tv Tonight From Washington CSPAN December 29, 2011 8:00pm-11:00pm EST
>> in his book, "worm", the sophisticated computer worm infected more than 7 million computers. he talked about his book at the computer history museum in mountain view, california. this is an hour and 10 minute. [applause] >> we are going to do this in several parts. i'll do a very brief introduction and then we will talk into a brief reading and that we will have a q&a. in a nice earring cards will, and will try to make this as inclusive as possible. for a discussion tonight, mark
is a journalist who of course you all know is the author of "black hawk down." and you probably also know it was the basis for a 2001 movie directed by brickley sky. mark was a journalist cursed from 19,792,003. and for three seasons he covered football. is that right? >> that's correct. >> he wrote for the atlantic, "sports illustrated," "rolling stone." i have to mention that wikipedia knows that he was inspired to embark on a journalistic career by reading tom wolfe's book collector kuwait: the acid test. i was inspired as well, but not to become a journalist. [laughter] in addition to mark, we have one of the characters from his new book, tj coupon and who to my
mind is as close as you can get to a digital sherlock holmes. for investigations of backers that show crime unit. he gave his great sticker. maybe if the maxtor ones. he has many tiles to tell. i want to talk a little bit about the history, "worm," post most of you and came from a wonderful science fiction novel written by john broderick in 1975. the wonderful thing i can do about this book with respect to configure he sketched out an authoritarian regime, and the controlled their society. basically i'm on the present
number. the only way the regime could get rid of the war was to take down the net unless they lost control. that will bring up hunsicker i'm sure. you also probably know that the first real worm programs were experimented with in 1981 by two researchers that are. john schott and john haag. are either of them here tonight? yes, good. so i was looking at your paper in preparation for this than i thought how what is the difference between a worm and virus? to go back and forth as these terms originally both came from science fiction muscles in their terms of our. but in the original shock of the paper, a worm is designed -- a worm is defined as simply computation that lives on one or more machines. so we can go from there, and maybe get into distributed
computing. in addition to computing being here, i want to talk about the roots of computer crime. don parker is not here but any chances he? if we really want to know, i'm sure it's summer in the 1950s or 1960s. i was thinking about the roots of network crime. i can certainly willing to be contradict diderot corrected, as someone who's at the a.i. lab who has had a great deal of authority told me he believed that the first computer crime was a drug deal on the arpanet in the late 1960s between m.i.t. a.i. student in stanford sail students. [laughter]
>> i'm particularly delighted to be on a stage with people and know what they're talking about. i'm an old newspaper reporter as john mentioned and about 30 years ago, a fellow named jim not and who is the managing editor of the "philadelphia inquirer" overnite name to me science writer. and this was a terrific thing for me because i was working in a suburban bureau got to come down and work in the main office. particularly during the 1970s, the inquirer was one of the preeminent newspapers in america. so overnight i was one of the performers preeminent science writers in america. all of which was completely unmerited. it turned out the gem and a science writer for the newspaper was going through the resume of everyone on the staff and he
noticed that i subscribe to scientific american. [laughter] and that is how i became a science writer. the truth of the matter is i listening wish major in college and i had started prescribing to the american because they knew nothing about science. i thought, so much of the modern world depends on science and technology. i have to make an effort to understand these things. i hope the magazine has gotten better, but 20, 30 years ago, i couldn't read any of those articles. they always have a little italicized intro i could understand. as soon as the article started i was lost. so they had been building up in my closet for three or four years. little did i know that they would launch me to the height of american journalism. but i discovered that in calgary and science, was very useful.
i was writing stories for nonexperts i was ignorant enough to ask the truly ignorant question that needed to be asked. suppose a physicist at the university of pennsylvania, i would ask, what is an electronic back late? and it became -- it was so affect it for me that it became kind of a philosophy of journalism. so whether i am writing about pro football gory battle in small and for the iran hostage crisis or in this case, a piece of mall where, i began really at ground zero. and if he were to actually listen to some of the initial interviews that i did in preparation for this book, you would laugh because i have to stop the people and talking to literally every sentence to ask what they are talking about.
questions like, what is a router? what is a server? what is an isp aquatic i mean, it was all completely foreign to me. what gripped me about the story though, was over the months that i record and "worm," there is an international struggle going on in mr. short had a sophisticated authors of mall where. the conficker popped up in november 2008 in rapidly began assembling one of the largest at-bats in the world. and what was especially fascinating about this is that the adult group of volunteers who started working together to try to corral conficker, as they made moves to try and since this thing end, the creators of the worm would make countermoves.
over a period of four or five months. so i am going to review a little passage in i was excited that just by explaining. after several of these missing countermoves, rodney jossey, who is this wonderful, burly south african who immigrated to the united states years ago and who has become the head of security for new star, which is a big telecommunications and internet-based company, he became sort of a de facto head of the cabal as they call him, the conficker working group. as those who are battling it realized it posed a unique threat through the internet excels. radney went to washington to try and enlist in the support of federal government. and so, radney got invited to
give a presentation at the department of commerce because new star manages.u.s. top-level domain for the government. so he was a contract or any was invited in. he put together in a hotel room the night before about the conficker worm. this alarmed the folks in the room who much to radney shack up for the most part not even heard of conficker. he started getting invited over the next couple days to get the same presentation to various other places. so this passage i'm going to redo a slight two or three days after rodney has made his initial presentation of the department of commerce. the following day he was asked to brief the staff of the senate select committee on intelligence. because the committee's offices were off-limits to those without a high security clearance, the
staff arrange to meet with radney in the visitor's center of the capital building in the cafeteria. about a dozen staffers met him there in the middle of the afternoon. the cafeteria was quiet and mostly empty. they cordoned off a portion of the big room with portable dividers and sat around the long table. before radney got started, one of the staffers, a young woman interrupted him. just so you know she said, we probably know a whole lot more about conficker than you do. we received a classified briefing yesterday afternoon the woman said. so there's probably not much more you can tell us about it. that's really good news said rodney, his voice heavy with sarcasm. i now he knew without a doubt how clueless the establishment was. the women's arrogance annoyed him. he asserted colette inez knows. since you have matters completely in her control,
there's no reason to waste anymore time. as he stood with a chorus of nose, stay protest one of the staffers here but what you hear is that another. so radney sat back down. he took out copies of his powerpoint presentation, which had been printed on new star stationery. he handed them around the table. women who had addressed him slip through your copy and pronounced yeah, this is the same presentation beside the classified white house briefing yesterday. [laughter] the meeting dissolved into laughter when the staffers realized that u.s. had simply taken radney's briefing and presented it at the white house as their own work and classified it to boot. [laughter] radney later confirmed it with this site has contact to attended all three of the sessions. they just gave worst of the radney said. so much for wanted federal cyberdefense. thank you.
[applause] >> is actually a terrifying note to start on now that i think about it. >> is a net? >> and outcomes are certain analogies that appear in your boat and early on i think at a certain point you get to censor the internet as wild west. there's some sense of the territory stretching in cyberspace. and not by analogy to my mind sort of brings up the possibility through definition of vigilantes. i was wondering one, if the vigilante term work, is that correct? the question i'm asking about the view. in the follow-on question is, since the feds are doing very well, i've either vigilantes though asbestos and in cyberspace? >> while they certainly were in this case. and i think tj was one of them that can verify this, were a
little uncomfortable with the debit donation when someone lifted up and realized -- [inaudible] someone realized the definition implies an illicit or illegal activity. so they subsequently dubbed themselves the conficker working group. if you're the faction on the playground people start calling you skinny, there is no way you'll ever get rid of fat. so they continued to be amongst themselves the cabal. >> do you take issue with that notion? >> yes, i think vigilante is not the right term. microsoft has been called vigilante despite the fact we've gone to court and got the go authorization to do what we do. i think it was more of an awareness for most of us that there is a growing community professionals around the world over saying we can take this back and do something here because at some level the
internets operated by the good guys. the bad guys are really dwelling in our domain. it was an assertion of the rights we have to protect their own systems. so vigilante is one of those lightning rod turns are working on legal and corporate affairs, what do they call those vigilantes? >> it was true in the fact that it was an ad hoc assembly for the most part volunteers time is spent a lot of time and energy trying to mount an effort to protect the internet from this thread. and you know, there was no formal organization. >> how hard was it to break down and approach this when he started your boat? did you get cooperation easily? today depend on who? >> everyone was eager to help. they were appalled that my level of ignorance. but i have to say that they work sternly patient and most of the folks who i worked with went out of their way to help me understand to read drafts of the story as i was writing it and
correct my mistakes, joe may better better understand the story. i think they thought it was an important story. the >> i want to ask both of you early on -- i just sort of what is he saying about the state of security affairs in cyberspace as you go on your boat tour? so what was conficker an indication of in terms of having cyberspace be secure? are we entirely out of control? where are we? >> t.j. can answer better than us. i was really surprised to learn how vulnerable the internet itself was to a botnet of this size. the very nature of the yarn out what sort of grew out of the late 60s, early 70s utopians. a freely sharing data. and at the time, primarily by academic researchers and
scientists, feel to relate adequately consider how the very openness of the internet, which is such a boon to the world can also be a tremendous vulnerability and there'd be people who would take advantage of it. the fact that the federal government in the instance of conficker was clueless about what was happening and what to do about it was really shocking to me. my impression is president of him in 2009 when he gave a speech about cybersecurity, he specifically cited conficker as a case that demonstrated how ill prepared for the federal government was to protect even its own network. and i think things have improved. that's my impression. this is your formal notice made by the president in the last three or four years publicize and written about. so clearly the government is more aware today than they were just two or three years ago.
but there remains an enormous problem because it is a global issue. there is no such thing as a global police force. there is no such thing as international law governing something like this. so it opposes tremendous challenges. >> i think the openness of the internet is its greatest strength and greatest weakness. it's tough to manage your visibility and security in the same level. so really the fact that the internet is so often does make it vulnerable to these types of scenarios. it was invented in a different time and era. the conficker was an awakening and i will speak for microsoft respective. a new way of thinking how queen addressed these issues? thinking about how was it that all of these great technology companies are sitting in a sea of technology right now, how can we not be more aware of what is going on and going on and how can we play a bigger role as industry to try to tackle some of these problems?
honestly, when rick weston caught up with a couple of my colleagues on the front and said hey, what is microsoft doing? we were obviously like we have released a patch for that. last night so we sat there looking out at habit have you heard can essentially the folks that do the patching for technologies. we said, you know, we can do something more. we should be up to do something more. i was an awakening for microsoft and use antivirus programs explode into these different ways of thinking about cybercrime in the way people are using the internet in microsoft technologies. the >> before you go too far, could you give us an epidemiology for people who may not know the blow by blow of conficker. you did talk about it showing up -- i. guess who was john who talked about it, they just describe the beast here.
