100 episodes with our guests - the best moments of this Week in NET

Welcome back to our 100 episode celebration of This Week in NET. In this part we're looking back at some of our most memorable guests. From Internet pioneer Geoff Huston, Cloudflare's co -founders Matthew Prince and Michelle Zatlyn, to Nicholas Thompson from The Atlantic, Chris Anderson from TED, Ted .com, Oliver Goodmunson, Alyssa Starzak, Emily Hancock, Kenton Varda among many others of Cloudflare's experts. But first here's a quick look at what's new on the Cloudflare blog and sorry for my raspy voice. First we share how the business intelligence team built JetFlow, a new data ingestion framework that already handles 77 billion records per day soon to reach 141 billion faster, cheaper and possibly open-sourced in the future. There is a security update on critical SharePoint vulnerabilities showing why quick response is key. There's also the Q2 2025 Internet Disruption Summary that reviews global outages from shutdowns, cable damage, cyberattacks and technical issues. For those who love system design stories, the two-part series on Quicksilver v2 explores how we scale our distributed key value store to over 3 billion keys per second. We also broke down the 1.1.1 outage on July 14, explaining what happened and how we're preventing future issues. In the Q2 DDoS Threat Report, we saw record-breaking attacks, one peaking 7.3 terabits per second, all blocked automatically by our defenses. On the Zero Trust side, we introduced egress policies by hostname, now in open beta, and also explained how TimescaleDB helps us scale analytics. Goldthread was also recognized as a visionary in the 2025 Gartner Magic Quadrant for SaaSy platforms. And there's also two fresh blog posts in our blog. The White House AI Action Plan exploring the U .S. government's latest AI priorities and we have some views from our policy team on that. Now, let's dive into highlights from our guests who helped shape these 100 episodes. What? Hello and welcome to This Week in Net already with a Christmas vibe for sure. I'm João Tomei coming to you from Lisbon, Portugal and I'm João Tomei based in cold Lisbon. And with me I have as usual our CTO, John Graham-Cumming. Hello, John. It's not that cold, João. It is cold. It is cold. For Lisbon. All right. It's cold for Lisbon. Last but not least, I ask this a lot to Cloudflare employees when I have them on the show. I'll ask you, what is the thing about Cloudflare that most people don't realize in general, but they should potentially? You know, I think one of the things that we've done, which I think is different than a lot of other companies, most companies, they take their most interesting projects and they hold them at headquarters. We've always sort of thought the opposite was the right strategy. So we push a lot of our most interesting projects out to the edges of Cloudflare. So here in Lisbon, you know, a lot of the work that we do in AI, all the work that's being done in radar, which is the global analytics platform that Cloudflare provides to see the health of the Internet and the web overall, that's all being done here. A lot of our top security work is being done in London. I think that that's one of those things where we do it differently than a lot of others, where we really think that actually the easiest place to be innovative and especially to do disruptive innovation is further away from headquarters. Actually, the way we do product development at Jam is what we learned from Dane, who runs the emerging technologies team here at Cloudflare. So on Dane's team, they do something that most teams don't, which is they built zero to one products and they have a special formula for doing so. That's what we use at Jam now too. The first step is you build a prototype that's meant to be thrown away. And the reason for that is you learn more from a prototype than you do from a PRD. And so you write throwaway code so it's fast, but you can get something in hands and just start using it and learn. So step one, prototype. Step two, you discard the prototype and then you build what you actually wanted to build. And you get it to something that the team itself can use and no external customers use it until it's good enough for the teams. There are iteration cycles there. Step three is a customer beta and step four is a launch. We learned it from Cloudflare and we do it now at Jam. Is OpenAI, the company that does a lot of work on AI stuff, just released a chat that people can ask questions to their AI and their AI replies. And you can go from, hey, write code to do this or just explain to me what's the meaning of life, things like that. You can go philosophical or just really technical and it always gives a reply. But the thing is, the differences between replies are really amazing. So the system seems really to be sure at all times, which sometimes is a little bit worrisome, I think. What do you think? I agree with you. And if you ask it something that's perhaps not very concrete, it always comes up with a reply and sometimes it gets things horribly wrong. It seems to think I'm married to a woman called Claire and living in the UK. Yeah, you did that test, right? It's going to be news to my wife. But there is something very interesting. So I put up on the screen here, chat GPT, and it can write code. And it can certainly write code that is very short chunks of code pretty easily. And I'm fascinated by this. So I'll do a live demo. We'll see if this works out. But I tried this earlier on, which as I said, write a Cloudflare worker that returns a Magic 8-Ball response. So in the US, they have these things called Magic 8-Balls, which is this sort of round ball and you shake it and slowly words appear. It's actually a fascinating, simple device, but words appear giving you a sort of slightly vague sort of suggestion. Essentially, the idea is you ask the Magic 8-Ball question. So there's a set of standard responses which are inside it. It's totally mechanical. It's actually based on a liquid inside it. So what if you wanted to write a Cloudflare worker that returns a Magic 8-Ball? Well, chat GPT will actually write this for you. So I hope this actually works now if I do it live, because I did it earlier. And it knows that people write often in JavaScript. And these are actually the answers that come from a real Magic 8 -Ball. Things like Outlook not so good. And it writes code that randomly selects ones and returns it. And I've actually taken this and deployed it. And it works perfectly. Hi, I'm