WEBVTT 00:00.000 --> 00:14.740 Cool, so there's some sound effects that we should be able to hear coming out of that 00:14.740 --> 00:15.740 JBL. 00:15.740 --> 00:19.720 So if everybody's really quiet, everybody should work well. 00:19.720 --> 00:22.000 So my name's Dylan. 00:22.000 --> 00:26.720 I started an open source company called Truffle Security at Spill Tung Top of Open Source 00:26.800 --> 00:29.720 called Truffle Hog, which I independently off there many years ago. 00:29.720 --> 00:31.720 But we're not here to talk about that. 00:31.720 --> 00:33.720 I come from the cybersecurity community. 00:33.720 --> 00:37.720 So I've spoken at a lot of security conferences, like DevCon and Black Cat. 00:37.720 --> 00:41.720 But I've actually never been to an open source conference and never been to Boston. 00:41.720 --> 00:45.720 So this is the first time I've attended and the first time I've spoken here. 00:45.720 --> 00:48.720 And joining me is my co-presenter. 00:48.720 --> 00:49.720 Hi, everyone. 00:49.720 --> 00:50.720 I'm Mike. 00:50.720 --> 00:53.720 Can you hear through my microphone, all right? 00:54.720 --> 00:57.720 I'm a software architect at the UN Development Program. 00:57.720 --> 01:00.720 So I work with developing countries around the world. 01:00.720 --> 01:06.720 Building software mostly geared towards helping these countries build and run nature and climate programs. 01:09.720 --> 01:10.720 Good. 01:10.720 --> 01:15.720 I've been working an open source premise by whole life, a little over a decade. 01:18.720 --> 01:22.720 And I've been going to this conference for about a decade. 01:22.720 --> 01:24.720 Boston is really close to me. 01:24.720 --> 01:28.720 You know, I've been, this is probably my favorite open source conference I've ever been to. 01:28.720 --> 01:31.720 And it's almost like a yearly pilgrimage that may come out of here. 01:31.720 --> 01:34.720 By the way, way to tell me how to dress up. 01:34.720 --> 01:36.720 I mean, really show me up here. 01:36.720 --> 01:38.720 No, no, I think it'll be okay. 01:38.720 --> 01:42.720 And I think by the end of the talk, it'll actually all make sense. 01:42.720 --> 01:43.720 It's that big. 01:44.720 --> 01:46.720 It's not worried about that right now. 01:46.720 --> 01:50.720 First, raise your hand if you've heard of Black Cat. 01:51.720 --> 01:54.720 Black Cat is a very simple JavaScript hacker. 01:54.720 --> 01:58.720 What you see on the screen here is the entirety of LAPPAP. 01:58.720 --> 02:05.720 And LAPPAP back in 2016 made some pretty big news when the maintainer deleted it. 02:05.720 --> 02:08.720 It was used by millions of developers around the world. 02:08.720 --> 02:10.720 And so that's kind of broke the whole internet. 02:10.720 --> 02:13.720 And you don't need to know about why, 02:13.720 --> 02:16.720 but what you need to know is that when the maintainer deleted it, 02:16.720 --> 02:21.720 he did it on purpose and he knew it would break things when he did. 02:21.720 --> 02:25.720 And there's actually even a lesser known part of this story. 02:25.720 --> 02:28.720 In 2016, it didn't even have a license. 02:28.720 --> 02:33.720 And so, everyone distributing it didn't even have legal permission to do so. 02:33.720 --> 02:36.720 And so, what if we want to fix this problem? 02:36.720 --> 02:40.720 We have a malicious maintainer and we have a license problem. 02:40.720 --> 02:45.720 Well, like all things today, maybe we can just fix it with AI. 02:45.720 --> 02:50.720 We'll just ask AI to remake it and charge VT and boom. 02:50.720 --> 02:51.720 Easy. 02:51.720 --> 02:53.720 But there's a small problem. 02:53.720 --> 02:56.720 The AI had access to the original code. 02:56.720 --> 02:59.720 So, what if they're copied even just one or two lines over? 02:59.720 --> 03:02.720 Well, that'd be copyright infringement, right? 03:02.720 --> 03:04.720 And so, that raises a question. 03:04.720 --> 03:07.720 How do we know if the robot cheated more importantly? 03:07.720 --> 03:09.720 Well, should we prevent that? 03:09.720 --> 03:11.720 So, let's try a new thing. 03:11.720 --> 03:12.720 We'll use two robots. 03:12.720 --> 03:17.720 We'll have the first one review of code and write detailed specification of all aspects 03:17.720 --> 03:21.720 of how it works without ever including any of the original code. 03:21.720 --> 03:28.720 And that will use a second robot that will take that specification in implement solely based on them. 03:28.720 --> 03:31.720 Well, with C, we can open up a chatGPD prompt. 03:31.720 --> 03:36.720 We paste in all the code to leftpad and it writes us a detailed specification. 03:36.720 --> 03:39.720 Wander than the code of the library itself. 03:39.720 --> 03:43.720 And then we'll just copy and paste that into a new chatGPD prompt. 03:43.720 --> 03:46.720 And we say, hey, implement the library for me. 03:46.720 --> 03:48.720 We'll go ahead and do that. 03:48.720 --> 03:49.720 There we go. 03:49.720 --> 03:52.720 Now, we have a clean room to leftpad. 03:52.720 --> 03:54.720 And that's exactly what this is. 03:54.720 --> 03:58.720 It's a legal strategy called clean room, software engineering. 03:58.720 --> 04:00.720 It's actually been around for quite a while. 04:00.720 --> 04:04.720 We've cost in the principal since the 1980s. 04:04.720 --> 04:06.720 But why does something like this work? 04:06.720 --> 04:11.720 And more importantly, why does AI sort of seem to break everything about it? 04:11.720 --> 04:17.720 I mean, and perhaps most importantly, this has some companies wondering. 04:17.720 --> 04:21.720 Can we just use AI to extract all the ideas from open source? 04:21.720 --> 04:26.720 But read behind all the parts that they might not like. 04:26.720 --> 04:31.720 And so, but most importantly at the core of the story, 04:31.720 --> 04:35.720 you have to understand is a copyright and open source 04:35.720 --> 04:39.720 have been fundamentally inseparable since the 1970s. 04:39.720 --> 04:42.720 We cannot think of one without the other. 04:42.720 --> 04:47.720 And now we have these machines that essentially seem to be able to completely 04:47.720 --> 04:52.720 circumvent any possible benefit that copyright by bringing the open source. 04:52.720 --> 04:57.720 And mostly, we have large businesses, but are thinking about how these machines 04:57.720 --> 04:59.720 can resolve a lot of their headaches too. 04:59.720 --> 05:01.720 And so this is a complex story. 05:01.720 --> 05:03.720 It's a really good to the root of it. 05:03.720 --> 05:07.720 We have to go back and time to the 14 papers. 05:15.720 --> 05:17.720 It's the 14 units. 05:17.720 --> 05:18.720 All right. 05:18.720 --> 05:21.720 You have to understand for thousands of years. 05:21.720 --> 05:25.720 The only way to make a copy of something 05:25.720 --> 05:29.720 was to manually copy every single character in a book. 05:33.720 --> 05:38.720 That was like very time-consuming and so it didn't happen for those books. 05:38.720 --> 05:40.720 This was thousands and thousands of years. 05:40.720 --> 05:42.720 The only way to cast information down was this, 05:42.720 --> 05:45.720 like Lydia, just like a monk would copy it. 05:45.720 --> 05:48.720 And then another monk would copy it 10 years later. 05:48.720 --> 05:51.720 Who had to pick which information made the cut 05:51.720 --> 05:53.720 and which got lost to time. 05:53.720 --> 05:56.720 So some works like what was ought to see. 05:56.720 --> 05:58.720 Well, they were important at big enough 05:58.720 --> 06:00.720 where we actually made it to this day. 06:00.720 --> 06:03.720 But things like how I make Roman concrete, 06:03.720 --> 06:04.720 that got lost a time. 06:04.720 --> 06:07.720 But this was the perspective of a monosperate church. 06:07.720 --> 06:09.720 If you wanted to spread your information, 06:09.720 --> 06:10.720 how would you do it? 06:10.720 --> 06:12.720 I mean, you can play this game of telephone 06:12.720 --> 06:14.720 and try to tell people to tell people 06:14.720 --> 06:16.720 that's probably not going to work out with phones. 06:16.720 --> 06:19.720 Or they need to get all these different people 06:19.720 --> 06:22.720 to write down your law like 100 different kinds manually. 06:22.720 --> 06:25.720 I mean, there just wasn't a good way to spread information. 06:25.720 --> 06:28.720 And this wasn't just for books. 06:28.720 --> 06:30.720 It was basically any form of expression 06:30.720 --> 06:31.720 if you wanted to make a statue. 06:31.720 --> 06:34.720 It was almost as much work to make the copy of the statue 06:34.720 --> 06:35.720 as it was to your original. 06:35.720 --> 06:37.720 Or save in a painting. 06:37.720 --> 06:40.720 See, amount of effort to make the new copy of the painting. 06:40.720 --> 06:41.720 As the original. 06:41.720 --> 06:43.720 So you could say that the original printing dress 06:43.720 --> 06:44.720 changed the game. 06:44.720 --> 06:47.720 But really, all this really did 06:47.720 --> 06:49.720 because there were a small number of pretty crests 06:49.720 --> 06:51.720 initially because it changed the game for the monarch. 06:52.720 --> 06:54.720 And it changed the game for the church. 06:54.720 --> 06:56.720 Immediately they seized these tools 06:56.720 --> 06:58.720 and started to use the propaganda. 06:58.720 --> 06:59.720 The crown could use this 06:59.720 --> 07:02.720 to distribute what information they wanted. 07:02.720 --> 07:04.720 And so ideas like copyright and like, 07:04.720 --> 07:06.720 piracy and stuff like that. 07:06.720 --> 07:08.720 That it makes sense to talk about for a few hundred years 07:08.720 --> 07:11.720 because most of these were just tools for the monarch. 07:11.720 --> 07:12.720 But a few hundred years later. 07:12.720 --> 07:23.720 In the 1700s, now there's 10,000 of these things. 07:23.720 --> 07:26.720 And more and more, they're falling in private hands. 07:26.720 --> 07:30.720 And so the vibe is losing control of when information gets printed. 07:30.720 --> 07:33.720 And this has people starting to talk about it anymore. 07:33.720 --> 07:35.720 Like the way this would actually work in practice 07:35.720 --> 07:38.720 as you had an author that would take their manuscript 07:38.720 --> 07:40.720 to sell it to a publisher. 