>> well, the worm itself popped up on an ipod. and it was on his monitor. what happens is when a new piece of mall where to send to a space, airline will pop up on his monitor and the result is read as defining what this is. one of which is a column, which indicates how well recognized this virus is the major antivirus industry. and this one was recognized by nine. that is the first thing that caught his attention. the next thing is that was replicating so rapidly that it 24 it 24 hours it was shedding every other piece of mall where i'll putatively readouts were conficker, conficker, conficker. i literally have nothing else to work on at that point. what they discovered when they began to dissect it was that it
was very, very sophisticated piece of mall where. it was highly encrypt it. one of the things they did was check to see if the computer was about to infect tatty ukrainian keyboard and a self-destruct if the computer did. but basically of course what a wormlike disguises penetrate to the core of your operating system and replicate itself, fanout in fact every other computer and your network and also began calling home to a remote controller. the remote controller, the way you would ordinarily kill a bot is chop his head. if you can intercept the communication, you can effectively kill the botnet. so to kill that, the worm had an algorithm to generate 250 new domains every day so that the bot master had to be behind only one of the $250 on a given day, whereas if you wanted to cut this thing off you would have to
shut down all 250 domains every single day. and so that was one example of the kind the nature of this thing. and rick weston who i think may even be here, t.j. mentioned in that moment ago, but all the demands and put him on his credit card, which gives you an essence of how ad hoc process for ways to try stop it. >> before we go further down the path of the worm's evolution, i just wanted to get back to the question of what kind of streets wearing. a question for t.j. i have a very old e-mail address and ever posting a filter in front of it. the >> what's that? last night's >> since most now where i take it is distributed by botnet from the farm -- well, the level of
spam is some rough correlation in the level of now where action. so i remember that a year ago a large botnet was taken down and spam fell off. i have to say is i say if i look historically at the numbers that spam messages by posting everyday, looks like it's 10% to 20% worse than it was before that happened. am i a good indicator of the state? >> it's a perspective situation. so the operation referred to as b. one of seven. so we kind of sat back and lots of some of the reports coming in. one of them was zero impact on spam. one is 5%, one was 10% and one was 30%. the kind of like what's the real number? we determined it was a perspective thing. we called her friends at hotmail
as i did redo anything good for you guys? is that we see a drop pass of 07%. while i was hoping for a bigger number. the problem is a lot of the webmail providers have systems in place that prevent sending of spam from non-known and pas. so really they've been blocking spam hitting already. so with a small impact with hotmail. some of their organizations, private companies saw a huge drop off because big spam runners would really be sending them on to hotmail because they knew were blocking. i'm sure it gmail does the same thing. so we talked to her hotmail folks and they said they fired the manage the spam issue. the thing we saw were watching our honeypot attempt to send spam out, it was to a whole bunch of different domains. so we definitely saw hotmail spammers, but it would never make it into an impact because
of the filtering. i don't know what the real numbers. when we start to look at these things and go back to your original question, i look at how many millions of my customers are being impacted by this nowhere. because of its running restock its running something else based on our testing. gives us cause to sit in a courtroom and say they are harming us. i look at how many of my customers are being impacted. so when we start to look at restocking particular, announcements show that we judge a piece of infrastructure we attack. we are able to fingerprint back him as we knew how many machine -- how many machines are dealing with. one of the criteria we were lucky not, how many of my customers are being negatively impacted by this piece of now where. so i think the state is not great on the internet, but i think the past couple years i've really seen a surge in internet
service providers and technology companies taking more of an interest, knowing private companies can do more to protect folks. so i think the dark days are behind us. [laughter] i need some type of wood. i think we are getting -- as we start to understand there's more things we can do, we are kind of coming out of that. at our last conference we had about two weeks ago, we been doing conferences for 10 years now. by the heels of the internet botnet task force. we see people ask how can we do more operational? how can my company take down someone else? i would love to see spam go away as a distribution mechanism. from a dead -- there's a certain perspective that shows that might be the case, there might not be any change. we're still in the embassies that we don't know. >> so this book is a whodunit,
except i still feel that we don't know who done it. and i decided to check in with you guys and see where we are. there's been a couple things that happen. sort of take me through what the law enforcement aspect of the worm is and you guys feel you have conclusive sense of who the authors were or are? >> my suspicion and i can't say with any certainty if the authorities do know who was behind it. and i suspect the difficulty in apprehending has more to do with dealing with a foreign government, dealing with foreign laws and police agencies than it does with finding them. but we do know about the authors without having caught them yet is that they are tremendously sophisticated programmers. the reason i use the plural is it's almost certainly not one
person because the worm conficker was such a high level of so many different areas that it's impossible to imagine that would have level of ability in so many different areas and so may different kind. so the likely culprit is the group, well-funded, probably by an organized crime syndicate who set out to create a very large commissioners stable botnet which is for all manner of mischief, a moneymaking platform. >> if you look at the indications of how conficker was being leveraged, strong ties to antivirus, the keyboard check is really interesting because nobody wants to be arrested by local authorities for
compromising machines in their country. we are looking toward what that looks like. but it's one of those really interesting. >> i assure you. we referred the case early on they been working for some time. i know they are working hard on it, but at another picture a picture of the guy. >> may be a major in history. [inaudible conversations]
>> so it went through the stages, were there five versions? >> i think there were, there was some quarrel over whether some strange represent an entirely new one are not. three strains, and a bnc, c been the most sophisticated. i mentioned earlier that worm was earning 250 domains everyday randomly every day randomly and when rick westman and cabal got their arms around corralling all 250, the c. variant generated 50,000 domains every day so it's almost like well, you know you are willing to spend this amount
of money and time and effort to stop us. are you willing to you do you know make annette exponential leap? >> and they went one more step beyond that. they went to peer-to-peer good indications. >> that's right and in fact the cabal actually managed to recruit the cooperation of every top-level country domain in the world, all 110 of them and got their arms around 50,000 a day only to have the worm introduce peer-to-peer communication so they didn't even need a. >> do you think the authors were doing this on-the-fly as they were seeing with the cabal was doing as they were responding? >> without a doubt and they would put little clues and that they were monitoring you know the traffic on the listserv that the cabal maintained. they were tapping into sri's and systems just to check on you know so forth. >> without giving away their identity?
>> no, one of the interesting things that they did was the communication from the worm to the webmaster was encrypted which was the highest level public encryption method in the world. and right now, there is actually a competition going on to develop shah three which when it's complete we will introduce the new highest level of public encryption. well can't figure a had shot to as its encryption and conficker b used a proposal for shah three which came from ron ripp at m.i.t. who had been the author of the previous two. and then he had a minor flaw in his proposal so he withdrew it and corrected it and conficker c had the most correct proposal from ron so my personal theory is, and that might be ron.
[laughter] me when they went to that peer-to-peer mechanism, the cabal or anybody else was never able to see that peer-to-peer communication but were you able to see the traffic that went between them? >> you can still see the peer-to-peer network so one of the big kind of issues that we face is that we don't want to make smarter criminals, right? when we start doing our actions we want to make sure we are doing what we are supposed to be doing and putting the enemy at a disadvantage. the fact that they went to the peer-to-peer mechanism didn't make it invisible. we could still kind of track to a limited degree if we had enough centers out there in the peer-to-peer network we could likely map a purse -- significant portion of it and they are working diligently to do that. what they were able to do was they were actually able to sneak a domain and that we had missed because we were still trying to figure out how do we, how do we stop 50,500 domains per day so they snuck a domain and.
they only updated part of the bot to, the peer-to-peer mechanism. the peer-to-peer mechanism is traditionally noisy. it's not as reliable as a straight command and control and it's more resilient to attack it as you saw in the operation and 79 nine and the waldeck p49 there'll boma beared -- older abilities so we were able to oftentimes analyze the malware not to be able to impact that. >> how many affected machines are there out in the world? i hear 10 million. is that too big a number? >> they were using the q value that was seen in the update which is the code. what we think is i think the latest number, there are 4.5 million conficker ap notes and around 250,000 conficker seed -- conficker c notes.
so that is -- >> let me go back to your question earlier about the ukraine. the most watchable explanation for a botnet like this is as i said as the platform for criminal activity but if it is a sophisticated thing, something like a botnet size is a powerful tool in if he wanted to launch a cyberattack it's could certainly capable of overwhelming the root servers of the internet itself. now if a nation-state was behind it, you wouldn't necessarily use that weapon right away. you would wait until you wanted to use it, so there have been folks who have read the book and they're kind of disappointed that there were a world sometimes as an offer a a cleaned dramatic ending to a story so it is true that the office of the conficker botnet has not tried to destroy the internet with it but i don't know about you the idea that some guy could wake up on the wrong side of the bed and wipeout telecommunications in
north america i find a little disturbing. [laughter] >> there have been some arrests in the ukraine but your bet is that they haven't gotten can figure author's? >> correct. >> so you know there's a spectrum of possibilities of motives. the most obvious is malware distribution are selling off. there is a cyber war tool but i discovered in your book that i thought was fascinating and he had an explanation but i thought there might be another explanation, that in one of the generations of the worm the nodes reported how connected they were. the method, the authors were thinking about the structure and there were some guys at m.i.t. who were wondering whether conficker wasn't some gigantic internet that somebody was trying to build basically a surveillance tool rather than a
staff tool. did either of the run you run into that possibility? somebody instrumented the net? >> there was a robust discussion within the conficker working group but the actual cause or the use of the botnet everything ranging from state-sponsored piece of malware that got out of some secret lab somewhere to the prevailing theory right now that is being used to monetize scare where. certainly it's just too chatty. so if you look at some of the modern advancements of the threat malware out there right now they are not generating 250 domains a day being that chatty on the network. >> how long have you been in this business? when did you start? with forensics? >> i went to florida state university and the better part of the '90s.
my uncle used to be the coach of some and also it is really great to see that. every since i was grad school, my undergrad is in criminology. at the masters in information science and i was more interested in information security but he put yourself through college and you do many things right? so really looking at network administration is how i put myself through undergrad and i had an acumen for it so i began to really start looking at those things then in the early to mid 90s academic institutions, really the wild wild west was a good description of what those networks were like. typically fragmented administration. public university, we couldn't lock anything at the edge. i hear that is still the case so we would see some amazing traffic patterns and it was really kind of an open honeypot, the entire network was the really understanding how machines were getting compromised is what started to
really piqued my interest. >> did you have troubles keeping your spirits up? this is kind of like rolling a big wall of a hill. >> i love it. i love it every day. when i -- i might hold on. know, and we were discussing this earlier on, i don't think i could wake up everyday and do the same thing and that is what's this type of thing allows us to do. >> icon the true not with just t.j. but all those involved. a lot of people asked me if they weren't getting paid to do this, t.j. has a job. some of these folks were actually doing it out of the goodness of their hearts. why were they doing it and i think maybe the right answer is it's fun, it's fascinating. people think they are smarter than we are. sometimes they are, sometimes they are not. >> no, never. [laughter] >> you have seen all the cowboy movies right? >> how many members of the cabal
are here? brick is here. is paul dixie here? anybody else? are we a dying breed? >> so what is your take on this whitehead culture? what did you come away from meeting this group of people who are engaged in this? >> well you know i think you could you know make an argument that conficker is not, it's tremendously interesting and sophisticated. it might not be the most dangerous worm ever. the botnet might not be the largest worm ever but for my purposes it's a wonderful case study and it gave me an opportunity to sort of walk around in a subculture, in this case the culture of computer security geeks, the uber geeks i call them. and you know, i think for me, that is the fun of reporting and writing is learning about
aspects of the world and modern life that i otherwise would never encounter and so for me, i think this is a unique subculture because the internet is a relatively new phenomenon. it has grown so rapidly that you find that the folks who are at the vanguard in the field, there are very few of them. it isn't like you can go to -- nowadays you probably could but when phil went to stanford back and i guess the 1980s -- i'm probably making him older than he is, probably the 19 '90s he had to shop around for a teacher who could teach them something because he had grown up playing with computer network systems and it was such and anything that he developed a high level of proficiency on his own and it was really difficult to find someone who could tell him or teach them anything. i think that level of skill has
continued and it has developed in different individuals for different reasons but that is how i see them. >> interesting to kind of look at that too if you talk to andre back in jersey, andre ludwig, some of those guys. >> yeah andre i think he went to community college. he was running a security, he was an i.t. security guy for a small company in new jersey and he discovered somebody over the weekend have broken into his network and used it to stash a lot of pirated music and movies. he was able to clean it out and secure his network and his boss said okay and that problem. audrey thought while back, and he went back to check the system in the south of people were rattling his doorknob all the time to do this kind of thing. the idea that someone in eastern europe was trying to deposit a lot of illicit material in his little office park in new jersey intrigued him so much that he set himself on a course where he
has become one of the leading authorities on bot nets in the world. >> did you spend a lot of time with the shadow server group? talk a little bit about what is a shadow server group? >> primarily i spent time with andre but spend time with richard who was one of the originate or spur to essentially again the essence of it is a volunteer organization. they began monitoring botnets, dissecting them out where and killing. they consider themselves to be botnet killers and they would inform networks, just out of the blue they would call a network, security guys and they would say oh we are calling from bergen county, new jersey to let you know that your network has been hijacked by someone and the team would be dismissed as someone cranking on them or someone showing up.
