tearmeapart writes (edited to add more details): Cloudflare is opening up its security and speed-focused mobile VPN service called WARP and WARP Plus to the general public. WARP is a mobile app for Android and Apple to establish a VPN to CloudFlare's huge global network. Cloudflare is promising:
1. No user-identifiable log data to disk;
2. No selling browsing data;
3. No need to provide any personal information
4. Regularly get audited. This is the second time Cloudflare is launching Warp. The VPN builds on Cloudflare's existing mobile app 1.1.1.1, which encrypts domain name system connections. But Warp goes beyond this protection to encrypt the whole journey from your device to a web server and back -- even if the website itself still isn't offering HTTPS web encryption. And all of this happens quickly, without draining your battery, and without complicated setup. In an interview with Wired, Cloudflare CEO Matthew Prince said: Yeah, what we thought was going to be easy back in April turned out to be a lot harder than we expected. We had been testing this primarily in San Francisco and Austin and London, which is where the teams that were working on this are based. But as soon as users started to get anywhere that didn't have a fairly reliable internet connection, just all hell broke loose. The report adds: In describing the hurdles Cloudflare faced getting Warp off the ground, John Graham-Cumming, the company's chief technology officer, and Dane Knecht, its head of product strategy, note that many of the challenges came from dealing with interoperability issues between mobile device models, operating system versions, and different mobile network and Wi-Fi configurations around the world. For example, Warp is built on a newer secure communication protocol for VPNs known as WireGuard, which isn't ubiquitous yet and therefore isn't always natively supported by devices. The team also faced challenges dealing with web protocols and standards that are implemented inconsistently across different wireless carriers and internet service providers around the world. Cloudflare's 1.1.1.1 focuses on encrypting DNS connections specifically, but Warp aims to encompass everything in one protected tunnel. Keeping everything together as data traverses the labyrinth of servers that make up the internet, including Cloudflare's own massive network, was tough. Warp is free to use without any bandwidth caps or limitations. But Warp Plus, which is being offered through a monthly subscription fee, offers a "faster version of Warp that you can optionally pay for. The fee for Warp Plus varies by region and is designed to approximate what a McDonald's Big Mac would cost in the region. On iOS, the Warp Plus pricing as of the publication of this post is still being adjusted on a regional basis, but that should settle out in the next couple days. Warp Plus uses Cloudflare's virtual private backbone, known as Argo, to achieve higher speeds and ensure your connection is encrypted across the long haul of the Internet. We charge for it because it costs us more to provide," the company said in the blog post.

Xiaomi introduced its first phones compatible with the latest, fifth-generation cellular technology in China, as the country's once-biggest smartphone maker prepares for an uphill battle against domestic rival Huawei Technologies. From a report: At an event in Beijing, billionaire co-founder Lei Jun introduced the 5G-capable Mi 9 Pro, the latest of Xiaomi's classic product line, and gave the world a first look at a new concept phone called MIX Alpha, with a display wrapping all the way around the device. The Mi 9 Pro, built with the Qualcomm Snapdragon 855+ processor and a gluttonous serving of memory and storage, has seven antennas to ensure the fastest possible cellular speeds, with Lei showing off real-world speeds in China of over 2 gigabits per second. It will start at 3,699 yuan ($520), while a 4,299 yuan model will max out the storage at 512GB. The long-awaited phone upgrade cycle that 5G networking is set to trigger will be hotly contested ground among China's leading smartphone vendors.

An anonymous reader shares a report: Once upon a time, back when we all had mainframes and then servers in our offices, we had edge computing. Our compute power was literally down the hall. Then, along came the cloud, and all that changed. Computers were hundreds of miles but milliseconds away. Now, with the rise of IoT, 5G, and our never-satisfied need for speed, edge computing is coming back with a vengeance. Indeed, at his keynote at Open Networking Summit in Belgium, Arpit Joshipura, The Linux Foundation's general manager of networking, said "edge computing will overtake cloud computing" by 2025.

When Joshipura is talking about edge computing, he means compute and storage resources that are five to 20 milliseconds away. He also means edge computing should be an open, interoperable framework. This framework should be independent of hardware, silicon, cloud, or operating system. Open-edge computing should also work with any edge-computing use case: Internet of Things (IoT) edge, a telecom edge, cloud edge, or enterprise edge, whatever, "Our goal here is to unify all of these." This is being done via LF Edge. This Linux Foundation organization seeks to bring all edge computing players under one umbrella with one technology. Its purpose is to create a software stack that unifies a fragmented edge market around a common, open vision for the future of the industry. To make this happen, Joshipura announced two more projects were being incorporated into LF Edge: Baetyl and Fledge.

