In this Interna Talks, we discuss Google's change in direction on third-party cookies in Chrome. It means a big change for the industry, or better described, an avoidance of a big change, for now. We talk about the hacks in AT&T and the outage in CrowdStrike. How are they the same and how are they different? What should we, as an industry learn from those two events? Finally, we talk about Nvidia and its competitors. Are the competitors coming, are they serious, or does the Nvidia market dominance continue long into the future?

For more about us: https://www.interna.com and find more posts like this at https://www.interna.com/blog

Don't miss a single episode of "Interna Talks"! Subscribe to our YouTube channel to be notified when new episodes are released.

Timestamps

00:00 Google reverses decision on third-party cookies.

03:40 Concern about privacy in digital marketing practices.

08:48 AT&T mobile phones hacked, FBI prevents release.

12:29 Code and data are perspective, not distinct.

13:27 CrowdStrike protects OS security, risky but vital.

18:08 Focus on process improvement for technical customers.

21:47 CrowdStrike facing issues, needs product leader action.

26:40 Significant technology events, Nvidia dominant in GPU.

30:21 David concerned about AI, data centers, electricity.

31:27 Anticipating competition in tech industry for Nvidia.

34:30 Cloud providers developing own chips, threat to Nvidia.

Transcript

David Subar [00:00:00]:

Hello, everybody. Welcome to another Interna talks. Today we have three items we're going to be talking about. We'll talk about Google's change in direction on third-party cookies in Chrome. We'll talk about the hacks in AT&T and the outage in CrowdStrike, and then we'll talk Nvidia and their competitors. And for all of these, we're going to ask about what does this mean for us as people that develop products, people that rely on other people's products in product managing engineering? So I've got the same cast of characters, Jeff Yoke, Eddie Shek, Mark Goldin and Ross Webb with me, all part of Interna. So let's just jump into it.

David Subar[00:00:46]:

So recently in the last few days, Google changed course 180 degrees, where before they said for protection of consumers they weren't going to have third-party cookies, it was only going to be first party cookies. Companies that you went to, their website would be able to cookie you, but not other things they linked up on anymore like advertisers or information trackers. Their position was that having third parties track you around the web was perhaps more effective for them. But once again, you're tracked around the web and that wasn't good for consumers. They've backed off this. They said they're no longer going to do this and you'll still be allowed third-party cookies. So my question is, what does this mean for us? What does this mean for us as product developers? What does this mean for us as consumers? Maybe those are the same. Maybe those are different.

David Subar [00:01:47]:

What do we think about this? I'm going to start with Ross here. Ross, what are your thoughts here?

Ross Webb [00:01:54]:

Hey, David. Hey everybody watching this. Great to be back with everybody again today. My thoughts are when it comes to cookies, I consider this to be a marketing challenge. And I remember what is it when iOS 14 came out and everybody who's running retargeting through Facebook ads kind of had minor heart palpitations when that happened. And I think this is a recurrence of that. I think as marketers who are struggling, and I'm looking at that, I'm not talking about here product developers specifically, or engineers who are building products that need to have a pop-up or something basic like that that might engage in those types of cookies, I'm talking about kind of tracking and marketing style cookies. I think marketers have got to get better.

Ross Webb [00:02:40]:

I think they need to move more into branding. And if you're relying on an iOS 14 era style of tracking people around every single way they go to try and sell them a pair of shoes. I think you need to do better. Easy for me to say, as a product manager to tell marketers what to do, but it strikes me as this is a problem that marketers have got to stop relying on things that they were able to rely on, especially, and in the B2B space, where attribution is terrible and there's so much happening on the dark web, in other words, your attribution software, your marketers, etcetera, on tracking how people came to you. Marketers have got to get a lot better there as well.

David Subar [00:03:26]:

You're concerned about it primarily from a marketing standpoint, not as concerned about it from a security standpoint, from the end user.