but in time, people realized that they were right and they were offering this information for free. cell andre's philosophy is, kind of like if you see someone -- do you charge them to inform them that their houses on fire? he thinks not so he knocks on the door and he says hey your house is on fire so he does this out of the goodness of his heart. >> andre and i and richard talk a lot about that and it's almost like saying hey what is the right thing to do? shadow server strongly aligns with what the d.c. was trying to do. at the end of the day we do these takedowns. the goal is to reach out to that end customer and try to clean them up and let them know hey there are some things you need to be doing in order to be a good internet server. >> technically you talk about takedowns but is your group engaged in sort of widescale disinfection? do you mention things that suggest you have written code that goes out and takes
infections office machines? is that routinely done? >> i will be clear -- >> on what scale have you done that? >> the malicious software comes as part of the update software each month so that is one of the tools we use as part of the automatic update process. >> that only gives the machines that have -- check so then we also develop tools called the enhanced msr t.. we also have a disc golf system sweeper that moves through a windows pe image that has the full signature said. we engage around the world and all of our operations to get the information from our sinkhole so they can go out and carry that message into their countries sold waldeck was the first time we had the remediation piece in place and it's slow going. it was rough and ugly. who didn't want the data? who wanted the data? were they able to actually use the data so we learned a lot of lessons and then and it took us
about a year to get 90% clear on wallet that. would it be -- we actually had a 50% reduction in the first 45 days or something like that so we are getting better. is that a long-term solution? no. we need to figure out what is a longer-term solution we can have more impact but we have kind of come up against the, we are the good guys we can't push code to that machine like the bad guys. what other mechanisms are available so we have a robust stage. >> one of the things that mark did that was so good and compelling to me is your patching process and when that patch went out sort of you being prepared, realizing there was an instruction manual that he would give in to the blackouts out there. you alerted them to a vulnerability. to me, how do you get around that, just the structural problem you are facing? >> their resource center way on that heavily so understanding if
there is a bolder ability in any of our components that is being actively exploited huiwei that. wayne allison ellison as we issued a patch of whole bunch of people are going to say okay what did they change? here is the dol and they change this bit. they can quickly start to look at what vulnerability was patched. so that is something that does go into the equation so at the international task force meeting in virginia in 2008 when we announced the patch ms 08067, is to remember the number. we said let's are looking at then we have advantage of having security researchers from 45 countries and around so we actually got rid of the last section. we spent an hour and a half with everybody. with folks from msr see in the room with us. we have samples of malware and some of the exploit code and we started shifting it around but we knew it was definitely a war
mobile phone their ability and we needed to get the patch out there and there were people of in the room patching machines over the wifi at the coordination center. we should have probably planned ahead for that but yeah it was one of those things. if you are going to pick something people that are curious are going to look at what did they update. >> with six legs -- six days later the conficker appeared? >> it was a short amount of time. the first thing that they do as is they take a snapshot of the os running in their car. they take it to the dealership and they get the update and bring it back. so it's curiosity. these guys use that curiosity from nefarious activities. >> you paint a really good picture, compelling picture of the whitehead culture. did you look at the black cat culture? did you spend anytime on the other side of the fence? >> no, honestly i did look at --
there are web sites where some of these purveyors are openly celebrating their success. i watch on line a company party that one of these groups was having where they were raffling off cars to people and there was a rock band and everything else. this was in russia. >> was very funny. >> yeah it was funny but it shows the level of involvement and openness with which people are engaged with this in certain parts of the world. the scope of this book i deliberately chose to narrow it to the struggle against conficker since i didn't know -- i was hopeful to be honest before i finish writing this book, if they had it would have, i would have tried to go to wherever it is they are from, in the ukraine and tried to add that piece to the story but unfortunately that didn't happen in time. >> we of $250,000 at right now. anyone leading to the successful
arrest and conviction, anyone knows about that i think mark would definitely want to know about that. >> so we issued a thing for her words at this point. the first one not so much, the second one yes. we have gotten some good tips on the conficker case and most recently reissued their reward for the restart case though we can't talk too many details on that. is ongoing but it has been referred to the fbi. $250,000. i would love to have $250,000. >> they are making millions, here is an extra $250,000. if you have a favorite success -- do you have a favorite success? >> either a really use success. i have favorite things that have happened. not necessarily all successful. i think i have learned more from failing then success is so i think early on when we started to kind of contemplate the microsoft active response
strategy looking at -- with the guys from fire i've. kind of realizing what the challenges. i'm sitting there going i have a budget. i can adjust by all of this on my corporate apex of my manager is going you want to charge $35,000 worth of domains? that is not going to work. just figuring out there are things that we can do. obviously buying the domain is is not a long-term solution but if it had a stopgap to would have worked. so i think frisbee is one of those things that motivated me and a lot of the guys i worked with anna to say okay we are not look going to let that happen again. >> a couple of questions for mark. could you contrast reporting this world to reporting in the blackhawk down world? >> not that different to be honest. i made a joke about it, and it's true, how i had to literally stop folks every sentence to ask you know what it is they were talking about and that was also
true when i started working on blackhawk down. soldier spoke in a jargon, referred to weapon systems. they speak their own language and in the beginning, i was really stopping people all the time saying well i remember once you are often mistaken as an expert for the field that, the field you have just written about and i was talking about blackhawk down at the army war college in carlisle and a colonel in the back of the room raised his hand and he said i thought a bradley armored vehicle should have been part of the force protection package in mogadishu and i said well i think you are entitled to have an opinion about a bradley armored vehicle you would need to know what one was. [laughter] reporting is reporting. back when i used to cover football the sportswriters would say how can you go from covering science and covering politics or covering transportation to writing about sports? and i would tell them it's a transportable skill.
the whole idea is that you go into a world you don't understand. you find the people who can educate you. u.s. questions until you arrive at your own level of understanding and you write the story. that is in a nutshell what i do and why i like doing it. >> so, one last question. i think when you deeply engage in conficker with stuxnet on the scene, as a writer you were telling one story and there are other stories. the great thing about conficker is it was one stored and you had a cast. did you feel conflicted because there was another big -- >> not much to be honest. i have a kind of disinclination to try to be ready -- writing the same story that everybody else is writing and i had no doubt that stuxnet would have tracked a lot of the information maybe you are writing one, john. i have no desire to compete with those folks. i've rather find the story that
no one else is telling and to me, i mean when i wrote a book about the philadelphia eagles 1992 season and i remember the sportswriters sportswriters think to me why are you writing about the season when they didn't win the super bowl? it didn't make any difference to me that they didn't win the super bowl. it was an opportunity for me to write about that world and those people so to me that is what the story is and the fact that there might be a sexier story that comes down the line is almost guaranteed but it doesn't really influence me. >> let me get the audience involved by way of cards. there are some interesting questions. this is to part. one is a question one is a comment for mark. the question is, what is the conficker environment? it is a question for either of you guys. [inaudible] [laughter] let me ask this question. there is an operating system that is a lot like a unix.
why do you think you have such a larger problem in the mcintosh world aside from the fact that they have 10% or 7% market share? is there anything else that is different? >> i think we can hang them on a number of things. market share being kind of one that has been beaten to death. also the fact that there is not that much money in it so if you think about what the problem is, it's a cybercrime problem. they don't do this for giggles. like we probably did back in college right? i can make people's computers do funny things. they are about money so what is the biggest debt that they can cast? they can cast a really big net on windows. i think the apple guys are starting to see a little bit more of it. i think that it is going to be their turn to pad their windows service pack two moment but it's one of those things that has not hit yet. >> i remember this wonderful paper some years ago basically making your argument to the
question of scale. you make that argument and you can estimate what percentage is market share they would have to reach to be at that point and it was 19.7% market share. >> yeah but it's also -- criminals are smart. they are lazy and that is why they are terminals but they are smart too. they and apple computer cost this much more than the normal pc. does that have something to say about the socioeconomic status of the people that are doing it? banking trojans for os and ready different type of spam trojan for windows machines. we are going to start seeing more of that happening. but at the end of the day it is cybercrime so i feel like i don't care, if i need a car and i mccarthy phi don't care what kind of car you drive. i need a car. i'm going to steal a car so really bringing it back, they're obviously security ramifications. window seven being more secure than vista being more secure
than windows xp. microsoft is learning that as we go but there's also that other elements of cybercrime. criminals are going to go where the money is. >> just a comment to mark. some of us who have been involved in arpanet since the 80's have been scared by quote conficker incenses and how to attack them without killing the network. another question. do you think the worm creation might have been funded by a terrorist group like al qaeda? >> no. and i think because we have never seen that level of syndication -- sophistication from terrorist organizations and also the way it has been used. there is nothing to stop the oddness of the conficker botnet from launching a massive cyberattack on april 1, 2009 other than i think they probably don't want to take down the internet. they probably want to use the internet to make money so if it was a terrorist organization we
would publicly know by now. >> if it was a terrorist organization it would probably be a little bit quieter. it comes back to how noisy the threat is. >> to t.j., what is microsoft doing to prevent worm/virus in the first place? like unix? [laughter] >> we have a number of programs. trying to get folks to code in a manner that makes it more difficult to attack. window seven you know having things like address base layout, things like that. we have the trustworthy computing contention an arm and arm of individuals from across the company that word to triaged vulnerabilities and have timely patches. we have a division of our company called the microsoft malware protection center so we offer free antivirus. at the end of the day what we
have seen is a shift from attacks against windows to a shift in attacks against third party attitudes and social engineering so at the end of the day i think we are made huge strides on the security front as far as os vulnerabilities. now we are working really hard with partners to find out ways to which we can it hear some of those applications. one of the tools on all of our systems and our fusion center is the enhancement negation experience toolkit and what it allows us to do is to pre-download. it allows you to put some of the controls around specific applications within the windows environment so you can actually have application layer aleph far, application layer death on the machine so that again, we are learning by forging the fire so for the past 10 years we have really been under the scrutiny of the security community and i think we have stepped up to that challenge. at the end of the day, if they want to install the dancing pics screen saver that she just has
to happen that has been trojan iced we try to make it so that folks have an informed decision on what they are installing in windows and if something does get out of control we take our -- and bring that to bear in the problem and i try to protect their customers in a new and quite frankly unique way for all industries. >> if you go all the way back to -- what is it about it better that are so hard to find? >> there are lots of offers. [laughter] >> you have got a lot of stuff. >> we put a lot of our code through this ft also really that is one of the attempts to try to attack that. then there is death and the slr so making it more difficult for the attacker to be able to hop to different parts of the os but they are sharp so we will close all that stuff and they will come up with something else.
>> is a classic arms race. every time in history you have someone who comes up with a way of defending the capital. the attackers find a way to breach the defenses and this is happening in an intellectual realm. >> a question here. you gave us the number of infections. does this estimate includes pirated software and is not what would you estimate the actual worldwide conficker infections to be? >> so the infection number estimates are based on sinkhole data so we don't distinguish between pirated copy or legitimate copy so that is a true number and it's -- and all of its ways. so we took kind of the academic argument out of it and we said how many unique ip addresses to receive per day? there is the hcp address renault and all kinds of stuff that will muddy those numbers but the kind of taken to affect people behind corporate in the hcp we think there's a 20% reduction in the
number so i think 4.5 million is the most accurate number that we can come to knowing all the flaws so that is the best number we have. to speak to one of the other subquestions that was going to be hasan i will take the time to answer it, microsoft does issue patches for pirated versions of windows. if it's a critical patch we issue that had it have to be the right patch level in order to receive that patch. we absolutely do issue it. it's a critical nature for the os and you're running a pirated version of windows in you connect to the windows up a site you will be able to install that automatically. >> how hard would it be for a nation-state to create persistent botnet biggert and more stable than conficker? >> not hard at all i wouldn't think. it depends on the nation-state. >> it does? [laughter] >> i mean if you are aware of a
vulnerability, and you can exploit it, you know, something like that can spread very very rapidly. >> i think it's simpler than that. i think some of the new technology we are seeing now, new attack like the ad exchange at exchange for example, browsing espn.com and getting hit with mal advertising through third-party window box are some of the things that we are looking at his to do mass compromising get people -- >> the trend appears to be away from that though does that? for long time it was botnet but now the trend seems to me more these advanced persistent threats where you have to very carefully sculpted exploit for a specific reason. >> and that is what you see is the purpose. if i want to make a lot of money and compromise a lot of machines knowing i have a six-day window for the antivirus to update ago if i want to be on the machine
for a long time tonight to for the more advanced persistent threat so what you are seeing is a fourth approach. you are saying advanced malware going into the space in a new innovative technique to get onto the box so you are absolutely right. >> a couple of years ago the fbi stated something like 100 countries had offense of cyberwhere programs. you are out there and i were a world. does that seem like a plausible number two you? >> yes. [laughter] i don't know where they came up with the number. i would think that there is probably, most -- in the modern world we increasingly lean on the internet for so much that anyone who is thinking about going to war for the military would incorporate cyberwarfare into their package. we saw it win russian dated georgia. we sought in the invasion of estonia. we sought with stuxnet.