Scraping public data from a website doesn't constitute "hacking," according to a new court ruling that could dramatically limit abuse of the United States' primary hacking law. From a report: The ruling comes after a lengthy battle between data analytics firm HiQ Labs and Microsoft owned LinkedIn, which have been at each other's throats for several years over HiQ Labs' practice of scraping the business social networking website's public-facing data, then selling it (fused with other datasets) to a laundry list of employers. In the ruling by The Ninth Circuit Court of Appeals, the court shot down LinkedIn's claim that access to this public data violated the Computer Fraud and Abuse Act (CFAA). In its declaration, the court ruled that to violate the CFAA, somebody would need to actually "circumvent [a] computer's generally applicable rules regarding access permissions, such as username and password requirements," meaning it's not really hacking if you're not bypassing some kind of meaningful authorization system.

"Biohackers took one small but important step toward the science fiction dystopia depicted in William Gibson's Johnny Mnemonic," reports The Parallax, in an article shared by a Slashdot reader: The Four Thieves Vinegar biohacking collective has not figured out how to precisely mimic the memory data transfer scenario Gibson conjured, but it has built a device to enable people to store and transfer data wirelessly in their bodies. Using off-the-shelf parts and focused efforts, the biohacking group has designed and built a networked hard drive, coated in a biosafe resin, to be subcutaneously implanted in the human body. It's powered by an external battery that connects to the device via an induction coil, and its storage capacity is limited only by the size of the microSD card it contains. Michael Laufer, who founded Four Thieves Vinegar, calls it the Pegleg.

In the small hours of August 8, in an operating room within the small house, two patients received the second version of the Pegleg implant, which Laufer says is the world's first subcutaneous networked drive... To make Pegleg v2, Laufer and his team removed from the Raspberry Pi both Micro USB connectors (one for power, one for data), the Mini HDMI connector, and the camera connector. They then soldered on a second Wi-Fi chip to enable it to transfer data to another Pegleg and allow other devices to connect to it, as well as an induction coil to enable it to be powered by a wireless battery resting in a contiguous sports armband or pants pocket. They enabled Bluetooth for future functionality, inserted a 512GB microSD card for storage, and updated the firmware. Finally, they coated the hacked device in a biocompatible acrylic resin to prevent it from interacting with the recipient's body and to diffuse the heat it emanates.

At 11:44 a.m. on the same day, Laufer -- an implant newbie who has three small tattoos but no piercings -- took a seat in the surgical room... During the procedure, Laufer passed out for a few seconds and vomited a little bit. But 32 minutes later, he had a functional "Pegleg" implant.

The Department of Homeland Security plans to expand its social media profile collection program from US visa applicants to also include data from immigrants, asylum seekers, and refugees. From a report: The DHS published a notice on the federal registry describing its future data collection practice this week. The agency plans to ask immigrants, asylum seekers, and refugees to provide usernames -- without passwords -- for 19 social networking sites: Ask.fm (Q&A site), Douban (China-based social network), Facebook, Flickr, Instagram, LinkedIn, MySpace, Pinterest, QZone (QQ) (China-based social network, IM app), Reddit, Sina Weibo (China-based microblogging service), Tencent Weibo (China-based microblogging service), Tumblr, Twitter, Twoo (Belgium-based social network), Vine, VKontakte (VK), Youke (China-based video sharing portal), YouTube. These are the same social media profiles that the DHS had been collecting through the Customs and Border Protection (CBP) agency from US visa applications -- people who applied for entry in the US from a country where a visa card is required.

Samsung has announced a new prototype key-value SSD that is compatible with the first industry standard API for key-value storage devices. "Earlier this year, the Object Drives working group of Storage Networking Industry Association (SNIA) published version 1.0 of the Key Value Storage API Specification," reports AnandTech. "Samsung has added support for this new API to their ongoing key-value SSD project." From the report: Samsung has been working on key-value SSDs for quite a while, and they have been publicly developing open-source software to support KV SSDs for over a year, including the basic libraries and drivers needed to access KV SSDs as well as a sample benchmarking tool and a Ceph backend. The prototype drives they have previously discussed have been based on their PM983 datacenter NVMe drives with TLC NAND, using custom firmware to enable the key-value interface. Those drives support key lengths from 4 to 255 bytes and value lengths up to 2MB, and it is likely that Samsung's new prototype is based on the same hardware platform and retains similar size limits.

