Thu. 01/09 – The Wildfire App Everyone In LA Has Been Using - Tech Brew Ride Home

Summary5 min read

Techmeme Ride Home – Thursday, January 9th, 2025

Host: Brian McCullough
Publisher: Ride Home Media
Duration: 15 minutes
Release Date: January 9, 2025

1. Security Alert: Avanti’s Zero-Day Vulnerability in Connect Secure VPN

Brian McCullough opens the episode by highlighting a critical security issue affecting Avanti’s widely used Connect Secure VPN tool. Quoting TechCrunch at [00:04], McCullough explains:

“The critical rated vulnerability, tracked as CVE2025-0282, can be exploited without any authentication to remotely plant malicious code on Avanti's Connect Secure, Policy Secure, and ZTA gateways products.”

This zero-day vulnerability poses a significant threat as Avanti’s VPN solution is prevalent across organizations of all sizes and industries. McCullough details that the flaw was identified after Avanti’s Integrity Checker detected malicious activities on customer appliances.

“Avanti confirmed threat actors were actively exploiting a zero day, which means the company had no time to fix the vulnerability before it was discovered and exploited,” he states [01:10].

While a patch for Connect Secure is available immediately, updates for Policy Secure and ZTA gateways are expected by January 21. This incident follows last year’s security overhaul pledge by Avanti after multiple vulnerabilities were exploited, leading to large-scale hacks.

2. Apple Defends Siri’s Privacy Amid Data Usage Allegations

Next, McCullough addresses Apple’s recent statements regarding Siri and user data privacy. Quoting The Verge at [02:15], he conveys Apple’s firm stance:

“Apple has never used Siri to build marketing profiles, never made it available for advertising, and never sold it to anyone for any purpose.”

This clarification comes in response to rumors suggesting that Apple might have utilized Siri recordings for advertising, following a $95 million settlement over a lawsuit concerning Siri’s data handling. McCullough emphasizes:

“Users can easily opt out at any time,” highlighting Apple’s commitment to privacy [03:30].

He draws parallels with Facebook’s historical responses to similar allegations, underscoring the significance of Apple's public defense of its privacy practices.

3. Google Launches AI-Powered Daily Listen Feature

Transitioning to advancements in AI, McCullough discusses Google’s rollout of the Daily Listen feature, as reported by 9to5Google at [03:36]. This new feature leverages AI to create personalized five-minute audio summaries based on the user’s interests and search habits.

“Daily Listen takes all of that into account to create a five-minute or so episode that provides an overview of stories and topics that you follow,” McCullough explains [03:36].

Accessible via the Google app’s search bar carousel, users can interact with the feature through a full-screen player that includes playback controls and transcript visibility. Feedback mechanisms allow users to refine their experience, ensuring the content remains relevant and engaging. The feature is currently available to Android and iOS users in the US, with a phased rollout commencing on the day of the episode’s release.

4. Potential Acquisition: SoftBank and ARM Eye Ampere

In the business sector, McCullough reports on Bloomberg’s coverage of potential acquisition talks involving SoftBank and ARM targeting Oracle-backed Ampere, a designer of ARM-based server CPUs [05:00].

“Ampere is reportedly exploring its options,” he states, noting the company’s valuation was $8 billion during a proposed minority investment by SoftBank in 2021.

The discussion highlights Ampere’s strategic importance in the current AI-driven market, where demand for specialized server chips is surging. McCullough elaborates:

“The market has grown more competitive, with several large tech companies rushing to develop the same kinds of chips that Ampere makes,” [05:30] emphasizing the critical role Ampere plays in the data center industry’s evolution.

ARM’s transition from a licensor to a more comprehensive chip manufacturer further complicates the acquisition landscape, as Ampere seeks to navigate a path that may lead to greater industry consolidation.

5. Spotlight: WatchDuty App’s Role in LA Wildfires

The centerpiece of today’s episode is the WatchDuty app, which has seen a dramatic surge in usage amid the recent wildfires in Los Angeles. McCullough provides an in-depth look at how this app has become indispensable for residents and responders alike.