certainly any country with a major military or defense department is developing capability not only to defend themselves but to attack their enemies. >> are we going to or have we are to introduce stage like the period of nuclear testing where you no countries that are developing nuclear weapons are testing the atmosphere? i mean, stuxnet certainly was not a test but do you think we have seen tests? >> you are seat and certainly seeing it in espionage. there are mounting numbers of instances where a lot of it turned back to china, whether correctly or not, where supposedly it's secure, american networks are being scanned for data and uploaded data is being uploaded from spyware keystroke
logging and you know, this kind of stuff has just become fairly commonplace. >> with the ever going residency of global platforms on the agenda are there any botnet's targeting mobile devices? >> so we definitely see an increase in the amount of malware kind of impact in the mobile platform and bizarre devices get smarter and more, always on always connected to the internet, that is a logical place. most of what we have seen have been exploits in the handheld hardware itself for the barker place. i can't speak to other companies. in the valley they might be experiencing different things but you're going to see it. you're going to see it on the tablets that are out. people are walk in around with a mobile device and the bad guys are going to go where the money is. >> in terms as your new mobile platforms and the various windows-based mobile platforms
are the interface is common in a new way that they will become vulnerabilities? so you have a windows phone there. how much does it look to an attacker like a windows pc? >> so it doesn't look like you. is the fourth part of our code so basically it's partially based on the windows mobile operating system but it's almost a complete rewrite so as we go from windows phone seven to windows phone eight it is going to be a little bit different. >> and in terms, if microsoft says in your application to a run on your mobile platform how similar what your strategy be to apples in terms of curating to keep the universe close? we be closer to android or closer to apple? >> i don't know how to answer that question by the windows aid will have an app store so we see a lot of the benefits of having some of that in a cloud so a few think about how microsoft is positioning our technology it is that three screens division
where my experience should be the same on any device that i log into. i should be able to get those applications that i want on demand so the way we are looking at it is how do we vet those applications into the martyr place before they make it down to the device. >> this will take a little bit of explanation. the project with untraceable routing, sensible idea for -- . i didn't read it carefully but there was a paper that suggested a new set of vulnerabilities. do you think, i mean, how much can you trust your anonymity? >> it think it comes back to the same question, software is written by humans and humans are infallible. maybe it was written by someone in this room and we don't know about. if you are him some business cards and i'd like to hook you
up with the job. is one of those things if you poke and prod enough at any piece of software you're going to find new and interesting ways and what is interesting and you alluded to it earlier in the conversation most of the vulnerabilities were looking at our overruns, memory type modifications. well what is next? that is what i'm thinking about. we are trying to figure this out but what is my kid going to use to compromise for a refrigerator and let the beer out? when we lived in the year of the flying cars, so yeah if you are going to use internet resources you have to understand what software you are using. i think those people don't get that. i get that from my sister-in-law. she finds something on amazon and if you get compromised, she points at me. [laughter] i had nothing to do with this transaction but you know that is the impression. everybody in the room feels a
certain part of that. it's our fault. to figure out a way that we can manage that as well it's kind of difficult and sometimes a heated debate in my house. [laughter] >> our efforts to being made to block communications between the botnet and its creators and if so how long will it convey this effort? >> right now we are in year 2.5 or three. i think rick is in the room. we just had the latest 2012 lift come out so we are working with with the high level tld to block those. on the countryside, it's a little bit more difficult. some of those folks have falling off, wanting to block it for much longer so i know the big tld's are still participating and they represent the bulk of the infection. really the a a and b infection is a smaller group so they have been amazingly open to
continuing the effort as long as we produce a list. they have a process that is kind of automated. >> and does it present a signature? could they use that? what are the intricacies of actually taking it off of a machine that is running an old version of windows and may not have any protection at all? is that a workable strategy? >> absolutely. >> so shadow does a great job of producing -- and microsoft has developed tools as had a number of antivirus companies to make it pretty easy to get off the machine. again if everybody in the world but check their box and automatic updates they would be clean but working through some of the mechanisms. the people that are infected are basically people that don't have the minimum protection and are not running updated antivirus. this code has been detectable for the better part of three years. the vulnerabilities in the patchwork are a better part of
three years of these folks are kind of in limbo not doing what they need to be doing. >> i think we are getting ducaine. [laughter] >> we ardennes. >> okay, right. that's great. please join me in thanking the panel tonight. [applause] next our special thursday night edition of booktv continues with books about the computer industry.
allen cofounded microsoft with bill gates in 1975. he sat down for an interview with "huffington post" contributing editor, jose antonio vargas where he discusses memoirs titled "idea man." this is an hour. >> hi. how's it going? good. i should just begin by saying that sometimes you just can't really trust the media. [laughter] >> i have no idea what you mean. >> i'm saying this to somebody who comes from the media. we tend to oversimplify, sensationalize. i think we care more about, we care more about kind of the tension and conflict and less about kind of the depth and context. what i'm saying is judging by the excerpts on 60 minutes, the segment on 60 minutes, some reviews, some blogs he would think that you know your book is
like something out of like "the social network" of the 1980s or something. is like a bill gates versus paul allen's slam fests. i think somebody said that you were the bitter billionaire. so i'm reading the stuff and i finally actually read the book and i'm like, wait a second. did they read the exact same book that i just read? exactly. i think the point that i'm trying to get at is this idea that i think in the book you write critically about yourself and about what you have done in kind of the failures that you have had. just as critically as you have written about future microsoft or the relationship with bill gates and i think that is really interesting. actually that is where i want to kind of start off. you have been ubiquitous. you are on this book tour and i'm curious what a surprise to the most about how people have reacted to the book? what has been the biggest
surprise? >> well i think, there've been a number of things. i think in my life i've been fortunate to be involved with so many different things. obviously involved with microsoft and will always be the signature achievement. although i have high apps and we will talk about that later. but, i've been involved in so many different things that you know, if anybody tries to pigeonhole me into one area i think they would struggle, they would struggle to do that. >> and you have said this in the book and you also said it in the interview that writing this book was one of the hardest things you have ever done. why do you say that? >> well, i've been thinking about doing a book for years and then i got very very ill and during that period, now is the time to do the book because i wasn't sure i was going to be around to see the book
published. i would get up every day feeling very fatigued from chemotherapy and i worked on the book. and then after the first drafts were finished, then my, my old heritage as a programmer came back as before and i would meticulously go through and edit and change and rephrase, especially the technical details. you try to make them digestible for the lay public, but yet give them a sense, give everybody a sense of what it was like and i hope i did that. but i went through every word in the book eight times and i don't need to read it again. [laughter] >> i mean come in terms of, was it hard to? a lot of people i think have made the mistake in saying that you have been a recluse. there's a difference between the two words. has it been hard being so public
about some of the stuff and some of the stuff you write in the book and of course i'm talking about bill gates. i'm waiting for the hollywood version of how this is all going to play out. is it tough to do that so publicly? how does that feel? >> when you write an autobiography like this and i think you are faced with a choice, are you going to tell it as you experienced it and tell the highs and lows in the important parts of your life and i just chose to do that in a very unvarnished, personal way because i think that was really what it deserved and people deserved to hear. i feel like you know i made some, i had some signature successes and some things that didn't work out as well but hey technology and other things that happened. you are not going to bat 1000 anything in technology, but.
[inaudible] >> is like a big yacht, you know. >> no, no recluses is somebody that just days in their house and i have got tons of friends and you know i'm not shaking people's hands before sports events and i travel the world. i don't know. i joked last week someone sent out a tweet saying bitter reclusive billionaire heads to las vegas to reenact -- [laughter] but i don't even like las vegas. >> you didn't tweet that? you had to tweak that. that's too funny not to tweet. >> maybe next week. >> okay. i follow you now so i will hold you up on that. but would you make of the people, some of them like former microsoft employees, from the
expert -- excerpt? >> which one. >> were not going to name them but some of them who were surprised at the excerpt from "vanity fair" saying why is he speaking out now and why is he acting like you know, i mean, what is the point? what is the point of airing out dirty laundry like that? >> there came a time in my life when i decided you are a founder of the company and the way that it happened at that time was -- so i filled felt it was important to tell that is the signature moment in my life and give people an idea of that trajectory which went from you know a hugely if and innovative and fun partnership to the lows there at the end, and so i went on do you know, to do many other things since then, but that was, that was definitely an important
chapter of my life. >> it definitely is, definitely reads like anybody who has read the book, it reads like a book in which somebody had nothing to lose. you just kind of wrote it all out and i think in many ways that is a testament to what you have done. >> yeah and again i wrote a lot of it in those moments where i was thinking i've got to get this down and i have to tell it like it was. and hopefully people will get something out of it when they read it. >> did you get anybody, did you give steve ballmer at the current ceo of microsoft did you get kind of a hey this is coming, just so you know? >> oh yeah. >> and what did they say? >> i have yet to talk to bill about the book. >> yeah, i read that. >> but i expect we will have a very intense discussion with bill. steve i talked talk to any basically says hey, you know, the book were trays the pauline
now and the events that you recount that have been. >> no one has challenged any facts in the book. >> no one has gone on record. >> now when you read the bilking can we tape it? >> what the analyst that going to go on? [laughter] is that wwf? i am just kidding, i am kidding. getting. i'm getting. >> wow. >> not to get all bill gates about this but let me just ask you this question. can you take this back, at that moment then what? you were in tenth grade and he was in eighth grade. this was lakewood -- lakeside school in north seattle? why did you think you guys would click? what was the thing that you thought that alright this guy is interesting? >> well you know, there are pictures of bill and me together over, slaving over a hot the sr
33 teletype. they are some examples downstairs in the museum. but they are not hot and they are not clunky. they could probably be fixed i assume and i just remember bill, we used to wear saddle shoes and he walks in berry gangly young man and after a few weeks after this teletype terminal was at her high school there were a few of us that were just almost elbowing our way to get time on the terminal and bill was one of them and i was one of them and there were a few others. and then at the end of the month they would post kind of a horrifying list of how much money you would run up on the time-sharing service. and bill and i were always up there at the top and you think how my going to explain to my parents $68 in time-sharing? and so that was always anxiety
provoking. >> well, how about, how about the day when he saw the article in popular mechanics? >> "popular electronics." >> you sought in harvard square and actually that magazine if you check out, check out the revolutionaries exhibit. is basically the first 2000 years of computing and it's really interesting. the magazine has been blown up downstairs. what was that feeling like when you saw that magazine? >> it was a feeling of vindication because i had been telling bill for a long time, hey we should be doing a basic interpreter for microprocessor chip and first we had actually built a machine based on the 8008 microprocessor chip for a failed computer processed data produced by traffic and he is to get these rubber hoses in the street and would punch out abcd coated tape.
this audience doesn't get technical right? anybody have a problem with that technical jargon? it's okay? so anyways, so to build a machine are remember one day bill and i, think we slept -- slips down to whoa stroman bought this a thousand eight because i was convinced that you could basically build your own mini-computer with a microprocessor chip and got to do the engineering so it was stuck into this piece of insulating plastic and wrapped in aluminum foil and it cost $360. we were like wow this is a whole processor and it's like an inch long or something so that is how we got our start. so we learned about microprocessors ben and then i would say bill, this is the basics for the 8000 a.. he would say it's too slow and it only has a seven level stack and come on paul, it's going to be unusable so the 880 came out.
