46   Fair enough. I, too, won a chance to spend $1600, and thankfully, since I'm gainfully

00:11:52   employed, unlike you, I used works money to spend $1600. John, how did you fare?

00:12:00   I did not get a golden ticket. I got a sad email an hour and a half after the supposed

00:12:04   deadline that said, "Unfortunately, you did not win a chance to spend $1600. Try again

00:12:09   next year."

00:12:11   This genuinely makes me extremely sad. And I know this probably doesn't come across

00:12:16   as genuine because I am very excited to have gotten a ticket. But I almost, not quite,

00:12:24   but almost wish that of the three of us, you were the one to get the ticket because I think

00:12:28   it takes the most encouragement for you to get out there, justifiably, I should add.

00:12:33   And so I feel like the universe has kind of wronged all of us by not allowing you to win

00:12:39   the lottery.

00:12:40   I wish your work was paying for my ticket and that I could get one.

00:12:44   Yeah, I also, you know, because, because, I mean, you know, you look around at the,

00:12:49   at the rates of people you hear from on Twitter, people you follow, at the rates of how many

00:12:54   of them got rejected, I would say, roughly speaking, I would guess maybe one in 10 got

00:13:02   in of people that I follow or heard about or from?

00:13:05   Yeah, I would say the same thing. And it's funny because before the lottery ended, I

00:13:13   had plucked out of thin air, you know, I bet you it's about 50,000 people because I knew

00:13:17   a lot of, I shouldn't say a lot, but I knew a handful of people that I didn't think

00:13:21   or they didn't think that they would go if they got a ticket. But what harm is it

00:13:26   in throwing your name in the hat? There's no penalty for that really. And so I would

00:13:32   agree that of the people I saw, it was about one in ten, and given that it's about a 5,000-person

00:13:38   conference, even I can handle that. That math says it's about 50,000 people. What did you think, John?

00:13:43   John: Right after the announcement, it seemed to me like it was, you had the 50/50 shot,

00:13:47   because I was seeing roughly half the people in the Twitter stream were saying I got one and didn't.

00:13:51   But then later on, I started hearing about like whole blocks of people who were like, "Oh yeah,

00:13:55   everybody in our 10-person company applied and none of us got tickets." So that starts to balance

00:14:00   and yeah, beforehand if you were to ask me,

00:14:02   I would say like 10 to one or 20 to one,

00:14:04   but then afterwards I was thinking,

00:14:05   maybe it's only like two or three to one,

00:14:06   but it's so hard to tell because I don't think

00:14:08   we have a good sample size because you don't know

00:14:09   everybody who's, and maybe only the winners are saying,

00:14:12   yay, they got them instead of being sad that they didn't.

00:14:15   I'm not even sure Apple will give us numbers.

00:14:17   I suppose, like in the WWDC keynote in the beginning,

00:14:21   in their big part where they talk about all their numbers

00:14:23   that they're proud of, it'll be like,

00:14:24   welcome to WWDC, it's so popular, the blah, blah, blah,

00:14:27   you know, maybe they'll throw something out there,

00:14:29   But in the end, it doesn't matter too much, I think.

00:14:32   I mean, it wasn't like 100 or 1,000 to one.

00:14:35   I think we can ballpark it.

00:14:36   You know, it's somewhere between two to one, 10 to 121.

00:14:40   But I would be really surprised if it's 100 to one.

00:14:43   It seems like it's much lower than that.

00:14:46   - Yeah, I mean, I feel kind of sad

00:14:49   for everyone who didn't get one.

00:14:51   That's why I didn't say anything on Twitter

00:14:53   about whether I got one or not.

00:14:55   And really the only reason that I even agreed

00:14:57   talk about it here is that everyone's asking us, but I feel guilty that I got one. Not

00:15:05   guilty enough to not take it.

00:15:07   [laughter]

00:15:08   **Matt Stauffer:** Survivor is guilt. Yeah, no, but YouTube all asked me before the show

00:15:11   that if I want to talk about whether I got one or not, because there's two things at

00:15:14   play. One is that some people who got the chance to buy a ticket chose not to. And I

00:15:19   know people who did that because I was asking them if they could somehow transfer their

00:15:23   ticket to me. I don't think there's a way to do that. I think if you got the chance

00:15:26   to buy a ticket and you choose not to buy it, well then you choose not to buy it. Those

00:15:29   tickets go back into a pool somewhere and presumably Apple will disperse them to people

00:15:33   who didn't win the lottery the first time. So there's that glimmer of hope for me. And

00:15:37   the second part is the glimmer of hope that someone inside Apple knows who I am and says

00:15:40   that we should get that guy a ticket. And some people might give me a hard time about

00:15:45   that or some people think that I should feel bad that somehow because I have this amount

00:15:49   of fame from writing these reviews or whatever that someone inside Apple would recognize

00:15:52   my name and say, "Oh, give him one of our pool of tickets to the reserve," or whatever.

00:15:56   But I think that's perfectly valid because, for example, like, why do certain journalists

00:16:00   get tickets and other ones don't?

00:16:03   Depending on your publication, is it because of your readership?

00:16:05   Is it because of your fame?

00:16:06   Is it because Apple likes you?

00:16:07   Apple just chooses which people from the press that they like and gives them press passes

00:16:10   to the keynote.

00:16:11   I'm not going to get a press pass to the keynote, of course, but for many years, lots of other

00:16:15   people didn't get press passes to the keynote, and then they did get them, and then they

00:16:18   didn't get them.

00:16:19   And it's like, it's whoever Apple picks.

00:16:21   If Apple likes you and people inside Apple like you, you get nice things from Apple.

00:16:25   If they don't like you or don't know you, you don't get nice things.

00:16:28   I have limited control over that.

00:16:30   Hopefully for writing reviews that people in Apple might read, they might know who I

00:16:35   am or whatever.

00:16:36   But I don't feel guilty if I get special treatment because of that, for the same reason that

00:16:42   John Gruber shouldn't feel guilty, that he gets a press pass.

00:16:44   It's like, "Oh, you just got a press pass because you run Daring Fireball."

00:16:46   Yeah, that's why he got a press pass.

00:16:48   It makes perfect sense to me.

00:16:50   - Well also to point out what the press pass is,

00:16:53   which is important, like when Gruber gets a press pass,

00:16:56   those press passes are only good for the keynote.

00:17:00   After the keynote, that's it, they kick you out.

00:17:02   So even if you got a press pass,

00:17:05   it wouldn't really help for your purposes,

00:17:06   'cause your purposes are you actually go to the sessions

00:17:09   the whole week to learn stuff for your review.

00:17:12   And if you got a press pass via ours or via any other means,

00:17:17   for the keynote, that really wouldn't help you at all,

00:17:20   because it would only be for that morning,

00:17:22   which you can watch anytime, anywhere, anyway,

00:17:24   and most of the stuff that you would talk about,

00:17:26   or go into the labs, asking questions,

00:17:28   talking to the engineers,

00:17:30   the press pass wouldn't allow you to do any of that stuff.

00:17:32   - Yeah, if I had to choose,

00:17:34   I'm not gonna get a press pass anyway,

00:17:37   'cause I'm not being pressed at the keynote,

00:17:38   but I talked to ours about it, and I told ours,

00:17:41   if you get a press pass,

00:17:41   use it for people who are gonna report on the keynote,

00:17:44   'cause I'm not going to report on the keynote,

00:17:45   and that's what you should use the press pass to.

00:17:47   The press pass is useless to me.

00:17:48   I need the pass to the entire conference

00:17:50   'cause I go to sessions every single day

00:17:52   for the entire week.

00:17:54   So, you know, while it would be fun to go to the keynote

00:17:57   and be in the room or whatever, you know,

00:18:00   a press pass, I would never take a press pass away

00:18:02   from someone who's actually going there to report it.

00:18:04   Whereas people like, oh, you're taking a pass away

00:18:06   from a real developer.

00:18:07   I feel like I'm going to just as many sessions

00:18:10   as a quote unquote real developer,

00:18:11   and I'm paying attention and I'm taking notes

00:18:14   and I'm using that information to do something.

00:18:16   What I'm doing is not writing a program,

00:18:18   but I don't think it's any less of a practical useful thing

00:18:21   for me to go to all those sessions and take all those notes

00:18:23   and synthesize all the data.

00:18:25   So I feel no guilt in sort of,

00:18:27   oh, you're taking a pass from someone who's a developer.

00:18:29   If somehow I managed to get a pass to WC,

00:18:32   you can be sure that I'm going to some of you

00:18:33   and I'm gonna be sitting and taking that pass

00:18:34   and going to all those sessions like I usually do.

00:18:36   If I don't, oh well, what can you do?

00:18:38   - Yeah, I think, you know, there's always every year,

00:18:41   we even talked about this last year,

00:18:42   every year you look around and you talk to people there

00:18:45   and there's always people who get in who you can pretty much,

00:18:50   after five minutes of talking to them,

00:18:52   you can pretty much tell like,

00:18:53   yeah, they didn't really need to be here.

00:18:55   Like people who just really aren't into it,

00:19:00   like into Mac or iOS development,

00:19:03   and also don't want to be into it,

00:19:05   and they're just there like,

00:19:07   'cause their company was willing to send them

00:19:08   and they happen to get a ticket or something.

00:19:10   Like it's like, you shouldn't feel bad about,

00:19:13   like if you're at all interested in this world of these ecosystems, if you're at all interested,

00:19:20   you should not feel bad taking a ticket for it because there's, you know, yeah, there

00:19:24   are a lot of people who are interested who don't get tickets, but like you're not the

00:19:28   one person keeping all those people out.

00:19:31   Yeah, and honestly, like the videos really do help. Like if I don't get a ticket, why

00:19:34   it's not so bad this year and not calamitous to my review, hopefully, is that assuming

00:19:38   they don't announce that the release date of OS X is like a week after WWDC, in which

00:19:42   case we're all screwed. They release the videos in a timely manner now, so it's not so bad

00:19:47   for me to not be there to sit through the sessions. Now, it depends on what they announce

00:19:51   in the year. So, for example, in certain past years, they've announced technologies and

00:19:54   stuff that I've spent multiple hours talking to, let's just say people, about at WWDC that

00:20:03   really heavily informed my review and helped me make it better. And those are some of the,

00:20:08   You know, like, from the outside, if you look at my reviews, like, maybe it looks like all

00:20:12   just one sort of one undifferentiated soup of information, but I know the parts of information

00:20:16   that I never would have known had I not been physically at WWDC.

00:20:19   But if I'm not physically there, the sessions have tons of information too, so it's not

00:20:23   the end of the world for my review.

00:20:25   The end of the world for my review is always what they announce for their release date,

00:20:28   because that tells me how much time I have to write a thing.

00:20:31   But you know, it's fun to go out there for a week, it's fun to see people, and I like

00:20:34   being in the sessions.

00:20:35   There's something about being in the room.

00:20:36   Even for things like the State of the Unions and the keynote,

00:20:40   being in that room gives you a better idea

00:20:43   of what the vibe is than watching the videos.

00:20:45   'Cause the videos are so,

00:20:46   not that they're manipulated,

00:20:48   but they're post-processed in a way

00:20:49   that it doesn't feel like it does in the room.

00:20:51   And in the room, you can get a sense

00:20:52   of what people really think of what's going on

00:20:54   for good or bad in any of these announcements.

00:20:57   And plus just whispering to the people next to you

00:20:59   or whatever, it's a whole thing.

00:21:01   I'll really be sad if I don't manage to get a ticket,

00:21:03   But again, what can you do?

00:21:06   - Yeah, in the videos, first of all,

00:21:08   they don't show the presenter.

00:21:10   It's just the picture is only of the slides.

00:21:14   But they also cut out,

00:21:15   if there's any periods of applause or laughter,

00:21:18   they'll actually cut that out.

00:21:19   - For time, because they try to make them faster, right?

00:21:22   - Yeah, but being there live gets you all that stuff,

00:21:26   no question, and that's great.

00:21:28   And if there is Q&A, which there really rarely is these days

00:21:31   but if there is Q&A,

00:21:33   that's almost always cut out of the video as well.

00:21:35   But the videos have the advantage

00:21:37   of being able to skim through, being able to rewind,

00:21:40   and being able to play it faster than 1x speed,

00:21:42   because the actual pace of the presenter speaking

00:21:45   is very slow, so everyone can get it.

00:21:47   And even if your English isn't that great,

00:21:50   or even if you're a slow note-taker,

00:21:52   you can still follow along,

00:21:54   which is very nice and accommodating of them.

00:21:56   But it really is nice once you get home

00:21:59   and you can handle the videos to be able to skim through

00:22:01   and play them at like 1.5x or 1.6x and get through a lot more, a lot faster. Or you can

00:22:07   skip over sections that you already know about or sections that aren't relevant to you, stuff

00:22:11   like that.

00:22:12   Yeah, timely release of the videos is so much more important than getting a ticket in terms

00:22:16   of, you know, getting the information out to me for reviews because when they weren't

00:22:21   timely, I had to be in there taking notes like a demon because as soon as they changed

00:22:25   that slide, I was never going to see those words again for God knows how many months.

00:22:29   And so I was like, this is my only chance to type down.

00:22:32   I'm literally transcribing the slides, and many times I took pictures of the slides,

00:22:36   like I can't copy this, I just gotta take a picture.

00:22:39   It was a bad situation.

00:22:40   Now, for the past two years, when they've been so good with the videos, it's like, just

00:22:43   relax, you don't need to copy down what's in the slides, you're gonna be able to look

00:22:45   at those slides in a couple days anyway, you'll be fine.

00:22:48   It's just so much nicer.

00:22:49   And then you can write down what you really should be writing down, is your thoughts,

00:22:53   your synthesis of the information you're receiving, or points that occurred to you, or questions

00:22:56   that you wanna ask.

00:22:57   Q&A, there's always the bunch of nerds gather around the presenter at the end of the thing.

00:23:02   And if you really have a pressing question, you can either take note of that presenter

00:23:05   and hunt them down later in the week, or just go up there and stand and try to ask them

00:23:08   your question after the session is over.

00:23:10   Okay, that's actually one of my tips for WWDC that I started doing myself, is even if I

00:23:16   don't have a question, I'll just go up there and stand there and listen to everyone else's

00:23:19   questions and the answers that they get.

00:23:22   Because a lot of times, like the mob presenter at the end answering questions from crazy

00:23:27   people, you can get a lot of information out of that that is useful. That, you know, maybe

00:23:32   they're asking questions you didn't think to ask, but it actually is useful information.

00:23:37   So I always stand up there and just listen, even if I have nothing to say.

00:23:39   So what do you guys think will happen this coming Monday at 5 Pacific, which is when

00:23:46   the deadline is for those who won the lottery to actually commit and reward Apple for their

00:23:52   winning the lottery with $1600? You know, what do they do with those excess tickets?

00:23:56   Do they start doling them out to John Syracuse like we all hope?

00:23:59   Do they do a second run lottery? Like they've never said anything about a waiting list. What do you suspect is going to happen?

00:24:05   Let's start with John.

00:24:06   I assume they're going to do another random

00:24:08   disbursement and if you're one of the lucky few you will get an email that says I know we told you before you couldn't get

00:24:13   a ticket but one is available if you'd like to buy it you have until X date

00:24:16   But I don't think they'll send out more negative emails like that

00:24:19   I won't get a second email telling me a bunch of new tickets for release from people who didn't buy them

00:24:23   But you didn't get one of those either, loser.

00:24:25   That would be so cruel. That would be amazing.

00:24:28   That's that's what I suspect that the lucky people kind of like what happened the year when everyone had like half purchased things in

00:24:34   their cart like they just went to those people and said hey

00:24:36   It looks like you tried to buy a ticket and didn't get it if you still want it like and and I think that makes

00:24:41   sense for the way they would do this

00:24:43   Well, so last year and and the year before like, you know when they've sold out rapidly

00:24:48   and probably before that too, but

00:24:51   Apple's developer relations people have always had some tickets to give away. Like if somebody

00:24:58   really important or really deserving didn't get a ticket, they could like email their

00:25:02   friends at Apple and be like, "Hey, would you consider me?" And sometimes that worked,

00:25:06   sometimes it didn't. So there has always been this pool of tickets that might be given away

00:25:11   as the developer relations people at their discretion or to like important corporate

00:25:16   clients or whatever the case may be or you know you know good you know good

00:25:19   stories from students or young people or whatever else so that my guess is when

00:25:27   when the number of tickets that are unclaimed becomes you know established

00:25:32   if that number is really really high like over you know we estimate there's

00:25:37   about 5,000 tickets if let's say that number is over a thousand if over a

00:25:40   thousand of them are unclaimed that weren't already reserved to be given

00:25:44   away at their discretion.

00:25:45   Maybe they might do it in the random drawing,

00:25:48   but honestly, I would assume that whatever pool

00:25:52   is not claimed through the random lottery,

00:25:56   that just gets added to their pool of discretionary tickets

00:25:59   that they can give away.

00:26:00   - See, I figured their discretionary pool

00:26:02   was already pretty big, and that's why I thought

00:26:05   they would do this as a second random thing,

00:26:06   is that I thought they already had a discretionary pool

00:26:08   that was never even put up for possibility,

00:26:10   and they're just saving those.

00:26:12   I mean, again, this is why the system is great for Apple.

00:26:14   We have no idea how they distributed tickets.

00:26:15   Was it truly random?

00:26:17   Did they pin down like, okay, we gotta make sure

00:26:19   at least X number of people from the Microsoft Office team

00:26:22   get in there and these people from Adobe

00:26:24   and like the people who have business relationships,

00:26:27   these people from EA have to go.

00:26:28   Like can you imagine if everyone from EA got shut out?

00:26:30   Like I don't see that happening, right?

00:26:32   So surely there, you know, and like it could be

00:26:36   that the entire thing was like that.

00:26:37   Like a large portion of the pool

00:26:39   could have been discretionary.

00:26:41   So they pinned down all their discretionaries first

00:26:42   and then do everybody else random.

00:26:44   And that's why I think if these people don't buy again,

00:26:46   they will have already made sure

00:26:48   that the people they care about got them

00:26:49   and then just do a second random thing.

00:26:51   But none of us know, that's the beauty of this system.

00:26:54   Apple can do whatever they want,

00:26:55   and from the outside we just all have to assume

00:26:57   it is entirely random and fair.