07:40.720 --> 07:43.720 And that publisher, they'd make as many copies of that as they wanted to. 07:43.720 --> 07:45.720 And their profits are almost boundless 07:45.720 --> 07:47.720 as long as the copies fit to be to sell. 07:47.720 --> 07:49.720 And then other publishers to know if that 07:49.720 --> 07:52.720 they might want to rip off the first publisher. 07:52.720 --> 07:54.720 So how all these, I can't shake agreements with one another 07:54.720 --> 07:55.720 was very monopolistic. 07:55.720 --> 07:57.720 There was a small number of publishers 07:57.720 --> 07:59.720 making a fortune. 07:59.720 --> 08:01.720 And they were all kind of not really follow your agreements 08:01.720 --> 08:02.720 to rip each other off. 08:02.720 --> 08:04.720 So this is actually one of your original 08:04.720 --> 08:06.720 ports of piracy in 1708. 08:06.720 --> 08:08.720 When one publisher would take a payment 08:09.720 --> 08:11.720 and then another publisher would take notice 08:11.720 --> 08:12.720 and not follow a freeman 08:12.720 --> 08:13.720 and make her own copy of the book. 08:13.720 --> 08:15.720 It's a real cold for it to the 1700s. 08:15.720 --> 08:17.720 And I actually have an original copy here. 08:17.720 --> 08:19.720 So I'm going to check out the one. 08:19.720 --> 08:22.720 A original form of piracy in 1708 08:22.720 --> 08:24.720 before copyright law existed. 08:24.720 --> 08:27.720 And so basically this not the British 08:27.720 --> 08:30.720 Harlem and talking about this problem. 08:30.720 --> 08:32.720 And so they basically sent to themselves. 08:32.720 --> 08:35.720 We need a way to break up these monopolies. 08:35.720 --> 08:36.720 Like you're making too much money. 08:36.720 --> 08:38.720 We've seen too much upside on the authors' work. 08:38.720 --> 08:41.720 And so they come on with the world's first copyright law. 08:41.720 --> 08:43.720 The statue of the van. 08:43.720 --> 08:44.720 Or what they called it. 08:44.720 --> 08:46.720 The act of an encouragement of learning. 08:46.720 --> 08:49.720 So the reason why they wrote this law 08:49.720 --> 08:53.720 was to use it as an economic tool to break up monopolies. 08:53.720 --> 08:55.720 That was the original purpose. 08:55.720 --> 08:58.720 That was the original purpose of the original copyright law. 08:58.720 --> 09:01.720 And the idea was maybe that they could do that through authors 09:01.720 --> 09:03.720 by allowing authors to control which publishers 09:03.720 --> 09:05.720 could publish their work. 09:05.720 --> 09:07.720 And then they would have tools to go after other publishers 09:07.720 --> 09:09.720 that were then pirating their works. 09:09.720 --> 09:12.720 They thought that this would actually encourage more authors. 09:12.720 --> 09:13.720 It didn't really work out that way. 09:13.720 --> 09:15.720 In practice what ended up happening is authors 09:15.720 --> 09:17.720 would just sell their copyright rights 09:17.720 --> 09:20.720 for roughly the same price that they sold their original manuscript. 09:20.720 --> 09:22.720 So this didn't really break up the monopolies. 09:22.720 --> 09:24.720 The monopolies would get broken up. 09:24.720 --> 09:26.720 But that was more function of just more printing 09:26.720 --> 09:27.720 presses coming on the scene. 09:27.720 --> 09:29.720 And eventually more competition. 09:29.720 --> 09:32.720 But what this law did do is create a lot of problems. 09:32.720 --> 09:34.720 Like one of the first problems with somebody 09:34.720 --> 09:36.720 published a book in a different language. 09:36.720 --> 09:38.720 And they said, look, all the words are different. 09:38.720 --> 09:39.720 I should be able to do this. 09:39.720 --> 09:41.720 The law says if it's a copy, this isn't a copy. 09:41.720 --> 09:44.720 Or what happens if people print a summary of an original works? 09:44.720 --> 09:46.720 None of the words are the same. 09:46.720 --> 09:48.720 What about if they go through and change all the words with synonyms 09:48.720 --> 09:49.720 and things like that? 09:49.720 --> 09:52.720 Like this was a mess for the courts to have to sort out. 09:52.720 --> 09:54.720 And they sorted it out really inconsistently. 09:54.720 --> 09:57.720 One judge would rule one way and another judge would rule another way. 09:57.720 --> 09:59.720 And a lot of these rulings 09:59.720 --> 10:02.720 with later get dumped in the software, right? 10:02.720 --> 10:05.720 For hundreds of years, copyright was just meant for books. 10:05.720 --> 10:07.720 The police decisions that were made back then, 10:07.720 --> 10:10.720 hundreds of years ago, have to later apply 10:10.720 --> 10:14.720 to all the other forms of expression that come hundreds of years later. 10:14.720 --> 10:16.720 And by the way, we talked about the British in the 1700s, 10:16.720 --> 10:20.720 the French in the 1700s came up with their own copyright law. 10:20.720 --> 10:22.720 They did it for a slightly different reason though. 10:22.720 --> 10:26.720 In the 1700s, the French were going through a little revolution thing 10:26.720 --> 10:28.720 and so they had this different idea. 10:28.720 --> 10:31.720 The British were using copyright as an economic tool. 10:31.720 --> 10:34.720 The French view copyright as more of a moral right. 10:34.720 --> 10:36.720 Like a property right. 10:36.720 --> 10:40.720 The French said, if you take the time to write a book, 10:40.720 --> 10:42.720 you deserve the rights to it. 10:42.720 --> 10:44.720 And you deserve it in perpetuity. 10:44.720 --> 10:46.720 And you should be able to pass that down to your kids. 10:46.720 --> 10:48.720 In other words, copyright wasn't really an economic tool. 10:48.720 --> 10:50.720 It was more of a moral right. 10:50.720 --> 10:52.720 That's the way the French view it. 10:52.720 --> 10:53.720 And I want you to ask yourself, 10:53.720 --> 10:56.720 how do you view open source software and copyright? 10:56.720 --> 10:58.720 Do you view it as more of a moral right that 10:58.720 --> 11:00.720 maintainers deserve for their laborers? 11:00.720 --> 11:02.720 Or do you view it as an economic tool 11:02.720 --> 11:04.720 to influence some sort of larger outcome? 11:04.720 --> 11:06.720 Like maybe motivating more people to write code? 11:06.720 --> 11:09.720 Or maybe motivating some other sort of pattern? 11:09.720 --> 11:11.720 All right, we're going to have to jump ahead 11:11.720 --> 11:12.720 in time a little bit. 11:20.720 --> 11:23.720 It's the 1800s, 1879, 11:23.720 --> 11:26.720 a man by the name of Selden based out of Rochester, New York. 11:26.720 --> 11:27.720 That's where you're from. 11:27.720 --> 11:28.720 Isn't it? 11:28.720 --> 11:31.720 He wrote a book about a new accounting system. 11:31.720 --> 11:32.720 It was the Industrial Revolution. 11:32.720 --> 11:34.720 And so there was all this new need for accounting. 11:34.720 --> 11:36.720 And Selden thought he'd solve this problem. 11:36.720 --> 11:39.720 And so he wrote this book that had a detailed description 11:39.720 --> 11:41.720 of how his accounting system worked. 11:41.720 --> 11:42.720 And then in the back of the book, 11:42.720 --> 11:45.720 there was like a ledger where you could implement the system for yourself. 11:45.720 --> 11:47.720 Well, this other guy named Baker, 11:47.720 --> 11:49.720 he thought he could pull a fast one. 11:49.720 --> 11:52.720 And so he took Selden's book and he studied it. 11:52.720 --> 11:54.720 And he understood the accounting system. 11:54.720 --> 11:57.720 And then rewarded it all in his own words. 11:57.720 --> 11:59.720 And he decided to publish his own book. 11:59.720 --> 12:01.720 Now you can see both these books for yourself. 12:01.720 --> 12:02.720 They're both online. 12:02.720 --> 12:04.720 And you can judge whether or not you think Baker 12:04.720 --> 12:05.720 ripped off Selden. 12:05.720 --> 12:07.720 But I'll tell you, Selden's widow 12:07.720 --> 12:09.720 thought that Baker ripped off Selden. 12:09.720 --> 12:10.720 So she sued him. 12:10.720 --> 12:11.720 And she took him to court. 12:11.720 --> 12:14.720 Basically saying you violated our copyright. 12:14.720 --> 12:16.720 And well, the highest court in the land 12:16.720 --> 12:19.720 decides to rule in on this and finally give us some clarity. 12:19.720 --> 12:21.720 So one of these problems that popped up, 12:21.720 --> 12:23.720 you know, in the 1700s. 12:23.720 --> 12:25.720 This is in the US and the US Supreme Court 12:25.720 --> 12:28.720 found that actually the ideas in the book 12:28.720 --> 12:30.720 those aren't covered under copyright. 12:30.720 --> 12:32.720 What they said is ideas. 12:32.720 --> 12:34.720 That's more the job of the patent office. 12:34.720 --> 12:38.720 Copyright should protect the literal expression of those ideas. 12:38.720 --> 12:39.720 The exact words. 12:39.720 --> 12:41.720 Not the ideas behind those words. 12:41.720 --> 12:44.720 And also they talked a lot about the art in the tables. 12:44.720 --> 12:46.720 Like the tables that were the ledger. 12:46.720 --> 12:48.720 They said that because the art was different 12:48.720 --> 12:50.720 to the font, the typography was a little different. 12:50.720 --> 12:53.720 Like he deserves his own copyright for Baker 12:53.720 --> 12:54.720 does. 12:54.720 --> 12:56.720 And that, you know, it's not a violation of Selden's copyright. 12:56.720 --> 12:59.720 When you think about it, Baker probably put a lot of work 12:59.720 --> 13:01.720 into his copy of this book. 13:01.720 --> 13:03.720 He had to study Selden's accounting system. 13:03.720 --> 13:06.720 He probably had to spend a lot of time putting that into his own words 13:06.720 --> 13:09.720 and making sure it was all consistent and testing it out 13:09.720 --> 13:10.720 and stuff like that. 13:10.720 --> 13:11.720 And that probably took months. 13:11.720 --> 13:13.720 And then the actual act of publishing 13:13.720 --> 13:15.720 was expensive and also time consuming. 13:16.720 --> 13:17.720 You know, imagine letter pressing. 