Samsung's Platform Development Kit software for key-value SSDs originally supported their own software API, but now additionally supports the vendor-neutral SNIA standard API. The prototype drives are currently available for companies that are interested in developing software to use KV SSDs. Samsung's KV SSDs probably will not move from prototype status to being mass production products until after the corresponding key-value command set extension to NVMe is finalized, so that KV SSDs can be supported without needing a custom NVMe driver. The SNIA standard API for key-value drives is a high-level transport-agnostic API that can support drives using NVMe, SAS or SATA interfaces, but each of those protocols needs to be extended with key-value support.

An anonymous reader quotes a report from ScienceDaily: Social networking sites (SNS) such as Facebook and Instagram are known to cause stress in users, known as technostress from social media. However, when faced with such stress, instead of switching off or using them less, people are moving from one aspect of the social media platforms to another -- escaping the causes of their stress without leaving the medium on which it originated. Research into the habits of 444 Facebook users revealed they would switch between activities such as chatting to friends, scanning news feeds and posting updates as each began to cause stress. This leads to an increased likelihood of technology addiction, as they use the various elements of the platform over a greater timespan. Researchers from Lancaster University, the University of Bamberg and Friedrich-Alexander Univeristat Erlangen-Nurnberg, writing in Information Systems Journal, found that users were seeking distraction and diversion within the Facebook platform as a coping mechanism for stress caused by the same platform, rather than switching off and undertaking a different activity. Professor Sven Laumer said: "We found that those users who had a greater social media habit- needed less effort to find another aspect of the platforms, and were thus more likely to stay within the SNS rather than switch off when they needed to divert themselves. The stronger the user's SNS habit, the higher the likelihood they would keep using it as a means of diversion as a coping behavior in response to stressors, and possibly develop addiction to the SNS."

"Users go to different areas of the platform which they see as being separate and that they use in different ways. With Facebook, there are features that take you into different worlds within the same platform. You can be in many different places all from the same application, for example following friends' activities, posting pictures about daily activities, switching to a chat feature or playing games."

The study has been published in the Information Systems Journal.

AmiMoJo quote the Verge: At least three smart June Ovens have turned on in the middle of the night and heated up to 400 degrees Fahrenheit or higher. The ovens' owners aren't sure why this happened, and June tells The Verge that user error is at fault...

The June Oven debuted in 2015 as a $1,495 countertop oven that uses a camera and computer vision to identify food that's been placed inside. The company raised nearly $30 million in funding and released its second-generation version in 2018 for $599. It's billed as "seven appliances in one": an air fryer, dehydrator, slow cooker, broiler, toaster, warming drawer, and convection countertop oven. It also pairs with an app that allows people to choose their temperature and cooking settings, as well as live stream their food as it cooks thanks to the built-in camera.
The company is planning an update that'll hopefully remedy the situation and prevent it from happening again, but that change isn't coming until next month.

Networking and web security giant Cloudflare says the recent 8chan controversy may be an ongoing "risk factor" for its business on the back of its upcoming initial public offering. From a report: The San Francisco-based company, which filed its IPO paperwork with the U.S. Securities and Exchange Commission on Thursday, earlier this month took the rare step of pulling the plug on one of its customers, 8chan, an anonymous message board linked to recent domestic terrorist attacks in El Paso, Texas and Dayton, Ohio, which killed 31 people. The site is also linked to the shootings in New Zealand, which killed 50 people. 8chan became the second customer to have its service cut off by Cloudflare in the aftermath of the attacks. The first and other time Cloudflare booted one of its customers was neo-Nazi website The Daily Stormer in 2017, after it claimed the networking giant was secretly supportive of the website.

"Activities of our paying and free customers or the content of their websites and other Internet properties could cause us to experience significant adverse political, business, and reputational consequences with customers, employees, suppliers, government entities, and other third parties," the filing said. "Even if we comply with legal obligations to remove or disable customer content, we may maintain relationships with customers that others find hostile, offensive, or inappropriate."