00:26:59   And from what I've seen,

00:27:01   you can always do pattern matching

00:27:03   and come up with conspiracy theories like,

00:27:04   "Oh, nobody from Rogomemba got one."

00:27:07   Apple doesn't like Rogomemba,

00:27:08   therefore they're being shunned.

00:27:10   But until we know what the total number of people trying to buy tickets was, like what

00:27:15   are the odds that all seven people from Broganemia didn't get it?

00:27:19   Probably pretty good.

00:27:20   I mean, you know, like, no matter what the odds are, I think we're probably lucky on

00:27:24   this show that two of the three of us got tickets.

00:27:26   And I don't think that was because someone was trying to give people from ATP tickets,

00:27:29   just that's the luck of the draw.

00:27:32   So someone who's better at probability than I am can calculate the odds that any specific

00:27:36   group of people all didn't get tickets.

00:27:38   But I have a feeling that it's impossible to tell from the outside whether it was truly

00:27:43   random.

00:27:44   I mean, I think that at least some part—I think the part that's been given away so

00:27:49   far was random.

00:27:52   Because not only looking around and just seeing anecdotally what we see around us, but they

00:27:56   used the word "random" everywhere.

00:27:59   They used it on the site, they used it in both emails, confirm and reject.

00:28:03   They used the word "random" so many times.

00:28:04   It would be really weird to say random so much if that portion of the tickets was not

00:28:10   given away randomly.

00:28:12   Apple's way is not to lie, it's just to withhold and not specify.

00:28:16   So I would imagine this was actually random.

00:28:20   Now, they could have randomly given away 3500 and kept 1500 for themselves for discretionary

00:28:25   use.

00:28:26   Who knows?

00:28:27   Yeah, and I feel like at least some portion has to be random, because how else do you

00:28:31   explain away me getting a ticket and not John. As much as I'm excited about it, I think there's

00:28:39   a pretty simple argument that the community at large would be better seeing a better OS X review

00:28:45   than if I am able to go and talk about it on ATP. So it seems clear to me at least a portion was

00:28:49   random. Well, there's other weightings they could use, for example. Here's the things that I'd

00:28:55   imagine if they were going to do a non-random, because first of all, any random is pseudo-random.

00:28:58   Like, maybe they used the built-in rand

00:29:00   and put a defined seed in or something.

00:29:02   But anyway, there's many things that could weigh in there,

00:29:05   which could be like, have you been to WWDC before?

00:29:07   If you have, your odds go down.

00:29:08   If you haven't, your odds go up.

00:29:09   Because they want some portion of the people

00:29:11   to be new people.

00:29:12   Do you have an app in the App Store?

00:29:14   Casey does, I don't, right?

00:29:15   How long have you had a developer account?

00:29:17   How many bugs have you filed?

00:29:19   Like, all sorts of criteria.

00:29:21   You can imagine coming up with this crazy algorithm

00:29:23   to try to weight it, to try to, like,

00:29:24   we want some percentage of new people,

00:29:26   some percentage of people who are long-time developers,

00:29:28   but if you just went to WFDC, give someone else a chance,

00:29:31   and you can imagine trying to come up with this algorithm

00:29:33   and then just feeding that into the engine

00:29:34   and letting it spin and saying it's not deterministic,

00:29:37   it's just weighting your chances based on these criteria.

00:29:40   Or it could be entirely random.

00:29:42   Again, we don't know, but it seems like it's pretty fair.

00:29:45   I don't see any rhyme or reason

00:29:47   to the people who got them who didn't got them,

00:29:49   and I think anything that I am seeing

00:29:50   or can try to convince myself of,

00:29:51   it's because we're just pattern matching machines

00:29:55   and we'll try to apply whatever.

00:29:57   We'll try to apply a narrative to anything that's random, because there will always be

00:30:00   some patterns that we see in the noise.

00:30:02   But yeah, I'm pretty darn certain that they have a reasonably large pool of discretionary

00:30:08   ones that they are sort of pinning down on the people they definitely want to come.

00:30:13   And I'm obviously not in that group, nor do I expect to be, nor should I be.

00:30:15   Like, I'm just hoping that I can, you know, eke out one of the dregs when people choose

00:30:20   not to buy tickets.

00:30:21   I think, also, I mean, I haven't heard of anybody getting a discretionary ticket offered

00:30:27   to them yet, they're probably at least waiting until this timeout period ends so they know

00:30:31   how many they have, which is one of the reasons why I think, why these aren't going to be

00:30:36   re-randomized, that that's just going to be added to the discretionary pool.

00:30:40   Well, I mean, like, you used to be able to transfer them. Like, you said, there wasn't

00:30:43   like a reservation and a purchase. It used to be that you could buy them, but then you

00:30:46   could transfer it as an asset within your ADC thing. So in past years, there was lots

00:30:50   of sort of horse trading going on of transferring these things around from one person to the

00:30:53   other. But that's not possible this year, as far as I know.

00:30:56   Overall, are you guys, obviously, you know, because we had different results, our opinion

00:31:02   of this is probably biased, but overall, how happy are you with this system that they did?

00:31:10   I don't love it, but I can't conceive of a better system that isn't me selecting

00:31:18   all my friends and giving them tickets, you know?

00:31:21   I don't I wish there were something that worked out better selfishly in the sense that you know, I wouldn't I'm very happy

00:31:28   I got a ticket and I'm happy you did but I wish John did but if you look at the bigger picture

00:31:33   I can't I can't conceive of a system

00:31:36   wherein I think it's more fair and

00:31:39   Also more agreeable to Apple as John has said many many many times

00:31:43   I think a lottery or even a lottery with some allotment on the side is about as fair as you're gonna get

00:31:50   Yeah, I also I mean again like I was picked this time

00:31:53   so it's kind of I don't know how valid this opinion is but you know

00:31:59   That's why I said last week when we were speculating about what they would do

00:32:02   I said this I this is me be my preferred system, even if I didn't win

00:32:06   because I

00:32:09   Think this is again. It's like, you know, you could think of all these different ways to

00:32:12   Try to alleviate the problem of way too many people wanting to be in a conference that really can't and probably shouldn't grow

00:32:19   larger. But I really do think this is the best way that they could have done it. And

00:32:25   it worked flawlessly. I got to give them credit. The web service was perfectly fine, possibly

00:32:30   as a result of the email delivery pace. The checkout process was lightning fast and fine.

00:32:37   Everything, the whole thing worked fine. It worked exactly as they designed it, it seems.

00:32:46   I don't know. I really think they did the best they could, and it worked as well as

00:32:50   it could have.

00:32:51   Well, I gave my opinion last show, and it's unchanged. I like the idea that people who

00:32:56   are more enthusiastic about going can somehow increase their odds. Not guarantee themselves

00:33:00   a spot, not block out other people, but just increase their odds slightly. That whole thing

00:33:06   of everyone sitting around waiting for a clock to go and clicking on a button, maybe that's

00:33:09   not the best way to allow people to increase their odds, but it's a reasonable way because

00:33:14   you are expressing your maniacal enthusiasm for wanting to go by doing that, and you are

00:33:18   slightly increasing your odds by doing it.

00:33:21   And so, a system that Apple controls entirely, you don't have a good way at the time of

00:33:26   purchase to increase your odds.

00:33:27   The only way you can increase your odds is by doing something over the course of two

00:33:31   decades to put you into the good graces of Apple, which is much harder to do a day before.

00:33:38   I would have said it even if I got a ticket this time, because it's sort of the powerlessness

00:33:43   of like, you know, all I can do is put my little ticket into this hat and then just

00:33:48   wait. And like I said, you know, there's no way for me to express that I want to go

00:33:53   to this more than somebody else. And surely I want to go to this more than at least one

00:33:56   or two other people. So there's no way for me to increase my odds. I find that lack of

00:34:02   control upsetting, and Apple, I'm sure, finds that lack of control delicious and lovely.

00:34:06   All right, so really quickly before Marco tells us about something cool.

00:34:14   So John, what I think you're saying is in a perfect John Siracusa WWDC ticket distribution

00:34:21   world, Apple would do what they did in the first few years of me going anyway, where

00:34:28   they randomly out of the blue, I guess so that wasn't last year was years prior, out

00:34:34   of the blue, they just let the tickets go and everyone has to jump on and stomp on their

00:34:38   servers and try to get in before the servers crumble.

00:34:43   So—

00:34:44   No, no, that was no good because of the people who live in different time zones and stuff.

00:34:47   Like, no matter how enthusiastic you are, if it's 2 a.m. where you are, that's not

00:34:52   fair.

00:34:53   Oh, okay.

00:34:54   So what would you say then?

00:34:55   So what I was going to say was, let's assume the servers can handle that kind of impact,

00:34:59   which I know was laughable to begin with.

00:35:01   Assuming the servers can handle it, you would still do like 2013 where they pre-announce

00:35:05   what the time is?

00:35:06   Yep, pre-announce the time and date.

00:35:08   I mean, someone's going to get screwed anyway because it's going to be three in the morning

00:35:11   and somewhere on Earth when the thing goes off already.

00:35:13   But like, you have to pick a time.

00:35:14   I mean, they could even do it by region by time if they wanted to be fairer, like this

00:35:18   hemisphere, this time zone, release tickets in blocks.

00:35:21   Like they have a way of taking trouble.

00:35:22   But basically, you'd know what time it was going to be, and you express your desire to

00:35:28   go by being there, hovering over that button at the exact moment.

00:35:30   Even if they all sell out in five seconds, if you're one of the people who click that

00:35:34   button within that five seconds and you got lucky, because again, it's not a guarantee

00:35:38   due to the magic of concurrency and everything, at the very least, you increased your odds

00:35:42   versus someone who just strolled in 30 seconds later or forgot about it or set a reminder

00:35:47   but didn't get a chance to do it.

00:35:48   You know what I mean?

00:35:49   It's not a great way to express your enthusiasm.

00:35:51   It's not a perfect system, but it is a way to increase your odds.

00:35:57   And the only thing you need is, say you've never been.

00:35:59   "I'm like, boy, I've never been to WWDC.

00:36:01   I keep hearing about it.

00:36:02   Sounds really great.

00:36:03   I really, really want to go."

00:36:04   All you got to do is make that decision sometime

00:36:06   before the date that they announced

00:36:07   and sit there with your mouse button

00:36:08   and click your little thing.

00:36:11   I see your point, and that does make sense.

00:36:13   So why don't you tell us, Marco, about something that's cool?

00:36:15   But I'd also like to get you guys thinking,

00:36:18   is WWDC the way it is today the right way

00:36:21   to accomplish what they're trying to accomplish?

00:36:23   But before that--

00:36:24   New Relic is an all-in-one web app performance management

00:36:28   tool.

00:36:29   It lets you see performance from the end user experience

00:36:31   through your servers and down to each line

00:36:34   of your server side code.

00:36:35   So our friends at New Relic asked us to take a minute

00:36:38   and say a big thank you to all you data nerds out there

00:36:41   building all this great stuff that we all know and love.

00:36:44   They're sending a shout out to the developers,

00:36:46   software geeks, the code jockeys,

00:36:48   to those brave few who see things differently.

00:36:51   High fives to all you rule breakers and disruptors.

00:36:54   Here's to working nights,

00:36:55   to wearing oversized concentration enhancing headphones.

00:36:58   Hey, they got me there.

00:37:00   Upon your furrowed brows, I don't know if I'm furrowed.

00:37:03   That's like when you're like tense and angry looking, right?

00:37:05   When your brows are all tense in the middle.

00:37:07   No, I'm not usually furrowed,

00:37:09   but I do always wear giant headphones.

00:37:11   New Relic thanks you, the entire internet thanks you.

00:37:15   Nowadays, if you're in any business,

00:37:17   you're in the software business.

00:37:18   Software powers our apps, runs our databases,

00:37:21   manages our accounts, and runs e-commerce sites

00:37:23   and email programs.

00:37:24   When software breaks, everyone loses.

00:37:27   New Relic helps improve your software performance

00:37:29   so your users have a better experience

00:37:31   and your business is more successful.

00:37:33   That's a win-win, right?

00:37:35   So New Relic monitors every move your application makes

00:37:38   across the entire stack.

00:37:39   They can show you what's happening right now.

00:37:41   You can zero in on problems quickly

00:37:43   with transaction tracing, SQL and NoSQL

00:37:46   performance analytics, application topology mapping

00:37:49   and deployment history markers and comparisons.

00:37:51   I don't even know what half those things are

00:37:52   but they sound really cool.

00:37:53   Just sign up at newrelic.com/atp

00:37:56   for a 30-day free trial.

00:37:59   So here's what you do, you deploy their agent.

00:38:01   Now their agent has native support right built in

00:38:04   for Ruby, PHP, Java, .NET, Python, and even Node.

00:38:09   Look at this, I mean, come on, they're on the ball here.

00:38:12   That's all the cool stuff, all the cool kids

00:38:13   using one of those languages except PHP.

00:38:16   It'll start collecting data immediately,

00:38:18   and you can quickly see inside your app

00:38:19   to start finding hotspots, bottlenecks.

00:38:22   You can start fixing issues and optimizing your performance.

00:38:25   Once again, newrelic.com/ATP for a free 30-day trial.

00:38:30   Check it out.

00:38:31   Thanks a lot to New Relic for sponsoring our show.

00:38:34   - So at work, I am not involved

00:38:36   with our application performance management group,

00:38:39   but we do have one.

00:38:41   And we use several different tools,

00:38:43   but I can tell you with my hand on my heart

00:38:46   that New Relic is one of our favorites.

00:38:47   And although I've not used it personally,

00:38:49   I know that my guys and girls at work

00:38:52   who have used it really do like it.

00:38:54   So you should check it out.

00:38:56   So before the break, I had asked you guys,

00:38:59   or cued you guys up to ask,

00:39:01   is WWDC the right answer for accomplishing

00:39:04   what Apple is setting out to accomplish with the conference?

00:39:08   And if not, what should we do?

00:39:11   And I bring this up because I got into

00:39:12   a couple of Twitter discussions

00:39:14   about how, oh, WWDC is fundamentally broken,

00:39:16   and, oh, this shouldn't go on,

00:39:18   they should make it so much bigger,

00:39:20   other Moscones have much more space,

00:39:22   this is terrible, oh my god, blah blah blah.

00:39:24   And I just don't see how WWDC would be the same anymore

00:39:28   if almost anything changed about it.

00:39:31   So I don't love the system the way it is,

00:39:35   but I don't begrudge it either.

00:39:37   Marco, do you feel like it's okay the way it is,

00:39:40   and if not, what would you do?

00:39:42   - There are ways they could improve it, certainly,

00:39:44   but I think overall, there's a reason why

00:39:47   it pretty much hasn't changed in years,

00:39:50   you know, in many years.

00:39:52   Like I've been going since 2009,

00:39:54   and I know it was different, you know,

00:39:56   at various points in the past before then,

00:39:58   but since I've gone from 2009 forward,

00:40:01   it's been pretty much the exact same the entire time.

00:40:04   They've, you know, they've had minor improvements

00:40:07   to certain things, like last year,

00:40:08   the Odwalla flavors changed,

00:40:10   and that threw me for a losing.

00:40:12   (laughing)

00:40:12   'Cause I can't have the ones that have banana in them,

00:40:15   and so every year there's like one flavor I can have,

00:40:18   And so yeah, that sucked because they removed the good one last year.

00:40:22   Besides that...

00:40:23   Oh, but they also patrolled it a lot more. Did you notice that?

00:40:26   They didn't release the Oddwalla refrigerators as often, which was too bad.

00:40:33   Exactly. But, you know, besides the Oddwalla flavor change,

00:40:36   the great Oddwalla flavor change of 2013...

00:40:38   [laughter]

00:40:40   ...for the worse, I might add, but at least for those with banana allergies.

00:40:44   But besides that, they're trying to alleviate this with things like releasing the videos

00:40:51   really, really quickly and making them available to everyone, not just attendees, which they

00:40:56   changed I think a few years back, and having the tech talks all around the country for

00:41:02   free that are like one day mini-WBDCs.

00:41:05   And what's interesting, the tech talks, they split up into game and non-game tracks.

00:41:12   And so that's one thing you could do maybe is, people always say this, you know, have

00:41:16   basically two parallel conferences or two sequential conferences, one focused for game

00:41:22   developers and technologies they use and one focused on app developers because that actually

00:41:27   is a pretty effective bisection of the market, not just because, you know, so many apps are

00:41:33   games and so many apps aren't games and like there's enough people on both sides to pack

00:41:37   those conferences full and it's a pretty good division, but also because there's good subject

00:41:41   matter division there, that there's a whole lot of stuff,

00:41:44   like almost all of the interface UI stuff, widget stuff,

00:41:48   like game developers almost never use those things.

00:41:51   So, you know, so much of that, like so much of the,

00:41:56   like if iOS 8, we should actually have an iOS 8

00:41:59   prediction/wish list segment at some point,

00:42:02   but probably before WWDC would be nice,

00:42:05   but you know, like if they add something like

00:42:08   better interapp communication and sharing features

00:42:10   like the Windows contract or the Android Intents or vice versa, whatever the match is up there.

00:42:16   If they add something like that, then that's something that, again, game developers probably

00:42:20   wouldn't use that. Game developers need a lot more stuff about media and GL and there's

00:42:25   some things that are common like networking frameworks. That's common. You know, memory

00:42:29   management, profiling tools, stuff like that. Most of that is common between the two worlds,

00:42:33   but there's so much stuff that isn't. Whereas if you took pretty much any other division

00:42:39   Like Mac versus iOS even is a pretty bad division these days

00:42:43   because there's not that much stuff exclusive

00:42:46   to one or the other anymore.

00:42:48   At least that's worth talking about at WBTC.

00:42:52   So there's all that.

00:42:54   But then what if they do something like,

00:42:56   what if they announce an iWatch

00:42:58   or some kind of new platform?

00:43:00   Do they do that at the App Conference or the Game Conference?

00:43:03   And which one covers which?

00:43:06   You can see there are problems with that approach as well.

00:43:10   So I don't really know what else they could do.

00:43:12   I think they're already doing what they can,

00:43:15   which is, you know, sell as many tickets as they can,

00:43:18   and try to reduce demand in slightly meaningful ways.

00:43:23   Like I know a lot of people,

00:43:25   and this began a little bit last year,

00:43:28   but this year I'm seeing it more.

00:43:29   A lot of the people I know in the iOS community

00:43:32   didn't even try to get tickets.