Quoting The Los Angeles Times at [07:07], he describes WatchDuty’s functionality:

“WatchDuty combines publicly available maps of fire incidents and evacuation order and warning zones with shelter locations, National Weather Service alerts, and real-time text, photo, and video updates.”

With over 7.2 million annual active users and 600,000 new users in just 24 hours during the LA wildfires, the app’s impact is profound. CEO John Mills shares his perspective:

“What's happening right now in LA is the worst I've seen in five years. It's catastrophic... but I'd rather be doing this than not doing anything,” Mills states Emotionally [07:25].

The app’s robust infrastructure, supported by 15 employees and around 200 volunteers, ensures timely and accurate information dissemination. McCullough highlights user testimonials from social media, emphasizing the community’s reliance on WatchDuty:

“I live in Butte County, where the Campfire was in 2018, and WatchDuty has been immeasurably helpful,” shares one user on Threads [15:30].

WatchDuty’s proactive approach includes automated alerts from 911 dispatch calls, real-time monitoring through various channels, and coordination with first responders and officials. The app has already alerted the public to over 9,000 wildfires this year and continues to expand its services to include other natural disasters like flooding and extreme weather events.

“We let the genie out of the bottle so the world would know things could never go back to the way things were,” Mills concludes [16:00].

The funding boost of $5.6 million from grants, donors, and a new subscription model underscores the app’s growing influence and the critical need for reliable disaster management tools in today’s volatile climate.

Conclusion

Brian McCullough wraps up the episode by reiterating the significance of the topics discussed, particularly the transformative role of technology in addressing both security vulnerabilities and real-time disaster management. For those looking to stay informed on the latest in tech, McCullough’s comprehensive coverage provides valuable insights into the ever-evolving landscape.

Note: This summary excludes promotional content and non-content segments such as advertisements, intros, and outros, focusing solely on the informative portions of the episode.