Facebook has been paying hundreds of outside contractors to transcribe clips of audio from users of its services, Bloomberg reported Tuesday, citing people with knowledge of the work. From the report: The work has rattled the contract employees, who are not told where the audio was recorded or how it was obtained -- only to transcribe it, said the people, who requested anonymity for fear of losing their jobs. They're hearing Facebook users' conversations, sometimes with vulgar content, but do not know why Facebook needs them transcribed, the people said. Facebook confirmed that it had been transcribing users' audio and said it will no longer do so, following scrutiny into other companies.

"Much like Apple and Google, we paused human review of audio more than a week ago," the company said Tuesday. The company said the users who were affected chose the option in Facebook's Messenger app to have their voice chats transcribed. The contractors were checking whether Facebook's artificial intelligence correctly interpreted the messages, which were anonymized. [...] The social networking giant, which just completed a $5 billion settlement with the U.S. Federal Trade Commission after a probe of its privacy practices, has long denied that it collects audio from users to inform ads or help determine what people see in their news feeds.

Microsoft on Monday announced a long-term partnership with India's top telecom network Reliance Jio to reach "millions" of small and medium businesses clients in the key overseas market. From a report: The 10-year alliance between the two will see them launch new cloud data-centers in India to ensure "more of Jio's customers can access the tools and platforms they need to build their own digital capability," said Microsoft CEO Satya Nadella in a video appearance Monday. Three-year-old Reliance Jio has amassed more than 340 million subscribers in the country. "At Microsoft, our mission is to empower every person and every organization on the planet to achieve more. Core to this mission is deep partnerships, like the one we are announcing today with Reliance Jio. Our ambition is to help millions of organizations across India thrive and grow in the era of rapid technological change. Together, we will offer a comprehensive technology solution, from compute to storage, to connectivity and productivity for small and medium-sized businesses everywhere in the country," he added.

As part of the partnership, Nadella said, Jio and Microsoft will jointly offer Azure, Microsoft 365, and Microsoft AI platforms to more organizations in India, and also bring Azure Cognitive Services to more devices and in 13 Indian languages to businesses in the country. The solutions will be âoeaccessibleâ to reach as many people and organizations in India as possible, he added. The cloud services will be offered to businesses for as little as Rs 1,500 ($21) per month. The first two data-centers will be set up in Gujarat and Maharashtra by next year. Jio will migrate all of its non-networking apps to Microsoft Azure platform and promote its adoption among its ecosystem of startups, the two said in a joint statement.

Last year the city of San Diego installed 3,200 smart streetlights, each one monitoring 36 x 54 meters of pavement. They originally used the data to time traffic signals -- but now Slashdot reader Tekla Perry summarizes a report from IEEE Spectrum: Developers for the City of San Diego spent months training its smart streetlights to recognize and count bicycles from just about any angle. The system is now monitoring bicycle traffic, but a few issues remain--figuring out how to distinguish between bicycles being ridden--and those doing the riding, like on a bike rack or thrown in a pickup truck.

The software has a similar problem with pedestrian-counting: When a convertible comes into view, it is counted as both a car and a pedestrian--the visible driver.

After months of conflicting statements from Huawei executives, the Chinese networking giant on Friday officially unveiled HarmonyOS, the much-anticipated microkernel-based, distributed operating system that it has developed to power smartphones, laptops, and smart home devices as the company attempts to reduce its reliance on American firms. From a report: HarmonyOS will be made available for deployment in smart screen products such as TV, smart watches, and in-vehicle infotainment systems later this year, said Richard Yu, CEO of the Huawei consumer division at company's developer conference. In next three years, Huawei, the world's second largest smartphone vendor, will look to bring HarmonyOS to more devices including smartphones, he said. Yu said, without offering any proofs, that HarmonyOS is "more powerful and secure than Android." He said HarmonyOS' IPC performance is five times that of Google's Fuchsia. The top executive also claimed that HarmonyOS' microkernel has "one-thousandth the amount of code in the Linux kernel. The company said it intends to continue to use Android moving forward, but HarmonyOS is officially its back-up plan if things go south. "We will prioritize Android for smartphones, but if we can't use Android, we will be able to install HarmonyOS quickly," Yu said.

On Friday technologist Bruce Schneier wrote that after reviewing responses from WhatsApp, he's concluded that reports of a pre-encryption backdoor are a false alarm. He also says he got an equally strong confirmation from WhatsApp's Privacy Policy Manager Nate Cardozo, who Facebook hired last December from the EFF. "He basically leveraged his historical reputation to assure me that WhatsApp, and Facebook in general, would never do something like this."