Ross Webb [00:03:40]:

Well, I'm looking at it from marketing to the end user perspective, and let's say from a privacy perspective. I'm saying that people have been using that as a shortcut to be able to get in front of a lot of people and getting around various kinds of privacy issues, and I don't think they should be allowed to do that. And I think as consumers we shouldn't have that. I'm not talking specifically the security aspects, as in like cyber security, et cetera, tracking from that type of security issue because I'm not a security expert, but I have done a lot of digital marketing over the years. That is an area that people have really relied on and they shouldn't have. So I can't really talk to the cyber security issues because I'm not an expert in that space. But yeah, it's a problem. I mean, I've worked with lots of advertising solutions over the years, and so many of them rely on cookies, which they shouldn't be doing going forward.

David Subar [00:04:39]:

So my argument is similar to yours, but my argument is that there's going to be a big sigh of relief from the advertisers in the world, from the marketing people in the world, because I think people had no good solution. They hadn't come up with a good solution. And I had seen, and our clients, some of our clients were scrambling to figure this out. Now they don't have to. Now, for a personal information side, this is just, as Ross said, just the opposite. But I suspect that if Google didn't do it, the only way it's going to happen, if the EU legislates that it has to happen, or California, those tend to be the two faster or legal entities that make things happen. The EU is already pushing for this, for sure.

Ross Webb [00:05:40]:

Yes, I've been tracking that a bit because I live in Europe, but not in the EU anymore, but I think they are going to keep pushing for it. I think they're going to push harder for it. I think they are right to do that. I think as you said, advertisers are going to take a deep breath, but I think it's just a delay until the inevitable does happen and Google will be forced to do it by, I think, the EU before California. But I stand to be corrected on that. You're definitely closer to California than by definition physically. But yeah, that's my view.

David Subar [00:06:21]:

Okay, so you're a product company. Go ahead, Mark.

Mark Goldin [00:06:24]:

Sounds like a serious shot across the bows, though. I mean, this has been in the works for a long time. It was pulled back at the last minute. I think Ross is right. I think developers should take notice that this is coming and look into alternatives.

David Subar [00:06:37]:

So let's say you're a product company that creates different products, that rely on cookies for advertising or your GTM, Google Tag Manager, that kind of thing. You're still developing as fast as possible for a cookie-free world. Is that right? Is that your argument?

Mark Goldin [00:06:59]:

You should be at least investing resources in that? Yes, if possible.

Jeff Yoak [00:07:04]:

One of the questions that always occurs to me is which direction to dedicate those resources. As you guys know, I work with a lot of companies and with faced with this challenge upcoming, people move to a lot of consideration of machine fingerprint where you take other things I can't talk a lot about the details of is because it's mostly proprietary stuff, but things like looking and see what kind of chrome extensions are installed on a particular machine because everybody ends up with a bunch of plugins and things like that installed? It turns out those are fairly unique when taken in combination. So should the effort be to operate similarly to the way we operate with third-party cookies but not relying on actual cookies, or as I think Ross was sort of suggesting, taking a different approach.

David Subar [00:07:54]:

My argument is it's a two-step thing. People are going to follow the letter of the law, but not the spirit law. So they'll take the fingerprinting and then that's going to be outlawed as well. So be prepared for a braver, newer world. So I'm going to jump ahead then. We had two serious cybersecurity issues, or maybe that's not fair to call them both cybersecurity issues, but one cybersecurity issue, one software release issue that upset in one case the United States and the other side of the whole world. And I'm talking about the AT&T Act, which people have now forgotten in light of the CrowdStrike issue that brought down significant parts of the world's computing infrastructure.

David Subar [00:08:48]:

So I want to talk about both of these as a contrast now for people that don't know or people that may have forgotten. AT&T got hacked. AT&T mobile phones got hacked for non-US listeners, and information about customer data was stolen. Not customer names per se, but phone numbers, locations, who phone numbers that other phone numbers called, that kind of stuff. Enough information that you could identify who the person was, where they'd been, and with whom they conversed, which is significant. This is significant enough that this is the first known incident where the FBI has prevented early release of a hack to the general public because they thought that it was a national, potential national security issue. If you know where people were, generally, you could find out where they worked. If you could find out where they worked and you figured out who they talked to, you might be able to find out, if you will.