00:43:33   That they just are like, all right, well, you know what?

00:43:36   I'll just, I'll save the $1600, I'll go out there anyway,

00:43:40   I'll have all the social aspects and all the business

00:43:43   meetings and networking, most of it that I can do,

00:43:47   and I'll just hang out with some friends every day

00:43:50   and watch the videos that come out every day.

00:43:53   And I think by having the videos come out right then,

00:43:55   rather than, only a couple of years ago,

00:43:58   the videos coming out a week after the conference

00:44:01   was revolutionary, 'cause it used to be months,

00:44:04   it would be months after the conference they would come out.

00:44:07   And then a couple years ago it was a week.

00:44:09   And then last year it was like half a day.

00:44:13   And that changed everything I think,

00:44:16   because now it is totally plausible to go out there

00:44:19   and watch the videos during the week,

00:44:22   in the week of the conference,

00:44:25   while you're out there without actually attending it.

00:44:27   And I know a lot of people who chose to do that

00:44:30   even before they knew whether they got a ticket,

00:44:32   they didn't even try.

00:44:33   So I think they're doing an okay job of managing it.

00:44:36   - So I have one problem with what you just said,

00:44:40   which is how do you acquire these videos

00:44:42   if you're not sitting in the cafeteria area at Moscone?

00:44:46   Because they're pretty big and hotel wifi sucks

00:44:50   and you don't wanna be downloading gigabytes of video

00:44:52   over an LTE connection unless you're somehow

00:44:56   rich enough to afford a 90 gig connection.

00:44:59   - That I don't know what people do with that.

00:45:02   I assume, I mean, I sure wouldn't do it.

00:45:06   In the past, I've never downloaded stuff

00:45:07   until I've gotten to that cafeteria,

00:45:09   but just for that exact reason.

00:45:12   - Because I was contemplating going even without a ticket

00:45:15   before I knew whether or not I would get a ticket.

00:45:18   And the one problem I had with my grand master plan,

00:45:22   not grand master, with my master plan

00:45:24   was I could spend the day watching the videos

00:45:28   and thus it wouldn't really be lost time,

00:45:30   but I didn't know how to get the videos

00:45:31   Because hotel Wi-Fi sucks, always.

00:45:34   Even in a place like San Francisco, where you would assume that half the internet runs

00:45:39   through it some way, somehow, hotel Wi-Fi is still terrible.

00:45:43   So I would wonder if there was a way to do that.

00:45:47   Or maybe one of the answers to make WWDC more livable is to allow people into the cafeteria

00:45:54   area during not eating times.

00:45:56   I know there's a million logistical issues there, but my point is, give the John Siracuses

00:46:01   of the world, not to pick on you, John, but give you a way to get these videos with a quickness

00:46:05   without having to download them over crummy hotel Wi-Fi. Well, they just need to extend their Wi-Fi

00:46:11   network outside of the thing. Like, I think you can, can you kind of Wi-Fi mooch? I mean,

00:46:14   I know they have Wi-Fi in the big giant lobby, but it seems like the sort of the exterior walls

00:46:19   of the building stop. I don't know if you're, if I was like in line with my iPod touch, could I get

00:46:23   the Wi-Fi that's in there? Because the password is always, you know, you get the password from

00:46:26   from someone who you know as the WWDC,

00:46:28   and then get on the WWDC wifi network,

00:46:30   and presumably that will suffice for you

00:46:32   to download a bunch of videos and go,

00:46:33   and I don't think Apple cares that you did that.

00:46:36   - Well, they often will block big download files,

00:46:39   like always, they always block the betas

00:46:42   that they make available, they always block those

00:46:43   from being downloaded over wifi,

00:46:45   'cause they don't want the wifi clogged up

00:46:46   with everyone downloading these like two gig files.

00:46:48   So I think they might block the videos as well.

00:46:51   But I mean, if you know someone who's gonna be in there,

00:46:53   the easiest solution is to just have them

00:46:55   download everything onto a USB stick and hand it to you.

00:46:57   - Oh, that's a really good point.

00:46:58   - Yeah, I mean, I feel like there are ways to do it,

00:47:01   and there's always someplace where you can find WiFi.

00:47:03   Just because we don't live there in hotel WiFi style,

00:47:05   but it doesn't mean there's no WiFi in San Francisco.

00:47:07   Like, someplace there has, I mean, the worst case,

00:47:11   I mean, like for us again, it's like, who do you know?

00:47:12   Like, could we go to the Mac world offices

00:47:14   and mooch off their connection?

00:47:15   Could, you know, there's always something you can do,

00:47:17   especially with all these alternative conferences

00:47:20   popping up or whatever.

00:47:21   I don't think it's that bad,

00:47:22   and I was gonna say the same thing Marco said,

00:47:24   I know a lot of people who have gone in many past years, both this year and last year,

00:47:28   who just chose not to even try to buy a ticket because they figured that the value they're

00:47:32   going to get for it, they're going to get from the socializing and the videos.

00:47:38   And a lot of them already know a lot of people inside Apple and they're like, "Well, I'll

00:47:41   see that person outside the conference.

00:47:43   I don't need to be in the conference to go talk to that guy because I talk to that guy

00:47:46   all the time and I'm going to talk to him in person and it doesn't have to be at WWDC."

00:47:52   The videos being moved up is a big win,

00:47:54   and the tech talks are also a big win.

00:47:57   'Cause what you get out of WWDC is like,

00:47:59   the information, distributing that to everybody

00:48:02   who's a registered developer in a timely manner

00:48:04   covers that.

00:48:05   Interaction with Apple people,

00:48:06   tech talks kind of cover that,

00:48:08   and I think that's the part that's most difficult to scale,

00:48:10   because for every moment those Apple people

00:48:12   are talking to developers,

00:48:13   they're not doing whatever it is

00:48:15   that they're supposed to be doing in their job.

00:48:16   'Cause a lot of times,

00:48:17   people will give these presentations,

00:48:18   or like, you know, the lead architect

00:48:20   whatever system is going to go up there and give a presentation about it. It's not like a, you know,

00:48:26   custom-trained PR guy who just tangentially knows about the topic. Like, these are subject matter

00:48:31   experts. You can't have that guy touring the country for a year telling you about core data,

00:48:34   because someone needs to go and work on core data. Like, they really need to work on core data.

00:48:38   So, there's that tension is always going to be there. And there's probably always going to be

00:48:44   more demand for that face-to-face time with Apple employees, because who wouldn't want to, like,

00:48:50   Every single person who do, think of any platform,

00:48:52   like I write PlayStation games,

00:48:53   and I would really love to talk to the person

00:48:54   who works on the disk subsystem for the PlayStation 4.

00:48:58   Can I get some FaceTime with him?

00:48:59   I'll give you $600.

00:49:01   Well, every PlayStation developer

00:49:02   can't have FaceTime with that guy.

00:49:04   He's a busy guy, he's got stuff to do, you know?

00:49:06   So that tension will always be there,

00:49:07   and there's nothing about having a better conference

00:49:09   or better conference schedule or more conferences

00:49:11   that will ever solve that tension.

00:49:13   It's just, it doesn't scale that way.

00:49:15   There are too many developers for any popular platform

00:49:18   for each one of those people to have personal contact

00:49:20   with the engineer or engineers who work on whatever

00:49:23   socialism they're most interested in

00:49:24   or what's most vexing them.

00:49:25   And that's life.

00:49:26   You gotta figure it out yourself in some way.

00:49:29   Having as much contact as we do is especially precious

00:49:32   in the Apple community because Apple is so closed

00:49:34   and tight-lipped and like this may be your only chance

00:49:36   to talk to these people in an official capacity.

00:49:39   And we all know it's true, people inside Apple

00:49:43   are more forthcoming in the environment of WWDC,

00:49:47   talking about topics that they would probably never even email you about, but they'll talk

00:49:50   to you in person about it at WWDC. They're not revealing super secrets and telling you

00:49:53   what the next holographic iWatch levitation device is going to be, but they'll tell you,

00:49:58   you know, well, that API is the way it is because of X, Y, and Z story, and that will

00:50:01   give you some insight into how it works and let you work it better, but maybe they wouldn't

00:50:05   have sent that over an email because, unlike Eric Schmidt, they understand that emails

00:50:08   leave a "paper trail," quote unquote, and they should probably not do that. Like, they're

00:50:12   more open. So I think Apple is doing not the best it can, but it has made tremendous strides

00:50:18   in the past several years with the tech talks and the time they release a video. So I give

00:50:22   them full marks for that because it used to drive me nuts that I wouldn't be able to -- I

00:50:26   couldn't go to WWDC because -- well, I couldn't go. I didn't want to go to WWDC because I

00:50:32   --

00:50:33   You didn't go.

00:50:34   I hate traveling. Yes, I didn't go. But I did get the videos. I mean, to my right here,

00:50:37   I have a big metal tin that says WWDC 2003 on it, and it's filled with DVDs. That used

00:50:42   to be the way I went to WWDC and they used to come out months later and it was terrible.

00:50:47   So we're so far from that.

00:50:49   Still think there are things they should improve, but I would not scale this conference up anymore.

00:50:56   The way I would try to scale up the how do developers get FaceTime with Apple engineers

00:51:01   is I would just have more conferences spread around, like Tech Talks or maybe two WWDCs.

00:51:08   Because the third thing I didn't talk about is Apple also has chosen this time to announce

00:51:11   a lot of their big products.

00:51:13   But I think you could have another WWDC,

00:51:18   like maybe two of these a year in a different location,

00:51:20   maybe a different continent,

00:51:21   where you say there's not gonna be any announcements.

00:51:23   There's no keynote.

00:51:25   No pressure for Apple to come out with something big.

00:51:26   It's just like this is the rerun of WWDC.

00:51:30   It's the same sessions, but if you couldn't attend there,

00:51:31   you can attend this one.

00:51:33   It's a little bit bigger than a Tech Talk.

00:51:34   It's longer than a Tech Talk.

00:51:35   That's probably the limit of how they could scale this up.

00:51:37   I would rather see them do that

00:51:38   than to double the size of this one.

00:51:40   - Hey, here's an idea.

00:51:41   if they did a second one in China every year?

00:51:43   I was going to say for the app for the games and whatever track and the games one they

00:51:47   should have the slides go really slowly but if you pay more money they'll go to the next

00:51:50   slide faster and you can't go to another session right after the session you've gone to but

00:51:55   again if you pay more money you can go to two sessions directly in a row without having

00:51:58   a meal between they should do stuff like that because game developers would love it.

00:52:03   Nice oh that's great.

00:52:05   Alright anything else about WWDC?

00:52:07   No, I think that's it. I really do think that they've reached what's basically an equilibrium

00:52:13   here where the event changes very little year to year. The ticketing, I think, will probably

00:52:18   change very little year to year from now on. I think it's just going to be like they've

00:52:23   figured out what works as best as it can for them and for the world, but mostly for them.

00:52:29   Because you know, like as John mentioned, like you know, if you, like these, you know,

00:52:34   libraries like Core Data and Auto Layout, stuff like that, like these are written by

00:52:38   like two or three people usually. These are very small teams at Apple. And so like they

00:52:44   can't really afford to have all these engineers taking weeks and weeks and weeks beforehand

00:52:51   to make and practice and refine these presentations. And then, you know, and then a week, not even

00:52:58   being at the Apple campus, but a week staying up in San Francisco, you know, putting on

00:53:03   the event and answering questions, going to labs and everything, like it's a pretty big

00:53:07   drain on Apple to put this conference on. So that, I don't, I just don't think there's

00:53:15   a better way that they can really do this. You know, there are some small things they

00:53:19   can improve here and there, but overall, big picture, I don't think we're going to see

00:53:23   big changes here because I don't really think they reasonably can, or rather I don't think

00:53:27   it for them.

00:53:28   Yeah.

00:53:29   I should also mention really quickly that last year, I believe it was, somebody, I don't

00:53:34   know who was in charge, came up with AltWWDC, which was happening right around Moscone during

00:53:40   WWDC.

00:53:42   And this year, they're doing it again.

00:53:43   It's called AltConf.

00:53:44   And I believe it's free donations accepted.

00:53:50   And if I didn't have a ticket, I would very strongly investigate that because I suspect

00:53:55   it's going to be pretty good and I heard very good things about it last year and

00:53:59   So that's a nice way for the community to kind of come together and fill in a gap

00:54:03   Yeah, like I saw a wolf French tweeted

00:54:05   during the ticket giveaway day

00:54:08   an idea to just have

00:54:10   WWDC

00:54:13   Run run a parallel conference one day behind the real one in Vegas at some giant thing

00:54:18   That's that holds like 30,000 people and just play the videos

00:54:23   And obviously, you know, Apple would shut that down pretty quickly, but I think this

00:54:28   is, you know, now that Apple's making the videos available, I think organizing probably

00:54:34   a large number of small conference alternatives, that might be the way to go.

00:54:42   If you get too big, Apple will probably have a problem with it, but if you just have a

00:54:45   bunch of small gatherings and they're informal and non-commercial and everything, you know,

00:54:50   I don't think Apple's really gonna go try to police all of them. So that's probably the way to go

00:54:55   anyway

00:54:57   our final sponsor this week is our friends at back blaze once again and

00:55:02   I'm pretty sure do all three of us use back blaze right? That's true. I do not but

00:55:09   I know I know but I give your ticket to John. Yeah, seriously

00:55:14   I'm pretty sure my dad had ended up on back blaze actually, so I sort of do by association

00:55:20   Okay, close enough.

00:55:21   Well, most of us use Backblaze.

00:55:24   (laughs)

00:55:26   Backblaze is unlimited, unthrottled, simple online backup.

00:55:31   So it's $5 a month.

00:55:34   And there's not a lot,

00:55:36   they gave me this really short script here

00:55:38   because they knew I would just talk forever

00:55:40   about my own stuff with it.

00:55:41   So if you don't have online backup,

00:55:45   you really, Casey, you really need to get on this.

00:55:49   Online backup is an amazing insurance policy

00:55:52   and complement to or replacement for local backup.

00:55:55   Although for me, it's a complement to.

00:55:58   My favorite kind of backup is I have Time Machine locally,

00:56:01   and that's for fast restores and historic polling files

00:56:06   that I might have deleted an hour ago

00:56:07   and then realized, oh crap, I actually still need that.

00:56:09   Let me get that back.

00:56:10   That Time Machine's great for that.

00:56:13   But Time Machine, I've had some issues with in the past.

00:56:16   A lot of people have.

00:56:17   It's not incredibly reliable.

00:56:18   it works most of the time, but it's not incredibly reliable.

00:56:20   So it's good to have something else.

00:56:23   And backblaze is great because the files

00:56:27   are not stored in your house.

00:56:29   There's a whole class of problems,

00:56:31   like fires, floods, electrical issues,

00:56:34   power surges, lightning strikes, theft,

00:56:37   all sorts of issues where if you just have your computer

00:56:41   with an internal or an external time machine drive

00:56:44   or a time machine drive plugged in

00:56:45   that's always plugged in next to it

00:56:47   and the same outlet as it or whatever else,

00:56:49   or in the same house as it.

00:56:50   There's all sorts of environmental and people problems

00:56:53   that can happen there that will take out your computer

00:56:55   and your backups at the same time.

00:56:57   That's no good.

00:56:58   Online backup solves that problem

00:57:00   and gives you a few other little niceties.

00:57:01   So for instance, Backblaze has a pretty slick iOS app

00:57:05   that lets you access and share your backed up files

00:57:08   from anywhere that you are.

00:57:09   You can just log into your Backblaze account

00:57:11   from your iPhone or your iPad

00:57:13   and you can access your files right there.

00:57:16   You can restore your file selectively.

00:57:19   So if you just need to pull one file off the backup,

00:57:22   you can do that.

00:57:24   And Backblaze keeps it very, very simple.

00:57:26   There's no add-ons, no gimmicks, no extra charges

00:57:29   for different services.

00:57:30   It's $5 per computer per month.

00:57:33   That's it.

00:57:34   It could even be less, actually, if you buy the annual or buy

00:57:38   annual plans.

00:57:41   But $5 per month per computer gets

00:57:43   you unlimited, un-throttled online backup with Backblaze.

00:57:47   It's simple to use, the app is nice, it's developed by ex-Apple engineers, it's very

00:57:51   Apple friendly, it's always updated for the latest OS, I've been running it for I think

00:57:56   three years now, I've never had a problem running on any version of OS X, it's fantastic.

00:58:01   Go to backblaze.com/atp.

00:58:05   Once again Backblaze unlimited un-throttled online backup for just $5 per month.

00:58:09   Backblaze.com/atp.

00:58:10   you. So we should probably talk about this bleeding heart, heart bleed thing.

00:58:17   This is, this is pretty uncool. This is probably the biggest security story of

00:58:24   the year, and I don't think it's as, I don't think it has yet grown to what

00:58:29   will be its final size. Like, I think, I think we're gonna be having fallout from

00:58:35   this and realizing the problem might have been even bigger than we thought, or

00:58:39   or that important stuff might have been taken

00:58:42   during this window that this was open.

00:58:44   I think we're gonna be seeing fallout

00:58:46   from this for a long time.

00:58:48   It's a big, big problem.

00:58:50   So in brief, what this bug is,

00:58:55   it's a bug in OpenSSL,

00:59:00   which is the SSL powering layer

00:59:02   for lots of different software,

00:59:05   usually stuff that runs on Linux,

00:59:06   on Linux servers usually,

00:59:08   what we're hearing about.

00:59:10   And for instance, if you have a website with HTTPS enabled,

00:59:14   and you're running Apache or Nginx as your web server,

00:59:19   those use OpenSSL on their backends

00:59:21   to power the SSL component.

00:59:24   So it affects a lot of things.

00:59:27   And the bug was actually introduced

00:59:30   into the software in 2011.

00:59:31   So even like I run CentOS on my servers,

00:59:34   which is a free distribution

00:59:36   of Red Hat Enterprise Linux basically.

00:59:38   I know that's not technically correct, please email Casey.

00:59:40   That it's close enough.

00:59:41   So the reason I use CentOS is because it's

00:59:45   extremely conservative and generally very secure

00:59:47   by default. You don't really have

00:59:49   to be a security expert to make CentOS reasonably secure.

00:59:52   You can pretty much leave everything at the default

00:59:54   and be pretty good.