Schneier has also added the words "This story is wrong" to his original blog post. "The only source for that post was a Forbes essay by Kalev Leetaru, which links to a previous Forbes essay by him, which links to a video presentation from a Facebook developers conference." But that Forbes contributor has also responded, saying that he'd first asked Facebook three times about when they'd deploy the backdoor in WhatsApp -- and never received a response.

Asked again on July 25th the company's plans for "moderating end to end encrypted conversations such as WhatsApp by using on device algorithms," a company spokesperson did not dispute the statement, instead pointing to Zuckerberg's blog post calling for precisely such filtering in its end-to-end encrypted products including WhatsApp [apparently this blog post], but declined to comment when asked for more detail about precisely when such an integration might happen... [T]here are myriad unanswered questions, with the company declining to answer any of the questions posed to it regarding why it is investing in building a technology that appears to serve little purpose outside filtering end-to-end encrypted communications and which so precisely matches Zuckerberg's call. Moreover, beyond its F8 presentation, given Zuckerberg's call for filtering of its end-to-end encrypted products, how does the company plan on accomplishing this apparent contradiction with the very meaning of end-to-end encryption?

The company's lack of transparency and unwillingness to answer even the most basic questions about how it plans to balance the protections of end-to-end encryption in its products including WhatsApp with the need to eliminate illegal content reminds us the giant leap of faith we take when we use closed encryption products whose source we cannot review... Governments are increasingly demanding some kind of compromise regarding end-to-end encryption that would permit them to prevent such tools from being used to conduct illegal activity. What would happen if WhatsApp were to receive a lawful court order from a government instructing it to insert such content moderation within the WhatsApp client and provide real-time notification to the government of posts that match the filter, along with a copy of the offending content?

Asked about this scenario, Carl Woog, Director of Communications for WhatsApp, stated that he was not aware of any such cases to date and noted that "we've repeatedly defended end-to-end encryption before the courts, most notably in Brazil." When it was noted that the Brazilian case involved the encryption itself, rather than a court order to install a real-time filter and bypass directly within the client before and after the encryption process at national scale, which would preserve the encryption, Woog initially said he would look into providing a response, but ultimately did not respond.

Given Zuckerberg's call for moderation of the company's end-to-end encryption products and given that Facebook's on-device content moderation appears to answer directly to this call, Woog was asked whether its on-device moderation might be applied in future to its other end-to-end encrypted products rather than WhatsApp. After initially saying he would look into providing a response, Woog ultimately did not respond.
Here's the exact words from Zuckerberg's March blog post. It said Facebook is "working to improve our ability to identify and stop bad actors across our apps by detecting patterns of activity or through other means, even when we can't see the content of the messages, and we will continue to invest in this work. "

simpz writes: Does anyone know of a fairly inexpensive webcam that doesn't depend on a cloud service? A few years ago, you could buy a cheap webcam (with the usual pan/tilt and IR) for about $50 that was fully manageable from a web browser. Nowadays the web interfaces are limited in functionality (or non-existent), or you need a phone app that doesn't work well (maybe only working through a cloud service). I've even seen a few cheap ones that still need ActiveX to view the video in a web browser, really people!

I'd like to avoid a cloud service for privacy and to allow this to operate on the LAN with no internet connection present. Even a webcam where you can disable the cloud connection outbound would be fine and allow you to use it fully locally. I guess the issue is this has become a niche thing that the ease of a cloud service connection probably wins for most people, and other considerations don't really matter to them.

I had a brief look at a Raspberry Pi solution, but didn't see anything like a small webcam form factor (with pan/tilt etc). Alternatively, are there any third-party firmwares for commercial webcams (sort of a OpenWRT-, DD-WRT-, or LineageOS-style project for webcams) that could provide direct local access only via a web browser (and things like RTSP)?

An anonymous reader quotes a report from Ars Technica: About 200 million Internet-connected devices -- some that may be controlling elevators, medical equipment, and other mission-critical systems -- are vulnerable to attacks that give attackers complete control, researchers warned on Monday. In all, researchers with security firm Armis identified 11 vulnerabilities in various versions of VxWorks, a slimmed-down operating system that runs on more than 2 billion devices worldwide. Billed collectively as Urgent 11, the vulnerabilities consist of six remote code flaws and five less-severe issues that allow things like information leaks and denial-of-service attacks. None of the vulnerabilities affects the most recent version of VxWorks or any of the certified versions of the OS, including VxWorks 653 or VxWorks Cert Edition.