Loading summary

Transcript11 lines

[00:04]
Brian McCullough
Welcome to the Techmeme ride home for Thursday, January 9th, 2025. I'm Brian McCullough. Today, big new zero day to tell you about Apple says Siri is Safe Honest Google rolls out an AI Daily Listen audio feature looking at the next wave of wearable AI. And let me tell you about WatchDuty, the app that everyone in LA was using overnight. Here's what you missed today in the world of tech Foreign is warning that threat actors exploited a critical rated zero day in its widely used Connect Secure VPN tool to compromise its corporate customers networks. Quoting TechCrunch, Avanti said on Wednesday that the critical rated vulnerability, tracked as CVE2025 0282, can be exploited without any authentication to remotely plant malicious code on Avanti's Connect Secure, Policy Secure and ZTA gateways products. Says its Connect Secure Remote Access VPN solution is the most widely used adopted SSL VPN by organizations of every size across every major industry. This is the latest exploited security vulnerability to target Ivante's products in recent years. Last year, the technology maker pledged to overhaul its security processes after hackers targeted vulnerabilities in several of its products to launch mass hacks against its customers. The company said it became aware of the latest vulnerability after its Avanti Integrity checker tool flag malicious activity on some customer appliances. In an advisory post published on Wednesday, Avanti confirmed threat actors were actively exploiting a quote zero day, which means the company had no time to fix the vulnerability before it was discovered and exploited, and that it was aware of a limited number of customers whose Avanti Connect Secure appliances were hacked. Avanti said a patch is currently available for Connect Secure, but that patches for Policy Secure and ZTA gateways, neither of which have confirmed exploitability, won't be released until January 21. The company said it also discovered a second vulnerability which has not yet been exploited. Avanti has not said how many of its customers are affected by the hacks or who is behind the intrusions. Spokespeople for Avanti did not respond to TechCrunch's questions by press time.
[02:10]
Unknown
End quote.
[02:16]
Brian McCullough
Apple wants you to know it has never used Siri data to build marketing profiles and never sold it for advertising or other purposes. This comes, of course, after they had to pay up $95 million to settle a lawsuit around activities that sounded like they were doing that very Quoting the Verge Apple is refuting rumors that it ever let advertisers target users based on Siri recordings. In a statement published Wednesday evening describing how Siri works and what it does with data. The section specifically responding to the rumors reads, apple has never used Siri to build marketing profiles, never made it available for advertising, and never sold it to anyone for any purpose. We are constantly developing technologies to make Siri even more private and will continue to do so. The conspiracy theory the company is responding to resurfaced last week after Apple agreed to pay $95 million to settle a lawsuit over users whose convers were captured by its Siri voice assistant and potentially overheard by human employees. Apple's statement tonight says it does not retain audio recordings of Siri interactions unless users explicitly opt in to help improve Siri, and even then the recordings are used solely for that purpose. Users can easily opt out at any time. Facebook responded to similar theories in 2014 and 2016 before Mark Zuckerberg addressed it directly, saying no to the question while being grilled by Congress over the Cambridge Analytica scandal in 2018.
[03:31]
Unknown
End Quote.
[03:37]
Brian McCullough
Google is rolling out Daily Listen, which uses AI to generate 5 minute personalized audio overviews of stories and topics that a user follows to its mobile app. Quoting 9to5Google through Discover and Search, Google is aware of what you are interested in. Daily Listen takes all of that into account to create a five minute or so episode that provides an overview of stories and topics that you follow. This personalized AI powered audio experiment will appear in the space carousel underneath the search bar at the top top of the Google app on Android and iOS, tapping the Daily Listen card which is dated and labeled Made for your launches. A full screen player badged with the Gemini Sparkle Daily Listen shows a text transcript where cover art usually appears, noting how generative AI is experimental. You can give it thumbs up, thumbs down feedback. Then there's a scrubber with sections denoted while controls include play, pause, 10 second rewind, next story, playback speed and mute. If you want to read the transcript at the bottom, you can scroll through related stories corresponding to each sect with the ability to search for more and thumbs up thumbs down the interest. A docked player appears at the top of the screen as you Browse. Android and iOS users in the US can enable daily Listen in search labs from the top left corner of the Google app. The experiment is rolling out starting today. It will then take a day for the first episode to appear.
[04:54]
Unknown
End Quote.
[05:01]
Brian McCullough