he would say, we don't know anybody back in boston to build another computer. let's wait until somebody produces a computer with an 880 in it and then i went down to city news in harvard square and saw them plump down my 75 cents in brand back and showed the magazine to bill. >> the air of the computer in every home has arrived. that was the first sentence. and i'm curious kind of in concrete terms, he spent two months kind of really out there basing -- basically figuring this out? what did that feel like? where we you envisioning this going? where was it going when you are thinking about it? >> around that time i mean, we didn't know, we had no idea what it was like and i talk later in the book about flying to albuquerque and reading the first version. we had no idea you know exactly
how fast the rocket of you know, home computers and personal computers was going to take off and how our software was going to become an amazing part of that change. so we thought if you are really successful maybe one day we will have 35 employees. i think microsoft has over 90,000 now. so those were really -- you have to remember back then there really were -- we were worried that there was competition but and then i kept, my role was kind of two read every computer design, electronic news. i just read everything and trying to see the computer world was more about what you see downstairs, 360s and unit backs and everything else but my job was to look out over the horizon and see what the becoming and i didn't see anything about basics from anybody else so we thought we
had a headstart but we weren't sure. >> i'm curious and you probably know this but microsoft was found in the same year that gordon -- and the number of transistors inc. in a chip will approximately double every 24 months. did this matter to you then? was this something you were thinking about this idea of everything getting to be cheaper, better and faster? >> you could see that and because the first chip i was aware of was the 4004 and in the 8008 which we built the first machine on and that is in the natural history museum in albuquerque. and then the 8080 so you are aware that the chips for getting so much better and so much faster and cheaper and now of course every component of like a portable device or a computer, every part of the gets cheaper and faster and better every year so it's been amazing.
quiet >> i've thought about it. and to knowledge, which is accomplished an amazing things and bill was an amazingly microsoft language hard-core businessperson. and that comes super well certainly in the years right after i left. i think it has more challenges and will probably talk about that in a few minutes. but yeah, you know, just think how -- in retrospect, how lucky was i to have a partner capable of delegates generally work shoulder to shoulder writing the initial code and i brought my ideas to the table. so yeah, of course i like to think if i stayed there i kind of affect the course of things. but when i left, i really wasn't planning on staying. i wanted to start a new chapter in my life. i actually tried to retire at age 30, which lasted about 18
months. >> what did you do? >> you know, i kicked back on the riviera and traveled. i wanted to see europe. i traveled a lot. i tried to relax. if you're a creative person, technologists, it only lasts for so long. you want to be involved in creating something again. >> what about the factor at the history of technology industry with a look companies founded by two people, there's always one who tends to kind of become the outsized role within that. and all of the cofounders will see the other person. what does that show you what the nature of friendship so you do these startups and have two people involved, what does that say? >> it can definitely depend upon the personalities and dynamic between the two people. i also think some people are more tech logical, you know,
that's just their kind. i wasn't attract it to sales and marketing in the same way i was attracted to the next microchip our next product and those kinds of questions. so over time in those roles the company was growing more. our rules became different. i was solely focused on typing all the fans bill was signed non-technical things and technical things. so you know, as these roles evolve over time, so does the case of microsoft. >> i have to say, by the way, ever since "the social network," everyone has been used as a shorthand for silicon valley culture. had he seen a quick >> i just felt -- i just thought it might have some effect may be
perhaps it was really strange to see the ad goes on some of the things that have been. there's a shot of harvard square. wait a minute. i was there in 1974. and then some of the other things that happened. so is interesting. was very well made. >> it's funny the book you talk about how you guys would sit down in a pepperoni pizza for sliders and think what if we could start a company sunday? when i interviewed zuckerberg for "the new yorker," he actually had the exact same -- we would be sitting in a pizza place thinking how we could start in the next day for the next that. so i guess it doesn't change in terms of that kind of culture. >> there something i'm not. i don't know what it is. what's the equivalent in palo
alto? [inaudible] sushi? >> it's cooler, hipper and more diverse. that's why it's sushi. which that brings me to the point. he said he thought about you basically retired by 30. and of course i lasted 18 months. by mccain and the valley at people like jackie dorsey or zucker burke, but what advice would you give them? you know, somebody who's gone through that process of helping start something quite unlike this is their life. would you tell them to take a break? what would you tell them? >> well, the other in with my help and i didn't know -- they basically thought i was cheered by age 30, but i didn't know that. i was also a big factor in big wake-up call. but there's certain things -- i don't get bad areas that you have to be eternally vigilant
about new platforms coming down the pipe. if you think about facebook and twitter, you know, both of those could have been created earlier. i mean, there used to be a thing called myspace not too long ago. >> yeah, i was on the. for like three weeks. >> but when a new platform comes along and it falls far rapidly come you can be obsolete quickly. you have to be incredibly vigilant. you have to hire the best people and retain them, which in the silicon valley -- the reason we didn't move microsoft valley to silicon valley with because everyone changes jobs in 18 months. that was in 1977. still true. so we said yeah, seattle. rain. don't want to go outside. so anyway. and of course, our families where they are. sorry, so there's hiring and
retaining great people. seminaries this blind spot thing, we just don't see these other platforms, but could potentially obsolete you coming. & co. is flaked even google and apple didn't really see social stuff coming and taking root like it has. >> of course apple tried to launch pain. i'm not sure where it is gone, but apparently it's all a bit too late. this actually brings me to the discussion that microsoft celebrated its 36th birthday earlier this month. 36 spurt day. i'm curious, like, where do you think microsoft is now in relation to say google, facebook, apple? what you call in the book, high-tech hounds. can you define not? why do you call them high-tech hounds? >> that is where -- it's
actually from a blue sign. but yeah, microsoft always had a lot of competition, but the competition today is incredibly fierce from the company's preferred a talk about. and so, you are trying to say kind of a multi-front war and it's hard to innovate. i mean, to get people change country and change their habits, the inertia is pretty strong. so if you want to change some of the different search engine, it would have to be at good and better for a social network or a mobile phone platform. so they are working in a number of those areas. i have friends over there and i certainly encourage them and try to give them an idea now and then. that's a big challenge, as it is for companies with apple trying to dupe pain or something.
from not having a position to be in a major influence in that area. so that's the way of the land right now. >> is that thing microsoft is behind all three of those companies? >> there are other areas like d.c. and enterprise software. microsoft has a great position. it's superbly profitable and is great people. the competing all those different areas. that's another thing. sometimes you have to pick your spot and microsoft was in game platforms, too. >> halo is great. >> connect. >> but what i think is interest team. microsoft is definitely still influentially credible company that has been so woven into our lives. i mean, i grew up with microsoft word pc. i think we've forgotten if even they are because it's so woven into our lives. you've written what you called
it breathtaking fall from grace. you wrote, it wasn't so long ago microsoft stood at the slogan of bill and i followed at the start. we set the standards, but there is no one in redmond became privately and candidly who would make that claim today. >> i think i was referring to new standards and microsoft has an amazing position, leadership position on the pc. though we are all carrying around different kinds of mobile devices and now tablet have taken the field, too. there's going to be an incredible battle between different tablet suppliers, too. so when these new platforms come down the pipe, it's incumbent on you to really internalize that and not your attack to keep your
amazing engine go in and these new. and microsoft has lacking in some of these areas. i am very straightforward about that in the book. >> i mean come you basically said if microsoft fails to catch up in mobile, it is in for a long, slow slide. what do you think strategy wise can microsoft do with windows mobile to get it up in the same -- for example, the marketshare is nowhere near black. in terms of the software for black very for the iphone or even the entry. what do you think microsoft can do? >> anytime they're challenged coming from behind on a platform, can you do need the capabilities and enough things that are persuasive to get people to switch because people won't switch unless something is hermetically better. look at the example of google. there was a time when there must've been five.
there was yahoo! and five other search engines and then they came up with something better. so to really take that huge chunks come you got to meet and beat and that requires shorter development cycles may be, your best people, agility and focus. a lot of focus. >> you have said that steve ballmer has one of the toughest jobs in the world right now. if you could give him advice, what would it be? >> well, i've given him advice. [laughter] >> such as? >> those are private conversations. >> that's okay. her friends. >> at that c-span was here. >> no, no. i'm curious. what was the advice? >> just the kinds of things we've been talking about. what areas to improve some of
these products. we start talking about tablets. >> yeah, where's microsoft on the tablet? where is that going? >> you should talk to someone from microsoft. they are very focused on that, but i don't want to speak for microsoft products. >> i'm curious from an investment perspective, i was doing some reading on you in a business reporter once wrote he suffered from a sort of investors attention deficit disorder. there was one point you invested in more than 100 internet media communications companies. the missteps and miscalculations have been costly. i'm curious what the menu might remain investment standpoint. don't worry. i'm going to ask about the biggest success. i'm curious from your days, what has been the biggest failure for you? >> the most costly by far was carter communications.
i thought cable was the new platform because they would have high-speed pipes into millions and millions of homes come which back then they didn't and now they do. but the products are very slow compared to anything else just about. so to take advantage of those capabilities took longer than i %xpect it. about. so to take advantage of those capabilities took longer than i expect it. at the actual delivery of data to people's homes has been successful. but the main problem for charter was the amount of leverage, which was too high. but in terms of the breadth of same -- >> you made money off that. >> i invested in aol fairly, sold too early. priceline, and many other things and started what is now espn.com. so that to disney. so many successes along the way.
but if you investor in the internet mobile or something, a bubble is a bubble, so everyone will get -- have some painful experience during a bubble, too. so i've tried to do many different things and it had some great successes in some signature failures. and i think we are pretty much -- the big one, the big bad ones and good ones are mostly in the boat. >> by the way, what would you consider the biggest success investment wise. dreamworks, would you consider that part of it? >> no, the hollywood mentality. microsoft, just to give you an example, if we made a mistake or mistake and when i was fair, we would just say how did we miss that? how are we going to catch up? and in hollywood -- you see, this movie is not that great the box office is horrible.
but a new movie will be coming out. you don't have the post-analysis to deal. i think a healthy post-analysis like you do and companies. so i was a bit of a fish out of water and not world. i try to contribute a few things. like one of the few things i talk about in the book was this is the level of effect they had. i said hey shrek, when you walk the ground doesn't be foreign. in your lane study something is wrong, but you don't know what it is. but to fix it cost millions of dollars. >> i'm sorry, what was that? a million dollars? >> i think it was a million. that's a lot for dust you can know, so i've done some documentary films that we talked
about earlier. one of psychology called this emotional life, one of global health and one of evolution. i'm very, very proud of her documentary work. but documentaries as you network is philanthropic. >> from her perspective, what has been the best investment so far? >> well, i mean come a few years ago i invested -- some people convinced me to invest in oil and gas pipelines. >> yes, go on. >> turns out a lot of people need oil and gas inside did very well on that investment. but it is not one of those things. the investments that i really enjoy are the ones where you think is a technology person you can have some value. and then that happens and it's really working. your early commies you see, it
services aol is going to do great. and i thought it's doing great, but microsoft says they are going to crash aol. some may be time to sell. so i sold it meets the money. so does peer investing, probably the oil and gas. i see some cards are being picked up out there. do you not have to ask you this question. last year you filed a brief filed a lawsuit basically against the entire internet. >> was it that brought? >> yahoo!, facebook some of google, aol, ebay, and i missing somebody? for copyright infringement. >> patton. >> yes, yes. why did you do that? >> i can't talk about the
details. it's got a lot of notice because there's an individual. a research company here in the valley you're a sicko called interval research. it's not around anymore, but it was a wonderful experience, but in terms of companies that came out of it radically, very, very modest success. it creates an interesting ip. so anyway, there's the litigation you mentioned. again, the tension has come out because it's a well-known individual doing it against everybody knows every other day ha ha suze every other out of sight as i can tell. >> yeah, but this was like paul allen is suing the entire internet. at least that's what was on twitter. >> from her, i was curious.
is that basically to say do you think of many ways you've been to a head? >> you can be too early. if you are early in the ground and say wait a minute, no one else is doing this, sometimes there are some things inherent in whenever the technology might be our management team for a bunch of reasons that are early idea is not going to take root. you're just way too early. you've got to be cognizant of those factors. >> which companies by the way here in the valley would you invest on if you could? >> devaluations are crazily high. >> no they're not. yet they are. would you invest? >> again, i don't want to comment on any known companies. i think you do your best due diligence to make sure there's something really, really new
indefensible. i've had a few ideas in the last couple years and i say, what if you combine this with this? a lot of my best ideas are a combination of a set and a microprocessor chip or whatever. it's a what about that? my staff would say paul, there's 20 companies do not. i'd say cheese. so it's very, very crowded right now. so you have to be super aware of the competitive landscape on whether someone else has momentum. the mac i should point out i believe him but i was writing up this idea of owning a football team, the seattle seahawks, the basketball team, department trailblazers. when we ran the green room there a downside to dallas or something, you funded the first privately financed rocket to flight space, founded your a
music museum, you're a guitar that jimi hendrix played at woodstock and apparently also good captain clerk. >> is a modified office chair, though. not impressive in person as it looks on the enterprise. [laughter] >> and then there is the 714 feet yacht. >> i'm starting to feel bad. >> i'm just saying. as i'm writing this have time thinking myself, is there anything you want to do that you haven't actually done? >> you know, we haven't talked about the brain yet, but i think you start talking about scientific problems or challenges, i mean, the fact that spaceship one succeeded, no one knew that. i won a prize and no one knew that would happen when we started.
so sometimes by being ambitious in trying to accomplish some of these things, sometimes you fail, sometimes you never succeed to win a prize, but it's, you know, it is the ambition, you have a great team of people. that is just enthralling. so there are many, many challenges out there. i am especially excited about anything related to the brain, with the brain institute is doing and the artificial intelligence i still have always had a nagging interest in them are starting to get some traction there. but i think you are talking more things that are related to -- >> your personal life. >> and sheer fun, i was just in the entire toccata a couple months ago and that's fascinating. you slowly cruise up on a sleeping whale or something.
wonderful. but then you go to a scientist and say here is the day that you are in and here's what it looks like 20 years ago and it was full of lies and there's no ice. it's almost gone. i mean, so, global warming you can see. so in terms of adventures, there's a chapter in the book about adventures. some of the thinking there was inspired by seeing job cousteau. i fudges wonderful experiences trying to explore the fun side. i think it is incumbent on all of us in technology to think how we balance our lives between the sideline as i can fix that lasts those verses maybe i should go home and spend more time with my family or whatever it might be, go bowling, whatever that other thing the cost tur. music to music big passion.