13:17.720 --> 13:19.720 Every single character out of that book. 13:19.720 --> 13:22.720 Back then, that probably made me to the year or more 13:22.720 --> 13:25.720 for him to actually take his new book to market. 13:25.720 --> 13:27.720 What did that look like today? 13:27.720 --> 13:29.720 And with the courts of rule the same way? 13:29.720 --> 13:31.720 Well, one thing you might be able to do is 13:31.720 --> 13:33.720 take Selden's book into an AI tool 13:33.720 --> 13:37.720 and have the AI tool just instantly re-express 13:37.720 --> 13:40.720 all of the words and ideas of Selden's book 13:40.720 --> 13:41.720 into its own book. 13:41.720 --> 13:44.720 And that would probably take a few seconds. 13:44.720 --> 13:46.720 Actually, it would take a few seconds, 13:46.720 --> 13:47.720 because we actually did that. 13:47.720 --> 13:48.720 And then we went to Amazon, 13:48.720 --> 13:50.720 and we still published our own version 13:50.720 --> 13:51.720 of Selden's original book. 13:51.720 --> 13:52.720 And it's true. 13:52.720 --> 13:54.720 You can go to Amazon today 13:54.720 --> 13:55.720 and buy a copy of it. 13:55.720 --> 13:58.720 I wouldn't necessarily expect anyone to do that. 13:58.720 --> 14:01.720 But this total process took us about 10 minutes 14:01.720 --> 14:03.720 and most of that time was 14:03.720 --> 14:05.720 Mike and I arguing about the cover art. 14:05.720 --> 14:07.720 So, like, it's just, it's very different 14:07.720 --> 14:10.720 than when they made that original ruling in the 1800s. 14:10.720 --> 14:11.720 And you can imagine, like, 14:11.720 --> 14:13.720 would the Supreme Court have ruled the same way 14:13.720 --> 14:15.720 if to take someone's idea 14:15.720 --> 14:17.720 and re-express it takes 10 minutes, 14:17.720 --> 14:20.720 like, maybe they would have thought differently about it. 14:20.720 --> 14:22.720 And go back even further to the 1700s 14:22.720 --> 14:24.720 when they made that first copy right law. 14:24.720 --> 14:26.720 Like, would they have thought 14:26.720 --> 14:28.720 any different about the original copyright law 14:28.720 --> 14:30.720 if it just takes seconds to take some idea 14:30.720 --> 14:34.720 and re-express it and then make a new distinct works? 14:34.720 --> 14:35.720 You can almost imagine it. 14:35.720 --> 14:37.720 You can think back to the 1700s 14:37.720 --> 14:39.720 and smell the iron of the ink they were using 14:39.720 --> 14:42.720 and the cotton pages they were writing that law. 14:42.720 --> 14:44.720 What would they have thought about all this? 14:44.720 --> 14:47.720 This statute should take effect this day. 14:47.720 --> 14:49.720 So, witness to the sign. 14:49.720 --> 14:51.720 We're going to clear all the books 14:51.720 --> 14:53.720 as law can't stop us. 14:53.720 --> 14:55.720 And now I want you to think about 14:55.720 --> 14:57.720 how all this is going to apply 14:57.720 --> 14:58.720 to software. 14:58.720 --> 15:00.720 I mean, it doesn't exactly one to one match up. 15:00.720 --> 15:03.720 The ideas are roughly translated 15:03.720 --> 15:05.720 to functionality in code. 15:05.720 --> 15:08.720 An expression is roughly translated to source code, 15:08.720 --> 15:10.720 but it's not exactly a clean matchup 15:10.720 --> 15:12.720 like the expression in a book. 15:12.720 --> 15:14.720 The words, those matter, 15:14.720 --> 15:15.720 but the expression in code. 15:15.720 --> 15:17.720 As long as the functionality is the same, 15:17.720 --> 15:18.720 most users are going to care. 15:18.720 --> 15:19.720 So it's a little hard 15:19.720 --> 15:21.720 that all these hundreds of years of baggage 15:21.720 --> 15:23.720 gets dumped in the software 15:23.720 --> 15:25.720 and it doesn't always nicely match up. 15:25.720 --> 15:27.720 By the way, we have to do a very small aside. 15:27.720 --> 15:29.720 We're in Brussels right now. 15:29.720 --> 15:30.720 I talked about the US. 15:30.720 --> 15:31.720 I talked about the French. 15:31.720 --> 15:32.720 I talked about Britain. 15:32.720 --> 15:34.720 But like, how does this all play together? 15:34.720 --> 15:36.720 And the answer that was actually sort of out 15:36.720 --> 15:37.720 in part right here in Brussels. 15:37.720 --> 15:39.720 And part of the reason was a man 15:39.720 --> 15:40.720 by the name of Victor Hugo, 15:40.720 --> 15:42.720 who wrote Nemez Eradda. 15:42.720 --> 15:44.720 He was really upset that his books 15:44.720 --> 15:46.720 kept getting printed here in Brussels 15:46.720 --> 15:48.720 and then making the way back into France. 15:48.720 --> 15:50.720 And there wasn't any copyright to protect it 15:50.720 --> 15:52.720 because copyright wasn't international at the time. 15:52.720 --> 15:54.720 You can almost imagine, 15:54.720 --> 15:55.720 like the Victor Hugo, 15:55.720 --> 15:57.720 steaming up the streets of Paris, furious. 15:57.720 --> 15:58.720 Stop copying my works! 15:58.720 --> 16:01.720 See, he, he, he, and my name is Jean-Baschon. 16:01.720 --> 16:03.720 I have a convict from the Galleries. 16:03.720 --> 16:06.720 I have passed 19 years in the Galleries. 16:07.720 --> 16:12.720 So, by the way, if you're a fan of Lameez Eradda, 16:12.720 --> 16:14.720 and you might be saying yourself wait a second, 16:14.720 --> 16:16.720 the musical is under copyright. 16:16.720 --> 16:17.720 That's true. 16:17.720 --> 16:19.720 I just had AI clean room, the musical. 16:19.720 --> 16:21.720 That's all different lyrics that were based off the book, 16:21.720 --> 16:23.720 not based off the 1970s musical. 16:23.720 --> 16:26.720 But this got a lot of people talking 16:26.720 --> 16:27.720 in the 1800s, 16:27.720 --> 16:29.720 and it got enough people to meet together 16:29.720 --> 16:32.720 in 1886 and form the Bourne Convention. 16:32.720 --> 16:34.720 We're finally all these different countries said, 16:34.720 --> 16:35.720 we have to fix this, 16:35.720 --> 16:37.720 and we have to make copyright international. 16:37.720 --> 16:39.720 We can't keep having countries rip each other off. 16:39.720 --> 16:41.720 And so, they formed a pact 16:41.720 --> 16:44.720 that it took maybe 150 years 16:44.720 --> 16:46.720 to eventually get every country to sign off on. 16:46.720 --> 16:49.720 But today, that combined with a few international trade agreements 16:49.720 --> 16:52.720 have made seldom versus baker international. 16:52.720 --> 16:55.720 And this idea of expression versus copyright 16:55.720 --> 16:58.720 is global now and basically applies to every country on earth. 16:58.720 --> 17:01.720 By the way, those original books that were printed in Brussels, 17:01.720 --> 17:03.720 I have one of those, too, 17:03.720 --> 17:05.720 a pirated copy printed right here, 17:05.720 --> 17:07.720 Victor Hugo probably would be upset. 17:07.720 --> 17:09.720 It's weird, nobody cares about pirated books 17:09.720 --> 17:11.720 so any way, they're like not that expensive 17:11.720 --> 17:13.720 because they don't know, that's the Brussels version. 17:13.720 --> 17:16.720 But anyways, that's the 1800s. 17:16.720 --> 17:19.720 I feel like we probably need to skip ahead again, 17:19.720 --> 17:20.720 don't we? 17:20.720 --> 17:21.720 Sorry, buddy. 17:29.720 --> 17:30.720 Oh, geez. 17:30.720 --> 17:32.720 This is the 1970s. 17:32.720 --> 17:34.720 The 1970s, things are really moving quick. 17:34.720 --> 17:36.720 There's now so many different ways 17:36.720 --> 17:38.720 to mass-manufacture forms of expression. 17:38.720 --> 17:40.720 It's no longer just about books. 17:40.720 --> 17:43.720 Now you can print out or press into records 17:43.720 --> 17:46.720 as many different copies of a song as you want to. 17:46.720 --> 17:49.720 You can use lithography techniques to mass-manufacture paintings, 17:49.720 --> 17:52.720 but there's so many different ways to do this. 17:52.720 --> 17:54.720 And so, Congress, in the US, 17:54.720 --> 17:56.720 starts talking about this in 1976, 17:56.720 --> 17:58.720 and they said we have to extend this to cover 17:58.720 --> 17:59.720 more forms of expression. 17:59.720 --> 18:00.720 And so they passed the 1970s, 18:00.720 --> 18:01.720 it's a copyright act. 18:01.720 --> 18:03.720 That's the actual words from the copyright act. 18:03.720 --> 18:04.720 And they said that now, 18:04.720 --> 18:06.720 any form of expression, including numbers, 18:06.720 --> 18:08.720 symbols, indica, all of it, 18:08.720 --> 18:09.720 music. 18:09.720 --> 18:11.720 Like it all falls under copyright. 18:11.720 --> 18:13.720 And they didn't explicitly mention 18:13.720 --> 18:15.720 a word software that implicitly 18:15.720 --> 18:16.720 symbols the numbers to stuff like that, 18:16.720 --> 18:18.720 a cold software into copyright. 18:18.720 --> 18:20.720 And the other thing that was weird about this law 18:20.720 --> 18:23.720 is it may copyright automatic. 18:23.720 --> 18:25.720 Like you no longer has the player something is copyrighted. 18:25.720 --> 18:27.720 Now, just the second you expressed it, 18:28.720 --> 18:29.720 it would fall under copyright. 18:29.720 --> 18:31.720 The reason why that's a little strange, 18:31.720 --> 18:33.720 I mean, imagine the dawn of the free software 18:33.720 --> 18:34.720 movements in 1970s. 18:34.720 --> 18:36.720 We're in those MIT labs, 18:36.720 --> 18:40.720 and the guys in 1970s wrote ITS, 18:40.720 --> 18:42.720 which is still open source and used to this day. 18:42.720 --> 18:43.720 Now, all of a sudden, 18:43.720 --> 18:45.720 you can make something that's supposed to be free software. 18:45.720 --> 18:47.720 You have to pull a lawyer and write up 18:47.720 --> 18:49.720 a licensing agreement to be distributed. 18:49.720 --> 18:50.720 It means it's adding friction. 18:50.720 --> 18:53.720 So, if you view copyright as an economic tool 18:53.720 --> 18:55.720 to motivate more people to write code, 18:55.720 --> 18:57.720 I don't know if it's doing that for those guys in MIT 18:57.720 --> 18:59.720 in the 1970s. 18:59.720 --> 19:02.720 Also, space war, the world's first video game. 19:02.720 --> 19:04.720 Same deal, it was made in 1970s 19:04.720 --> 19:07.720 and it was meant to be free and distributed. 19:07.720 --> 19:10.720 Now, all of a sudden, it's a little more complicated. 19:10.720 --> 19:12.720 I'm not a lawyer. 