David Subar [00:09:59]:

And this is my air quotes, the secret agents with whom they coordinated. I'm sure it's much more nuanced and complicated than that. I have never worked at a three letter agency, but that was significant. So that was one incident, and that happened, call it two weeks ago. And then just a few days ago, CrowdStrike released an update to their software, and it brought down Windows operating systems across the world. Not only did it bring them down, but in order to fix them, you need physical access to the servers, so bringing them back up is very difficult. Now, that was a software release, not a cybersecurity threat. The first one was a cybersecurity issue.

David Subar [00:10:48]:

What should we learn about these? Are these the same? Let's start with there. Are these the same, or are these different? Can we learn the same thing, or do we learn different things? I'm gonna start with Eddie.

Eddie Shek [00:11:00]:

Well, first of all, I mean, I absolutely agree with you that the CrowdStrike issue is not a cybersecurity issue. It happens to be caused by a company that work is in cybersecurity. But fundamentally, it's a software release issue. Right. The big takeaway is why did they roll out a change? They probably didn't expect it to have the kind of impact it had, otherwise they wouldn't have done it. But without any kind of phase rollout. Right. If they had anticipated that the impact, or the potential impact or any other thing for product development, a practice perspective, I think my understanding is the update that caused the problem was treated, considered to be a content which happened to affect business logic and functional behavior of the system, not just content.

Eddie Shek [00:12:00]:

So the question really is, I think, for how should companies handle release of content or configuration versus code? I think that's related question it's. I think obviously the best thing to do is to version control, test everything that changed, not just code, but configuration. Treat configuration as code, treat content as code and QA, and release all that in the same way.

David Subar [00:12:29]:

So I used to, sorry to interrupt, I used to give, this will be a giveaway for any developer that interviews me with me in the future. I used to give this interview question, what's the between data and code? And the answer is nothing. It's perspective. To a compiler or interpreter, what the developer thinks is code is actually just data. I'm going to talk more about this particular issue because I hope it will help the listeners think about it. I'm going to get particularly nerdy right now, so I apologize for everyone who may not be interested. I'll stay nerdy for just a moment. Think about the operating system as two parts, the the kernel and the user, and the user part, where the kernel is just the operating system and device drivers, the thing that control the lowest part of memory and any program you loads effectively the user part.

David Subar [00:13:27]:

And the reason that it's bifurcating to those two parts is the kernel protects the security of the operating system and the memory. And in this case, CrowdStrike is a cybersecurity protection company. And so they operate in the kernel, and so they can do things that are really damaging. And if they make a mistake, it brings down the whole operating system by design as a safety feature, because what they're doing is so important that it has to get signed by Microsoft. Their drivers that they build have to get signed by Microsoft in order to be releasable. And that the problem that creates is if there's a cybersecurity threat and you have to go through the signing process, which could take a long time, CrowdStrike may not react to it. So what they did is they did exactly what Eddie suggested. They had their, what they called their code signed by Microsoft and a bunch of data files that they would update without Microsoft ever looking at it in real time.

David Subar [00:14:33]:

And that data file was actually other code. So they hacked around what the safe process was. So Eddie's suggestion is more QA around what CrowdStrike considered their data files. Of course, that might create that problem of not being able to react to cybersecurity threats they're supposed to protect against as quickly as possible. So whose fault is this? Is this CrowdStrike's fault? Is this Microsoft's fault for allowing this to happen? Is this Delta Airlines is the airline that has the largest effect that licenses, that bought a license to CrowdStrike claiming that they shouldn't have to pay. I don't mean to get political about this. They shouldn't have to pay for people displaced on their air flights because this was out of their control. The FAA or the Department of Transportation said, no, this was in your control.

David Subar [00:15:35]:

Was this the consumers of CrowdStrike's fault? What should we do as Microsoft, as CrowdStrike? So call it the operating system developer, the app developer, the product developer that we represent or we work with an interna or the licensor who should have picked up on this, who should have made sure this didn't happen.