00:59:55   So CentOS, in its latest distribution, 6.5,

01:00:02   and a few other Linuxes that have roughly

01:00:07   similar with these schedules. Like, the bug was so old that it was actually in the versions

01:00:12   that were shipping with the latest Linux distributions from a few of these things. So that was Red Hat

01:00:17   Enterprise Linux, CentOS, one of the Ubuntu servers, and a couple others. So it was very,

01:00:24   on very widely used things. So that's how long this bug was there, and it was only very

01:00:29   recently discovered, and then it was basically patched immediately. But what the bug allowed

01:00:34   is for a maliciously formed TLS request,

01:00:40   you were able to have the server respond back

01:00:44   to you with 64K of arbitrary memory from its process space.

01:00:51   And if you kept making requests, you

01:00:53   could get a different 64K of memory.

01:00:55   And I'm not sure of the details beyond that level of exactly

01:00:59   how you requested or exactly what memory you were given

01:01:03   or why.

01:01:04   but it was a bounds check problem and blah, blah, blah.

01:01:07   It would read the wrong memory and output it back to you.

01:01:10   Now the problem is, what is in the memory space

01:01:13   of the OpenSSL process is the entire web server

01:01:17   that's running it.

01:01:18   So anything process local.

01:01:21   The web server traffic, the biggest problem

01:01:26   is the SSL keys, like the private key

01:01:28   that the web server's using on its end

01:01:30   to encrypt and decrypt the traffic.

01:01:32   the private key could have been sent back in the response to the attacker

01:01:36   to say, "Hey, here's the private key." So the attacker could query a bunch

01:01:40   of servers, basically, get all these random memory contents

01:01:44   back, and just try a bunch of them, try a bunch of

01:01:48   the segments from within that as a key and see if it decrypts the traffic.

01:01:52   Because you already have the public key from when you make the connection. So it's

01:01:56   pretty bad. It's a pretty bad thing.

01:02:00   Now, people are saying you'd only

01:02:04   be likely to get the private key if the server had recently

01:02:07   been restarted or something.

01:02:08   And again, I don't know the details of all that.

01:02:10   But the part that matters is that you

01:02:13   could get the private key back.

01:02:14   Plus anything else that was going through the web server

01:02:17   process at the time, including the traffic.

01:02:18   And if your application ran in the web server process--

01:02:24   like I think Apache, when it runs like mod PHP,

01:02:27   I think it does that.

01:02:27   Fast CGI should be immune because that's

01:02:29   a different process.

01:02:30   Anyway, all of that was potentially exposed.

01:02:35   And so, because it was in these conservative distributions

01:02:39   that are often run on servers,

01:02:41   because they're conservative, because the bug was so old,

01:02:44   this was on so many sites.

01:02:48   I mean, they released tools that you could test for,

01:02:51   and I ran on a bunch of well-known sites,

01:02:54   my own and other people's and well-known sites.

01:02:56   I would say about a quarter of them

01:02:59   were actually vulnerable the morning after it was discovered.

01:03:02   We had most of a day to fix things,

01:03:06   and the patches for all the Linuxes

01:03:08   were already out the day before,

01:03:09   and the next day there were still major sites

01:03:12   that were still vulnerable.

01:03:13   And it isn't just servers, it might be appliances,

01:03:15   it might be if you have a load balancer,

01:03:17   or if you have a router that runs embedded Linux,

01:03:20   and that version of embedded Linux has this flaw in it.

01:03:24   There's all sorts of places this could be.

01:03:27   It could be on your home router,

01:03:28   could be on your home NAS.

01:03:30   Anything that runs embedded Linux and embedded OpenSSL

01:03:33   could have this.

01:03:35   I mean, it's a pretty big deal.

01:03:37   So I don't think, it's really hard to know

01:03:42   how bad this will be so far, but the potential,

01:03:47   you know, we know that the potential was really bad.

01:03:50   What we don't know is how much it was exploited

01:03:52   before these holes are being closed

01:03:54   and how long it will be before these holes

01:03:57   are really all closed.

01:03:58   So the government angle on this is actually pretty bad too, because the usefulness of getting a private key, like at this point, is not that useful unless you have a big gigantic catalog of intercepts of encrypted traffic from the past.

01:04:14   Because if you have that, in theory, if you get the private key and that private key was the one that was used, previously you had these encrypted intercepts of sort of data going flying by that was useless to you.

01:04:24   But suddenly it potentially becomes useful to you because they're like, "Oh, I've got the private keys. Now

01:04:29   I can go back and decrypt stuff from the past." I mean, again, this exploit has been out there for a long time,

01:04:34   so maybe they were decrypting it in real time during that, but the only kind of party that's likely to have

01:04:38   historical encrypted intercepts is like, "Well, that sounds like something the government would do, right? Like an individual is not going to do that."

01:04:44   But the other angle on this is that the other thing that's likely to be in memory is

01:04:48   is post data from the last post, you know, or whatever, like unencrypted, you know,

01:04:52   data from form submissions, like passwords. And so a lot of people did, like, let me just run

01:04:56   this against yahoo.com, like their mail thing, for a couple minutes, and you just see people's

01:05:00   passwords like crazy, because they're, you know, these query strings, like it's in-memory query

01:05:03   string, clearly identifiable as like, password equals plain text password, because that was

01:05:08   sent in the post data as part of an SSL form submission when someone entered their password

01:05:12   to log into Yahoo Mail. And although the private key may move away from the memory that's easily

01:05:16   accessible. People are constantly logging in, and so that's constantly in the memory there.

01:05:21   And what this basically means is that everyone should change every password on every single

01:05:26   service they've ever used. Like, if you wanted to be safe, that's the only way to do it.

01:05:30   It would basically be catalog every service that you have a login for. Hopefully they all have

01:05:34   unique passwords. Check each one with the vulnerability site to see if it's still vulnerable.

01:05:39   Once it's not vulnerable, go to it and change your password. And make sure, by the way, that the

01:05:43   place they send you to change your password is the same URL as you checked before, but sometimes they

01:05:46   they send you to a different site to change your password.

01:05:49   Bottom line is all of our passwords

01:05:50   and every one of our services could now be compromised.

01:05:52   Like that is not an exaggeration of like,

01:05:55   that is a plausible worst case scenario

01:05:58   that every single website that was vulnerable,

01:06:00   someone has your password now on it

01:06:02   so you should probably change your password.

01:06:04   And you know, for example, like this site,

01:06:06   Ars Technica, you know, was vulnerable to this

01:06:08   for a short period of time as well.

01:06:10   Every single person in Ars Technica

01:06:11   has changed all their passwords.

01:06:12   I mean, it's like, you know, you just have to.

01:06:14   Like, we should all change all our passwords, basically.

01:06:17   - Well, and not just that, you don't actually know

01:06:20   whether a site that has closed the vulnerability,

01:06:23   whether they're still using the same private key or not,

01:06:25   because you can regenerate a certificate with,

01:06:27   I mean, well, I guess you could, yeah, you could,

01:06:29   if you were a real nerd, you could figure it out

01:06:31   based on looking at the cert details,

01:06:33   but what you really have to do as a site operator,

01:06:37   a server operator to fix this is

01:06:40   you have to not only close the vulnerability,

01:06:41   but then you have to revoke and regenerate

01:06:45   your SSL certificate from a brand new private key.

01:06:48   You can't even use the same signing request and renew it

01:06:51   like in the usual way people usually renew these things.

01:06:53   You have to do a completely new private key

01:06:55   'cause that could have been compromised.

01:06:57   And I've had a lot of sites just close the vulnerability

01:07:00   and haven't replaced their certs.

01:07:03   And they might never replace their certs

01:07:04   or they might do it the wrong way

01:07:06   and reuse the key 'cause it's easier.

01:07:09   So there's actually, this could,

01:07:12   the repercussions from this could go on for a while.

01:07:15   - The worst angle from that is that there's questions

01:07:18   still out there I don't know the answer to

01:07:19   as to which software and which platforms honors,

01:07:23   like checks for revoked certificates.

01:07:25   A lot of, I think the defaults on a lot of Mac browsers

01:07:29   and even in the key chain, like people are checking,

01:07:31   like what is my default?

01:07:32   Is Chrome configured to check for a certificate revocation?

01:07:35   Go to your preferences now and check.

01:07:36   Maybe it is, maybe it isn't.

01:07:37   If it isn't, is it because you changed it that way

01:07:39   because that was the default.

01:07:40   Same thing with an Apple's keychain.

01:07:42   There's a thing about checking for certificate revocation.

01:07:45   If the client software doesn't check

01:07:47   to see if a certificate has been revoked,

01:07:49   then you are basically open to man-in-the-middle attacks

01:07:52   by someone who exploited, got the private key

01:07:55   for a certificate, and that website did all the right things

01:07:58   and got a totally new certificate with a totally new key

01:08:00   and everything is brand new,

01:08:02   but that old certificate is still out there

01:08:04   and your client software doesn't check

01:08:06   whether the certificate you're dealing with

01:08:07   has been revoked, they can still man-in-the-middle you.

01:08:09   - Yeah, and you know, and you can,

01:08:12   there's so many ramifications to this.

01:08:14   This is why I'm saying, like, I don't think

01:08:16   that we have fully seen or realized

01:08:19   what this is going to cause yet.

01:08:21   Because, okay, so, yeah, so far, you know,

01:08:24   people who are on the ball have almost all patched by now,

01:08:28   and hopefully they're re-issuing their certificates

01:08:30   and keys, but there's gonna be people

01:08:33   who are vulnerable to this for a long time.

01:08:37   And suppose the NSA or other creepy government agencies,

01:08:42   suppose they didn't know about this.

01:08:44   Now, there's a very high possibility they did.

01:08:47   And this is one of the reasons why

01:08:49   what they do is so destructive to society,

01:08:53   because security works best

01:08:56   when everyone shares their research.

01:08:59   If you have these like little fiefdoms of like secrecy,

01:09:03   like the NSA, which has tons and tons

01:09:05   of really advanced people working on really advanced things,

01:09:09   basically trying to find holes like this.

01:09:12   It obviously benefits all of society

01:09:17   if when they find a vulnerability, they get it fixed,

01:09:21   they publish it and they work to make a patch

01:09:24   or they at least publish their findings for God's sake

01:09:27   in the accepted ways in the security community.

01:09:30   But they don't do that.

01:09:31   They have all this talent, all of this potential

01:09:34   to help the world and they're instead using it to hurt the world for their own personal

01:09:38   gain, that's probably illegal and certainly immoral. I mean that's why what the NSA does

01:09:43   is so offensive to, especially to me as a nerd, but also me as a citizen and me as a

01:09:48   programmer and me as a human being. I mean it's so destructive for them to have those

01:09:54   resources at their disposal and not help the rest of the technical community to work together

01:10:02   to make more secure systems, because more secure systems actually hurt their efforts

01:10:06   to spy on us illegally. So that, you know, pardon the rant, but that annoys the crap

01:10:12   out of me that they might have known about this, but we have no way to know, and they

01:10:16   could have been exploiting it forever. Now, regardless of whether they knew about it already,

01:10:20   they sure as hell know about it now. So anything that, you know, anything the NSA wants to

01:10:28   hack that was previously encrypted with SSL or anything else. They now have a very good

01:10:35   chance of being able to intercept that traffic because we know they're able to intercept

01:10:39   traffic through various points along the internet, various data centers, ISPs, etc. that they

01:10:45   have partnered with or hacked into. So we know that they have access to the traffic,

01:10:51   the raw traffic. Now they can man-in-the-middle attack everybody without us even knowing.

01:10:56   that's pretty bad. I mean before they could do it through other weaknesses, now they can

01:11:00   do it with the private key. As long as they can get it now through this vulnerability

01:11:07   or they already have gotten it. So that I think is one of the reasons why this is so

01:11:11   bad. Because now, it's fine that most of the big sites patched already and are going to

01:11:18   do their keys correctly, but there's going to be so many smaller sites, hardware vendors,

01:11:26   embedded systems developers, so many people who aren't going to patch for a while, that

01:11:30   are now just wide open for being spied on.

01:11:33   Yeah, and I looked into this bug a little bit, and it's not as super obscure as you

01:11:37   might think it is.

01:11:38   It's not some kind of exploit where some carefully crafted machine code that only executes on

01:11:43   a certain CPU and chipset causes something to trigger some bug in the-- it's not like

01:11:48   that type of thing.

01:11:49   It is entirely straightforward from what I saw on the site that was explaining it.

01:11:52   It's the old story of you've got some kind of packet that has its length encoded in the

01:11:58   packet, and the program was taking that length and using it as an argument to the memcopy

01:12:05   command to say, "Okay, well, they sent me a packet and it said, 'My information is in

01:12:10   the next 16-bit value.

01:12:12   My information is in the next bytes, n bytes, and do a memcopy from the thing into those

01:12:17   areas.'"

01:12:18   So basically, you're letting users supply data.

01:12:21   For HTTP, they send you a number, and you read that many bytes into a buffer.

01:12:25   And of course, it's easy to overflow because they can just make that number all ones, and

01:12:28   then you read 65k of information, when in reality, there's not that much information

01:12:32   there, and you've got your typical buffer overrun.

01:12:34   Like it's straightforward.

01:12:36   You can look at the code and say, "You're taking a number that came from the internet

01:12:39   and using it as an argument to memcpy.

01:12:41   Don't do that.

01:12:42   That's very bad."

01:12:43   Yeah, it's basically the opposite of a buffer overflow.

01:12:46   Yeah.

01:12:47   But it's not obfuscated in any kind of way.

01:12:50   You can look at the variable and say, "Wait, that just came from the network!"

01:12:54   And you're using that number to tell you how much memory you're going to read.

01:12:58   That seems ill-advised.

01:12:59   There's nothing, you know, there's no sanity checking on that or anything like that.

01:13:04   This gets me, of course, back to my, you know, Copeland 2010 thing, if you had a memory-safe

01:13:09   language.

01:13:10   Like, a lot of people are ranting about this.

01:13:11   It's like, look, humans are never going to be able to write secure software if you have

01:13:16   arbitrary access to memory, even if it's arbitrary, just arbitrary access to your own memory

01:13:20   because it doesn't make any sense.

01:13:23   It's not a buffer kind of, it's not like,

01:13:27   if you had done it in a memory safe language,

01:13:31   you wouldn't be able to just run off the end

01:13:32   of whatever variable or data structure you had.

01:13:35   There's no mem copy command that just says,

01:13:36   you just give me a starting address and a length

01:13:38   and I will just read or write that memory

01:13:40   and I don't care what's in it or what's there,

01:13:41   I'll just go run right over it.

01:13:43   That doesn't exist in memory safe languages.

01:13:46   So a lot of the people in the security community are like,

01:13:49   we need to get the base infrastructure that we do our security stuff in off of languages

01:13:54   that give you arbitrary access to process memory because we're never going to be perfect.

01:13:57   It's impossible to just say, "Oh, just don't do that. It's a simple bug. We all know not to do

01:14:00   that. Well, how long did this sit in code, open source code? How long has this been there?"

01:14:04   And who knows how many of these things are in the closed source code that's out there. It's like,

01:14:08   we are just not capable of writing programs that are secure in languages that have this feature.

01:14:15   On the long haul, I think we're just proving it to ourselves. And what do we need to...

01:14:18   we can get rid of an entire class of problems, not all problems, but we know this is definitely

01:14:23   a big class of problems that have a lot of security exploits. We can get rid of that class

01:14:27   of problems with technology that we have now, and I guess move on to the next class of terrible

01:14:31   security exploits. But we hope we should make some progress there.

01:14:35   One other thing, too, is that this was a bug in the heartbeat feature of TLS or protocol or

01:14:43   method or whatever, which apparently is very rarely used. And many of the servers were

01:14:51   not vulnerable because they just didn't support it. And many of the patches, to initially

01:14:55   fix it quickly while everyone figured out what would eventually be the final fix, most

01:15:00   of the very early patches just turned it off. And nothing happened. Like, nothing bad happened

01:15:06   because nothing uses it. And so it's worth asking why that was enabled at all. Obviously

01:15:11   this rarely used feature was going to get a lot less attention from researchers because

01:15:16   you know it didn't really come up a lot so it obviously had less attention on it for

01:15:20   a long time and this is why this bug was existed for like three years before anyone figured

01:15:24   it out. You know why this this should inform decisions about you know why should Apache

01:15:34   or Nginx even enable this by default? Why should OpenSSL even support this if it's been

01:15:39   been around for a while and nothing uses it.

01:15:43   This should really impact the default choices that library and application and server vendors

01:15:50   make. And maybe it's time, you know, like one of the ways that you can make an SSL server

01:15:57   more secure is by requiring better ciphers and better settings from connecting clients.

01:16:04   And one of the ways you can do that would be to like cut off, if you cut off support

01:16:08   for IE6 and some ancient, you know, client libraries that no one uses anymore, if you

01:16:15   cut off support by default, you can make security better for everyone, basically, by requiring

01:16:21   higher standards for everyone.

01:16:22   You can close off a lot of avenues for attack that way.

01:16:26   But it requires cutting off support for really, really old things, which is, I guess, we could

01:16:30   talk about XP if we want to.

01:16:33   But that's been a culture in the Apple world for a while of, "Yeah, you know what, we'll

01:16:38   just cut off support for something that's three years old because that's old enough,

01:16:42   doesn't matter."

01:16:43   I think there's some of that that the server world can take as well.

01:16:46   And obviously they have to be more conservative because the value system is completely different,

01:16:51   the requirements are completely different, the environments are completely different,

01:16:54   but I think they can take some value out of that.

01:16:57   It's probably not worth enabling something at all that is used by almost nobody anymore

01:17:04   that could be an avenue for attack.

01:17:07   It's an easier solution for this in that we just need to revisit the specs or the RFCs

01:17:13   or the protocols that we use on a regular basis to trim out the features that aren't

01:17:17   used.

01:17:18   Because there's tons of features at HTTP, but if the common browsers and server software

01:17:23   and don't support them, or halfheartedly support them,

01:17:27   they just don't get used.

01:17:28   And after a couple of years of that, or a decade of that,

01:17:30   it's like, look, nobody uses this feature of this protocol.

01:17:33   Make the next revision of this protocol,

01:17:35   remove that feature.

01:17:36   Because people keep the feature, and they're like,

01:17:37   oh, I have to be compliant with whatever the RFC is.

01:17:40   I support all the features.

01:17:41   But if nobody ever used that feature,

01:17:43   it just sits over there festering.

01:17:45   And that's the perfect place to look for exploits.