19:12.720 --> 19:16.720 I just want to give software away for free. 19:16.720 --> 19:18.720 I don't know how to do it anymore, 19:18.720 --> 19:21.720 but by the way, we clean our space course. 19:21.720 --> 19:23.720 It, again, took like three seconds to do it, 19:23.720 --> 19:26.720 and we recreated it in HTML, and here's me playing 19:26.720 --> 19:28.720 the original space wars in HTML. 19:28.720 --> 19:30.720 It's kind of fun, but it's almost pixel accurate 19:30.720 --> 19:33.720 to the original game. 19:33.720 --> 19:35.720 Well, that was with the 70s, huh? 19:35.720 --> 19:38.720 The game is over! 19:44.720 --> 19:47.720 It's the 1980s, and at this point, 19:47.720 --> 19:50.720 copyright had applied to software 19:50.720 --> 19:52.720 for almost a decade. 19:52.720 --> 19:55.720 And some companies are starting to push the limits. 19:55.720 --> 19:59.720 Franklin computer core takes the firmware off of an Apple 2 19:59.720 --> 20:01.720 and tries to argue that the original C code 20:01.720 --> 20:03.720 that should be covered under copyright. 20:03.720 --> 20:05.720 That's a form of expression, but the compile code? 20:05.720 --> 20:07.720 No, the machines put that out. 20:07.720 --> 20:09.720 That's not a form of human expression. 20:09.720 --> 20:12.720 Well, the courts, you know, they had a different opinion. 20:12.720 --> 20:15.720 They thought that the numbers and symbols 20:15.720 --> 20:17.720 and in the call, that stuff should fall under copyright. 20:17.720 --> 20:19.720 So, what if Franklin computer core have to do? 20:19.720 --> 20:21.720 They'd have to do a really messy form of software 20:21.720 --> 20:24.720 cleaner, and it took almost four years 20:24.720 --> 20:27.720 for them to do that, and eventually bring a new product 20:27.720 --> 20:28.720 to market. 20:28.720 --> 20:30.720 But, you know, by that time, they'd used up old 20:30.720 --> 20:32.720 all of their funds, and they failed. 20:32.720 --> 20:34.720 They weren't able to successfully sell 20:34.720 --> 20:36.720 their clean rooms computers. 20:36.720 --> 20:38.720 It took us about an hour to clean room and Apple 2, 20:38.720 --> 20:41.720 and I'm honestly surprised that this worked at all. 20:41.720 --> 20:44.720 The Apple 2 implementation is actually 20:44.720 --> 20:47.720 running on an Apple 2 emulator. 20:47.720 --> 20:50.720 And the fact that this really runs, and we could really run 20:50.720 --> 20:52.720 commands on it, is frankly astonishing. 20:52.720 --> 20:54.720 It was by far the hardest thing that we had 20:54.720 --> 20:55.720 to clean room. 20:55.720 --> 20:56.720 What about those open source folks? 20:56.720 --> 20:58.720 Or what about this free software folks? 20:58.720 --> 21:00.720 The free software movement in 1980s? 21:00.720 --> 21:02.720 Well, by then, they had started to think 21:02.720 --> 21:04.720 through this challenge, and they had some solutions. 21:04.720 --> 21:06.720 Not have to maybe pull a lawyer in every time 21:06.720 --> 21:09.720 you want to distribute or give out free software. 21:09.720 --> 21:11.720 Maybe you could have standardized license agreements, 21:11.720 --> 21:13.720 so you could just slap on your project, 21:13.720 --> 21:16.720 and not have to involve legal every single time. 21:16.720 --> 21:18.720 You can kind of imagine what that might have been like 21:18.720 --> 21:19.720 in the 80s. 21:19.720 --> 21:22.720 By contrast, our general public license is intended 21:22.720 --> 21:27.720 to guarantee your freedom, to share, and change free software 21:27.720 --> 21:29.720 to make sure. 21:29.720 --> 21:31.720 What were companies up to in the 80s 21:31.720 --> 21:33.720 beyond Franklin Computer Corps? 21:33.720 --> 21:36.720 Well, that's an example of maybe a messy form 21:36.720 --> 21:38.720 of cleaner in the didn't really go super well. 21:38.720 --> 21:42.720 What about a form that exemplified clean rooming? 21:42.720 --> 21:45.720 Well, you ever do decide to research 21:45.720 --> 21:48.720 clean room software engineering to probably hear 21:48.720 --> 21:50.720 about one company, Phoenix. 21:50.720 --> 21:53.720 Phoenix Technologies was a company operating at a time 21:53.720 --> 21:56.720 when a PC market was exploded, and in particular, 21:56.720 --> 22:00.720 IBM Computer is becoming the industry standards. 22:00.720 --> 22:04.720 Phoenix, they specialize in low-level systems software. 22:04.720 --> 22:07.720 And things like firmware and bio-simplementations, 22:07.720 --> 22:10.720 anything that really sat between hardware and operating systems 22:10.720 --> 22:11.720 were there for 10. 22:11.720 --> 22:14.720 And so rather than selling consumer-pop products, 22:14.720 --> 22:16.720 Phoenix worked kind of behind the scenes. 22:16.720 --> 22:19.720 Their software was licensed by computer manufacturers 22:19.720 --> 22:21.720 around the world, and they shipped on millions of machines 22:21.720 --> 22:23.720 making them pretty influential. 22:23.720 --> 22:27.720 But Phoenix, they didn't give a shit about innovation 22:27.720 --> 22:29.720 or cutting-edge product features. 22:29.720 --> 22:30.720 You can't say words like that. 22:30.720 --> 22:32.720 I'm sorry, they didn't give a f***** 22:32.720 --> 22:35.720 about innovation or cutting-edge product features. 22:35.720 --> 22:38.720 They knew their customers would have just this compelling 22:38.720 --> 22:42.720 product if it could run the same IBM software as everyone else. 22:43.720 --> 22:46.720 But they had a couple issues that they had to solve. 22:46.720 --> 22:47.720 Solve that. 22:47.720 --> 22:49.720 They hired a guy named Dave. 22:49.720 --> 22:53.720 Now, to hear a little bit about Dave, Dave wasn't a CEO 22:53.720 --> 22:56.720 or a venture capitalist or even a thought leader. 22:56.720 --> 22:58.720 He was just some guy that Phoenix hired 22:58.720 --> 23:00.720 after his last company went under. 23:00.720 --> 23:03.720 But unlike his last role at his new company, Phoenix. 23:03.720 --> 23:06.720 Well, he didn't have to create anything new. 23:06.720 --> 23:08.720 He didn't really have to create anything at all. 23:08.720 --> 23:11.720 Dave was hired to rip off the big man himself. 23:11.720 --> 23:14.720 I, B, M. 23:14.720 --> 23:18.720 And so IBM had a lot of software that a lot of people use. 23:18.720 --> 23:20.720 But in order to use that software, 23:20.720 --> 23:23.720 your machine had to have an IBM compatible bias. 23:23.720 --> 23:26.720 But IBM's bias wasn't just technical glue. 23:26.720 --> 23:28.720 It was a legal trap. 23:28.720 --> 23:30.720 You see, courts were beginning to accept 23:30.720 --> 23:32.720 that even behaviorally identical firmware 23:32.720 --> 23:35.720 could be seen as a copyrighted derivative 23:35.720 --> 23:38.720 that the engineers had even been exposed to the original code. 23:38.720 --> 23:40.720 One site could ruin it all. 23:40.720 --> 23:43.720 And so several cool makers had already been sued, 23:43.720 --> 23:45.720 settled, or quietly disappeared. 23:45.720 --> 23:48.720 Not because they didn't have a compelling product, 23:48.720 --> 23:51.720 but because their software was too similar to that of IBM. 23:51.720 --> 23:54.720 And so, everyone needed this compatibility 23:54.720 --> 23:57.720 to integrate with this popular software. 23:57.720 --> 24:00.720 But they also knew that re-implementing it directly 24:00.720 --> 24:03.720 was a surefire way to get worked over by IBM's lawyers. 24:03.720 --> 24:07.720 But Phoenix, they had some new ideas about how to skirt the rules. 24:07.720 --> 24:09.720 Instead of thinking about how they could copy 24:09.720 --> 24:13.720 IBM's bias, they thought about how they could never see it at all. 24:13.720 --> 24:18.720 They split rules and tasks and implementations 24:18.720 --> 24:21.720 in the different groups, so you had its specifications 24:21.720 --> 24:24.720 flowing in one direction and code out the other. 24:24.720 --> 24:27.720 And this wasn't smart engineering necessarily. 24:27.720 --> 24:29.720 Rather, it was legal gymnastics. 24:29.720 --> 24:32.720 And it placed Phoenix, in particular, one engineer, 24:32.720 --> 24:35.720 directly at the center of legal and technical experiment 24:35.720 --> 24:40.720 that would define what the clean room meant for the rest of history. 24:40.720 --> 24:43.720 Matt, engineer, well, that'd be Dave. 24:43.720 --> 24:45.720 Now, unlike compact or other companies, 24:45.720 --> 24:48.720 I got sued into oblivion for re-implementing this bias. 24:48.720 --> 24:50.720 Dave here, he didn't bother with that. 24:50.720 --> 24:53.720 Instead, what he would do is he become intimately familiar 24:53.720 --> 24:55.720 with the software of IBM's bias itself. 24:55.720 --> 24:58.720 He read a detailed specification of every component of it. 24:58.720 --> 25:02.720 He'd look at how IBM applications interface with it 25:02.720 --> 25:05.720 and even in documented ways, and he would write all that down 25:05.720 --> 25:08.720 without ever copying down a piece of the original cover. 25:08.720 --> 25:11.720 Then Dave, finally, he would hand that over to his colleague 25:11.720 --> 25:14.720 within read the specification and implement a new bias 25:14.720 --> 25:17.720 without ever having seen any of the original material. 25:17.720 --> 25:22.720 Guaranteeing that copying would be physically impossible. 25:22.720 --> 25:25.720 And this was no easy task for Dave and his colleague. 25:25.720 --> 25:27.720 It took months back and forth. 25:27.720 --> 25:30.720 And also, from what we heard, a little bit of blurring of the lines 25:30.720 --> 25:34.720 of what could and couldn't be shared between the dirty engineer and the cleaner. 25:34.720 --> 25:39.720 Still, at the end, Phoenix was able to have a fully IBM compatible bias 25:39.720 --> 25:41.720 that it could sell to its customers. 25:41.720 --> 25:42.720 And it did. 25:42.720 --> 25:45.720 It took months of engineering work, but they finally got it working. 25:45.720 --> 25:48.720 And this work was more impactful than you might think. 