Mark Goldin [00:15:58]:

So to answer your question, I'd say, well first of all, at some level all of the above, Microsoft for allowing access to their kernel. Not all operating system providers do that. Mac doesn't, for example. So maybe there's a question there. I believe Microsoft were forced to allow access to their kernel on the other hand through some kind of consent decree, probably from the EU. But that's arguable. CrowdStrike clearly didn't do adequate testing because a bad update was leaked out. So did they not have enough time? Maybe, but clearly they didn't do enough testing.

Mark Goldin [00:16:30]:

But I think there's also a lot of responsibility on the part of those running the software at Delta Airlines. In your example, or software companies hosting Windows servers, a best practice is not to roll out critical updates directly into production. Don't you normally roll them out first into lower-tier servers, test them there, leave them running for a few days and then roll them out into production? If there was some reason why it couldn't be done in this case, I'm not aware of it. Maybe the time-sensitivity of it, maybe it was too onerous to do. But if these had been tested on lower tier servers first, that is non-production servers, it would have been caught in time and it wouldn't have grounded airplanes and had the devastating effect that it had.

David Subar [00:17:10]:

So you agree with Pete Buttigieg, the secretary of department of transportation, that at least Delta Airlines has responsibility?

Mark Goldin [00:17:21]:

I do at least shared responsibility. I have a medical friend, he's a radiologist. He's not had access to his equipment since. So as of this morning. So the impact of these can be a long lasting, expensive and potentially life threatening.

David Subar [00:17:37]:

Yeah. So what do we, so what do we do differently in the future? We being as an industry, as a proctor, let's be CrowdStriked first and then Microsoft. You kind of discussed about the rollout strategy. Mark, I'm going to go with Jeff. Do you have an opinion about what we should do differently as industry? What should we in internal be telling our clients about how to think about this? If you are dealing on the kernel level, let's start with that.

Jeff Yoak [00:18:08]:

Looking at the three areas of responsibility probably primarily encounter two. One is people who are building things like this where we can work to help craft better release processes and try to ensure that they're followed so that things don't hit as long in this nature. And second, a lot of our customers are more likely to be people who are very technical and software organizations that also utilize these kinds of services. And then we can talk about the kinds of things. And I think it was Mark was talking about, about releasing these non-production servers, what the upgrade path should be. I think the hardest one is what to do with less technical and smaller organizations that are still nonetheless vulnerable to it. A radiologist who doesn't have access to his equipment days later, machinery days later, was probably never in a position to release it to non-bike to staging versions of the servers and test it adequately. There's a real question of is it reasonable to hope that a radiologist will do that.

Jeff Yoak [00:19:18]:

So I'm not sure that far downstream what we can do, but trying to encourage better practices further up the technology chain. Let's see.

David Subar [00:19:31]:

So on that note, one of my relatives who was just in town with me till early this morning works at a hospital, not different from Mark's friend, and she's in the IT department. And they basically called All Hands, it's a large hospital. They called All Hands in to remediate this issue with CrowdStrike and go server by server to integrate things with Bitlocker. And it's very painful, but very similar what Mark is going to. So that might argue for more central authority for putting some of these things out there, which there's reason to not want that as well. I'm not going to go into those details right now. But Ross, from a product standpoint, we're CrowdStrike or we're Microsoft. Let's be CrowdStrike for a moment.

David Subar [00:20:26]:

And we're releasing product isn't incumbent on us to tell our licensees how to slow our releases when we are trying to get quick releases out because we're trying to be either agile and or there are zero day attacks we're trying to defend against.

Ross Webb [00:20:50]:

Yeah. When things are mission critical like this, I wouldn't say being agile is a good approach, necessarily, or taking the traditional agile approach. From my perspective as product leaders, we own this. I remember once having someone on a public app store publicly berate me and give me a one star review and at least came back. Painting wasn't intentional. But I own it. I own it. I'm the product leader.