01:17:47   Because it's not used in every request.

01:17:48   In fact, it's almost never used.

01:17:50   So we support it, because it's technically

01:17:51   part of the protocol.

01:17:52   And if we want to be compliant and get our certification and say we fully support the

01:17:54   blah blah blah protocol, we have to do it.

01:17:57   So revise the protocol.

01:17:58   Cut out the parts that we decided, oh, people don't use that.

01:18:01   People just don't use that anymore.

01:18:02   There's lots of...

01:18:03   Even HTTP spec, there's all sorts of little turds in there that just don't get used in

01:18:07   common practice that you could cut out.

01:18:09   Headers, formats for stuff, old HTTP 1.0 features.

01:18:15   You could make...

01:18:16   I mean, they already are working on other versions of HTTP, but it's like you drop the

01:18:19   features that nobody uses and that hopefully lets people finally drop that code that wasn't being run

01:18:24   that was possibly riddled with bugs. So also in the news Dropbox did some stuff today.

01:18:30   All right moving on. I totally missed the Dropbox story. I saw the carousel thing and is that is

01:18:39   that what you're talking about? That is part of what I'm talking about. So they announced a few

01:18:43   things. Firstly, they announced that Condoleezza Rice is now on the board. I'm not joking.

01:18:48   I saw that on Twitter and I thought it was a joke.

01:18:50   The first thing I asked myself was, "What? Why?" And I guess I read this somewhere,

01:18:58   I don't recall where, might have been on TechCrunch thanks to Panzer. But anyways,

01:19:02   somebody theorized, well, it's to get them better international relations, which

01:19:05   I guess, because I don't know in what other way she could possibly be qualified to do

01:19:13   anything useful for Dropbox, but I mean she's a smart lady so maybe I'm

01:19:16   underestimating her. Well I mean first of all keep in mind Al Gore was on Apple's

01:19:20   board for a while, I don't know if he still is but he was, and second of all so

01:19:25   obviously there's some precedent for like one of them politicians to be on

01:19:28   tech companies boards for some reason. That's a good point. But you know and I

01:19:34   we are probably, all of us are probably the worst people in the world to talk about this,

01:19:37   but Dropbox's biggest competition is Box.net,

01:19:42   which has a very, very strong position in the enterprise,

01:19:47   but not a very strong position in the consumer world.

01:19:51   That, I think, is, and that's obviously,

01:19:54   that's the inverse of Dropbox,

01:19:56   where Dropbox has huge presence among consumers.

01:20:01   In the business world, Dropbox is often used,

01:20:04   but often blocked and not supported

01:20:06   because it's not, it's actually pretty funny.

01:20:08   Like, the business world, they use Dropbox constantly,

01:20:12   which usually is violating their IT policies,

01:20:15   because it has the file stored on somewhere else

01:20:18   and it's not enterprise, blah, blah, blah, blah, blah,

01:20:22   certified, encrypted, friendly to enterprise,

01:20:24   whatever the case may be, half, that's probably BS,

01:20:26   but that's the perception.

01:20:29   And so Dropbox, like, it solves such a common,

01:20:32   so many common problems so well that, you know,

01:20:36   similar to how the iPhone kind of broke into the enterprise from the ground up, that's

01:20:40   what Dropbox has been doing. Box.net has been kind of tackling the opposite problem, which

01:20:44   is trying to be enterprise friendly as much as possible, and trying to get in from the

01:20:50   top side. And they've been doing a pretty good job of that. And so Dropbox, I think,

01:20:55   with a lot of their moves towards business stuff, and maybe Condoleezza Rice is more

01:20:59   about reaching that community a little bit better, the world of big business and enterprise,

01:21:06   That would be my guess as to her importance there.

01:21:11   But Dropbox probably is reaching for that world

01:21:14   as much as they can.

01:21:15   First of all, to defend against Box.net becoming so big

01:21:18   that they start encroaching their consumer business.

01:21:21   And second of all, because the enterprise business

01:21:23   is just so profitable, if you can get into it.

01:21:27   - I don't think Dropbox has anything to fear from Box.

01:21:30   Reaching into the consumer space,

01:21:31   let me just say that as a user of both.

01:21:33   - Fair enough.

01:21:34   Because it is definitely enterprise-y.

01:21:36   And I saw a couple stories recently about Box.

01:21:38   I think they're having some IPO or some sort of thing where financial statements came out

01:21:41   about the company.

01:21:42   And Box spends a tremendous amount of money on getting into the enterprise on sales and

01:21:47   marketing.

01:21:49   Huge amounts.

01:21:50   Some people say unsustainable amounts.

01:21:53   And that's not always a good sign.

01:21:55   It's never a good sign when you're spending just tremendous amounts of money to try to

01:21:58   grow rapidly and get it.

01:21:59   I guess it's working and they get enterprise contracts.

01:22:01   We use it to work and everything.

01:22:02   but the product itself is not as good a drop box.

01:22:05   My question about Condi Rice is,

01:22:08   who came to whom, Casey?

01:22:10   Like, did she approach the company

01:22:14   because she's out of her government job

01:22:17   and she's just looking beyond boards

01:22:19   or getting invested in something.

01:22:21   You know what I mean?

01:22:22   Like, people do that when they leave one career

01:22:25   where it was high profile,

01:22:26   like I'm going to become a venture capitalist

01:22:28   or I'm going to get into technology or whatever,

01:22:30   and they just got together that way?

01:22:31   did they seek her out as saying, we need someone with government ties.

01:22:34   Because people with those kind of connections in government are extremely useful for all

01:22:38   sorts of things, I'm sure.

01:22:39   You know, Al Gore, her or whatever.

01:22:41   It's like, it would be great to have you on the board.

01:22:44   You have these connections.

01:22:45   We think it could help us in our business.

01:22:47   Everyone's wigged out about like, well, she's a back, she defends the NSA and her whole

01:22:53   role in the Bush administration and the Iraq war.

01:22:56   And now our data is going to be snooped by the NSA.

01:22:58   And it's like, I don't think her being there

01:23:01   makes your data any more or less likely

01:23:03   to be snooped by the NSA.

01:23:04   I think the bottom line is that the NSA wants the data

01:23:06   on Dropbox, they probably already have all of it.

01:23:09   I don't know if that makes you feel any better or worse,

01:23:11   but it's not, I don't think it affects things

01:23:15   one way or the other.

01:23:16   I don't think she is personally giving the NSA

01:23:18   any keys to any kingdom.

01:23:19   I don't think she has that kind of access.

01:23:20   I think she's merely there to provide the connections

01:23:25   that she has in the government world.

01:23:26   I think that's mostly a non-story.

01:23:28   - That's fair, and plus, if the NSA really wanted

01:23:31   some sort of in to Dropbox, do you think they would use

01:23:34   as obvious a route as Condoleezza Rice joining the board?

01:23:37   I feel like they would be a little smarter than that.

01:23:39   - No, they just have to go to S3,

01:23:40   'cause that's where Dropbox puts all its data,

01:23:42   and they have everything, and I'm sure they already

01:23:44   have access to every byte of data in S3 if they want it.

01:23:47   - Fair point.

01:23:48   The other thing they did was they announced a new app,

01:23:53   I guess you could, it's an app called carousel or, uh, in, in this is,

01:24:00   firstly, it's not a good name.

01:24:01   It's like some folks here in Richmond that Marco, you know, mobile locks,

01:24:07   they already had an Instagram app for OS 10 called carousel and a trademark for it.

01:24:13   Do they?

01:24:14   Yep.

01:24:15   Sounds like it's a great name then someone else already had that great name.

01:24:21   Funny how that is.

01:24:22   I did not really sell us a trademark.

01:24:23   Well, that's exciting. They might be really wealthy soon

01:24:25   anyway, but be that as it may is so it's it's sort of kind of but not

01:24:32   really at all an ever pixie sort of thing for Dropbox and I did install it and

01:24:38   It was funny because the first run experience for me went from really really cool to kind of terrible immediately

01:24:47   The really really cool part was they have you know an opening screen and you're supposed to slide from bottom to top

01:24:54   to get to the next page and

01:24:57   The way they had done this

01:25:01   Was there were a series of photos on the bottom of the screen kind of just strewn all over the place and as you swipe

01:25:09   Upwards those photos align themselves into an ever pick style like very or flicker style for that matter a varying size grid

01:25:17   So it's kind of implying. Oh, we're going to organize all your photos. I just thought it was really well done

01:25:21   so

01:25:23   After they did that my options were a checkbox and I should have written written down what it read, but it was something like

01:25:30   Backup all my photos to Dropbox and it was a checkbox and a button that said get started or sign in or something like that

01:25:38   So I don't necessarily want all of my iPhone pictures going to my Dropbox and thus I did not handle this

01:25:46   Well, yeah, right. I wish it's just I don't know. I that's not the way I organize my photos. So cue Bradley Chambers

01:25:52   so anyway, so I I didn't want to check the checkbox and I hit the tap the sign in button and

01:25:57   Then it did a little expand contract to the checkbox basically implying

01:26:02   The only way that I can carry on is to go ahead and say alright back up on my pictures to drop box

01:26:10   I did the exact same thing as you I uncheck the checkbox. I tried to continue and realize nope

01:26:14   I can't use this application unless I let it do that thing that it wants to do which already kind of turns me off

01:26:20   They're not asking they're telling yeah

01:26:22   Yeah

01:26:23   and and and the reason by the way that I

01:26:25   Uncheck the checkbox and didn't want to do it is because I know what my Dropbox

01:26:28   Situation is like and like the camera upload feature. I had enabled for a little while when I was playing with it, but it's like I

01:26:33   Know if I did that I know how many pictures are on my on my phone

01:26:37   I know how many of those pictures are not in my Dropbox pretty much all of them checking that box was going to add

01:26:42   Gigabytes of data to my Dropbox and I'm almost full. Yep

01:26:45   so I did indeed click the checkbox and it either is or was or will be uploading all my

01:26:52   Photos to my Dropbox so you're presented with what looks sort of like the camera roll in iOS

01:26:58   Including with the grouping that I believe they introduced iOS 7 and whenever they introduced it

01:27:03   So by location and date which I like and on the bottom they have like a old-school radio dot actually

01:27:10   You know what it looks like? It looks like the speedometer from an old Osmobile where you have like all the tick marks across the bottom

01:27:15   And then like a little needle so it's like a horizontal speedometer. You know what I'm talking about totally

01:27:20   You know anyways, so that's like your date picker thing

01:27:24   and what you can do is you can select an entire event or series of photos and you can share them and

01:27:29   It shares them or they they imply that they're going to share them in this really nifty like

01:27:34   Ever picks looking kind of way. So I thought well, let me test this out

01:27:39   I want to test this out with myself. So I shared from my Dropbox account, which is associated to my personal email address,

01:27:45   to my work account. And they send this really lovely picture or email to my work account,

01:27:51   and it says,

01:27:53   "Casey Liss has shared 17 photos and videos with you on carousel." And you know, you're allowed to put in a little message and it shows

01:28:00   some of them. What is this, nine of them? And

01:28:03   I go on my computer to, you know, click

01:28:08   on these pictures, and basically it says "Tough Nuggies, get the app."

01:28:17   So there's no web component whatsoever.

01:28:19   And I bet if you had the app, those pictures would be added to your Dropbox, counting towards

01:28:24   your quota despite the fact that a Dropbox uses content-addressable storage and those

01:28:28   photos are not stored more than once, which drives me nuts.

01:28:31   I believe that's right.

01:28:33   So my initial impression went from great to...

01:28:38   - Mm.

01:28:38   - To what?

01:28:41   And so now I'm probably gonna delete it

01:28:42   as soon as we're done talking about it.

01:28:43   - I don't know who has so few pictures

01:28:46   that they can afford to host them on Dropbox.

01:28:49   'Cause as we point out many times in the transporter ads,

01:28:51   Dropbox mass storage is very expensive.

01:28:54   Like it's not meant to hold terabytes of your data

01:28:57   because that's just, that's a tremendous amount of money.

01:28:59   Forget about the free account.

01:29:00   Free account is enough pictures for you

01:29:01   to like take pictures for a month

01:29:02   and then you're full.

01:29:03   If you want to live your life and take pictures

01:29:06   of your children as they grow over the years,

01:29:08   you're gonna be spending like a huge amount of money

01:29:11   per month in Dropbox fees if this is your solution

01:29:14   to cameras, like people presenting it

01:29:16   as an Everpix-like solution.

01:29:18   It's just not financially feasible or smart

01:29:20   to pay that much when you store your stuff.

01:29:22   I mean, my photo library, you know, if we say,

01:29:25   I got my first digital camera when my son was born,

01:29:27   he's nine years older, so I have nine years of digital photos

01:29:29   They're currently at a 500 gig drive, right?

01:29:33   How much would it cost for me to get 500 gigs of storage on Dropbox and pay that month after

01:29:38   month?

01:29:39   And it's just going to grow.

01:29:40   I'm not deleting their baby pictures as they get older.

01:29:41   Like it's just going to grow and I keep getting cameras that take larger images.

01:29:46   I'm not even shooting RAW.

01:29:47   This is just JPEGs, right?

01:29:50   I don't see this as a tenable solution for photo storage.

01:29:54   And it works so nicely and easily that it's almost like a trap.

01:29:56   I mean, I can see why Dropbox likes it.

01:29:58   "Oh, people will get a free account and they'll draw this app."

01:30:00   And like, "It's great! Every picture I take on my phone is here,

01:30:02   I can share it with my friends, and then everyone hits their storage limits."

01:30:04   And then you're like, "Oh. Well, I guess I could go to the paid account."

01:30:07   And then you hit your next storage limit, "Oh, I guess I'll pay for the next tier."

01:30:10   And at a certain point, you just start getting angry at BitterDropbox.

01:30:12   It's like Apple with the free iCloud stuff that's just not enough storage to back up your entire device.

01:30:17   Like, it's worse. It's worse than if they just charge you a fair price up front for what they want to do.

01:30:21   And I don't think Dropbox is economical for any mass storage like this.

01:30:25   Like, if you ask people, "What do you keep in your Dropbox?"

01:30:28   You keep small sets of your important files

01:30:30   or your current working set.

01:30:31   No one uses Dropbox.

01:30:32   It's like their long-term archive of all my anything.

01:30:36   It's not all your anything.

01:30:38   I mean, it's probably not even all of most people's

01:30:39   text documents are on Dropbox.

01:30:41   I mean, maybe a few people are doing that,

01:30:42   but I think this is not a good solution

01:30:45   for the photo problem.

01:30:47   I think it's a great way to get more people

01:30:49   to hit their Dropbox storage limits

01:30:50   and switch to paid accounts,

01:30:51   which is probably why Dropbox likes it.

01:30:53   Yeah, so it's basically yet another photo sharing and syncing solution that is almost

01:30:59   but not useful.

01:31:01   Pretty much.

01:31:02   And the other thing is, the one place that I think it could potentially shine is, you

01:31:08   know, John, you have your family over for your son's birthday and everyone has their

01:31:14   camera phones or cameras and everyone wants to share pictures with each other, so potentially

01:31:20   you could use carousel in order to do that. But in my experience, I've been happy, although

01:31:28   not overjoyed, with iCloud photo album sharing, whatever it's called. And that works sufficiently

01:31:34   well as long as you're not sharing a gajillion pictures. And I think carousel would do better

01:31:38   with with sharing a gajillion pictures. But for just a handful of really good ones that

01:31:44   everyone in the family took, you can make a shared photo stream album thing. Again,

01:31:47   I'm getting the terminology wrong, that will get the point across and accomplish what I

01:31:53   need.

01:31:54   Yeah, for sharing, what you always want is you don't want to impose on the people that

01:31:59   you want to share the pictures with, which basically means that no matter what other

01:32:02   cool features you're sharing has, there has to be some way with some person with a web

01:32:07   browser to see your things.

01:32:10   No matter what else is, like maybe it looks cooler in the app, maybe if you have PhotoStream,

01:32:13   you see it pushed or whatever, there has to be a web way to do it, which is, you know,

01:32:17   you have to be able to send someone a URL.

01:32:18   They have to be able to tap that URL or click that URL

01:32:21   wherever they are and see pictures.

01:32:23   Not install an app, not change their OS to iOS,

01:32:25   not sign up for iCloud, they need to see pictures.

01:32:28   Which is the magic of Facebook.

01:32:29   It's like, all right, the bottom line is

01:32:31   there's a website called Facebook,

01:32:32   you can go there and you can see pictures.

01:32:33   Some people share pictures with each other.

01:32:35   We just wanna see pictures.

01:32:36   We don't wanna do any of that other stuff.

01:32:37   So I think it's great that we have this integration.

01:32:39   In fact, PhotoStream works really well for my family

01:32:41   because of the push notifications

01:32:42   and if they're on their iOS device,

01:32:44   a little notification comes in and they swipe it

01:32:46   and they're looking at pictures two seconds later.

01:32:48   But if I wanna send those pictures to someone

01:32:49   who doesn't have an iOS device,

01:32:51   I'm not gonna, okay, first step, go to the Apple Store.

01:32:53   Like, it's not gonna happen.

01:32:53   You need to have a web interface to this stuff.

01:32:56   And the fact that as far as Casey was able to determine

01:32:58   that's not the case for Dropbox,

01:33:00   seems especially terrible because, like,

01:33:03   you can make public links from, like,

01:33:04   things in your public folder on Dropbox,

01:33:06   and those are web accessible,

01:33:07   and that is just a way to see a thing in S3,

01:33:09   but that seems like an obvious gap in their functionality,

01:33:12   even if we ignore the storage limits.

01:33:14   - Yeah, I completely agree.

01:33:15   So basically, all of these announcements today,

01:33:19   I give it one tremendous meh.

01:33:21   - There was one other relevant thing yesterday, I believe,

01:33:25   that Adobe announced Lightroom for the iPad.

01:33:28   And I should disclose that I was on the beta of this

01:33:33   about a month ago, so obviously I'm a little bit biased

01:33:37   'cause they think I'm special enough to put me on the beta.

01:33:39   So, you know, Adobe's had an interesting set of attempts,

01:33:44   you know, their first attempt, which was originally called Carousel, was Adobe Revell.

01:33:51   And Revell was like a syncing, sharing kind of collaboration, editing kind of service for photos.

01:33:58   I think they're still running it, but it seems like they've kind of given up on it.

01:34:02   Lightroom now has an iPad app and a sync service.