25:48.720 --> 25:50.720 But one of the reasons you can buy a motherboard 25:50.720 --> 25:52.720 and plug and play it into any systems these days, 25:52.720 --> 25:56.720 well, you know, a part of that is the work that Dave and Phoenix had done. 25:56.720 --> 25:59.720 You know, I really wish we could go back in time to the 80s 25:59.720 --> 26:03.720 and talk to Dave and ask him about what it was like back in the day. 26:03.720 --> 26:06.720 I wish that we don't have to see this slide ever again. 26:06.720 --> 26:08.720 What are you talking about? 26:14.720 --> 26:18.720 If I have to do this again, I think I'm actually going to puke on stage. 26:18.720 --> 26:21.720 What time is it now? We're the gear and Brussels! 26:21.720 --> 26:24.720 We didn't just get the whole clean rooming story from Dave, 26:24.720 --> 26:26.720 but we showed them our work. 26:26.720 --> 26:31.720 We showed them how we done the same process on countless books, works, and applications. 26:31.720 --> 26:34.720 I mean, things that took these people years in months. 26:34.720 --> 26:35.720 It took us minutes. 26:35.720 --> 26:39.720 And we asked them about how you viewed copyright as a moral right 26:39.720 --> 26:41.720 versus an economic tool. 26:41.720 --> 26:43.720 And well, this is what he told us. 26:43.720 --> 26:47.720 If people put wanting into something and developing a product, 26:47.720 --> 26:50.720 you know, other people should just be able to copy it 26:50.720 --> 26:53.720 and make the original investment worthless. 26:54.720 --> 26:57.720 And you know, he's right, because there is a bit of rip off there. 26:57.720 --> 27:00.720 But when we thought about it, we thought it sounded pretty similar 27:00.720 --> 27:02.720 to what he did at Phoenix. 27:02.720 --> 27:07.720 But of course, we posed it to him and this is how he defended himself. 27:07.720 --> 27:12.720 We did put work into it, maybe not the work that they had to do it originally, 27:12.720 --> 27:15.720 but we didn't want to do it. 27:15.720 --> 27:20.720 And that is spot on, because this is the same argument that Baker made. 27:20.720 --> 27:22.720 And it's why the courts ruled in his figure. 27:22.720 --> 27:26.720 It takes real work, even if it's maybe not as genuine, 27:26.720 --> 27:28.720 you're putting real work into generating something. 27:28.720 --> 27:30.720 But when we brought to that arm machine, 27:30.720 --> 27:33.720 can do all of this work in seconds. 27:33.720 --> 27:35.720 Like should we just allow it to copy everyone? 27:35.720 --> 27:37.720 And at the end of the whole conversation, 27:37.720 --> 27:39.720 well, this is all he had. 27:39.720 --> 27:41.720 Oh, call. 27:41.720 --> 27:42.720 Let's just have a call. 27:46.720 --> 27:49.720 Mike, did we really just spend 30 minutes explaining the origin of copyright? 27:49.720 --> 27:51.720 Yes. 27:51.720 --> 27:54.720 I mean, look, centuries of law designed for books. 27:54.720 --> 27:57.720 Now retroactively applied to software. 27:57.720 --> 27:58.720 And I don't know. 27:58.720 --> 28:01.720 It seems like the whole system is being circumvented 28:01.720 --> 28:05.720 through this labor, free, instant AI facilitate process. 28:05.720 --> 28:08.720 I can just clean room, pretty much any digital work. 28:08.720 --> 28:10.720 Yeah, you know, that's another interesting point is 28:10.720 --> 28:13.720 I think you could look at it through this perspective that AI 28:13.720 --> 28:15.720 can do this cleaning. 28:15.720 --> 28:18.720 But I think maybe a better perspective is its purpose 28:18.720 --> 28:20.720 built to do clean rooming. 28:20.720 --> 28:23.720 All these LLMs do is take an idea and re express 28:23.720 --> 28:24.720 them. 28:24.720 --> 28:27.720 It is a perfect baker versus seldom machine. 28:27.720 --> 28:30.720 But okay, so even if like the courts ruled that 28:30.720 --> 28:33.720 maybe this is legal or maybe there aren't legal restrictions 28:33.720 --> 28:37.720 to doing this, is it ethical? 28:37.720 --> 28:39.720 You know, that is a question, but Dylan, 28:39.720 --> 28:42.720 I think you're asking the wrong one. 28:42.720 --> 28:44.720 The question we should be asking is, 28:44.720 --> 28:46.720 can we get rich off of this? 28:47.720 --> 28:48.720 Rich off of it. 28:48.720 --> 28:49.720 What are you talking about? 28:49.720 --> 28:53.720 I mean, just imagine if we could just clean room 28:53.720 --> 28:55.720 all of open source software. 28:55.720 --> 28:56.720 I've open source. 28:56.720 --> 28:58.720 All of it that we use today. 28:58.720 --> 29:00.720 And we could sell it to companies who never have to 29:00.720 --> 29:03.720 deal with any of the problems associated with 29:03.720 --> 29:05.720 free or open source software. 29:05.720 --> 29:07.720 Why are you talking about open source free software? 29:07.720 --> 29:08.720 It's free. 29:08.720 --> 29:10.720 What problems do they have? 29:10.720 --> 29:12.720 You know, that's a great question, Dylan. 29:12.720 --> 29:15.720 And I think to really understand that we have to 29:15.720 --> 29:18.720 understand why so many massive, profitable corporations 29:18.720 --> 29:21.720 rely so heavily on free and open source software. 29:21.720 --> 29:24.720 Yet still have so many problems with it. 29:24.720 --> 29:26.720 I mean, look, let's start with an example. 29:26.720 --> 29:27.720 Picture this. 29:27.720 --> 29:28.720 It's the holidays. 29:28.720 --> 29:31.720 And you're a software engineer at some boring 29:31.720 --> 29:32.720 corporation. 29:32.720 --> 29:34.720 You're the lead dev on some software 29:34.720 --> 29:37.720 system that sits at the core of your company. 29:37.720 --> 29:39.720 And just as soon as you're about to cut into your 29:39.720 --> 29:42.720 juicy Christmas ham, your fam, your page 29:42.720 --> 29:43.720 or starts going on. 29:44.720 --> 29:46.720 Some transient dependency to pretty much every 29:46.720 --> 29:48.720 software service your company runs is just 29:48.720 --> 29:49.720 released a massive CDE. 29:49.720 --> 29:52.720 And there's already exploits in the wild just 29:52.720 --> 29:55.720 scanning the internet and ruining your day in particular. 29:55.720 --> 29:58.720 I mean, that ham, that's getting cold 29:58.720 --> 30:00.720 buddy because you have a lot of work to do. 30:00.720 --> 30:02.720 And if you're lucky, I mean, maybe the maintainer 30:02.720 --> 30:04.720 of this dependency is already released a fix. 30:04.720 --> 30:06.720 But how easy is it to update? 30:06.720 --> 30:08.720 What if it's vendor code that's affected? 30:08.720 --> 30:10.720 And if it is it, then what do you do? 30:10.720 --> 30:11.720 Do you just email the maintainer? 30:11.720 --> 30:12.720 Either way, you're going to spend the 30:12.720 --> 30:14.720 next few weeks in meetings going to talk down to 30:14.720 --> 30:17.720 by people of 24 hours like prior. 30:17.720 --> 30:19.720 They even know you existed. 30:19.720 --> 30:21.720 And this isn't an anomaly done. 30:21.720 --> 30:24.720 This is real life of this is real experiences of 30:24.720 --> 30:27.720 people who have to rely on open source. 30:27.720 --> 30:30.720 And this is a real story. 30:30.720 --> 30:32.720 It happened in 2021 when the software world 30:32.720 --> 30:35.720 discovered a massive vulnerability in a patchy 30:35.720 --> 30:36.720 log for J. 30:36.720 --> 30:38.720 If you're a familiar log for J is a job 30:38.720 --> 30:40.720 a logging library and it sits quietly 30:40.720 --> 30:43.720 underneath a massive portion of the global 30:43.720 --> 30:44.720 software stack. 30:44.720 --> 30:46.720 This software was everywhere. 30:46.720 --> 30:49.720 It was an enterprise applications, cloud platforms, 30:49.720 --> 30:51.720 vendor products, government systems, 30:51.720 --> 30:52.720 everywhere. 30:52.720 --> 30:54.720 You're running Java as scale. 30:54.720 --> 30:56.720 You're almost certainly using it. 30:56.720 --> 30:58.720 And frankly, most people they even know. 30:58.720 --> 31:01.720 And look, this vulnerability, 31:01.720 --> 31:03.720 later called log for a shell, 31:03.720 --> 31:06.720 they allowed remote code execution on a system. 31:06.720 --> 31:08.720 And all you have to do is get it to log 31:08.720 --> 31:10.720 a specifically crafted string. 31:10.720 --> 31:12.720 What that means is no authentication. 31:12.720 --> 31:13.720 No exploit chain. 31:13.720 --> 31:16.720 Just logging any sort of user control data 31:16.720 --> 31:18.720 can lead to full system compromise. 31:18.720 --> 31:20.720 And even after the fixes were released, 31:20.720 --> 31:23.720 real world systems to this day remain vulnerable 31:23.720 --> 31:25.720 because all these patches have to flow through vendors 31:25.720 --> 31:28.720 and rebuild pipelines and downstream consumers. 31:28.720 --> 31:31.720 I mean, log for J wasn't just like one particular 31:31.720 --> 31:33.720 vulnerability where all went bad. 31:33.720 --> 31:37.720 It was a symbol of an inherent structural risk 31:37.720 --> 31:40.720 that exists by interconnecting so much of our software 31:40.720 --> 31:43.720 and the way that opensource does. 31:43.720 --> 31:44.720 And so you know what? 31:44.720 --> 31:46.720 Bam, we clean room log for J, 31:46.720 --> 31:49.720 and now we don't have to worry about it anymore. 31:49.720 --> 31:51.720 But that's just one story, right? 31:51.720 --> 31:53.720 Imagine you're a maintainer of a popular 31:53.720 --> 31:54.720 JavaScript package. 31:54.720 --> 31:56.720 And you're at your best friends wedding. 31:56.720 --> 31:58.720 A historic and beautiful moment. 31:58.720 --> 32:01.720 And just as this lovely couple looks into each other's eyes 32:01.720 --> 32:02.720 and they're about to say, 32:02.720 --> 32:04.720 I do, your phone starts going off. 32:04.720 --> 32:06.720 And now you have half the internet 32:06.720 --> 32:09.720 jumping on you because a worm has made it into your 32:09.720 --> 32:10.720 software package. 32:10.720 --> 32:12.720 And not just yours, but many others too. 32:12.720 --> 32:14.720 You don't make a scent off of this damn thing, 32:14.720 --> 32:17.720 but still you have engineers at companies around the planet 32:17.720 --> 32:18.720 angrily emailing you saying, 32:18.720 --> 32:20.720 you need this fixed now. 32:20.720 --> 32:22.720 That wedding, that'd be absolutely right. 