>> i'm curious because there was a report that just came out about the landmark map of the human brain, right? by was so groundbreaking? this is of course from the allen institute for brain science. by was that so groundbreaking? >> we do things an industrial scale, so we get human brain than, slice them out and look at the gene expression for all 25,000 plus genes in the human brain and put the data online for scientists around the data to use in their research. so no individual that could do it to the level i think of thoroughness and quality multiple brains. it takes an industrial coach like used in the human genome project. now were doing humane, developing human. we did work on autistic brains.
so it's endlessly fascinating to me because the brain were his words just starting to see the outlines of it. were starting to get a sketchy idea. there's so much work to be done. each part designed by evolution to optimize for what it does in particular. so it's the opposite of computer, basically a regular structure. the brain, every bit as optimized to do its job. so it's endlessly fascinating, compelling and mind-boggling. >> actually the question here. i think i'll probably get smart questions now from the audience. a question now from ad flagon bum who is the guru of artificial intelligence is actually here tonight. the question is paul, in my view , vulcan is supporting and managing one of the best
artificial intelligence products in the world. can you tell the audience about it and what motivated you to set it up. >> well, on the one hand you're trying to understand how does the brain -- ultimately, how does the brain work? how does the brain work? the ministers neurodegenerative diseases like alzheimer's, which by mother has come how can you make treatment happen earlier? so i'm fascinated by all the work on the brain. then you artificial intelligence, where programmer said they are with blank sheets of paper and say okay, we don't know how the brain works, but we want to do something to mueller. so i have a team in seattle trying to encode initially a biology textbook and put all that knowledge in software. it is a well trodden path, but it's super hard to do knowledge representation as i'm sure he
could elaborate a better link than i can. it's super hard to do that in software because real-life reasoning involves probabilities in things that are still a research areas for artificial intelligence. so we are moving down that path and you can see 10, 20, 30 years down the road maybe we will have something really significant there. but in the meantime, we are concentrating on getting a biology text inside computer software in a way a student can ask questions and get a coherent answer from the software. so it's really some groundbreaking work unmark reason the team in seattle are managing it. we have worked on it at sri in many other places. >> would you say writenow project halo, are those the two projects are most excited about
right now? >> the outcome either couple of little internet things incubating, but the brain in a.i., those two things alone you could spend many lifetimes trying to figure out ways to accelerate progress. so i am just excited to be involved in those areas and in looking out for other areas and other things. you know, any philanthropy. philanthropy is a wonderful thing to be involved in kabila to give back. because if you have signature success, it's incumbent upon you to give back. >> and you pledged last july. >> i/o is intended to give the majority of my assets to philanthropy. bill called me up and said would you join? he's taken on some very, very tough problems in global health and malaria in education.
those are huge problems. but usually in your own philanthropy you have to say, you know, what appeals to me? where can i make a difference in terms of the solution of this problem? so i am really focused on the brain right now. >> i'm going to ask questions from the audience. >> pacific northwest has benefited nearly a million dollars in investment and philanthropy in the area. so who is your mentor? is important to have one? ..
>> the computer center was giving away free time we hooked up, with and did steve russell make it tonight? anyway, steve russell who worked with the ppd1, we literally dived in dumpsters to get listing full of coffee stains, and i can smell that coffee today. [laughter] we poured through the listings and go, oh, my gosh, i don't know what it's doing, but it's beautiful. [laughter] so you kind of absorbed some of that through osmosis, you know, as you go along the way. active mentoring, and the teachers in school who get you
excited in whatever. it's so important -- i enjoyeded a well-rounded life, and i try to convey it in the book -- >> i think you did. >> there's so many things that are unbelievably fascinating in the world whether it's literature or art or, you know, the ocean, you can go on and on forever, so any of those roles you can get drawn into if you have something that shows you the way that's excited about it or the project museum in seattle, we deliberately tried like this museum is doing to show young people that, you know, hey, you can play, you know, try playing a guitar, and if you can make a couple notes, maybe you want to learn the guitar, and you can do the same -- hopefully more things here to get young people interested in the program.
>> another question. what do you see as the next big thing and why? >> oh, that's a hard one. i mean, i think eventually some of these ai type systems, and watson won at jeopardy, and eventually those things will be better or speech understanding will be better, but in terms of, you know, things happening in the cloud or whatever, i'm -- i can't think of any particular. >> this is a really great question. paul, at an early age, you achieved fabulous wealth that enabled you to recreate your life in any way you wanted to. was that liberating or horrifying? to have everything you ever wanted to do right in front of you. liberating or horrifying? >> well, it gives you more possibilities and options, and then you are a steward of those
assets, so if you have reversals or whatever, a big reversal, you just feel awful, so you have to be very, very careful and you know, i mean, all of the, you know, the resources that i have, a share of those go to philanthropy when i pass so there is that realization that you have to keep that in mind. >> so one really, really techy question here. please describe -- >> finally. >> please describe interactions with ibm late-70s as the pc merged. basically, microsoft, you said, we're not going to wear ties like ibm people wear ties; right? >> bill goes to the first meeting, and he forgot to bring a tie, so they had to buy a tie at the last second for him, but by the time, you know, we're working on the ibm pc in
seattle, you know. it was just really, you know, i was just on pins and needles because the basic we were doing was going on read-only memory, and i was so afraid there were going to be bugs in it, which there were -- >> just a couple. [laughter] >> just a couple bugs in there, so i put hooks in to replace in ram any bad areas of the rom code, and those turned out to be invaluable, but basic thing about ibm is they didn't -- like doing dos, there's a story in the book where bill and i are arguing about the fact that dos2.0 was delayed, and i thought this thing called prestructured directories and path names should be, you know, in dos2.0, and ibm wanted partitions and to get prestructured directories, which i can't claim the credit for,
they were part of the unix back in the day, you know, the ibm guys were like, well, we're happy with partitions. ives like, no -- i was like no, no, prestructured directory, and then the product was delayed, and there's a bunch of back and forth about that, and they came to us and said we want a pc, we want to buy your software, where can we get the operating system, your languages seem great, you know, and anyway, the rest is history, but -- so we were really, you know, as kids in our late 20s -- kids? i mean, men in our late 20s, we knew it was going to be big, but we had no idea how big that opportunity was going to be because everybody wanted to copy the ibm pc. >> we have a space question. what do you expect from spaceship 1? a true commercial space flight
company? maybe an early boeing? >> well, richard branson is already taken the patent and the license for the spaceship 1 technology, and i think 234 not too long, a year or two years, they'll start flying people, flying paying passengers into space, and it's basically straight up and straight back down in a period of a half hour, and it's amazing ride, and you're waitless in spice for five minutes, so that's going to be exciting, but when i was watching these flights, i was -- i was -- well, something goes wrong, i'll get an ere -- error message. [laughter] in rocketry, if something goes wrong with a human being inside, it's really bad.
like another nice question -- i have a history of occasionally asking questions in retrospect up here that's humorous. i said, well, there has to be three seats in spaceship 1 so it's able of capable of flying three people into space. why are the test flights in one perp. they said in case something goes wrong, paul. [laughter] i went, oh, yeah, yeah. [laughter] when those flights were happening, i was so nervous and just so happy when they got back on the ground. >> please speak a little bit about judgment day, intelligent design. >> that was a documentary that we did -- >> yeah. >> following up on the evolution documentary talking about
textbooks, and it's interesting that i recommend people see it, but there's a theory in intelligence design that there, you know, people that just try to justify intelligent design saying there's not intermediate forms, and there's no way it could have been created other than by intelligent design, and yet biologists, put them on the witness stand, they say, wait a minute, there's five intermediate form, and then the argument formed into well, what about those forums, and then wait a minute, well, there's this one, and, you know, it's basically the intermediate forms throughout all of these things that exist in some way, so in my opinion, so that's what it's about. >> we have a question asking for advice for programmers. creative trends, what's the future of programs?