Ross Webb [00:21:18]:

I'm the head of product here. It's my mistake and this is what I'm going to do to fix it and apologize, etcetera. And thank God that at least that one star got changed to five star. And that's a relatively trivial example. But I think what I haven't heard, and what I would like to hear is I'd like to have heard that product leader step up and go, yeah, we, we screwed up here and here's the things that we 100% are going to change. Maybe that's been done. I haven't read that. I've read a lot of finger pointing.

Ross Webb [00:21:47]:

And if CrowdStrike really owned it, even if, I don't know, the share price took a 30% dip, maybe that's not even as much as it would be. But yes, some people are getting fired, I get that. But that product leader needs to step up and at least eventually the CEO needs to stand up and go, we made a huge mistake. And maybe it's the insurance liabilities are so large that if CrowdStrike took that approach, it would possibly go out of business due to litigation. But if that wasn't the case, if we could just pretend that litigation, putting people, companies out of business wasn't a thing and a product leader should stand up and go, I dropped the ball. This is how I'm going to make sure that we do it. Because I think everything around the product is related to the products, not just, hey, this is how you install it. Click these buttons and everything's good or bad.

Ross Webb [00:22:43]:

It's also, hey, what about the documentation? What about the education? What about, as Mark said, do not do this, do not push, go to production unless you've tested it for x number of days. And have people been educated? Have they passed the testing for doing that? So there's so much that goes into a product than just as you know, David. But yeah, that's my view from a product leadership perspective, huge drop of the ball. And I haven't seen any communication that says to me that they actually own the product. Sorry, that they own the product.

David Subar [00:23:15]:

So the CEO has come out and said, hey, we screwed up in a press release, but no one else has. And they haven't detailed how it happened yet or their remediation but I definitely agree with you and I say this a lot is a product is not releasing software onto servers that is a component of the product. Exactly what you're saying Ross. It's whatever documentation you need. Getting the rest of the company ready to support the product, getting the customers ready software is just, it's a necessary but not sufficient component of the product. And so yes I completely agree with what you're saying. Before we move on, Eddie, do you have anything here.

Eddie Shek [00:24:01]:

A little bit side thought is stuff like this actually happens a lot. Every time Microsoft releases a big patch on update there's a non-trivial number of computers getting breaks or having issues because they're the number of possible configurations are infinite. Now this is a case that's really CrowdStrike scenario. This is actually very curious is because it basically all of the bridge affects all Windows configuration fallouts. So it's a developer pushing out content change and he didn't break his own washer or them. I don't know who it is, right. They didn't break their own computer.

Eddie Shek [00:24:57]:

Did they even have it running on their own computer before they push it out because it should break their own computer. So it, a lot of things fell through. It's not even a crack here. So that's kind of just very curious because of the extent of. It's not tied to any real specific configuration. Don't know how broadly it affects.

David Subar [00:25:25]:

Well here's, here's one thing that I know. Someone's getting fired. Maybe not the right person but if, but, but someone's definitely getting fired. Maybe some, several. Somebody's.

Mark Goldin [00:25:37]:

Maybe it'll be the head of secret service.

David Subar [00:25:39]:

Yeah. Well yes that happened as well. That happened as well this morning. So it's, yeah, this is a significant.

Eddie Shek [00:25:51]:

Issue that you know who it is. They are just choosing not to disclose it.

David Subar [00:25:57]:

Oh for sure. They know who it is. There's actually dumps and traces that show exactly the line of configuration that failed and it's all over the Internet. Like they know exactly what, what register was not properly loaded. So yeah. So clearly it'll be really interesting what CrowdStrike says publicly. And if they're public about the changes they make in their development and product organization about that we'll certainly follow up and learn whatever we can learn to bring it back here. It's unclear what at and going back to AT&T it's unclear what they will or won't publish about their security failure.

David Subar [00:26:40]:

This is not the first one they've had, it's good at the first anyone's had to. It's a target act a few years ago, but AT&T had one a few months ago that was not as significant. But this is two significant technology events in just a few weeks. So everyone should be watching trekking. So now I'm gonna, I'm gonna shift to Nvidia. Nvidia is, and this number I'm making up, because everyone says 80% for any number that's large volume. They're not sure, but approximately, Nvidia owns approximately 80% of the GPU business. They're far ahead of everybody in terms of technology integration, developer resources devoted to them.