32:22.720 --> 32:24.720 And this is a real story, too. 32:24.720 --> 32:26.720 I mean, look at the worm, 32:26.720 --> 32:27.720 Shai Hulu 2.0, 32:27.720 --> 32:29.720 it affected hundreds of NPM packages 32:29.720 --> 32:31.720 beginning with compromising the accounts of wealth. 32:31.720 --> 32:34.720 Let's just say a few average JavaScript developers. 32:36.720 --> 32:39.720 From there, it allowed RCE and thousands of systems 32:39.720 --> 32:42.720 compromising new systems of developers and spreading onwards. 32:42.720 --> 32:44.720 I mean, these package maintainers, 32:44.720 --> 32:46.720 they don't have support contracts or relationships. 32:46.720 --> 32:49.720 They don't even necessarily care about their downstream users. 32:49.720 --> 32:50.720 And so, I don't know, 32:50.720 --> 32:52.720 I don't envy those affected you. 32:52.720 --> 32:55.720 Look, I understand the points you're making. 32:55.720 --> 32:57.720 These are real problems that we have to sort through, 32:57.720 --> 33:00.720 but I don't think that means we should just take a machine 33:00.720 --> 33:02.720 and robot all the way all the maintainers 33:02.720 --> 33:04.720 and take all of their ideas and just, 33:05.720 --> 33:08.720 yeah, but you have to understand, 33:08.720 --> 33:10.720 like, that's just downstream consumers, 33:10.720 --> 33:11.720 but we're here at Boston, 33:11.720 --> 33:14.720 so we should talk about the problems that maintainers face, right? 33:14.720 --> 33:18.720 Like, imagine waking up to a massive dump of CVEs 33:18.720 --> 33:20.720 on the project that you're maintaining. 33:20.720 --> 33:22.720 Combined with panic, emails, 33:22.720 --> 33:24.720 from every single one of your users. 33:24.720 --> 33:26.720 You barely get paid at all to maintain 33:26.720 --> 33:28.720 this pillar of the world's digital infrastructure, 33:28.720 --> 33:30.720 and then suddenly a whole world's counting on you 33:30.720 --> 33:33.720 to work overtime to fix their problems. 33:33.720 --> 33:35.720 How is that fair, Dylan? 33:35.720 --> 33:38.720 I mean, this is exactly what happened to F event peg, 33:38.720 --> 33:40.720 which had a ton of CVEs just suddenly dumped on it 33:40.720 --> 33:42.720 by a Google AI. 33:42.720 --> 33:43.720 And I mean, look at CRO, 33:43.720 --> 33:45.720 which just dumped their bug bounty program. 33:45.720 --> 33:47.720 I mean, going back to F event peg, 33:47.720 --> 33:49.720 one of the CVEs in particular, 33:49.720 --> 33:53.720 it only affected a codec used by a single video game 33:53.720 --> 33:55.720 that was released decades earlier. 33:55.720 --> 33:58.720 And yet, still these maintainers were harassed relentlessly, 33:58.720 --> 34:00.720 simply because the CVE was filed by Google, 34:00.720 --> 34:02.720 and they ended up having to fix it 34:02.720 --> 34:04.720 just to make these problems go away. 34:04.720 --> 34:07.720 I mean, there's no escaping these panic corporations 34:07.720 --> 34:10.720 because their reputation is on blind. 34:10.720 --> 34:14.720 And I mean, that's just the logistical issues around code, right? 34:14.720 --> 34:17.720 But there's plenty more licensing regimes 34:17.720 --> 34:19.720 within officially open-source packages 34:19.720 --> 34:21.720 aren't necessarily all the same, 34:21.720 --> 34:24.720 and they affect different organizations differently. 34:24.720 --> 34:25.720 I mean, for instance, 34:25.720 --> 34:27.720 the copy left provisions in the HEPL, 34:27.720 --> 34:30.720 well, you know, if I was assigned a proprietary SaaS provider, 34:31.720 --> 34:33.720 I'd be pretty worried about that in the provisions 34:33.720 --> 34:35.720 that could impact my code. 34:35.720 --> 34:39.720 And, you know, this led to many, many, many companies 34:39.720 --> 34:41.720 now banning this specific license 34:41.720 --> 34:45.720 despite it being an OSI approved open-source license. 34:45.720 --> 34:49.720 And even then, that's just consumers again. 34:49.720 --> 34:51.720 But when we think about organizations 34:51.720 --> 34:53.720 that produce open-source software, 34:53.720 --> 34:56.720 I mean, managing the actual copyright and enforcement, 34:56.720 --> 34:58.720 that can be an absolute nightmare. 34:58.720 --> 35:00.720 Most tool organizations have is that 35:00.720 --> 35:02.720 I have contributors physically 35:02.720 --> 35:05.720 and contractually sign over the copyright 35:05.720 --> 35:07.720 from every single contributor. 35:07.720 --> 35:08.720 And without that, 35:08.720 --> 35:11.720 enforcement becomes significantly more difficult. 35:11.720 --> 35:13.720 And I mean, this is generally used by foundations 35:13.720 --> 35:14.720 who, hopefully, 35:14.720 --> 35:16.720 if they have the money and resources, 35:16.720 --> 35:18.720 can represent the interests of those contributors. 35:18.720 --> 35:20.720 Shout out to that SFC. 35:20.720 --> 35:22.720 But more often, 35:22.720 --> 35:23.720 it's used by corporations 35:23.720 --> 35:25.720 that can then use that copyright power 35:25.720 --> 35:28.720 to re-license software at a later date. 35:28.720 --> 35:29.720 Tools such as these, 35:29.720 --> 35:30.720 contributor license agreements, 35:30.720 --> 35:32.720 they create leverage for corporations 35:32.720 --> 35:35.720 to modify open-source into something that works for them. 35:35.720 --> 35:36.720 And what that is is a tool 35:36.720 --> 35:38.720 that they can use to leverage workers 35:38.720 --> 35:40.720 in competition. 35:40.720 --> 35:42.720 And so, how do these companies deal with 35:42.720 --> 35:43.720 all these legal issues? 35:43.720 --> 35:44.720 Well, I mean, for one, 35:44.720 --> 35:46.720 they spend a load of money on software solutions 35:46.720 --> 35:48.720 like sneak and black, 35:48.720 --> 35:50.720 to scan all their dependencies. 35:50.720 --> 35:51.720 Yeah, I know that stuff. 35:51.720 --> 35:52.720 You got expensive. 35:52.720 --> 35:54.720 I know some companies are paying millions of dollars 35:54.720 --> 35:55.720 to have software. 35:55.720 --> 35:56.720 Exactly. 35:56.720 --> 35:59.720 And then they hire entire teams of people 35:59.720 --> 36:01.720 to have to manage these contracts 36:01.720 --> 36:03.720 and work with communities 36:03.720 --> 36:04.720 and downstream libraries. 36:04.720 --> 36:05.720 And hopefully, 36:05.720 --> 36:07.720 they can make the company benefit 36:07.720 --> 36:08.720 from open-source. 36:08.720 --> 36:09.720 But unfortunately, 36:09.720 --> 36:10.720 a lot of these people 36:10.720 --> 36:11.720 they sit on the edge of the company 36:11.720 --> 36:13.720 desperately trying to find ways 36:13.720 --> 36:14.720 to convince leadership 36:14.720 --> 36:16.720 that despite spending their money 36:16.720 --> 36:17.720 on sharing, losing control, 36:17.720 --> 36:19.720 that it's actually profitable. 36:19.720 --> 36:21.720 And frankly, doing a lot of these people 36:21.720 --> 36:23.720 struggle to make that justification 36:23.720 --> 36:25.720 and research recently has shown that 36:25.720 --> 36:27.720 these people have been disproportionately 36:27.720 --> 36:28.720 affected by layoffs 36:28.720 --> 36:29.720 over the last three years. 36:29.720 --> 36:31.720 Mike, what does this have to do 36:31.720 --> 36:32.720 with clean room? 36:32.720 --> 36:33.720 It sounds like you're just 36:33.720 --> 36:35.720 airing open-source grievances at this point. 36:35.720 --> 36:37.720 No, there's a deeper problem 36:37.720 --> 36:38.720 at stake. 36:38.720 --> 36:40.720 And I think there's a deeper solution here 36:40.720 --> 36:42.720 but we have to get to the end 36:42.720 --> 36:43.720 to truly understand. 36:43.720 --> 36:44.720 What, why do you keep to 36:44.720 --> 36:45.720 do you change these slot? 36:45.720 --> 36:46.720 What are you talking? 36:46.720 --> 36:47.720 No, look. 36:47.720 --> 36:48.720 It's just some minor adjustments. 36:48.720 --> 36:49.720 What? 36:49.720 --> 36:50.720 Don't worry about it. 36:50.720 --> 36:51.720 Don't worry about it. 36:51.720 --> 36:52.720 Don't worry about it. 36:52.720 --> 36:54.720 All these costs and pains aren't bad enough. 36:54.720 --> 36:56.720 I mean, we also realize that 36:56.720 --> 36:57.720 it opens for software creators. 36:57.720 --> 36:59.720 You know, they aren't always necessarily 36:59.720 --> 37:01.720 looking out for every single one of their 37:01.720 --> 37:02.720 downstream consumers. 37:02.720 --> 37:04.720 For instance, look at the library 37:04.720 --> 37:06.720 node IPC, a JavaScript library 37:06.720 --> 37:08.720 that where the maintainer 37:08.720 --> 37:10.720 introduced a file-wiping payload 37:10.720 --> 37:12.720 targeting any user that had a Russian 37:12.720 --> 37:13.720 or Bella Russian IP address 37:13.720 --> 37:15.720 to protest the Ukraine invasion. 37:15.720 --> 37:17.720 I mean, we are in Russia 37:17.720 --> 37:20.720 but imagine if one of our downstream maintainers 37:20.720 --> 37:23.720 suddenly disliked us, we could be attacked 37:23.720 --> 37:24.720 for a supply chain attack, right? 37:24.720 --> 37:26.720 This is really, really scary stuff. 37:26.720 --> 37:27.720 So you know what? 37:27.720 --> 37:29.720 I clean-roomed node IPC2 37:29.720 --> 37:32.720 and now we don't have any of these problems. 37:32.720 --> 37:35.720 But, no one IPC is just one example. 37:35.720 --> 37:37.720 Back in 2022, another maintainer 37:37.720 --> 37:39.720 sabotages libraries, collars, 37:39.720 --> 37:41.720 JS, and fakers JS with these 37:41.720 --> 37:43.720 infinite loops to protest 37:43.720 --> 37:45.720 Fortune 500 firms that were using 37:45.720 --> 37:47.720 his code, but never to 37:47.720 --> 37:50.720 claim to ever contribute back to him financially. 37:50.720 --> 37:52.720 And so this isn't just protesting work. 37:52.720 --> 37:55.720 It's protesting capitalism itself. 37:55.720 --> 37:56.720 And so this maintainer 37:56.720 --> 37:58.720 broke huge pro-hypro-file tools 37:58.720 --> 38:01.720 like AWS Cloud Development Kit. 38:01.720 --> 38:03.720 So I mean, if Amazon, this massive company 38:03.720 --> 38:05.720 could be targeted by open-source developers 38:05.720 --> 38:07.720 in a significant way, who's to say 38:07.720 --> 38:09.720 that's not us, or potentially 38:09.720 --> 38:11.720 in any of our customers. 