>> you know, i feel a bit bad because i used to just -- when there was a new program language, i would just, you know, get a manual -- now, of course, go online and look at a pdf or something, but i'd read the manual saying well, that's really cool, but that's like stuff over there that's worse than any other language i've ever seen, so there's so so many new languages coming down the pike, and since last time i programmed, -- >> which was when? >> like 1980 -- i don't know. >> 80 what? >> 80 -- 87 maybe? >> i was six. [laughter] i'm just saying. >> were you programming? >> no, i'm just saying. [laughter] >> kidding. i was the only person in the company that knew how to write a similar code -- >> wow. >> i wrote a similar code, and
so i don't know, if i was a programmer today, i would study, you know, it's fun just to pick the right language if your employer lets you pick the language, and, you know, you see companies like google who are still trying to innovate in languages, and so bsh -- but in the end, all of these tools, you can do anything you want with the tools, but it's a matter of how fast can you get there, and sometimes you're so caught up in the tool itself and picking the right tool that, you know, you lose three months on the schedule, but programming is great, and i have to say i get bugged sometimes when i'm talking to one of my project teams, and they'll say, you know, we have like this two years of legacy code so refactorred it, and we used to
say rewrote it, but now it's refactorred, and that sounds better. [laughter] i'm not sure -- >> what was that? >> that was the refactorring. [laughter] i'm not sure it is that much better. >> you know, four questions here all about what it's like to face your mortality, and i wanted to bring up the fact in the book you thank two doctors; right? you basically were diced and re-- diagnosed and recovered from cancer twice. was it nearly 30 years was the time difference? >> same doctor. >> same doctor. i'm curious, what was the difference -- >> he's good. [laughter] >> i mean, you said when you were first diagnosed the first time, you said it was a wake up call. >> turns off the alarm can go off whenever itments. [laughter] >> in late 2009 diagnoseed for the second time, like, what went through your head? >> well, i mean, the first time when you have -- when i had
hodge kins, they developed the treatment here at stanford. i love bookstores, and i was in the stanford bookstore today, and there was a book about dr. henry kaplain that developed the treatment, and they tell you when you get the radiation, look, we give you the amount of radiation basically that the body can stand p, and at some period of time, there could be repercussions of the radiation, but when you're 30 with a life threatening illness, it's a shock. you can't believe it. it takes awhile to realize you're going to be -- you have the chance to be okay, at least i had that chance. this last situation, i just knew i was really, really sick, a and it was an advanced case --
>> stage vi; right? >> yeah, stage iv, but they 4 the standard -- it was like one of the things where they call you up and say just kind of -- when i first had it they called me up and said we found bad cells. that's just the moment where your blood runs cold, and then you meet with the oncologist and he says, well, actually it's this -- they called garden variety, large b1 cell, whatever, and he said the good news -- you know, the bad news is it's progressed, but it's curable. i consider myself very lucky. >> i'm going to ask one more question from the audience, and then i'll ask my last question. how does your attitude towards living life reflect your two battles in mortality >> >> well, again, back to the balance point. >> yeah. >> i think you have to think about, you know, all the things you do, you know, to enjoy, you know, work and creating things,
but there's so many other parts of life that you need to do justice to and explore and to find that balance, it's such an important thing, and when these things happen, you realize the importance of, you know, key friends and family, and then you have to ask yourself, and if i only have limited time, what do i focus on, 10 you go through -- so you go throw the soul searching process. >> last thing. back to lakeside school. you were in 10th grade dumpster diving looking for codes; right? if that were to happen like now in 2011, in this age of, you know, apps and mobile devices and facebook and twitter and google and binge, what do you think an 8th or 10th grader be looking for in that dumpster, and what would they build? >> i'm not sure how many listings people make anymore. [laughter] much less coffee stains -- at least in seattle, there's probably coffee stains --
[laughter] you know, i think today the rate at which young people adopt new technology is breathtaking. >> yeah. >> and we are talking about it earlier how do you get them excited about becoming programmers or developing things. i was never -- there's so many kids today excited to spend hours online, you know, playing this role-playing thing or this first person shooter, whatever, and i was interested in how those things worked, how things worked inside, internally. how does it do graphics that work that great? those are the engineers in the future, so we really have to put on our thinking caps to figure out how to get kids today excited about being the creators of tomorrow. >> i think i'm going to invite john up here. i should say, by the way, i grew up here. i went to mount view high school, a few blocks from here,
and what's interesting is going through the museum downstairs, and, agains the first 2,000 years of computer, for me, you were there during the birth of the personal computer revolution, and i'm someone who directly benefited from that revolution and been able 20 create a life for myself because of the internet and computing was the way to go, so i just wanted to personally thank you for that. >> well, thank you. >> thank you so much. >> thank you. [applause]
issacson is u author of the steve jobs. this is an hour yaf. >> good evening, everyone, welcome to the museum, i'm john holler, the ceo, and it's my pleasure to welcome you tonight on behalf of the trustees, our staff, our member, and everybody associated with the museum, we're absolutely delighted that you are here. i want to thank our good friends at intel who sponsored the entire revolutionary series, season one, as we're calling it now, and also the software who provided support for the speaker serieses, and in connection with with rev -- revolutionaries, i'm excited to announce a partnership with kqad. they partnered to produce a 13-part series that will premier on public television in january called "chm presents revolutionaries," and it's going to be the best of the speaker
series featuring people that you all have seen and heard either personally here at the museum or on our youtube channel or kqad fm, or on c-span. they are both here tonight. this is the line up that starts january 16th, and this goes for 13 weeks. of course, walter, mark stuckerberg, ibm chairman, dreamworks chairman, ibm, the inventer the watson. paul allen, jane, the expert in gaming around the world with npr. pulitzer prize winner james miley. mark bowedden, author of "black hawk down" here talking about
his new work "worm: the first digital world war," and venture capital legend, bill draper with kqad, and peter norvig of google, the two leading ai experts of the world talking with tim olson. quite a lineup, and we feel very, veer privileged to -- very, very privileged to have these people on the stage, and looking forward to kicking off season 2 in january. watch your e-mail and news deny -- news letter because we'll talk more about the lecture series to come. now on to the program. it was january 16th, 2008, steve jobs was on stage in san fransisco making a legendary presentation. the kindle e-reader comes up, and jobs said this will go nowhere.
being uncharacteristically blunt. [laughter] he said it goes nowhere because americans stopped reading. it doesn't matter how good or product is. the fact is people don't read anymore. 40% of the people in the united states read one book or less last year. the whole concept is totally flawed. well, it's true people only read one book this year, we know which book it is. [laughter] [applause] despite the late arrival on october 28th, shortly after steve's tragic death, it went immediately to number one on amazon nearly a month before its release, and it's dominated every best seller list in many parts of the world. walter has been at this for awhile. he is not only a distinguished journalist, former chairman of cnn, former managing editor of
time inc, and president of aspen institute, but next year is the first major biography, and to that he's added the biographies of franklin, albert einstein, and now this book on steve jobs. walter and i talked a few days ago about opening this evening with something special featuring items from the landmark collection that you can see here on stage. walter will introduce them. aren't they neatly dressed? don't they look good. they have sneakers on underneath the podium here. we have 3,000 items in the collection from apple. it's one of the largest collections of its kind in the world dealing with am, but after steve died luxing through the collection to -- looking through the collection to see what was the best of the best, we discovered something amazing. it was a videotape that regis mckenna made in 1980 of a 25-year-old steve jobs making a 22-minute presentation at stanford on the roots of apple
and his vision for the company. we digitized that and it's on computerhistory.org, and we'll play you two minutes of it tonight. i hope you're as amazed as we were when you see it. >> [inaudible] so we had parts from atari, and we worked for six months and decided to build our own computer, so we built them, and we were up until 4 in the morning for many moons. nearly everybody wanted one. turned out it took 40 hours to build one of these things. we had a lot of friends that worked at similar companies with computer parts also, and so --
[laughter] [inaudible] we pulled our friends together to build computers, and it was a tremendous dredge on our lives, and we got the idea to make a printed circuit board. we gave that to our friends. and cut the assembly down to 5-10 hours, and we got $1300 together to pay our friends of ours, our pc board layout person, and built the circuit board, and -- [inaudible] that's what we did. we were working on pc boards, and i walked into a shop in mountain view, and the man in the bike shop said we need 50 of these computers. i saw dollar signs in front of
my eyes. there was a catch and that was he wanted them fully assembled and tested and ready to go. that was a new twist. we had $10,000 worth of parts, and we got the car, built the computers, and we sold 50 of them for cash and 29 days to distribute, and that's how we got started. [applause] >> ladies and gentlemen, please join me in welcoming walter issacson. [applause] >> good to see you. [applause] how great it is to be here at the computer history museum. >> thank you. >> can i shoutout to steve wazniak and his wife, joyce, who i just saw? [applause] andy is next to him, i think,
and all the history is here. totally intimidating me because i'll look over, and they nod or shake their heads. [laughter] no, no, no, it was not that way exactly, but i'll look over there, and there's my cues. >> this is a silicone valley crowd; they won't be that polite. >> oh, dear. [laughter] >> appreciate you being here. >> thank you. >> let me ask you about your first meeting with steve jobs, 1984, your junior editor of "time," and he comes to new york to demonstrate the macintosh. how did that go? >> you see both sides of steve, the absolute passionate side. you see him with the original mac, that thing sitting there. it looks like it's smiling at you. he shows you how thin that strip is. it looks like a friendly face, and he shows us the icons, and
you can see he's passionate at every pixel and furious with "time" and we are not good as "news week," and there was a horrible story wrote about him, and i saw that side. that's when i first started to realize that the sort of impatience you saw in steve jobs was connected to the passion and the perfectionism. >> you were meeting incredible people, you have met incredible people in your career. something special about that encounter? did he make a particular impression on you? >> i was mesmerized by him. you saw it there. that was what he was. he was telling you these stories. he was mad because he was not made man of the year at the end of 1982. [laughter] i, of course, was an idiot on the wrong side of that voting for paul volcker, and none of you remember who he was --
[laughter] we 4 a machine of the -- had a machine of the year, but you could tell the first time you met steve jobs that there was something compelling about him. >> flash forward 24 years, and it's 2004, and he gets in touch with you. >> he calls me, i'm with the aspen institute, and he said i want to take a walk with you. he says why don't you do a biography of me? he sort of suggested it. i had done ben franklin, finishing up albert einstein so i thought, okay, franklin, einstein, steve -- >> i'm sure that was on his mind. >> i admit, i said, you know, you're a really, really great subject, but let's wait 30 years until you retire. it was not until 2009 when he had the liver transplant and had a medical leave that it sunk in he was fighting cancer, that he
transformed with his team a wide variety of industries with first home and personal computing, but by 2009, transformed the music industry with itunes and the ipod, the way we listen to music, the phone industry, the publishing industry, tabloid computing, and that's when i said, all right, you know, this is too good to pass up. >> did you have a theory about him going into this? >> i had a theory because his very first phone call when we started talking about it, he told me something edwin lam said to him that you want to stand in the intersection of liberal arts and the sciences, right there in between the humanities and technology or engineering, and that's something we kind of lost in the cp snow era where, you know, you were in the humanities or you were in the sciences, and
my theory among others was that connecting creativity to wonderful feats of engineering was what made him so magical. >> you wrote something in the book, a quote, "his passion for perfection led him to indulge his instinct to control." i want to ask you about the editorial control. how did you manage to do that? >> i was stunned because had never really came up, and then he said, well, it's your book. i'm not even going to read it. he did say, by the way, people don't read books, but, you know, it's yours, and by the way, i wanted it to be honest. i want you to interview, you know, people who did and did not like me, and he said, you know, he was brutally honest his whole
life, and he didn't want it to feel like an in-house book, but an independent book, and therefore, he was going to exercise no editorial corral. >> did that change? did he call you up -- >> well, the one time he did, fitting into his theory of people don't read books, but they look at him is simon and schiewter put into the catalog a cover design, a place holder, and it was a cover of steve with an apple and isteve as the title. i landed in san fransisco airport coming to a product launch that he was going to do. i can't remember which one, maybe the ipad, and i saw the thing you least like to see on your phone which is six or seven missed calls from steve jobs. [laughter] you all know the san fransisco airport. i'm there in the concourse, hit return, and he just starts yelling at me. he says you have no taste. you know, the title is gimmicky, and it's just ugly. i don't want you to come to the
demonstration. [laughter] i'm holding the phone, you know, and finally he says i'm not going to continue to cooperate unless you allow me to have input into the cover art. now, it took me between a second and a second and a half to say sure. you know, here's the greatest design eye for something like that, and he spent a lot of time, you know, just trying to make it a very simple, clean cover, and so that was the one time i felt his wrath and the one time when he had editorial input. >> huh. you know, you talk a lot about, and you quote his friends who coined the term "reality distortion field". >> yeah. >> did you find yourself getting sucked into that from time to time as you worked with him? >> you'll be the last to know that reality distortion field,
you know, the engineers there come from a star trek series which is simply by thinking something and being convinced of something, even if it's impossible. you know, you can convince other people, and then the secret of the reality distortion field is that it sometimes works, that you convince people they can do the impossible. waz talked to that with me in his own book about steve saying you have to do this in four days. i think it was one of the atari games they were doing. he said, i can't be done. steve said, you can do it. that was the reality distortion field, and four days later, it had been done, so the question of whether i got sucked into it, i found myself deeply, emotionally vested with him. i tried very hard to be honest in the book, to put all things
and all sides in the book, but this will be people in the audience, they know more than, you know, most, if you read the book and say, boy, this guy got caught in the reality distortion field, then i guess, the answer would be yes, yes. >> one final question about the process of writing the book, and then we'll move on. >> whatever you want. >> you had the luxury of a kind of long historical detachment from einstein and franklin, not so much with kissinger, but here you are suddenly writing a biography of a very compelling, living person up close and personal with him in 40 interviews. how does a biographer maintain that necessary detachment you enjoyed just by being able not spending time with einstein or
franklin? >> a couple things. when steve did a speech, let me tell you three stories. you become a story teller. you don't try to preach. i let the stories tell themselves. one of the things i discovered by having so much time with them and so much time with 150 other people who work with him was how much more we know or i could know about him than i did about benjamin franklin or einstein, and he wrote 40 volumes of papers, and einstein, they are still compelling his papers, and we should know more. the flying the kite in the rain. there's a little journal entry are a newspaper clip, but with steve, everything that happened, i'd hear about it at great length, and then hear other people's versions of it, and i probably ended up knowing a hundred or a thousand times more about him and each story in the book than you would doing
somebody what who you do through letters and journals. >> okay. let's talk about the story telling now, and i want to begin with the partnership. >> it starts with that -- >> very early. >> the blur box. >> right. >> it starts at atari actually doing games where steve is on the night shift because they find it easier to work with him if he's on the night shift. [laughter] he learns a lot there including the notion of how to do chips and make them do amazing things and also simplicity. i mean, you have to remember that games like pong and breakout and star trek, they had to be so simple that a stoned freshmen could figure them out. [laughter] it's like the instructions were insert quarter, avoid clingons or something. and that simplicity was embedded in him. at one point, there's one of the few copies at the computer
history museum of the blue box, which was started, i think, when "esquire" amazing wrote about captain crunch and the phone freakers who replicated the bell tones and thus made free phone calls, and steve jobs said we have to do this. they went to the accelerator, you know, the library there, and found the bell system manuals, and they made an analog version of that that didn't work. waz goes off to berkley, but in the first semester there, able to make the first digital version of it, and there you see the partnership. i can't see whether he's shaking his head or not -- [laughter] but he comes up with an amazing circuit board and loves to show it off. steve says we can package that
and sell it and make money. they went doo-to-door selling this thing, and testing it out by calling the vatican, and waz pretented to be henry kissinger saying he was at a summit meeting and he needed to speak to the pope. as far as i can tell, they never actually got the pope on the phone, and the entire college of cardinals was smart enough to realize it was not henry kissinger calling, but they showed it off, and steve said when he described that story and the whole blue box story, that if not for the blue box, it wouldn't have been apple. >> that's pretty profound. why did he feel that way? what was the thing they could do together that -- >> very complementary meaning they complemented each other way. he said of waz that he could be 50 times better than meetings in his head and design great boards, and waz was taught by his father.