01:34:06   So now you can use Lightroom to sync between

01:34:10   your computer and an iPad, sort of.

01:34:16   But the reason why I didn't use it for very long

01:34:19   is because it's pretty limited.

01:34:21   It's obviously designed much more to be

01:34:24   more like working on a project in Lightroom on the go

01:34:30   that you've started on the desktop.

01:34:32   You manually move things over

01:34:33   and then you might work on it on your iPad a little bit

01:34:35   and then you come back to your computer

01:34:36   and your edits are there or whatever.

01:34:38   It's not really about your whole library

01:34:40   because one of the biggest limitations of it

01:34:42   is that, first of all, the interfaces

01:34:45   and the infrastructure of the app

01:34:46   are clearly not designed to have tons and tons,

01:34:50   you know, thousands and thousands of photos being synced.

01:34:52   But the biggest problem is you can't sync a smart collection

01:34:56   which is like their version of a smart playlist.

01:34:58   You can only, and you can't sync your whole collection.

01:35:01   You can only sync like basically, you know,

01:35:05   folders that you have to manually move folders into.

01:35:10   So it's not particularly useful because you have to

01:35:14   manually select every photo that you want to be available

01:35:17   for syncing in Lightroom before it shows up on your iPad,

01:35:20   which is kind of a fatal deal killer for me.

01:35:23   So, again, it's like yet another option for photos syncing

01:35:28   and sharing, well, not really sharing, but photos syncing

01:35:30   between your devices, yet another option that kind of,

01:35:34   but doesn't work the way that most people want and need it to.

01:35:38   Every time we talk about this, people write in to tell us the things that we should have

01:35:41   talked about, so we can mention a few of them because someone just emailed before the show

01:35:43   and someone just tweeted.

01:35:45   Flickr, in case anyone still doesn't know, Flickr offers you apparently one terabyte

01:35:49   of photo storage for free, and you get unlimited photo storage if you were grandfathered in

01:35:54   with a Flickr Pro account, which I think I should have been because I'm pretty sure I

01:35:57   had a Flickr Pro account, but who knows?

01:35:59   Anyway, Flickr offers that.

01:36:00   CD drive from Google gives you also one terabyte of storage for $10 a month, and the person

01:36:05   who tweeted this said that's the same money on Dropbox gives you one tenth the storage.

01:36:12   So there are many other more economical options to try to store sort of all your photos.

01:36:17   And I think at this point, one terabyte is probably enough, if you're not a professional

01:36:22   photographer, for anybody who has a kid who's not a teenager yet.

01:36:27   You know, you just start from like when you're,

01:36:29   if you start from when your kids are born,

01:36:30   or if you start from when digital cameras were popularized.

01:36:32   But that's just, again, that's just gonna go up.

01:36:34   People will just accumulate photos.

01:36:35   I mean, not everyone's as much of a pack rat as I am,

01:36:37   but like, we don't even talk with people

01:36:39   who ask in the chat room, like,

01:36:39   how am I filling up all that spot, place with JPEGs?

01:36:41   Like, there's videos in there too,

01:36:42   and it's not that I have a lot of videos,

01:36:44   but one or two videos in 1080p, that adds up really fast,

01:36:49   even though they're compressed and everything.

01:36:50   So, yeah, I mean, the people who are sort of

01:36:55   selling premium price storage, like Dropbox and Apple,

01:36:59   I guess, where how much does it cost per gigabyte

01:37:02   of stored data on their servers?

01:37:03   They're just gonna have to adjust their prices.

01:37:06   Like, things are getting, you know,

01:37:07   storage will keep going up, and companies will try

01:37:10   to not lower their prices in proportion to that

01:37:12   to make their margins grow over time,

01:37:14   but this all needs to readjust,

01:37:16   because we all have lots of digital data,

01:37:18   and the amount of digital data we drag around behind us

01:37:20   and don't want to lose, specifically with pictures

01:37:22   and videos, I would imagine.

01:37:24   just keeps going up over time, so we really need better solutions to this.

01:37:28   All right, I think we're good.

01:37:30   All right, thanks a lot to our three sponsors this week, Backblaze, New Relic, and Transporter,

01:37:36   and we will see you next week.

01:37:38   Now the show is over, they didn't even mean to begin, 'cause it was accidental.

01:37:47   Accidental.

01:37:48   Oh, it was accidental.

01:37:50   Accidental.

01:37:51   John didn't do any research, Marco and Casey wouldn't let him

01:37:56   'Cause it was accidental (accidental)

01:37:59   It was accidental (accidental)

01:38:01   And you can find the show notes at ATP.fm

01:38:07   And if you're into Twitter, you can follow them

01:38:11   @C-A-S-E-Y-L-I-S-S

01:38:15   So that's Casey Liss, M-A-R-C-O-A-R-M

01:38:20   Anti-Marco Armin S-I-R-A-C

01:38:25   USA, Syracuse

01:38:27   It's accidental

01:38:30   They didn't mean to

01:38:33   Accidental

01:38:35   Tech Podcast So Long

01:38:40   I have two pieces of follow-up, one for each of you.

01:38:43   Already?

01:38:44   These are not follow-up for our podcast, so that's why it didn't go in the follow-up section.

01:38:48   These are follow-ups for other podcasts.

01:38:53   So the first one is from Marco.

01:38:54   I saw you tweeting that you were saying that most of your errors in your programs are from

01:38:58   exceptions and bad API calls and not from segfaults.

01:39:01   Oh, no, we're going to get into this.

01:39:03   I'm not going to get into it.

01:39:04   I'm just like, I don't know.

01:39:05   I mean, that's your experience.

01:39:06   I'm just telling you what my experience was.

01:39:07   But what I wanted to do was double-check my experience, because it sure seems like all

01:39:11   my crashes are due to bad memory accesses.

01:39:14   So I just went through my crash logs, which I don't think I've deleted since like 10.0,

01:39:19   like they've just been carrying through.

01:39:20   Anyway, I went through, let's see what it is, 3,365 crash logs, and 75.96% of those

01:39:28   were due to bad memory accesses.

01:39:31   How many of that was within the last year?

01:39:34   I didn't look at the dates on them.

01:39:37   My theory is that over time, the percentage of these things that are bad access or a segfault,

01:39:44   the percentage of these things is going down over time because--

01:39:49   It could be. I think it would be a regression analysis.

01:39:52   Yeah, well, because my theory is that a lot more code that's in applications that people are using and writing today.

01:39:55   And when you're talking about new languages and the need for a new language or new API,

01:40:01   that's specifically talking about the benefits, really, for developing new software.

01:40:07   So I think you might want to rule out something like Photoshop or Microsoft Office,

01:40:12   where there's probably a lot of old code still around there.

01:40:17   I would say look at recent applications,

01:40:19   things that have been written with modern APIs, modern stuff,

01:40:23   and recent crashes to any application.

01:40:25   So--

01:40:26   Well, the reason I was looking at all of it, though,

01:40:28   is because if you make a change now,

01:40:30   eventually, if you fast forward 10 years after that change,

01:40:33   the steady state will be like this.

01:40:35   You know what I mean?

01:40:36   Eventually, you will pass through this portal,

01:40:38   and you will be like we are now with memory protection.

01:40:41   And now pretty much previously, very few things had memory protection, now pretty much everything

01:40:45   does.

01:40:46   Your phone has memory protection, your iWatch is going to have it, you know what I mean?

01:40:49   And so you eventually get into that same steady state.

01:40:51   And I think, well, my crash logs for the X number of past years are a reflection of the

01:40:56   current steady state, you know?

01:40:58   Even if it's getting better now.

01:41:00   And I'd have to see a graph of like, oh, did the frequency go down?

01:41:03   It's hard to tell with just one person.

01:41:04   But I was just basically checking my own things.

01:41:06   Maybe is it 10%, is it 50%?

01:41:08   75 makes me feel like my gut feeling of every time I see a crash log.

01:41:12   And that feeling hasn't changed over time, but I can check and see if I sort them by

01:41:17   date.

01:41:18   Does the frequency decrease?

01:41:19   But with a single person's date, it could just be like, "I finally stopped using that

01:41:22   program that was crashing all the time, and it doesn't show up anymore."

01:41:25   Or like, how many...

01:41:27   What was that recent encoding bug in the MaxText frameworks that someone could send you an

01:41:33   IM with a badly encoded character and it would take out your app?

01:41:36   - Yeah, I probably have like a dozen of those

01:41:38   in recent things screwing up the average as well

01:41:40   and I don't think that, is that a bad memory access?

01:41:42   I'm not sure, probably was because it was probably

01:41:44   like overflowing some stupid buffer somewhere.

01:41:46   - Probably, yeah.

01:41:47   Yeah, but like, you know, my theory is basically

01:41:50   that over time, even within the same language,

01:41:54   as libraries and as hardware get better,

01:41:58   people generally tend to move up a little bit

01:42:00   in their abstractions.

01:42:01   Like even like when I wrote the very first version

01:42:03   of the Instapaper for iOS app,

01:42:05   I wrote all the SQLite calls directly against the SQLite C API.

01:42:11   I know I'm pronouncing that correctly and I don't care.

01:42:14   And then within a year I had rewritten it to use more Objective-C stuff, where it stayed

01:42:21   for the whole time I owned it.

01:42:22   And then when I started the magazine I used Core Data, and when I started Overcast I used

01:42:27   FMDB and FC models.

01:42:29   So I've been moving up the stack as time went on because the benefit of writing directly

01:42:37   against the C API was so small on modern hardware and it was so much more code and so much more

01:42:43   low level C code that had things like worrying about length of buffers and everything.

01:42:49   I don't think, Overcast does some audio stuff that has to do that, but the vast majority

01:42:54   of its code doesn't have to deal with buffer lengths at all.

01:42:59   There's nowhere where I'm calling mem copy.

01:43:01   There's nowhere where I'm calling anything where

01:43:06   that would even matter.

01:43:08   And I think that applies to so much software, especially

01:43:10   in the world that we're in with the Apple

01:43:12   world and all this cool mobile stuff

01:43:14   and all these great frameworks and libraries that

01:43:16   are building up over time.

01:43:17   I think there's so much-- even though we

01:43:19   can do these things in C, and maybe an app might

01:43:23   have one or two C calls.

01:43:28   Or I had to add keychain support so I could store the login token securely.

01:43:29   And rather than writing against the Keychain API, I just got a really nice CocoaPod called BlockBox that just does it for me and wraps it all in this widely used, well-tested, and honestly pretty small and simple API.

01:43:36   So that's like, here's a chance where I had to use a C API, but instead I just used this already well-developed, already proven wrapper for it so that it's not a very good C API.

01:43:50   this already well-developed, already proven wrapper for it, so that's yet more

01:43:54   C buffer checking code I didn't have to write.

01:43:58   Well, but someone had to write it though. You're just kind of moving the problem down. Looking at secular

01:44:02   artifacts it would say, "Are these crashes due to something bad that someone wrote dealing with memory?"

01:44:06   Or did they merely trigger a bug because, you know, who wrote FMDB?

01:44:10   FMDB is written in a language that has full access to memory. At a certain point you could down, yes,

01:44:14   you need direct access to memory to write the GPU drivers and the kernel and all that good stuff.

01:44:18   but like, framework code that deals with like, putting up views and stuff like you would you

01:44:23   would want, at a certain point, you'd want not only you not to have to deal with that stuff,

01:44:27   but also the framework you're calling because it's easy to trigger a bug in the framework by,

01:44:32   you know, doing something silly with an API. And you didn't mess up anything with pointers,

01:44:35   and you weren't doing anything with range checking or whatever, you're just using objective C API's

01:44:38   and passing messages. But it just so happens that the combination of perfectly benign information

01:44:43   that you fed into this API triggered a memory location error inside it because it is written

01:44:49   in Objective-C. And you know, again, you keep going down, eventually you have to get down to

01:44:52   low-level code. But what you want to do is have everybody using safe code, so not only can you

01:44:57   not screw up, but all the frameworks you're calling can't screw up until you go down to like,

01:45:01   okay, well, at this point it is now appropriate that you need direct access to memory. And what

01:45:04   we were saying earlier in the show is that like, even OpenSSL is like, well, that's got to be fast,

01:45:08   it's encryption, we have to write that in C. Some part of that probably has to be written in C,

01:45:12   But the entire thing, like, you know, that's where we're looking at languages like Rust and everything that they're trying to say, like,

01:45:17   "We will go," you know, trying to be memory-safer C-like languages,

01:45:22   even if you're not going to jump all the way up to something where you have complete memory safety.

01:45:26   I don't know. I just wanted—I did the check. I figured it was worth bringing up on the show.

01:45:31   It doesn't mean anything. It's just one person's thing. Everyone can go look through their crash logs and try to figure it out for themselves if they want.

01:45:36   I think it's also worth honoring Arc a little bit here.

01:45:40   In your debug episode that we're talking about, which I don't even think we mentioned

01:45:44   that we're talking about it, but we're talking about your episode on debug that we're willing to,

01:45:48   in that episode you kind of glossed over Arc saying it wasn't a big deal.

01:45:52   I disagree. I think it was a very big deal. Well, it is a big deal. I wrote all

01:45:56   about it. I think it was a good thing. But for this particular issue,

01:46:00   again, getting back to second order effects, a lot of those bad memory accesses,

01:46:04   I bet a lot of them are attempting to do something on an object that has been either wholly or partially deallocated.

01:46:10   You know what I mean?

01:46:12   Arc helps with that, but it's still possible in an Arc system to screw that up because of all the like,

01:46:16   "Oh, well you're calling it a CF, it's different and you've got to annotate things correctly and you're writing a block and you forgot to weaken that thing."

01:46:22   Or you didn't realize you had a copy of that in the block and you forgot to retain it, but the block implicitly retains that, so you thought you didn't have to retain it here, but you do.

01:46:30   it makes it way, way better, but it is still possible.

01:46:35   And it's like, in some respects, it's more complicated,

01:46:37   where it's like, when I was doing manual retain release,

01:46:39   you could always see where everything was.

01:46:40   Now, Arc is doing tons of retains and releases for me

01:46:42   and blocks the other complication.

01:46:43   And if you think you don't have to worry about it,

01:46:45   you will get bitten and you will inevitably end up

01:46:47   sending a message to a half deallocated object

01:46:50   and you will have a memory access error again.

01:46:53   - Well, but in Arc, the failure mode is much more likely

01:46:57   to be a leak, usually through a retain cycle,

01:47:00   through not doing the weak self dance, which I love your thing of calling it "Welf,"

01:47:03   by the way.

01:47:04   Me too.

01:47:05   I don't know, what is everyone else calling it?

01:47:06   It's just right there.

01:47:07   It's right in front of you.

01:47:08   It's "Welf."

01:47:09   The S is right next to the W. All these things do help.

01:47:17   Like, Arc does help and everything, but Arc is a great example of both how much benefit

01:47:22   we can get from automating some of this and also how you're never going to get all the

01:47:25   there because anyone who does lots of ARC code, it's like, in many ways it's so much simpler,

01:47:31   but it's not the type of thing where you can tell a beginner you don't have to worry about it

01:47:34   anymore. It's like, in reality, in fact, you have to have a complete understanding of retain/release

01:47:39   because when the time comes for you to debug this weird ARC situation, you're not going to know what

01:47:42   the hell's going on unless you understand what ARC is doing for you. And then once you have that

01:47:46   foundational knowledge, we can explain to you this obscure edge case and what's really going on.

01:47:50   Because without that, then it just becomes like voodoo when you're a Visual Basic Programmer. No

01:47:54   no offense to Visual Basic programmers,

01:47:56   just flailing wildly and going like,

01:47:58   when I type this, it works, but now it doesn't,

01:48:00   and I don't have a foundation to understand why.

01:48:02   You still have to understand retain release

01:48:05   and auto-release.

01:48:06   Arc just saves you a tremendous amount of typing

01:48:08   and makes it so much easier to not, you know,

01:48:10   takes away a lot of drudgery

01:48:11   and makes things way safer for most people,

01:48:13   but you're never gonna get all the way there.

01:48:14   You're never gonna get to,

01:48:16   if it's a segfault, it's not your fault,

01:48:17   and that's what I'm trying to get to.

01:48:20   - Oh, totally.

01:48:20   Just my assertion in the tweet,

01:48:22   which I don't think we actually even said

01:48:23   beginning of this diatribe. My assertion, your assertion basically is that the vast

01:48:28   majority, or the majority at least, of crashes are bad memory accesses, or you know, through

01:48:34   corruption or things like that, and my assertion is that in my experience I'm seeing that that's

01:48:41   not really a problem, languages have to solve as much as you seem to think they do because

01:48:46   the vast majority of the crashes that I see in my apps and other apps that run on my stuff

01:48:52   things like assertion failures and uncaught exceptions. Things that, like, every language

01:48:56   has exceptions. Like, every language has error conditions. And if you make a new language

01:49:02   instead of having a C-based one, make a new language that succeeds it, you're still going

01:49:07   to have exceptions that are uncaught that have problems in apps. It's just like a different

01:49:11   type of error.

01:49:12   Well, but humans have to write those assertions. And the reason humans write those assertions

01:49:16   in languages with free reign of memory is because if they didn't put that assertion

01:49:19   they know that six lines later you're going to be scribbling all over memory.

01:49:22   So that's why they put the assertions there.

01:49:23   But if you forgot to put the assertions there, guess what?

01:49:26   You're scribbling all over memory.

01:49:27   And yes, and even in a high-level language with memory repetition,

01:49:29   you put assertions to make sure you're sanity checking your stuff.

01:49:32   But there's no danger that, like, oh, I forgot to check that assertion

01:49:35   to make sure this value is greater than or equal to zero

01:49:37   so I don't end up with a negative number.

01:49:39   There's no chance that in subsequent lines that negative number will cause you

01:49:41   to scribble all over memory or send the contents of your web service process

01:49:45   out as the HTTP response revealing your SSL private key or anything like that.

01:49:49   Now, before you skewer me on whatever you're about to skewer me on, probably vinyl, where

01:49:55   would one go to check one's crash logs if one was so inclined?

01:50:00   I went to the console app, and along the left side where I'm on the console app, you can

01:50:04   find all the different directories that have the word "crash" in them.

01:50:06   There's a whole bunch of those, like, they're in /library, they're in /l/library, like,

01:50:12   some of them are in application-specific log directories, I just, you know, found a bunch

01:50:15   and recursively grep through them for the various current access failure,

01:50:20   ex-bad, like just look through them and you'll find one of them and you'll know what to grep for.