For the 200 million devices Armis estimated are running a version that's susceptible to a serious attack, however, the stakes may be high. Because many of the vulnerabilities reside in the networking stack known as IPnet, they can often be exploited by little more than boobytrapped packets sent from outside the Internet. Depending on the vulnerability, exploits may also be able to penetrate firewalls and other types of network defenses. The most dire scenarios are attacks that chain together multiple exploits that trigger the remote takeover of multiple devices. "Such vulnerabilities do not require any adaptations for the various devices using the network stack, making them exceptionally easy to spread," Armis researchers wrote in a technical overview. "In most operating systems, such fundamental vulnerabilities in the crucial networking stacks have become extinct, after years of scrutiny unravelled and mitigated such flaws." VxWorks-maker Wind River says the latest release of VxWorks "is not affected by the vulnerability, nor are any of Wind Rivers' safety-critical products that are designed for safety certification, such as VxWorks 653 and VxWorks Cert Edition used in critical infrastructure."

Wind River issued patches last month and is in the process of notifying affected customers of the threat.

An anonymous reader shares a report: For the better part of two years, the folks at Mozilla have been diligently chipping away at Mozilla WebThings, an open implementation of the World Wide Web Consortium's (W3C) Web of Things standard for monitoring and controlling connected devices. In April, it gained a number of powerful logging, alarm, and networking features, and this week, a revamped component of WebThings -- WebThings Gateway, a privacy- and security-focused software distribution for smart home gateways -- formally debuted. Experimental builds of WebThings Gateway 0.9 are available on GitHub for the Turris Omnia router, with expanded support for routers and developer boards to come down the line. (Separately, there's a new build compatible with the recently announced Raspberry Pi 4.) Mozilla notes that it currently only offers "extremely basic" router configuration and cautions against replacing existing firmware, but the company says that it's a noteworthy milestone in its path to creating a full software distribution for wireless routers.

The Federal Trade Commission plans to allege that Facebook misled users' about its handling of their phone numbers as part of a wide-ranging complaint that accompanies a settlement ending the government's privacy probe, Washington Post reported Tuesday, citing two people familiar with the matter. From the report: In the complaint, which has not yet been released, federal regulators take issue with Facebook's earlier implementation of a security feature called two-factor authentication. It allows users to request one-time password, sent by text message, each time they log onto the social-networking site. But some advertisers managed to target Facebook users who uploaded those contact details, perhaps without the full knowledge of those who provided them, the two sources said. The misuse of the phone numbers was first identified in media reports and by academics last year [PDF]. The FTC also plans to allege that Facebook had provided insufficient information to users -- roughly 30 million -- about their ability to turn off a tool that would identify and offer tag suggestions for photos, the sources added. The sources spoke on the condition of anonymity. The facial recognition issue appears to have first been publicized earlier this year by Consumer Reports.

There are now upward of 700,000 podcasts, according to the podcast production and hosting service Blubrry, with between 2,000 and 3,000 new shows launching each month. From a report: The frequency with which podcasts start (and then end, or "podfade," as it's coming to be known in the trade) has produced a degree of cultural exhaustion. We're not necessarily sick of listening to interesting programs; but we're definitely tired of hearing from every friend, relative and co-worker who thinks they're just an iPhone recording away from creating the next "Serial." "Anyone can start one and so anyone who thinks they can start one will do it," said Nicholas Quah, who runs an industry newsletter called Hot Pod. "It's like the business of me." "Being a podcast host plays into people's self-importance," said Karen North, a clinical professor of communication at the Annenberg School for Communication and Journalism at the University of Southern California. And it projects that importance to others. Public speaking and consulting gigs now often go to "the person who's the expert and has the podcast," she said.

People use all kinds of metrics to tout the popularity of their shows, whether it's the number of iTunes reviews they get or the total downloads they receive per month. These metrics mean different things and don't necessarily connote success. And as recent social media scandals have shown, popularity can be purchased. But Dr. North said that having a big audience doesn't necessarily matter. "When people interview experts, even if nobody ever listens to the podcast, hosts get the benefit of learning from and networking with the guest," she said. "It's a great stunt." Call him cynical, but Jordan Harbinger, host of "The Jordan Harbinger Show" podcast, thinks there is a "podcast industrial complex." Hosts aren't starting shows "because it's a fun, niche hobby," he said. "They do it to make money or because it will make them an influencer."