being an engineer is the highest calling so he never thought to put it in a package, maybe we should get a good power supply and integrate it and sell it at twice or three times the cost of our materials, and so what steve did was as he did his whole life take really great ideas and come up with a great vision and pull it all together to do something amazing, and that was perfect partnership for someone designing a circuit board with a number of the chips others took to make it work. >> we talked earlier about the process of invention is not a singular endeavor. it's not the one person sitting in a room finding out that a-ha moment. it's about the collaboration. when you think of einstein, for example, was there a relationship? have you found through history and as a journalist, that these
relationships occur over an over? you find waz and jobs -- >> no, not always, and with einstein, it was a trousseau low act, -- a true solo act, especially with general relativity. he's pacing alone in his apartment in berlin for months on end, and unlike most other physicists at the time, he didn't collaborate. steve, even though he was sometimes tough on people, truly created teens like the original macintosh team of which andy was a part, that were bonded together as if they were pirates in a pirate band, and steve was able with his aspiring and demanding way to create team, and he's done that -- he did that his whole life, and i mean, even now for the past eight or nine years at apple, you've had an intensely loyal, great
collaborative team. >> apple is up and running -- >> just to shoutout to everyone -- >> a lot of friends here. >> yeah, the apple won showing that that was what you heard on the tape, and they went to the bike shop, get up and running when they create that circuit -- when they create the circuit board, and they put it all together. steve decides they have to incorporate. in fact, they sold today for $1.6 million. the ron warren, steve jobs, and waz signed, when they put together apple, the way steves tells me the story, he had worked on the all one farm, a commune run by people add reed college who dropped out at reed and went to the apple farm. he was there tending to the
apples, and he had come back from the apple farm and says, okay, we're going to create a company. he gets excited, and not only are we making a product, but we'll have our own company, and they couldn't figure out what to name it. they have matrixes and personal computers, but what about just apple, steve said, apple computer. counterintuitive, makes your head snap, but friendly, a whiff the counterculture, but american as pie. if we can't think of another name by the end of the day, we'll register it as app 8, and he said, by the way, it's ahead of atari in the phone book. [laughter] >> important marketing angle. >> so they begin to work on the apple i, apple is growing. they are putting together this team early in the period, but
there's another ingreens to come along to make it work; right? mike comes on to the scene. >> well, first of all, you need money. >> right. >> they go from the apple i to the apple ii. if you notice among the differences, you know, jerry and others create -- i mean, they create a beautiful case, the plastic molding, and it's going to cost a lot of money to do it. you can't just sell your vw bus and your hp calculator the way they did to get the money for the apple i, so they need investment capital, and mike comes along, signs a line of credit, but also gives them a great piece -- gives steve a great piece of advice which is a marketing document with three con se.es on it, and one is to focus, really keep your focus, and the other is empathy, not the perfect word for it, but
it's basically making an emotional connection with the people who buy your products, and the third is also not a great word, but the word "impute" that means cast an ora around whatever you do so that the minute you, you know, steve -- even throughout his career, he had his own personal name on the patents for the boxes. the packages of the products, and when you open it up, there's the ipod cradled, it impugned there was something cool. that's what the apple ii does. >> as primitive as it looks to us today, he obsessed with the curve of the corners. >> the tempers and the design elements. >> you know, he had been fascinated by the sony style in the very dissh right when they move out of the garage, they are in an office, and next door is a
sony showroom, and he would fondle the brochures, and then he went to aspen design conference, and really having grown up in a joseph ikler's house, but those homes were sort of mass marketed simple frank lloyd wright style homes for the every man, but it was simplicity and that bell house style of make it simple, but the simplicity is the ultimate sophistication, and so clean, white, simple. that becomes the style for apple. >> it's bout this time, as apple grows as a company, the apple ii takes off, selling hundreds of thousands of units, the phrase in the book surfaces, temperamental and bratty. >> yeah. >> it seems at this point there's an almost, a kind of breakout, a very particular kind of break out at this point where
that side of jobs, that temperamental and bratty is out, and it starts to grate on people. >> he was templemental, and that's why he was on the night shift. this was not something new, but, you know, temperamental people have the temperament of an artist which is why you have the passion of a product and you make it perfect. that temperamentalness, you know, there was original presence of mike scott, and scotty tried to temper jobs and that did not work, and they bring in john skully, a polite gentleman, to, you know, handle steve, but with steve, you got the whole package. the temperamentalness was a part of it, and it show just in how he cared -- even, you know, i tell the story in the book with steve walking me by his house
that he grew up in, the house when he was young, and his dad, he built a fence with his dad, and he showed me the fence, a he said my dad taught me to make the back of the fence as beautiful as the front. i asked why nobody sees it, and my dad said, but you will know, and that's why even on the apple ii, he wants the circuit board to be beautiful. when they get to the macintosh ring the next one over, even though you cannot open it, he holds it up because the chips on the circut board are not neatly aligned. they say, nobody can open it, nobody can know. he says to them, mac designers, you will know. the other interesting thing in talking about steve and steve jobs is steve jobs had the passion of an artist to have end-to-end control. hardware, integrate it with
software, don't open it up. waz's view was much more open, license out the software, but on the apple ii, there were eight slots. you know, you could jack into it, put stuff in it, open it up, get to the circuit board, and steve jobs was against having slots. he wanted, as an artist would, you know, he didn't want bob dylan say let's have an open source on my lyrics and insert the words you want. they insisted they wanted the jacks, the slots, but the macintosh does not, and there's no screws you can use to open it up, and that was very steve jobs like all the way through his career really believing in tightly controlling like the gardens that he loved to visit, carefully cure rated and walled by an artist's sense it. >> moving now to the macintosh
era. so much going on at apple at that point, so much growth, and his personal courtship of john skully begins. talk a little bit about that on and off again relationship. >> it was a bad mistake. i mean, it was almost like he saw john skully like a father fig or a mentor. skully wanted to be cool and hip and wanted steve's approval, and it was, for awhile, you know, the famous line, i think it's the apartment that steve is thinking of buying, and he brings john up in new york, looking over central park, and john's demuring, and steve says do you want to spend the rest of your life, bus john was at pepsi, you know, selling sugar water, or do you want to change the world? john comes, and skully is a man of prep school sensibilities,
great manners, very kind, but he's hard -- it's hard for him to deal with conflict. steve felt the price -- why were you tough? the price of admission to being with me is that i got to be able to tell you you're full of it. actually, he used a word with two more letters with it. [laughter] and you have to tell me i'm full of it, and we'll duke it out. john was no that way. secondly, skully was basically a marketer, you know, and having run pepsi u.s., he didn't sit there worrying about the product fnlgt he was not -- he was not fiddling with the formula for dorritos saying i can make this great. it was shelf space marketing, and steve felt that skully didn't get into how awesome the mac was, and it didn't help that the mac, even though it was insanely great, skully priced it
at $2500. it did not sell very well. microsoft started licensing out its copied version, and they started dominating the computer business, and so i think the relationship was doing fine as long as app 8 was doing fine, and the apple ii was a workhorse making the money for the company, but the mac didn't, and so there was a horrible falling out on memorial day of 1985. >> before we talk a little bit more about the falling out in the post-85 period, let's talk about the invention of the macintosh itself, the design itself, and this is a point in the book where you insert the great famous quote from jobs "good artists copy. great artists steal and we've been shameless about stealing great ideas." that quote is often associated with the genesis of the
macintosh because of xerox park. >> yeah. they take two visits to xerox park, and xerox came up with the graphical interface, and a app design meaning each pixel could be mapped to bits in the microprocess e and you can make a beautiful machine. we remember, and if not, go into the museum here to remember you have to do the green letters, c-prompt with c: with whatever command, and it was god awful. and "time," we get the mac, and you can click, and there's a document. you can drag and drop. so i do a whole big section on the visits to xerox park, and the misconception that they just took the graphical interface from xerox because it takes two years of the most amazing
designers including andy and other on the team to take the metaphor that xerox used and to really make it great. you have to remember, xerox came out with the star two years out before the mac came out. it sold like seven copies in all of america. i mean, it was a bad machine. what they did when they took that metaphor was say, oh, well, take the mouse with three buttons and totally simplify it and you can click, drag, and drop and double click and open things up. we'll invent pull down menus, and bill invents clichings to have documents -- clippings to have documents on top of others to look like a messy desk top, and none of that was in the original xerox graphical interface, and so i think first of all they take the xerox metaphor and make it insanely great.
secondly, ts elliot's line there falls the shadow of conception and the reality. well, they were able to execute on it which they wanted, but it is true that part of steve's genius was looking at a thousand ideas at any given point saying this is great, that suck, and this we're going to ignore, but pulling together ideas including ideas from xerox park. >> this is one of the times where he is pushing this team incredibly hard. >> i mean, reality distortion field is coined then. one of the engineers is in charge of the boot up of the machine, and steve says it's taking too long to boot up. you have to shave ten suggests off. the guy says you can't. it's a really elegant piece of code. i can't shave it. he said if you can save a human life; would you shave ten
seconds? the engineer goes, yeah. steve goes up to the white board and says, all right, there's a million macintoshes and there's 10 seconds to boot up, and in a given year it's done this number of times and he multiplies it out and says you can save this number of lives every year if you shave off ten seconds. an example of the reality distortion field working? within a few weeks he shaved off 14 seconds. you see the screen, it's a rounded rectangle. it's bill -- i get corrected if i get the names wrong, but i think it's -- or doing what is called the primitives that you can easily put on the screen, so he does a square, which is easy and a rectangle, and then he does a circle because that's hard, but he figures out a way to do a circle. steve says you need not just a rectangle and a circle, but a
rectangle with rounded edges. the guy says, well, no, that can't be done. why do we need it? steve makes him walk around the parking lot in the neighborhood pointing to windshields and billboards, and no parking signs and saying rounded rectangles are what people see every day. they are more beautiful to look at. he came up with the primitive to do a rounded rectangle, and even, you know, those thin pinstripes on the pull down menus, steve fretted over them. even susan doing the fonts. i mean, you know, steve was there because he had taken that calligraphy course when he dropped out of reed, caring about the spacing on each one of those fonts. >> the perfection he was seeking at that point, and the almost
impossible task, asking people to perform, engendered in the book as you report it to two completely different camps it seems to me, of people who worked for jobs at that point. there were the people who says he'd push you and you were better for it. >> right. >> bud was a great engineer on the team. >> and there's others who say worst experience of my life. now, if you balance, not only in this case, but in other cases, too, the number of people you encountered who felt one way, tremendous affection, and the number of people who felt another way, what would you say -- would you say -- >> there's three categories actually because some felt both. [laughter] >> yeah. >> it was a really agonizing experience, and the best experience, but especially with the macintosh team or even with the team today, the overwhelming number say he pushed me to do things i never thought i could do. he