David Subar [00:27:33]:

And the blockchain industry was very dependent on them. The AI industry is very dependent on them. Graphics games were very dependent on him. That's ensinated GPU, excuse me, far and ahead, the leader. And they own not just the chip infrastructure down the networking backbone in data centers, because they have so much volume they need, they own the integration between the GPU's and the memory chips and architectures on that that are unique. And I would argue most importantly, though, in CUDA, which is the API set, the programming language, if you will, that people use to address the GPU's. And they have this virtuous cycle. You want to develop something new for AI that requires a GPU, for instance, you're going to hire developers.

David Subar [00:28:38]:

They already know CUDA, you already have this whole infrastructure that exists in your data center. You're going to build something new. Your developers are going to say, well, I know CUDA, I want to use it. It's fast, it's the fastest chips out there. It's already integrated data center. They have this virtual cycle that makes people want to use more and more Nvidia. The problem is Nvidia's chips are really expensive, really, really expensive. Tens of thousands of dollars, hundreds of thousands of dollars, sometimes in different configurations.

David Subar [00:29:09]:

And the users of those chips can't afford them. They can't get enough of them because TSMC can't produce enough yet. There's just not enough produced. And so the buyers of the chips, Amazon, for instance, Microsoft, GCP, want to find a more cost-effective way. AMG and Intel want in on that, some of that cash flow, some of that revenue flow if you will. And then there's new startups that are trying to be specialized and eat into Nvidia's market share. Does it happen? Does Nvidia stay the leader? Or is it a natural monopoly? Or do one of these three other companies, chip manufacturers, cloud providers, who are making their own chips and therefore obfuscating the direct usage of chips for their APIs or these new startups? Did any of these three groups of companies eat into Nvidia's share, market share? And what does that mean for people that are using these chips? I'm going to go with Ross again.

David Subar [00:30:16]:

I'm going to start with Ross. What do you think.

Ross Webb [00:30:21]:

David I'm more worried about something different. I'm more worried about the electricity that all these chips take. And I'm worried that with the increase of AI and GPU, data centers are going to be increasing massively over the next few years. How are the electricity grids going to cope with that? That's my one major concern. The other concern I've got is I think that I remember back in the nineties, obviously, and I'm sure everybody on this call does, when the Pentium chips came out of Intel and everybody was concerned, will convince for the next 20 years nobody will ever be able to do anything with Intel. And then it goes back to what's the Clayton Christensen innovator innovators dilemma, where he used hard drives. But if we look at GPU's or CPU's, maybe there's smaller, maybe right now AI's it, but maybe there'll be sub-components of AI that will be like where the mobile chips. At the beginning, Intel wasn't that interested, so other manufacturers had an opportunity to move in there.

Ross Webb [00:31:27]:

I'm just using the innovator's dilemma by Christensen, just sit as an example. So from my perspective, I think the fact that there is so much margin in it from Nvidia when they are so far ahead means that hopefully with competition, they're going to be a huge. Well, there can be a huge amount, but there's going to be a lot of competition nipping at their heels when everybody also thought at some stage, all the chips for the MAC are always going to be like Intel chips, and all of a sudden Apple is like, no, we're going to change that. So I'm less concerned about having everything just only being bought into Nvidia going forward. I'm really concerned about the electricity grid and I'm hopeful that competition being what it is, and when people seeing the margins that Nvidia are getting, that there's going to be a huge amount of competition, which hopefully should drive those prices down as well.

David Subar [00:32:21]:

Well, I should say, by the way, for the record, I hold Nvidia stock and AMD stock as well as stock and all the cloud providers. So the audience should know that. I'm sure the SEC requires me to say something like that. I think that's interesting when you say the electricity problem is significantly severe. Nvidia claims to be the most energy-efficient by computer of any chip out there. I don't know if that's true or not. But even in the case that everything's the most efficient, if Nvidia is right, the energy requirements two or three X for a GPU-loaded data center than it is for a CPU-loaded data center. It is significant.