Sources say SoftBank and its majority owned ARM are weighing acquiring Oracle backed Ampere, which designs arm based server CPUs. Ampere is reportedly exploring its options. Quoting Bloomberg Ampere, which designed semiconductors that use ARM's technology, was valued at $8 billion in a proposed minority investment by Japan's SoftBank in 2021, Bloomberg News reported. At the time, it couldn't be learned what valuations Softbank, ARM and Ampere are discussing currently. Representatives for ARM and Ampere declined to comment. Spokespeople for SoftBank and Oracle didn't immediately respond to requests for comment. Ampere has been working with a financial advisor to help field takeover interest, Bloomberg News September the Santa Clara, California based company's interest in a deal with a larger player in the industry suggests that it didn't see an easy path to an initial public offering. A deal for Ampere, whose early backers include Carlyle Group, would add to a wave of chip companies looking to capitalize on an AI spending boom. Oracle said last year that it owns 29% of the startup and can exercise future investment options that would give it control of the chipmaker. Though Ampere stands to benefit from the continuing AI frenzy, the market has grown more competitive, with several large tech companies rushing to develop the same kinds of chips that Ampere makes. While there's a huge interest in control of key components as the data center industry retools for the AI age, Ampere, like larger rivals intel and Advanced Micro Devices, is having to respond to a shift in spending away from central processing units or CPUs, toward Nvidia's accelerator chips. Ampere makes processors for data center machinery using ARM's technology. ARM is increasingly moving from being a licensor of fundamental standards and basic blueprints to more of a complete chip maker. The addition of Ampere's engineers, many of who worked for Intel's former industry leading server chip unit, might add expertise and impetus to Chief Executive Officer Rene Haas's push into that market. Ampere founder and CEO Renee James, a former intel executive, had eyed taking Ampere public. The company said in April 2022 that it had filed confidentially for a U.S. iPO at a time when demand for chips was surging.
[07:01]
Unknown
End quote.
[07:07]
Brian McCullough
There actually wasn't the deluge of AI wearables that I expected at CES this year. But there have been some, notably BAI and ami, that have embedded always on microphones to record conversations around the user from Wired, A quick glimpse of what these gadgets do. Quote the BAI is simple. It has two microphones for noise isolation, and Sutton says that you can hear the person you're speaking with in a busy environment. The wearable should be able to hear both parties as well. It can be worn as a band on the wrist or clipped to your shirt. There's an action button on the center. Pressing it once mutes the mics and pressing it again enables them again. You can press and hold the button and this action is user configurable, so that can trigger things like processing the current conversation or awakening the Buzz AI assistant to ask it a question. There's no speaker on the wearable, so answers will be spoken through your phone. When the mic is muted, there is a red LED when it's recording, you'd think the green LED would be lit up, but there's nothing to indicate that this wearable is picking up everything around you. The conversations are not processed locally on the phone. Sutton says the gap is closing for edge processing, but battery life still poses a fundamental problem, so for now your data is processed in the cloud. Which large language models are deployed by Bai depends on the task you want to do. There's a mix of commercial and open source models, including OpenAI's ChatGPT and Google's Gemini, plus some the company hosts itself. Sutton says Bai's target demographic is people who talk a lot for a living. If you're sitting at a desk all day not saying anything to anyone, there's not much for BEA's AI wearable to process unless you start asking it questions. But since it's recording all the time, it can recall things from conversations you have throughout the day. The accuracy of this is a bit hit or miss because Bee doesn't necessarily know who the people around you are, but it can discern different speaking voices and arrange the transcripts of the conversations to show different speakers. You can set a name for who the other speakers are. It can also save facts about you. In the same vein, you can ask it to forget things it may have picked up if you don't want them on the record. In the app you can see a summary of the conversations you've had throughout the day, and at the day's end it generates a snippet of what the day was like and has the locations of where you had these chats on a map. But the most interesting feature is the middle tab, which is your TO dos. These are automatically generated based on your conversations. I was speaking with my editor and we talked about taking a picture of a product and lo and behold, Bai created a to do for me to remember to take a picture for Mike, I must have said his name during the conversation. You can check these off if you complete them. Zolo says Bai has a freemium service model, so with just the hardware you get basic memory recall and summarization features you'll have to pay $12 per month to access many of the other features, including the integrations with third party apps, which the company wants to expand. Ami, on the other hand, was trained to recognize the specific brain waves when you focus on speaking to the wearable. So instead of having to say a hot word, you just think that interaction is only something you use when you want to engage with the device, though at every other moment. AMI is essentially a wearable microphone, capturing the conversations you have throughout the day, just like bai. With that capability it can do many of the same things like transcribe conversations, summarize them in, add events to your calendar and translate everything is processed on the paired phone and in the cloud. So this is once again not a standalone piece of hardware like the Humane AI Pin. Shevchenko says that AMI is open source but is currently trained on ChatGPT. One area where AMI differs from BAI is with its marketplace for third party ideas. There are apps built by the community, but think of these more like mods or skills that enhance AMI's integration with everyday apps. For example, there's a Google Drive app you can enable to have every conversation summary stored in a drive folder. At the end of the day, these apps can be published to AMI's store and developers can choose to make it free or paid. There are already dozens of apps because Savchenko shipped 5,000 units of an early version of AMI last year to developers. This year actually Achieve your New Year's resolutions