38:11.720 --> 38:13.720 And that's a really scary thing. 38:13.720 --> 38:14.720 It made me think about how dangerous it is 38:14.720 --> 38:16.720 to rely on strangers. 38:16.720 --> 38:18.720 I mean, you want to take candy from a stranger. 38:18.720 --> 38:21.720 Why would you run their code? 38:21.720 --> 38:24.720 I'll give you that one. 38:24.720 --> 38:26.720 And so you know what? 38:26.720 --> 38:28.720 I went ahead and I clean-roomed 38:28.720 --> 38:30.720 colors JS and fakers JS. 38:30.720 --> 38:32.720 And now we don't have to worry about 38:32.720 --> 38:34.720 any more backdoories. 38:34.720 --> 38:36.720 All right, look, I buy there's 38:36.720 --> 38:38.720 probably some companies that would pay 38:38.720 --> 38:40.720 for this clean-rooming, but like 38:40.720 --> 38:42.720 ignoring that. 38:42.720 --> 38:43.720 If we can go back to the moral 38:43.720 --> 38:45.720 question, Mike, it feels a little 38:45.720 --> 38:46.720 exploited. 38:46.720 --> 38:47.720 Doesn't it? 38:47.720 --> 38:49.720 You're taking all of these people's ideas 38:49.720 --> 38:50.720 and functionality. 38:50.720 --> 38:52.720 And then you're repurposing it 38:52.720 --> 38:55.720 for your own proprietary functionality 38:55.720 --> 38:56.720 that you profit from. 38:56.720 --> 38:58.720 That doesn't sound moral. 38:58.720 --> 39:00.720 Sure, but Dylan, if we don't do it, 39:00.720 --> 39:01.720 someone else will. 39:01.720 --> 39:03.720 Real companies are having these 39:03.720 --> 39:05.720 conversations right now. 39:05.720 --> 39:07.720 And I mean, in the last six months, 39:07.720 --> 39:08.720 it seems like AI models 39:08.720 --> 39:09.720 might have finally gotten 39:09.720 --> 39:11.720 powerful enough to do it. 39:11.720 --> 39:14.720 And I mean, it's so easy. 39:15.720 --> 39:17.720 I can take all of the ideas 39:17.720 --> 39:19.720 from open source and 39:19.720 --> 39:21.720 avoid all of these issues. 39:21.720 --> 39:23.720 Dylan, there's real 39:23.720 --> 39:24.720 opportunity here. 39:24.720 --> 39:27.720 I can convert entire open source 39:27.720 --> 39:29.720 S-bombs into 100% 39:29.720 --> 39:32.720 CVE free packages. 39:32.720 --> 39:33.720 And I can do it all 39:33.720 --> 39:36.720 for just a low fee for me and my 39:36.720 --> 39:37.720 customers. 39:37.720 --> 39:39.720 In furthermore, I'll have 39:39.720 --> 39:42.720 total AI mediated control over 39:42.720 --> 39:43.720 all of this software. 39:43.720 --> 39:45.720 And I'll be able to tailor it 39:45.720 --> 39:46.720 to your work. 39:46.720 --> 39:48.720 I mean, look, you're a company guy, 39:48.720 --> 39:49.720 right? 39:49.720 --> 39:50.720 You're already encouraging your 39:50.720 --> 39:53.720 workers to utilize AI coding agents. 39:53.720 --> 39:55.720 And this ineffective method of 39:55.720 --> 39:57.720 having millions of dependencies 39:57.720 --> 39:58.720 that you don't know about 39:58.720 --> 39:59.720 the varying levels of 39:59.720 --> 40:00.720 maintainer ship, Dylan. 40:00.720 --> 40:01.720 It's crazy. 40:01.720 --> 40:03.720 It's not sustainable. 40:03.720 --> 40:06.720 Give you total control over 40:06.720 --> 40:07.720 open source. 40:07.720 --> 40:08.720 Listen to yourself. 40:08.720 --> 40:10.720 You sound like a crazy person. 40:10.720 --> 40:11.720 And besides, look, 40:11.720 --> 40:13.720 we did a few examples of a few 40:13.720 --> 40:14.720 one-off packages here, 40:14.720 --> 40:16.720 but that seems like a far 40:16.720 --> 40:17.720 stretch from cleaner 40:17.720 --> 40:18.720 moving an entire 40:18.720 --> 40:19.720 S-bombs. 40:19.720 --> 40:20.720 Well, Dylan, 40:20.720 --> 40:22.720 wasn't it you that first 40:22.720 --> 40:24.720 came to me with the idea of this 40:24.720 --> 40:25.720 talk when Mongo took 40:25.720 --> 40:27.720 700 rules from the 40:27.720 --> 40:28.720 HEPL license 40:28.720 --> 40:29.720 Trufflehog and then 40:29.720 --> 40:31.720 relicens them to a patchy? 40:31.720 --> 40:33.720 Yes, they did use AI tools 40:33.720 --> 40:34.720 to do that. 40:34.720 --> 40:35.720 And they were messy 40:35.720 --> 40:36.720 enough. 40:36.720 --> 40:37.720 They actually copied some of the 40:37.720 --> 40:38.720 original code. 40:38.720 --> 40:39.720 And so, you know, 40:39.720 --> 40:40.720 that's technically a 40:40.720 --> 40:41.720 real email exchange. 40:41.720 --> 40:42.720 But that's not the point. 40:42.720 --> 40:43.720 That's very different from 40:43.720 --> 40:45.720 an entire S-bombs. 40:45.720 --> 40:46.720 Yeah. 40:46.720 --> 40:47.720 Well, you know what? 40:47.720 --> 40:48.720 I got it working. 40:48.720 --> 40:49.720 Pull the automated 40:49.720 --> 40:50.720 cleanrooming of 40:50.720 --> 40:51.720 entire S-bombs. 40:51.720 --> 40:52.720 I mean, if you 40:52.720 --> 40:54.720 upload your package.json 40:54.720 --> 40:55.720 to our website, 40:55.720 --> 40:57.720 malice.sate and for a 40:57.720 --> 40:58.720 little or fee, 40:58.720 --> 40:59.720 you'll have 40:59.720 --> 41:00.720 all of your dependencies 41:00.720 --> 41:01.720 cleanroom. 41:01.720 --> 41:02.720 100% 41:02.720 --> 41:03.720 CVE-3. 41:03.720 --> 41:04.720 No more fuss 41:04.720 --> 41:05.720 with communities, 41:05.720 --> 41:06.720 no more 41:06.720 --> 41:07.720 osphos, 41:07.720 --> 41:09.720 no more supply chain attacks, 41:09.720 --> 41:11.720 no more open source. 41:11.720 --> 41:12.720 Is this real? 41:12.720 --> 41:13.720 Yeah. 41:13.720 --> 41:14.720 Like, no. 41:14.720 --> 41:15.720 I mean, 41:15.720 --> 41:16.720 if people actually go 41:16.720 --> 41:17.720 to malice.js 41:17.720 --> 41:18.720 right now with their 41:18.720 --> 41:19.720 currently open laptops, 41:19.720 --> 41:20.720 can they 41:20.720 --> 41:21.720 actually pay you 41:21.720 --> 41:22.720 to cleanroom their entire 41:22.720 --> 41:23.720 S-bombs? 41:23.720 --> 41:24.720 It's malice.sate 41:24.720 --> 41:25.720 dealing. 41:25.720 --> 41:26.720 And yes, 41:26.720 --> 41:27.720 how many times 41:27.720 --> 41:28.720 do I have to say it? 41:28.720 --> 41:29.720 We, 41:29.720 --> 41:30.720 Mike, 41:30.720 --> 41:31.720 we just had a proof of 41:31.720 --> 41:32.720 a cut. 41:32.720 --> 41:33.720 You wired us up the 41:33.720 --> 41:34.720 stripe. 41:34.720 --> 41:35.720 Who'd thank it? 41:35.720 --> 41:36.720 How does this go to? 41:36.720 --> 41:37.720 Dylan. 41:37.720 --> 41:38.720 Why do you 41:38.720 --> 41:40.720 think we are doing all of this? 41:40.720 --> 41:41.720 Mike, 41:41.720 --> 41:42.720 I'm in disbelief. 41:42.720 --> 41:43.720 You, 41:43.720 --> 41:44.720 ten years ago, 41:44.720 --> 41:45.720 you quit your job at Amazon 41:45.720 --> 41:46.720 to go work for, 41:46.720 --> 41:47.720 like, 41:47.720 --> 41:48.720 peanuts in the open source 41:48.720 --> 41:49.720 community, 41:49.720 --> 41:50.720 due to advocacy work 41:50.720 --> 41:51.720 and humanitarian 41:51.720 --> 41:52.720 ors. 41:52.720 --> 41:53.720 And now, 41:53.720 --> 41:55.720 what, 41:55.720 --> 41:56.720 you're just going to 41:56.720 --> 41:57.720 give it up 41:57.720 --> 41:59.720 to kill and take control of all open source? 41:59.720 --> 42:01.720 Well, Dylan, 42:01.720 --> 42:03.720 I just think, 42:03.720 --> 42:05.720 open source lost. 42:05.720 --> 42:07.720 I'm tired of being on the losing side. 42:07.720 --> 42:08.720 I can do that 42:08.720 --> 42:10.720 for from advocating for open source. 42:10.720 --> 42:11.720 So I figured, 42:11.720 --> 42:12.720 why not try 42:12.720 --> 42:13.720 the opposite? 42:13.720 --> 42:14.720 Why not? 42:14.720 --> 42:15.720 Embrace the inevitable? 42:15.720 --> 42:16.720 And at least make 42:16.720 --> 42:17.720 a little money 42:17.720 --> 42:19.720 while the whole world 42:19.720 --> 42:20.720 watches AI 42:20.720 --> 42:21.720 burn it to the ground. 42:21.720 --> 42:22.720 I, 42:22.720 --> 42:23.720 no, Mike, 42:23.720 --> 42:24.720 I can't be a part of this. 42:24.720 --> 42:25.720 Like, 42:25.720 --> 42:26.720 you can't just take all of these 42:26.720 --> 42:27.720 people's code 42:27.720 --> 42:28.720 and 42:28.720 --> 42:29.720 redo their 42:29.720 --> 42:30.720 functionality 42:30.720 --> 42:32.720 and keep their functionality 42:32.720 --> 42:33.720 but redo the code. 42:33.720 --> 42:34.720 Like, 42:34.720 --> 42:35.720 you can't just profit 42:35.720 --> 42:36.720 from their labor like that. 42:36.720 --> 42:39.720 That's not right. 42:39.720 --> 42:40.720 I mean, 42:40.720 --> 42:41.720 Dylan, 42:41.720 --> 42:42.720 if you're not going to help me 42:42.720 --> 42:43.720 and open source 42:43.720 --> 42:44.720 then, well, 42:44.720 --> 42:45.720 don't let the door 42:45.720 --> 42:46.720 hit you on the way out. 42:46.720 --> 42:47.720 Mike, 42:47.720 --> 42:48.720 why 42:48.720 --> 42:49.720 here? 42:49.720 --> 42:50.720 Why come to 42:50.720 --> 42:51.720 fuzz them 42:51.720 --> 42:52.720 and give this talk of all 42:52.720 --> 42:53.720 conferences? 42:53.720 --> 42:54.720 Well, 42:54.720 --> 42:55.720 you know, 42:55.720 --> 42:56.720 I actually 42:56.720 --> 42:57.720 I did a bit of market research 42:57.720 --> 42:58.720 and, well, this 42:58.720 --> 42:59.720 crack in particular 42:59.720 --> 43:00.720 has a lot of the legal 43:00.720 --> 43:01.720 console 43:01.720 --> 43:03.720 for many of our future customers. 43:03.720 --> 43:04.720 And I figured, 43:04.720 --> 43:05.720 you know, 43:05.720 --> 43:06.720 this is it. 43:06.720 --> 43:07.720 Mike, 43:07.720 --> 43:09.720 I can't let you do this. 43:09.720 --> 43:11.720 I have to stop you. 43:13.720 --> 43:14.720 Stop me. 43:14.720 --> 43:16.720 How are you going to stop me? 43:16.720 --> 43:17.720 What? 43:17.720 --> 43:18.720 What tools? 