David Subar [00:33:04]:

And actually, on the stock market, a lot of energy providers have seen a drive up in their stock prices with the drive similar to the drive up in Binney, or at least not linearly, but, you know, a huge increase in their stock. I think that's non, I think. I think that's untrivial. I think the Clay Christensen reference, by the way, if anyone hasn't read Innovator's Dilemma or several other Clay Christensen's book, he was brilliant. He was a Harvard business professor at the Harvard Business School. I highly suggest you write, you read his books, and particularly The Innovator's Dilemma, which was his first famous one. I would agree with most of your argument. I'm going to disagree with parts of it.

David Subar [00:33:51]:

I'm going to emphasize parts. I think there'll be smaller LLMs, smaller models in general, and that some of the big chips that Nvidia is creating, I guess this is an agreement with what you were saying about Apple. Wallp is necessary for training, right. There's training and there's inference. Right. And the training chips need to be beefier than the inference chips. Apple is clearly trying to put training on the phones and in some of what I think they call their neural chips on phones. And so I think models will get smaller.

David Subar [00:34:30]:

That'll be interesting. That will eat away at some of the need for the highest margin chips for Nvidia. I think cloud providers, they're all creating their own chips. And to the extent that I use a different cloud service and their native AI services, I won't care what chips, I won't care what chips are in the backend that will solve it. I think the biggest threat to Nvidia is none of those. And I'm interested to hear what other people say. And I think this goes to your innovators dilemma. Issue, Ross, is Nvidia grew so big because there were no other kind of chips that could provide the tensor units, if you will, the linear algebra done at high speed in a parallel fashion.

David Subar [00:35:19]:

And that's good for a certain kind of problem. And I think my guess is the biggest killer of GPUs in particular for Nvidia is a different kind of problem set that solves problems that we did not know what they are yet, that don't need the tensor units, that don't need the big matrix manipulations, that instead use something else. And I'd be less concerned about the one for one competitors, AMD and Intel. If I was Nvidia, I'd be concerned about quantum computing or something like that.

Mark Goldin [00:35:53]:

Well, at least three of our topics this morning point to a diversification problem. Part of the reason why the AT&T breach was so massive and so impactful is the sheer size of AT&T. So many subscribers impacted. Same with Windows and CrowdStrike 8.5 million Windows devices. So many of the world's operating systems are running on Windows. It's nice on the one hand, but it's also devastating on the other. And here you've got Nvidia, which is moving towards monopoly status as well, and they earn it. They have a fantastic story.

Mark Goldin [00:36:24]:

They're founder-led, and they didn't get here by accident. But lack of diversity certainly causes a problem. And if you think about do you know where, does anybody know where Nvidia's chips are manufactured?

David Subar [00:36:35]:

All in Taiwan.

Mark Goldin [00:36:36]:

All in Taiwan. Okay, enough said. So anything, even some kind of a global catastrophe, a geopolitical problem could put an end to, or at least put a significant dent in Nvidia's monopoly.

David Subar [00:36:53]:

Yeah. The bad news about that is the geopolitics of TSMC having doing all their most advanced chips at one plant or a series of plants next to each other in Taiwan affects not only Nvidia, but all the advanced chips in the world.

Mark Goldin [00:37:11]:

Sure, but there are others. Yeah. And there's been incentives recently to bring some of that chip process who are manufacturing back into the United States, back home. Hopefully, we'll see some diversified solutions. I'm not saying these are overnight answers, but diversification and all of those things that we just discussed, I think is super important. Big shining side of that.

David Subar [00:37:29]:

Yeah. So you argue against the monocultural problem.

Mark Goldin [00:37:32]:

Yeah. Well said.

David Subar [00:37:34]:

Yeah. Well, that's all for today, everybody. Thanks for participating, and we'll be back with another one of these in a month.

Mark Goldin [00:37:45]:

Bye.

Ross Webb [00:37:45]:

Thank you.

Eddie Shek [00:37:46]:

Thanks, everybody.

David Subar [00:37:48]:

Thanks.

Ross Webb [00:37:50]:

See you then.