Feel your best, Regain your energy, Face your fears no matter what your goals are for 2025, this supplement can help because it supports your health at the foundation by encouraging cellular renewal. Mitopure is a precise dose of the rare postbiotic Urolithin A. It works by promoting an essential cellular cleanup process that clears out dysfunctional mitochondria, AKA your cell's battery packs. Mitopure is the only Urolithium a supplement on the market clinically proven to target the effects of age related cellular decline. With regular use you'll see and feel the difference in the form of improved energy levels, better workouts, faster recovery, more endurance and more, all of which will help you achieve your New Year's goals. Psychological Mitopure is shown to deliver double digit increases in muscle strength and endurance without a change in exercise. Win Cellular health is the foundation of well being and longevity. Mitopure recharges your cells, supporting any New Year's goal by helping all of your systems work better. Timeline is offering 33% off your order of Mitopure while supplies last, go to timeline.com Ride33 that's T I M E L I N E.com Ride33 finally today I swear to you that this actually happened. On Monday I saw a story about a wildfire monitoring app and I thought, cool, I'll save it for the long reads. Well, you can guess what happened next. So WatchDuty is a wildfire monitoring app active in 22 US states that has gotten heavily used over the last 48 hours with the wildfires in Los Angeles. Quoting the Los Angeles Times, WatchDuty, launched in 2021, combines publicly available maps of fire incidents and evacuation order and warning zones similar to what can be found on the Cal Fire website, with shelter locations, National Weather Service alerts and real time text, photo and video updates, with the option to receive or turn off notifications about specific incidents. WatchDuty, which counted 7.2 million yearly active users at the end of 2024, has already added 600,000 new users in the last 24 hours, according to CEO John Mills. What's happening right now in LA is the that I've seen in the five years I've been doing this, this is catastrophic, mills told the Times. It's really hard to watch, but I'd rather be doing this than not doing anything. It feels like we could at least do something to help because otherwise we're just sitting here watching the world burn. The app provides real time updates on fires in 22 states, including California. WatchDuty has 15 employees and works with roughly 200 volunteers, including active and retired firefighters and dispatchers. The WatchDuty team gets automated alerts that are sent to its Slack platform when a 911 dispatch call is made regarding a fire. The team monitors information about the fire, listening to radio scanners, looking at wildfire cameras and satellites, and following official announcements from law enforcement and fire services and other public sources, according to WatchDuty's website. WatchDuty said it will notify affected members of the public through its app, quote if we perceive a threat to life or property. As of Wednesday morning, for instance, users tracking the Palisades fire could find dispatches from watchduty staff reporter Cole Yukin on the eastern extent of the fire and a current picture looking from Topanga Peak West End Quote Quoting the Verge Californians on social media are encouraging each other to download the app in light of the ongoing LA fires raging across thousands of acres of land, fueled by high winds and extremely dry conditions. As of Thursday morning, the LA Times reports that the fires have killed five people and destroyed more than 2,000 buildings, including the homes of celebrities like Paris Hilton, Billy Crystal, Adam Brody and James woods. Seconding the WatchDuty app so hard, said one Californian on a Threads post encouraging users to download the app. I live in Butte County, California, where the Campfire was in 2018, and watch duty has been immeasurably helpful during fires like the park fire last summer and quoting from the original piece in the Guardian that turned me onto the app in the first place. The app is not just about alerts, it is about a state of mind. Watch Duties CEO John Mills said the Silicon Valley alum founded the organization after moving from San Francisco to a sprawling ranch in Sonoma county where fire dangers are high. After Starting in just four California counties, WatchDuty covered the entire state in its first year before rapidly expanding across the American west and into Hawaii in the past years. It's not just residents who have come to rely on the app. An array of responders, from firefighters to city officials to journalists are also logging on, ensuring key actors are on the same page. People always thank me for Watch duty and I'm like, you're welcome and I'm sorry that you need it, mills said. But it's clear that the need is real. In each new area where they have offered the service, word of mouth has driven usage. We spent no money on marketing at all, mills said. We just let the genie out of the bottle so the world would know things could never go back to the way things were. The network is fueled by hundreds of people who donate their time and a small staff of just 15 reporters and engineers. Together, they have alerted the public to more than 9,000 wildfires this year. Meanwhile, support has been pouring in. This year, WatchDuty received $5.6 million in funding from grants, individual donors and a new professional subscription model that offers paying users insights into things like where electric and gas transmission lines intersect the firef footprint lands managed by utilities, private owners and agency responsibility areas, plus a search function for historical and inactive fires. But this is just the beginning, according to Mills. I didn't call this fire duty on purpose, he said, a nod toward the plan to begin reporting on other risks in the near future, including flooding and extreme weather events.
[16:55]
Unknown
End quote.
[17:04]
Brian McCullough
Nothing more for you today. Talk to you tomorrow.