43:18.720 --> 43:19.720 What system 43:19.720 --> 43:21.720 could you ever possibly use 43:21.720 --> 43:23.720 to stop all of this? 43:23.720 --> 43:24.720 Do you know how much 43:24.720 --> 43:25.720 I want to slap you 43:25.720 --> 43:26.720 right now? 43:26.720 --> 43:27.720 I want to hit you so bad. 43:27.720 --> 43:28.720 I can't even 43:28.720 --> 43:29.720 know. 43:29.720 --> 43:30.720 I don't think the organizers 43:30.720 --> 43:31.720 would like that. 43:31.720 --> 43:32.720 I mean, 43:32.720 --> 43:34.720 I don't think 43:34.720 --> 43:35.720 the wrong is the problem 43:35.720 --> 43:37.720 and if I'm being honest, 43:37.720 --> 43:38.720 I think I just, 43:38.720 --> 43:39.720 I think I just need 43:39.720 --> 43:40.720 a minute to myself. 43:40.720 --> 43:42.720 I'm so sorry. 43:42.720 --> 43:44.720 I can't keep doing this. 43:51.720 --> 43:52.720 Consider a turkey 43:52.720 --> 43:54.720 that is fed every day. 43:54.720 --> 43:55.720 Every single feeding 43:55.720 --> 43:57.720 will firm up the birds 43:57.720 --> 43:58.720 belief that it is the 43:58.720 --> 43:59.720 general rule of life 43:59.720 --> 44:00.720 to be fed every day 44:00.720 --> 44:01.720 by friendly 44:01.720 --> 44:03.720 members of the human race. 44:03.720 --> 44:04.720 Looking out for its best 44:04.720 --> 44:05.720 interests 44:05.720 --> 44:06.720 as a politician 44:06.720 --> 44:07.720 would say. 44:07.720 --> 44:08.720 On the afternoon 44:08.720 --> 44:09.720 of the Wednesday 44:09.720 --> 44:10.720 before Thanksgiving, 44:10.720 --> 44:12.720 something unexpected 44:12.720 --> 44:13.720 will happen to the turkey. 44:13.720 --> 44:15.720 It will incur a revision 44:15.720 --> 44:16.720 of belief. 44:34.720 --> 44:36.720 In my day, 44:36.720 --> 44:37.720 I remember that we had this 44:37.720 --> 44:38.720 guy call. 44:38.720 --> 44:39.720 I think his name was Richard 44:39.720 --> 44:40.720 Paul. 44:40.720 --> 44:41.720 Something. 44:41.720 --> 44:42.720 He was on the 44:42.720 --> 44:43.720 stockboard. 44:43.720 --> 44:44.720 He should be free. 44:44.720 --> 44:45.720 He should all be free. 44:45.720 --> 44:46.720 And I call. 44:46.720 --> 44:47.720 He should be free. 44:47.720 --> 44:48.720 He should be free. 44:48.720 --> 44:49.720 He should be free. 44:49.720 --> 44:50.720 He should be free. 44:50.720 --> 44:51.720 He should be free. 44:51.720 --> 44:52.720 He should be free. 44:52.720 --> 44:53.720 He should be free. 44:53.720 --> 44:54.720 He should be free. 44:54.720 --> 44:55.720 He should be free. 44:55.720 --> 44:56.720 He should be free. 44:56.720 --> 44:57.720 He should be free. 44:57.720 --> 44:58.720 He should be free. 44:58.720 --> 44:59.720 He should be free. 44:59.720 --> 45:00.720 He should be free. 45:00.720 --> 45:01.720 He should be free. 45:01.720 --> 45:02.720 He should be free. 45:02.720 --> 45:03.720 He should be free. 45:03.720 --> 45:04.720 He should be free. 45:04.720 --> 45:05.720 He should be free. 45:05.720 --> 45:06.720 He should be free. 45:06.720 --> 45:07.720 He should be free. 45:07.720 --> 45:08.720 He should be free. 45:08.720 --> 45:09.720 He should be free. 45:09.720 --> 45:10.720 He should be free. 45:10.720 --> 45:11.720 He should be free. 45:11.720 --> 45:12.720 He should be free. 45:12.720 --> 45:13.720 He should be free. 45:13.720 --> 45:14.720 He should be free. 45:14.720 --> 45:15.720 He should be free. 45:15.720 --> 45:16.720 He should be free. 45:16.720 --> 45:17.720 He should be free. 45:17.720 --> 45:18.720 He should be free. 45:18.720 --> 45:19.720 He should be free. 45:19.720 --> 45:20.720 He should be free. 45:20.720 --> 45:21.720 He should be free. 45:21.720 --> 45:22.720 He should be free. 45:22.720 --> 45:23.720 He should be free. 45:23.720 --> 45:24.720 He should be free. 45:24.720 --> 45:25.720 He should be free. 45:25.720 --> 45:26.720 He should be free. 45:26.720 --> 45:27.720 He should be free. 45:27.720 --> 45:28.720 He should be free. 45:28.720 --> 45:29.720 He should be free. 45:29.720 --> 45:30.720 He should be free. 45:30.720 --> 45:31.720 He should be free. 45:31.720 --> 45:32.720 He should be free. 45:32.720 --> 45:33.720 He should be free. 45:33.720 --> 45:34.720 He should be free. 45:34.720 --> 45:35.720 He should be free. 45:35.720 --> 45:36.720 He should be free. 45:36.720 --> 45:37.720 He should be free. 45:37.720 --> 45:38.720 He should be free. 45:38.720 --> 45:39.720 He should be free. 45:39.720 --> 45:40.720 He should be free. 45:40.720 --> 45:41.720 He should be free. 45:41.720 --> 45:42.720 He should be free. 45:42.720 --> 45:43.720 He should be free. 45:43.720 --> 45:44.720 He should be free. 45:44.720 --> 45:45.720 He should be free. 45:45.720 --> 45:46.720 He should be free. 45:46.720 --> 45:47.720 He should be free. 45:47.720 --> 45:48.720 He should be free. 45:48.720 --> 45:49.720 He should be free. 45:49.720 --> 45:50.720 He should be free. 45:50.720 --> 45:51.720 He should be free. 45:51.720 --> 45:52.720 He should be free. 45:52.720 --> 45:53.720 He should be free. 45:53.720 --> 45:55.720 He should be free. 45:55.720 --> 45:56.720 He should be free. 45:56.720 --> 45:57.720 He should be free. 45:57.720 --> 45:58.720 He should be free. 45:58.720 --> 45:59.720 He should be free. 45:59.720 --> 46:00.720 He should be free. 46:00.720 --> 46:01.720 He should be free. 46:01.720 --> 46:02.720 He should be free. 46:02.720 --> 46:03.720 He should be free. 46:03.720 --> 46:04.720 He should be free. 46:04.720 --> 46:05.720 He should be free. 46:05.720 --> 46:06.720 He should be free. 46:06.720 --> 46:07.720 He should be free. 46:07.720 --> 46:08.720 He should be free. 46:08.720 --> 46:09.720 He should be free. 46:09.720 --> 46:10.720 He should be free. 46:10.720 --> 46:11.720 He should be free. 46:11.720 --> 46:12.720 He should be free. 46:12.720 --> 46:13.720 He should be free. 46:13.720 --> 46:14.720 He should be free. 46:14.720 --> 46:15.720 He should be free. 46:15.720 --> 46:16.720 He should be free. 46:16.720 --> 46:18.720 He should be free. 46:18.720 --> 46:19.720 He should be free. 46:19.720 --> 46:20.720 He should be free. 46:20.720 --> 46:21.720 He should be free. 46:21.720 --> 46:22.720 He should be free. 46:22.720 --> 46:23.720 He should be free. 46:23.720 --> 46:24.720 He should be free. 46:24.720 --> 46:25.720 He should be free. 46:25.720 --> 46:26.720 He should be free. 46:26.720 --> 46:27.720 He should be free. 46:27.720 --> 46:28.720 He should be free. 46:28.720 --> 46:29.720 He should be free. 46:29.720 --> 46:30.720 He should be free. 46:30.720 --> 46:31.720 He should be free. 46:31.720 --> 46:32.720 He should be free. 46:32.720 --> 46:33.720 He should be free. 46:33.720 --> 46:34.720 He should be free. 46:34.720 --> 46:35.720 He should be free. 46:35.720 --> 46:36.720 He should be free. 46:36.720 --> 46:37.720 He should be free. 46:37.720 --> 46:38.720 He should be free. 46:38.720 --> 46:40.720 He should be free. 46:40.720 --> 46:41.720 He should be free. 46:41.720 --> 46:42.720 He should be free. 46:42.720 --> 46:43.720 He should be free. 46:43.720 --> 46:44.720 He should be free. 46:44.720 --> 46:45.720 He should be free. 46:45.720 --> 46:46.720 He should be free. 46:46.720 --> 46:47.720 He should be free. 46:47.720 --> 46:48.720 He should be free. 46:48.720 --> 46:49.720 He should be free. 46:49.720 --> 46:50.720 He should be free. 46:50.720 --> 46:52.720 He should be free. 46:52.720 --> 46:53.720 He should be free. 46:53.720 --> 46:54.720 He should be free. 46:54.720 --> 46:55.720 He should be free. 46:55.720 --> 46:56.720 He should be free. 46:56.720 --> 46:57.720 He should be free. 46:57.720 --> 46:58.720 He should be free. 46:58.720 --> 46:59.720 He should be free. 46:59.720 --> 47:00.720 He should be free. 47:00.720 --> 47:01.720 He should be free. 47:01.720 --> 47:02.720 He should be free. 47:02.720 --> 47:03.720 He should be free. 47:03.720 --> 47:04.720 He should be free. 47:04.720 --> 47:05.720 He should be free. 47:05.720 --> 47:06.720 He should be free. 47:06.720 --> 47:07.720 He should be free. 47:07.720 --> 47:08.720 He should be free. 47:08.720 --> 47:09.720 He should be free. 47:09.720 --> 47:10.720 He should be free. 47:10.720 --> 47:11.720 He should be free. 47:11.720 --> 47:12.720 He should be free. 47:12.720 --> 47:14.720 He should be free. 47:14.720 --> 47:15.720 He should be free. 47:15.720 --> 47:16.720 He should be free. 47:16.720 --> 47:17.720 He should be free. 47:17.720 --> 47:18.720 He should be free. 47:18.720 --> 47:19.720 He should be free. 47:19.720 --> 47:20.720 He should be free. 47:20.720 --> 47:21.720 He should be free. 47:21.720 --> 47:22.720 He should be free. 47:22.720 --> 47:23.720 He should be free. 47:23.720 --> 47:25.720 He should be free. 47:25.720 --> 47:26.720 He should be free. 47:26.720 --> 47:27.720 He should be free. 47:27.720 --> 47:28.720 He should be free. 47:28.720 --> 47:29.720 He should be free. 47:29.720 --> 47:30.720 He should be free. 47:30.720 --> 47:31.720 He should be free. 47:31.720 --> 47:32.720 He should be free. 47:32.720 --> 47:33.720 He should be free. 47:33.720 --> 47:34.720 He should be free. 47:34.720 --> 47:35.720 He should be free. 47:35.720 --> 47:36.720 He should be free. 47:36.720 --> 47:37.720 He should be free. 47:37.720 --> 47:38.720 He should be free. 47:38.720 --> 47:39.720 He should be free. 47:39.720 --> 47:40.720 He should be free. 47:40.720 --> 47:41.720 He should be free. 47:41.720 --> 47:42.720 He should be free. 47:42.720 --> 47:43.720 He should be free. 47:43.720 --> 47:44.720 He should be free. 47:44.720 --> 47:45.720 He should be free. 47:45.720 --> 47:46.720 He should be free. 47:46.720 --> 47:47.720 He should be free. 47:47.720 --> 47:48.720 He should be free. 47:48.720 --> 47:49.720 He should be free. 47:49.720 --> 47:50.720 He should be free. 47:50.720 --> 47:51.720 He should be free. 47:51.720 --> 47:52.720 He should be free. 47:52.720 --> 47:53.720 He should be free. 47:53.720 --> 47:54.720 He should be free. 47:54.720 --> 47:55.720 He should be free. 47:55.720 --> 47:56.720 He should be free. 47:56.720 --> 47:57.720 He should be free. 47:57.720 --> 47:58.720 He should be free. 47:58.720 --> 47:59.720 He should be free. 47:59.720 --> 48:00.720 He should be free. 48:00.720 --> 48:01.720 He should be free. 48:01.720 --> 48:02.720 He should be free. 48:02.720 --> 48:03.720 He should be free. 48:03.720 --> 48:04.720 He should be free. 48:04.720 --> 48:05.720 He should be free. 48:05.720 --> 48:06.720 He should be free. 48:06.720 --> 48:07.720 He should be free.