01:50:25   Marco should look through his too. I would imagine that the errors that you encounter while developing

01:50:30   app may be different than the errors I encounter when using apps.

01:50:35   So there may be something to that distinction as well. But it's worth checking. That's just why I did the grep.

01:50:40   However, when you're talking about the need to make a new language, I would say helping

01:50:47   developers during development avoid things like weird memory errors, which are often

01:50:53   very hard to find and fix, helping avoid that might be more important.

01:51:00   Develop an app once, more or less. Millions of people use it all over the place. Would

01:51:05   you rather the OpenSSL people had something to help them during the development, or something

01:51:09   to help the people who had deployed the program.

01:51:11   And obviously you want both, and they're probably,

01:51:12   like they're tied to each other in various ways,

01:51:14   but I would much rather have the developers suffer

01:51:17   and have the end users not experience crashes

01:51:19   than the reverse.

01:51:20   - All right, what's Kasey's followup?

01:51:23   - You got, he got it.

01:51:24   He knows, he knows what he did.

01:51:25   - The vinyl?

01:51:26   - He knows what he did.

01:51:27   I just listened to that episode today

01:51:29   and I could not believe it.

01:51:30   You just kept digging yourself in deeper and deeper.

01:51:31   Let's provide context,

01:51:32   which we didn't do last time, apparently.

01:51:34   - Okay.

01:51:35   So I was on IRL Talk with Faith and Jason for a second time, which I am not at all going to gloat

01:51:42   about how I was invited back before you were invited back, because I'm too much of an adult

01:51:47   for that. In any case, I was invited on, and the comedy of this is I didn't actually hear the

01:51:54   episode until after I was on, wherein Faith and Jason kind of got into a tiff about—heh, tiff—got

01:52:01   into a tiff about vinyl, and Faith had asserted, and she is correct, that vinyl does indeed sound

01:52:09   better on an appropriate stereo than a CD does. - Stop taking yourself in. That's already wrong.

01:52:16   It's already scientifically wrong. All right, go ahead. Finish your summary.

01:52:22   So she had said to Jason, "No, it sounds better," and they went back and forth—although at the time

01:52:27   I didn't know this when I recorded with them—they went back and forth, and Jason actually

01:52:31   summarized it really well after Faith was so far into the rage deep end that I was surprised she

01:52:38   didn't lop it. In any case, what Jason said was, "Oh, you just feel like it's more full and

01:52:43   complete sound." And Faith said, "Yeah, that's pretty much it." Obviously, I'm heavily paraphrasing.

01:52:48   Pete: Oh, God, this hurts so much.

01:52:49   [Laughter]

01:52:49   Jim: All right, so, hold on. So, what I had said was, "Hey, Jason, I didn't hear the background

01:52:56   story. All I saw was a few tweets fly by between like you and Faith or you, Faith and Jason,

01:53:01   and I wanted to weigh in somewhat ignorantly given the context, but weigh in and say that having

01:53:08   grown up with a really, really, really good stereo in the house, with a father who has just a shed

01:53:16   load of vinyl, I would completely agree, science be damned, that vinyl legitimately does sound better.

01:53:26   And maybe it's a placebo, maybe it's all in my darn head, but I don't care because I believe it

01:53:30   in my heart that it sounds way better, and Faith is right.

01:53:34   Pete: All right, so-

01:53:35   Jared. I have some cables to sell you.

01:53:36   Pete; I'm going to try to give a reasonable summary of this that you guys can understand,

01:53:40   because I think the, I mean, first of all, let me start by saying I'm not an audio expert,

01:53:44   but I don't think you need to be an audio expert to get a handle on this topic.

01:53:47   I think the main problems on the original episode between Faith and Jason, which we'll put in the

01:53:51   show notes, was that as usual, they didn't sort of define the boundaries of their discussion and

01:53:55   in their terms well enough that they were just talking past each other.

01:53:58   Here's how it started.

01:53:59   So they were talking about the stupid Pono thing that we talked about, the high quality

01:54:04   music from, what is it, Neil Young or whoever.

01:54:08   And Jason asked her if she'd be interested in something like that.

01:54:10   And she said, "If I was after that, it's like, oh, wouldn't you want this to listen to higher

01:54:15   quality audio?"

01:54:16   He's like, "Oh, if I want a higher quality audio, I'll just listen to vinyl."

01:54:18   And that's how it started.

01:54:20   And I think there's sort of a foundation.

01:54:22   You can see how through the game of telephone you end up with that type of opinion.

01:54:26   It devolved into like, "Oh, you think vinyl is better than this, that, the other thing."

01:54:29   There's many, many factors to play here, but I can start from like...

01:54:32   Again, I can't get specifically technical about this.

01:54:36   You can look up all the stuff that you want and Mark will add later, but here's how I

01:54:40   think I'm going to bottom line it, and I think this bottom line is reasonably accurate.

01:54:44   When instruments make sound, like when people play music live, right, and you capture that

01:54:51   and you try to take the sound that was in the air when people playing the instruments and put it somewhere such that you can get

01:54:56   the most back from what you heard in that room from like the actual sound that was produced

01:55:00   CD even just plain CD is more able to capture and reproduce accurately the sounds that were in that room

01:55:07   Than vinyl. I'm pretty sure and Marco can confirm if you want that is just a more or less

01:55:14   Undisputable fact due to the limitations of the medium confirm. So that's the problem where they got into they were talking about vinyl

01:55:20   CD, all this other stuff.

01:55:22   Like, just ignore everything else and just say, like,

01:55:25   there's sound in a room, you want to capture that sound,

01:55:28   and put that sound back out into the world somehow.

01:55:31   Like, you want to capture that information.

01:55:32   Vinyl has limitations in terms of frequencies that it can accurately reproduce

01:55:36   and how well it can, you know, capture what was in that room

01:55:39   that CD doesn't have, right?

01:55:41   So, that, I think, and you can Google that and do all the stuff you want to see,

01:55:45   what kind of frequencies can vinyl reproduce, and what are the limitations,

01:55:49   and what is the top end and the bottom end, and how well can it produce high frequency sounds versus low frequency sounds, and distortion.

01:55:55   This is even before you get into, like, every time you play a vinyl record, you're damaging it and all these other things, you know, making little grooves in wax and all this crazy stuff.

01:56:02   That fact sits there and flies in the face of all the discussion of vinyl versus CD, CD versus vinyl, because when you're talking about medium, that's different.

01:56:10   Now why could normal, reasonable thinking people come to the conclusion that, you know,

01:56:16   why does Faith think that vinyl is the highest quality, you know, if I want to listen to

01:56:21   music that's higher quality than MP3s or CDs, I'll just go listen to vinyl.

01:56:25   Why could she come to that conclusion?

01:56:27   Because there is much more to what music sounds like than just how well is the medium able

01:56:33   to capture sound, right?

01:56:35   And we've talked about this on past shows.

01:56:37   a stupid loudness more, where they mastered everything for CD and kept cranking up the,

01:56:42   you know, the whatever, I don't know the term for it, but like if you look at the waveform,

01:56:45   the waveform slowly fills the entire thing. The dynamic range between the quiet section

01:56:48   and the loud section disappears and the whole song is loud. That sounds like crap. They

01:56:52   didn't do that in the era when most vinyl was made. So vinyl sounds quote unquote better.

01:56:56   So if you hear the same album on vinyl and CD and the CD one is over compressed and cranked

01:57:02   up and the vinyl one is not, of course the vinyl one's gonna sound better, but that's

01:57:06   That's not even the same song anymore, it's different audio.

01:57:09   So that's one reason that vinyl could sound better.

01:57:11   Like legitimately really sound better, because it was mastered differently.

01:57:14   In the early days when they were making vinyl, from what I've read, since vinyl has a different

01:57:18   frequency response than CDs, they would master it as if they were sending it to vinyl, like

01:57:23   they would overboost the treble or whatever frequencies that vinyl would have trouble

01:57:26   reproducing, they would have to crank those up because they know a lot of those would

01:57:29   get muffled by the vinyl, and they'd just take that same master and put it on CD and

01:57:32   it would sound terrible because CDD doesn't have those limitations. It can reproduce those

01:57:36   sounds accurately and it's a more linear range between them. You don't have to say, "Well,

01:57:41   this treble's gonna..." I don't even know if it's treble, whatever. "This treble's gonna

01:57:44   get swallowed, so we really need to crank it up, but don't worry when you carve those

01:57:47   little grooves into the vinyl disc, it will all sound good." Again, if you take the same

01:57:51   album from the same master, "Oh, the CDD sounds terrible, the vinyl sounds good," it's because

01:57:55   vinyl is swallowing up half of the things that are there, and the master was made for

01:58:00   All these things can contribute to the idea that vinyl sounds better, because in a particular album or a particular song, the vinyl recording may be better mastered, or you may simply prefer that those frequencies be attenuated the way they are on vinyl.

01:58:14   vinyl. And what happens is if you don't have all this background and all these nitty-gritty

01:58:19   details, your experience, your lived experience will be, "When I hear this song on MP3s, it

01:58:25   sounds like crap. When I play it on my fancy vinyl things, it sounds awesome. Therefore,

01:58:29   vinyl sounds better." And it's just Game of Telephone that over and over again in Austin

01:58:33   and the hipster community, and it's just an accepted fact that vinyl is higher quality

01:58:37   than CD.

01:58:38   Well, see, man...

01:58:40   You've jumped from something that has a basis in reality all the way to a conclusion that

01:58:45   has no basis in reality, in fact.

01:58:47   And you can't say vinyl is better than CD because it is not.

01:58:51   Well, okay, I understand where you're coming—well, it's not even where you're coming from.

01:58:56   I understand what you're saying.

01:58:58   And by and large, I do agree with it.

01:59:00   But it's more than just—I think playing it off as a game of telephone for both Faith

01:59:04   and I is not really being fair, because both of us have legitimately experienced really good setups

01:59:12   in the homes in which we lived at some point or another. And I don't know if I can speak for faith,

01:59:19   but I know I have listened to a CD and then the exact same song from the exact same album.

01:59:24   But you don't know it was the exact—that's what I'm saying, you don't know it was the same song.

01:59:27   Sure, no, no, no. It could have been mastered differently, and there's nothing I can say

01:59:32   to refute or dispute what you had said about different mastering. You absolutely could be

01:59:37   right about that. But one way or another, I can tell you that I've listened to CDs and I've

01:59:41   listened to vinyl and be it the mastering or be it the medium, and yes, the medium is kind of

01:59:46   inherently flawed in the cracks and the hisses and the pops and whatnot.

01:59:49   Kind of.

01:59:50   But never-

01:59:51   And in the frequency response and in the things that it can reproduce. There was sound in the

01:59:56   room when people played that music. How many of those sounds can be recorded and played back by

02:00:01   vinyl. It is a smaller subset of sounds than CD.

02:00:05   And I haven't looked at any of the research because Marco wouldn't let me.

02:00:10   [music]

02:00:11   But that very well could be true. I find that a little hard.

02:00:15   You got into this on the show as well, because you're trying to think of things that sound

02:00:19   reasonable that are like, "Oh, well, it's inherently like an analog." Didn't you take

02:00:22   signals and systems in school?

02:00:23   Yes, but that was so—

02:00:24   You know the analog versus discrete signals? Marco has a good video that you should see

02:00:28   about—

02:00:29   I watched it.

02:00:30   sampling. If you still subscribe to it, even after seeing the math and taking signals and

02:00:36   systems or whatever, if you don't find that approach convincing, although you should,

02:00:42   because it's true, an alternative approach is, think of it this way. When you take sound

02:00:48   and you translate it to carving a little valley in plastic, you are inherently taking a signal

02:00:55   like it you know the music say that say you're recording directly it this is not

02:00:59   how it works but say you're recording directly into the grooves in the vinyl

02:01:01   you're taking something and you're encoding that signal in a groove in

02:01:07   plastic what do you think has better resolution those samples and bits that

02:01:11   you're taking or the variations you can make precisely in grooves in plastic

02:01:16   like talk talk about quantizing and like you know if you if you subscribe to that

02:01:20   theory like oh it's inherently a continuous function in your sampling how

02:01:23   How can you ever reproduce the original single?

02:01:24   Which is BS, you totally can.

02:01:26   But think of what you're doing when

02:01:27   you're making a groove in vinyl.

02:01:29   Do you think, oh, that can completely accurately encode

02:01:32   this information, because we can so precisely control

02:01:35   how we wedge these atoms out of the way in this vinyl

02:01:38   to make this little valley.

02:01:39   I mean, look at under the microscope.

02:01:41   Is that a precise trail that's being drawn there?

02:01:43   Do you think that's more precise than 16-bit samples

02:01:46   at 44 kilohertz?

02:01:47   No, it is not.

02:01:48   And it's borne out by what kind of frequencies

02:01:50   you can get out of that, let alone the variations

02:01:52   individual stamping or carving of vinyl, it's insanity to think that vinyl as a medium is

02:01:59   better than digital things. Mastering is what it's all about.

02:02:04   Here's how you make things sound good. You listen on a really, really good system, which

02:02:12   is usually--systems that are like, you know, really good and expensive are usually owned

02:02:17   by upper-middle class men in their 50s and up.

02:02:22   my dad. Right. And these upper middle class men in their 50s and up probably listened

02:02:29   to music from the 60s and 70s. And music from the 60s and 70s, if you have a CD version

02:02:36   of the same thing, was probably one of the old crappy CDs that was mastered back when

02:02:41   CDs were too young, as John was discussing, and a lot of the masters were really bad,

02:02:45   and a lot of the translations to CD were really badly done. It's also possible that you were,

02:02:51   comparing it to things like MP3s that were encoded in the late 90s when MP3s were new.

02:02:57   And MP3 encoders used to be really, really bad, and now they're really, really good. So there's

02:03:01   all these other factors. Now, the way you make things sound good is you listen to well-recorded

02:03:07   music, and there's a good chance that old 50-year-old men with a lot of money with big

02:03:16   stereos, they're probably listening to pretty good music, honestly. Music that

02:03:21   was probably recorded better was probably... well, maybe not recorded better,

02:03:24   music that was played with more real instruments and less artificial

02:03:29   tweaks to the sound, and less electronic instruments, if any. You know, there's

02:03:36   there was a lot more there, like of substance that you could detect on a

02:03:40   good stereo, where, you know, compared to like the very artificial clean sound of

02:03:45   of modern stuff. So they're listening to stuff that sounds better at higher resolution at

02:03:50   higher detail. They're listening on really good stereos and they're making an event out

02:03:55   of listening. This is the most important part by far. They're paying attention. When you

02:03:59   are told, this is why ABX testing is so important, when you are told, "Listen to this, this is

02:04:06   going to sound amazing," and it's played on a great stereo and you are expecting it to

02:04:11   sound amazing because you've just been told it will sound amazing and you want it to sound

02:04:14   amazing because it's an attractive idea of the old, the romantic, the analog being superior

02:04:20   to the new crazy things that the kids are doing these days. That's a very nice attractive

02:04:23   idea to people. They want that to be true. So you're being told it's going to sound better.

02:04:28   You're in an environment where it looks impressive. You're probably in front of an impressive

02:04:31   looking stereo and maybe it has some old crazy things like tubes or at least, I mean, hell,

02:04:37   record players themselves are pretty crazy analog things, especially the really advanced

02:04:42   ones that are probably in these advanced areas that have the electrically moving arm and

02:04:45   all this other stuff. So you're told to expect it, it looks impressive, the system looks

02:04:51   impressive, it looks exotic and old and romantic, and then the music starts playing and you

02:04:58   pay attention to it. This is critical. You're not just putting music on, you are listening

02:05:04   to the music. And you're trying to hear, you're paying attention to what it sounds like, you're

02:05:09   listening for details. You're trying to hear details you've never heard before. And then

02:05:14   you say, "Oh my god, I'm hearing details I've never heard before." Which is probably true,

02:05:20   but it's not because of anything inherently awesome about any individual component of

02:05:23   that necessarily to the exclusion of its alternatives. It's because you're paying attention, you're

02:05:29   romanticizing the event, you're making, you are telling yourself to enjoy the

02:05:33   event, so you are enjoying the event. You're telling yourself it sounds good

02:05:37   and the inputs you're getting from other factors like its appearance or

02:05:41   the setting or what other people are telling you about it. All these inputs

02:05:45   are telling you this will sound great. So then when you listen, it sounds great.

02:05:51   And that's not to invalidate the experience because who cares? If you're

02:05:54   enjoying it and it sounds great, then it worked. Like the system worked, basically.

02:05:57   all the money you spent, if it's making you happy, then everything worked. And another possibility

02:06:03   is that people who have grown up with, or even if you haven't grown up with, you may simply prefer

02:06:09   the sound of inaccurate reproduction of live music. You may prefer those frequencies to be

02:06:15   tamped off. You may prefer that there's sort of an underlying noise to be underneath all the...

02:06:19   That may sound better to you, because better is subjective. That may sound better to you. That's

02:06:24   fine to say "I like the sound of vinyl better than CD because I like those things."

02:06:31   It may be inaccurate because, again, you'd have to say "Okay, fine, we'll get you the

02:06:34   same stereo, we'll take the same song, master the same way, and we'll do this controlled

02:06:37   experiment and play one off CD and one off vinyl."

02:06:40   A) See if you can tell which one is which.

02:06:42   And B) If you can tell, then just say which one you prefer.

02:06:44   Because once you can tell, you may say "Oh, I prefer the vinyl one," or whatever.

02:06:46   But it doesn't matter.

02:06:47   Whatever you prefer is whatever you prefer.

02:06:49   Where this goes wrong is when you say "higher quality," because I guess you could say that's

02:06:53   subject to do, but higher quality, when we're talking about audio, it's the definition

02:06:56   I gave at the beginning. When this music was played, there was sound in the air. We want

02:07:01   to take that sound, put it somewhere, and bring it back. Which way can we do that so

02:07:06   we lose the least amount of information and CD wins over vinyl? That's it. That's the

02:07:13   foundation of this entire thing. Everything else you can say is, you may say you prefer

02:07:17   one thing over the other or one thing makes you happier. If something makes you happier,

02:07:20   fire and you prefer one thing over the other you could still be challenged to say okay

02:07:24   we'll give you a double blind test or an ABX test let's see if you can even tell which is

02:07:28   which you probably can't and if you can tell maybe you're not sure which is which so then

02:07:32   you've sort of punched a hole in your own kind of well I prefer that over the other

02:07:35   because maybe you really don't prefer it but whatever you wouldn't subject yourself to

02:07:38   that test unless you're trying to ruin your fun if it if it makes you happy to listen

02:07:42   to vinyl fine but where people go crazy about this and where you start to get into audio

02:07:47   is where you start really truly believing that vinyl is the highest quality reproduction of music available.

02:07:53   It may be the best mastered version of that song available, that may be true, and that's why I said like

02:07:57   Pono might be better because it'll get better mastered versions of that, and you can say that if you think that's true.

02:08:02   But that's why everyone's going nuts over this thing, is when you get into like, oh it sounds fuller and richer,

02:08:07   and it's analog and all that other stuff, that's what drives nerds, let's be face it, nerds only, nuts.

02:08:13   nuts. Everyone else just enjoys their music. So maybe you should just listen to the music

02:08:17   you like in the way you want, enjoy it, and not worry about it. But I guess don't go

02:08:21   on podcasts with "Geek" in the title and talk about how vinyl is better than CD.

02:08:24   May I have the floor, please?

02:08:26   You may.

02:08:27   Are you two done?

02:08:28   Probably not, but go ahead. I doubt it.

02:08:30   I'm stone sober and I'm so angry right now. Okay, there's a few things. Firstly,

02:08:38   I should make it plain that when I came to the conclusion that vinyl was better, and

02:08:44   I cannot speak for faith, but when I came to the conclusion that vinyl was better, in

02:08:49   the limited experience that I have, it was because I was playing modern recordings.

02:08:54   One was Dave Matthews, which, Marko, Snicker, all you want, but they are well recorded.

02:08:58   And the other was Soundgarden. I forget the name of the album, but it was the one with

02:09:12   "Black on the Sun". I played, or my dad played either the vinyl or the CD and picked one

02:09:21   of the songs and immediately played the other immediately after. Yes, I know. I knew which

02:09:27   one was which. Yes, I was predisposed—or arguably predisposed—to like one better than the other.

02:09:33   So yes, from a purely scientific point of view, you could say that this test was flawed. Yes,

02:09:40   you could say that the dramatic difference that I heard, which is exactly how I would describe it,

02:09:46   was all in my head. It very, very well could be. I have no—

02:09:49   It could have been volume.

02:09:51   Yeah, in fact, it's been shown that like in blind tests, people overwhelmingly prefer

02:09:55   an input that's like 0.1 decibel turned up more than the other one, even if the hardware

02:10:02   is identical.

02:10:03   Yep, it just has to be slightly louder and you'll sound better. Anyway, continue.

02:10:08   So regardless of whether or not it's based in science, I can tell you that I definitely

02:10:17   heard a difference and I definitely preferred vinyl. I will be the first to tell you that

02:10:22   But yes, the medium is inherently flawed. You're screwing it up every time you use

02:10:26   it. You're going to have to get over hisses and pops and crackles and whatnots. Yes, most

02:10:31   of my father's record collection was bought in the 50s, 60s, and 70s. But yes, he does

02:10:37   have a record cleaner specifically designed to clean LPs that he uses almost every time

02:10:43   he plays a record. Yes, his CD player is so ridiculously out of control that it's actually

02:10:49   a—what do you call a CD?

02:10:51   It's a transport, right?

02:10:52   Yes, thank you. It's a transport and his digital analog converter, I believe, uses tubes because at some point or another that was the trendy thing to do and people believed it sounded better.

02:11:01   Oh, in many communities that's still the case, by the way.

02:11:04   Yes, you could argue that all of this is just one placebo on top of another on top of another.

02:11:09   But I think it was one, I don't remember which one of you was that said it, but one way or another, let's assume I'm wrong.

02:11:16   And let's assume for the sake of conversation that I'm just completely full of it.

02:11:20   Even if that's the case, the experience of going to a shelf full of vinyl and finding alphabetically

02:11:29   the particular LP you want, removing it—this humongous disc that's like a foot wide or

02:11:35   whatever it is—removing it, placing it on the cleaner, putting the little solution on it,

02:11:41   having the little turntable cleaner things spin and vacuum up the solution as you shimmy it across

02:11:46   the record, moving that— Sounds like it sucks.

02:11:49   Don't you f***ing get me started about coffee.

02:11:51   All right, so anyway, so you move the record over to the turntable,

02:11:56   you guess, you freaking guess where it is the song you want to play starts.

02:12:02   And you're probably going to be wrong. Well, you can look at the little smooth rings.

02:12:05   I don't know, you don't have to look, you can just see.

02:12:07   I know, I know, and dad who has done this for 30 years is much better at it than I am.

02:12:13   All of this adds to the experience. Oh, and I forgot to mention all the album art when that was still a thing and still freaking mattered.

02:12:19   All of that picking picking the record out of the out of the sleeve gingerly

02:12:23   All of this adds to the experience and makes it more enjoyable for me. Don't forget chucking the disc of zombies

02:12:32   The what is that some reference? We didn't have a reference you guys didn't get I had to throw one in anyway, right?

02:12:37   I'm glad we hit the quota

02:12:40   For you, Marco, to sit here and tell me I need to ABX test and blah, blah, blah.

02:12:45   When's the last time you ABX'd your coffee versus Starbucks?

02:12:48   He didn't tell you you needed to ABX test.

02:12:51   Like all that stuff you said is fine.

02:12:52   No one is arguing against like the tea ceremony sort of thing you have going to

02:12:55   that. Like again, I said, whatever makes you happy, then go for it.

02:12:59   Like there's no reason to subject yourself to these scientific tests if they're

02:13:02   just going to make you enjoy life less. Like don't do it. Right. Just, but,

02:13:06   But you also then can't make claims like vinyl is the highest quality source of music available.

02:13:11   Because in that sentence you didn't say, "What I really mean is that when they master things

02:13:15   for vinyl they have more dynamic range than my preferred..." Like you didn't say that. You said

02:13:19   vinyl. And like it ends, you end up talking about the mediums. And then when you stray off into,

02:13:24   "Well, digital can't capture all the nuances because it's discrete instead of continuous,"

02:13:28   like you're just off into the weeds and that's where people yell at you. And it's like,

02:13:31   stick to your actual... No one will argue with you when you say you really enjoy the ceremony

02:13:35   of dealing with vinyl. No one will argue with you when you say, "Well, come on, this is

02:13:38   the internet, somebody will argue." Well, I know, but they haven't had a leg to stand

02:13:41   on if you say, "I played this song on vinyl and this song on CD." Specific songs! And

02:13:46   I liked it better on vinyl. Fine, you like what you like. You get into trouble when you

02:13:49   go into categorical, scientific statements about capturing audio waveforms and reproducing

02:13:57   them. And that's where it all goes off the rails. And that's where I think if you're

02:14:00   in that kind of community long enough where everyone reveres vinyl as a sort of thing

02:14:03   to do, eventually it just becomes like, well, everybody knows vinyl sounds better, and it

02:14:07   just becomes accepted wisdom.

02:14:08   And that's where, not you so much, but more faith-like, it just becomes like, in your

02:14:11   circle, of course vinyl sounds better than CD.

02:14:14   Everybody knows that.

02:14:15   It's an obvious fact, I can't even believe you're arguing with me about it.

02:14:19   And that's what infuriates people, that inside that community, this stuff just wraps around

02:14:23   on itself again and again until eventually it becomes accepted wisdom that vinyl is better

02:14:26   than CD, which is not a true statement in and of itself, and the nuances are now lost,

02:14:31   and it just becomes like, that's why I was talking about like the game of telephone,

02:14:34   where it's like a generation of people who don't know or care about the technical details,

02:14:38   and know they like the sound of vinyl better, but they don't know why, and their conclusion

02:14:42   they come to is false.

02:14:43   See, and you can take issue with the entire city of Austin believing the vinyl's better

02:14:48   as long as you put an asterisk at the end and say "accept faith."

02:14:51   And the same thing with me, because we have come to this conclusion from personal experience.

02:14:56   There's no game of telephone for us.

02:14:59   Now, every other person on the planet that claims vinyl is better, fine, telephone.

02:15:02   No, no, because in her initial reaction was like, "Well, I would just listen to it on

02:15:06   CD or on vinyl." She just threw it out there like, "Well, of course, everybody knows

02:15:08   that," like, it wasn't a controversial statement when she first made it. And I think

02:15:12   that's why she was taken by surprise by like, and she's, you know, she backpedaled

02:15:15   and tried to more narrowly divine or whatever. But like, that's what I'm, I listened to

02:15:19   the, listen to the episode if you haven't already.

02:15:21   I have, I have since, since I recorded.

02:15:23   She threw it out there like, as if it's like, "Well, everybody knows that in my circle,"

02:15:26   like, "Well, that wasn't the topic. The topic wasn't vinyl versus anything." She's like, "Well,

02:15:30   I would never buy this stupid triangular player, because if I actually really cared about high

02:15:33   quality music, I'd just listen to it on vinyl." And then Jason was like, "What?" You know,

02:15:36   because he's not coming from that same environment. And then she had to think about, "What do I mean

02:15:42   by that?" Like, if it's accepted wisdom in your circle of friends, you don't think about, "What

02:15:46   do I mean by that? Does it have to do with the mastering? Is vinyl actually better able to—"

02:15:50   Like, you know what I mean? And maybe that hasn't been thought through.

02:15:52   But I don't think that she was intending to make a declaration about the world as much as

02:15:56   I probably was. I think she was more trying to say, "Hey, this is what I feel, and this is what

02:16:02   I think." I don't think she was trying to be the representative for Austin, Texas/Hipsterville, USA.

02:16:07   I can't speak for her, but I'm pretty sure that wasn't the intention. For me, I was more going

02:16:12   for a global. But… You were, and you should listen back to yourself and watch that video that

02:16:17   Marco sent over and over again. Do exercises in your signals and system books until you convince

02:16:21   yourself that it's BS. But anyway, the reason I brought it up on this show and in the after show

02:16:26   is because I don't want to bring it up on IRL talk because I already had an episode where I

02:16:29   harangue them and Faith does not need to be harangued, but I figured you could take some

02:16:32   haranguing. Well, thank you. And I still want to go back to, I do not understand how a man that

02:16:39   spends an unbelievable amount of time fussing over a drink that's inherently disgusting and not

02:16:44   helpful can throw stones at me because I want to enjoy music in my own little way. When's the last

02:16:50   last time you ABX tested your f***ing coffee?

02:16:52   I would love the opportunity to.

02:16:54   Well, the problem with coffee and stuff like that is that there's no, like, it's not like

02:16:58   captioning audio waveforms. There is no original and a reproduction. So there is no sort of

02:17:02   objective criteria by which you can judge it at all. It's all like, how does this taste

02:17:06   to you? And then you could test it to say, well, does this really taste better? Made

02:17:09   with these special beans or whatever. But like, it's all subjective. So, you know, like

02:17:14   we could really replace his specially made coffee with K cups for a week and see if he

02:17:18   notices. I bet he would notice. I mean, hey, if you want to if you want to

02:17:22   orchestrate that I will gladly participate. No, because I don't like coffee. I don't want to be around it.

02:17:28   Well, see Marco, because Marco is trying to find like he's, although he does all

02:17:32   these fussy things, I think what he's like, if there was some way that he could

02:17:36   like snap his fingers and instantly have a cup of coffee with no mess and no

02:17:39   muss I think that tasted good to him, I think he would do it. Like he's not, he's

02:17:42   not going out of his, you're not going out of your way to find the most

02:17:45   complicated way to make coffee. No, in fact, making coffee my way, I don't

02:17:50   think actually takes more overall effort than using like a regular drip pot like

02:17:54   everyone used for years. It is a little more effort than using a cake-cup

02:17:57   machine, but it's like, I use an AeroPress, and I don't even do a super fussy

02:18:01   AeroPress. You roast your own beans though, so that kind of cranks up the

02:18:06   fussiness meter. You want to buy a roaster, invent it outside so your house

02:18:10   doesn't fill with smoke, and figure out how to use the roaster. It takes 15

02:18:15   minutes every 10 days. I just say like the point is like the reason you're

02:18:18   doing that is because you're trying to find the minimum like a coffee that

02:18:21   tastes good to you but that also doesn't absorb your entire life in making it.

02:18:25   Right and and the reason why I've been doing all this audio research recently

02:18:30   is because I also am an audiophile but I'm I'm not a ridiculous one like I'm

02:18:35   really really super into good headphones and speakers I care a lot less about

02:18:39   because I just don't have a lot of opportunities to listen on speakers

02:18:42   right now in my life, but I'm really into really good headphones. And I have now what

02:18:48   I would consider pretty ridiculous equipment. But getting here involved a lot of research

02:18:54   and finding out like what mattered to me and what didn't, and what matters to science,

02:19:00   and what stands up to ABX test and what doesn't. And it's all about striking a balance between

02:19:05   practicality and cost and quality.

02:19:10   And your vinyl crazy tea ceremony is the exact same way.

02:19:16   You're looking to get something out of that and you get it out of that.

02:19:18   If it's worth it to you, fine.

02:19:20   I agree with Jon though that you can't just go and say, "Oh, well, X is better than Y."

02:19:24   If you're not saying, "Well, I enjoy the procedure of X more than I enjoy the procedure and experience

02:19:30   of Y."

02:19:32   But the reason why I pick on this sort of stuff in the audio world and in the coffee

02:19:37   world even is because people do a lot of wasteful, stupid things that actually don't have any

02:19:44   effect.

02:19:45   And again, if they enjoy them, that's fine.

02:19:48   But the problem comes in when they start telling other people, "If you do this, it will be

02:19:52   better," or "If you buy this, it will be better."

02:19:55   That actually gets destructive.

02:19:57   But that's what you do with coffee.

02:19:59   That's exactly what you do with coffee.

02:20:01   I'm sure I could Google a post where you told us about how roasting your own beans is the only way to do it.

02:20:05   Actually, every time I've mentioned roasting my own beans on my site, I say you shouldn't do this.

02:20:10   Well, I guess I guess let's go back to taste being subjective. Like, it's not like audio where we

02:20:16   have a way to "here is the original, and let's see what we can reproduce in that," and like,

02:20:20   the generally accepted level for quality in audio is like, we want to reproduce the original as

02:20:23   accurately as possible. And like, and I don't even think that necessarily makes people feel as good,

02:20:28   because the original is not just a waveform, it's like where you're sitting in the room

02:20:32   and vibrations coming through your seat and like there's so many things about live music

02:20:35   that are different than normal. So again, you could be the type of person to say, "I

02:20:39   prefer when the original single is reproduced inaccurately in these ways. In fact, in particular,

02:20:45   the ways that vinyl tends to inaccurately reproduce it. That's what I like better."

02:20:49   Fine, you can like it, but our standard for audio is compared to the original. There's

02:20:53   There's no standard for coffee.

02:20:54   If you like McDonald's coffee, Dunkin' Donuts coffee, K-Cups, like, whatever you like is

02:20:59   what you like, you can't say, "Well, that's not how coffee's supposed to take," because

02:21:02   then it's just all subjective.

02:21:04   Marco has particular tastes in coffee, and to his tastes, Starbucks is gross, and what

02:21:08   he makes is good.

02:21:10   Someone may love Starbucks and hate his coffee or whatever, but there's no easy yardstick,

02:21:14   except for, like, I guess something that damages your body by drinking it.

02:21:17   We can all agree that you probably shouldn't have that, although maybe that's a bad choice

02:21:21   for coffee.

02:21:22   Well, no, but I think coffee does damage your body, and before Marco interrupts me, what

02:21:26   I mean by that is—

02:21:27   Science doesn't.

02:21:28   What I mean by that is, part of the reason I don't ever want to learn to like coffee

02:21:33   is because I don't ever want to rely on having something in order to get my day going.

02:21:38   I can go a week without a Diet Coke, but I like to, no.

02:21:42   But I don't run my life based on whether or not I've had my lunchtime Diet Coke,

02:21:47   and maybe Marco isn't this way, although I feel like you are, but most people I know

02:21:51   that I work with, for example. They go in and they don't want to be talked to until they've

02:21:56   stuck a cake up in the Keurig. And they can't—they feel like they can't function until they've

02:22:03   completed that stage of their mourning. And that just sounds positively frickin' terrible to me.

02:22:08   It really does.

02:22:09   Well, Marko's already said he doesn't like that aspect of coffee. I mean, because it's—I mean,

02:22:13   he's a caffeine addict, you know.

02:22:15   I am a caffeine addict in that if I don't have coffee, I will get a headache by about

02:22:19   4 p.m or so. But Casey, when do you think I have my first cup of coffee today?

02:22:23   Oh, well, you probably woke up at noon, right?

02:22:26   I woke up at about 8 30.

02:22:27   Okay, that I was totally giving you a hard time.

02:22:29   I woke up at 8 30. I worked all morning. I had my first cup of coffee at about 2 30.

02:22:34   How are you waking up at 8 30? Your wife is a saint.

02:22:37   My kid wakes up at 8 or 8 30.

02:22:40   8 30? Your child is a saint. Yes. That's insane. You should not share that widely.

02:22:47   People will hate you.

02:22:49   The point I'm driving at is less about the time, but more about if you do not consume a cup of

02:22:53   coffee during the day or equivalent caffeine, something is amiss in your world. Could you live

02:22:59   with it perhaps, but something is amiss. And I just don't want that in my life.

02:23:03   Oh, agreed. So then instead you listen to vinyl, which involves washing things and sleeving them

02:23:08   and wiping the wash off the sleeve. He doesn't even have a record player.

02:23:12   Right. I never do. The only time I listen to vinyl is when I met my mom and dad's,

02:23:16   which up until two months from now, they lived in Connecticut. So, I listen to vinyl two or three

02:23:22   times a year. And you know what? Maybe that's why I romanticize it so damn much. Maybe it's because

02:23:26   I grew up with it. There's a million reasons why. And I will concede that I should not have said

02:23:33   that it is the be-all, end-all, better mechanism for listening to music. But I will not concede

02:23:39   that in any experience I've ever had, I prefer it be it placebo or otherwise.

02:23:45   I still love you guys even though I want to kill you both.

02:23:47   Hey Marco got follow up too.

02:23:49   You are.

02:23:50   You are.

02:23:51   You are.

02:23:51   [BLANK_AUDIO]