Mio Wang, Director of Strategy and M&A on Cloudflare's Special Projects Team. I also have the honor of leading the Workers Launchpad Funding Program, which is a $2 billion program to help support startups building on Cloudflare's developer platform. Hi, I'm Gift Eguinu. I work as a Developer Advocate on the Workers Developer Community Team here at Cloudflare. Hi, my name is Daniel Manage, and I am the Global Lead for the Commercial and Connection Portfolio. Hi, I'm Zane Zade. I'm the Head of U.S. Public Policy at Cloudflare. I was born in Washington, D.C., and I currently live in Washington, D.C., although I've lived in other places all around the world. I'm actually coming to you live from the Summit for Democracy here in Washington, D.C. Hi, I'm Angela, and I'm on Cloudflare's Customer Success Team. I'm currently based in Sydney. However, this is still relatively new, since I just transferred here from San Francisco about six months ago. I'm Andy. I'm based in Austin, and I'm on Cloudflare's Public Policy Team. Hey, everybody. My name is Matthew Bullock, and I'm Product Manager for Speed and FL, or Frontline, at Cloudflare in London. And that's where I'm currently coming from today, the London office, see Westminster Bridge, Houses of Parliament, and Elizabeth Tower with Big Ben in behind me. Hey, everyone. My name is Patrick Day. I'm part of the Impact Team here at Cloudflare. This week, we are at RightsCon in Costa Rica. Thanks for having us on the show. I'm a big fan. Why are we here? So, this is the largest technical rights conference in the world. Any final thoughts before we go on your experience, your amazing experience over the years, like the biggest lesson learned you want to share possibly with the audience of 2023, December 2023? It's all about the humans. It's all about that everybody has a voice. What I tell my teams, whenever you're working on a problem, you never know where the good idea is going to come from. So, it is the process of talking things through, listening to each other that makes the difference, allows us to build the best possible thing. Today, I am fearful that lots of people are starting to tune out anything that is not within their agreement, and becoming more and more narrow-minded. And that is a bad thing. You have to keep an open mind at all times. Absolutely. Yeah, I've been very fortunate, and I really liked the experience that I've had over the years, and being able to work with and talk to amazing people, and getting people to work towards carbon emissions. It has been a total privilege. The most positive thing on the Internet for you? Oh, I never dreamt of this life. I never dreamt that I could live in Australia, the bottom of the South Pacific, and be working on cutting-edge technology with people who are outstanding in their field, and do so for decades. And it's kind of, wow, that is unbelievable. The positive sides of this are just liberating, in terms of individual aspirations and collective endeavour. The downside is, oh my god, ads, oh my god, all this craft. But the upside is just totally uplifting, and if you concentrate on that, the Internet truly is a wonderful place. Well, this is the existential question for humanity. There's a chance that it takes us into dystopia. I spoke about this here this morning, but there's a chance that if we continue to provoke the worst in each other, we'll make it impossible to do anything else except fight and bicker. We could tear apart a lot of what we've built. I'm hopeful that people realize how crazy this is, and that there are huge efforts underway to moderate the worst of this. I think it needs new business models. I think it needs absolute determination by the big companies and by everyone else online to try to remember what the Internet is actually good at. The Internet is amazing at pulling people together. There are lots of beautiful things that can go viral online. We need to double down on doing that, on getting past the situation where the only stuff that is viral and compelling is the dark stuff, which is what our algorithms are currently doing to us. That's unbelievably dangerous. Education and the ability to build strong in-person communities, because the way I think, and from what I've seen in research, that you counter radicalization and that you counter the isolation that can accompany being driven into some of these darker corners of the Internet, is you build real in-person connections and you build bonds. And that starts at our schools, that starts in our local communities, that starts with investing in our libraries. There are so many different ways in the real world that we need to improve things that I think will help create this platform for a healthier digital world. In addition to, again, the researcher transparency access initiatives, the idea that maybe you need to start running pilot programs. Maybe the government needs to start funding pilots on what regulation could look like, or seed funding new and alternative models that don't necessarily rely on our same market-based incentives that, as we talked about, don't really work for things like journalism. You just wrapped things up. I was curious, you mentioned your students. What do they think about these topics and do they surprise you in terms of their opinions? Oh, my students are the best, so, and I'm not biased, I swear. So, what I really enjoy about teaching at Georgetown is that we get such a diverse array of students. Everyone from 20-year -olds from the UK who came over to get an LLM to a military prosecutor who's, you know, been in the business for 20 years and decided to come back and just get a degree, and everybody in between. So, I think that one of the things that has really been interesting to hear my students talk about is just the way that their relationship with online changes, and even sometimes their kids relationship with the Internet changes, which is really rough when, you know, my students haven't heard of, like, AOL screen names, right, or I'll make a reference to Lord of the Rings, and they're like, what was that from? So, you know, so, besides the fact that, like, the references have changed a lot, I think it's really interesting to see them and their hopefulness and their optimism about the Internet, but also their very real recognition of the dangers of the loss of journalism, right? I think that's something that really came up a lot in our class, especially with the tumultuous world events we've seen, you know, my students were really concerned about where do we go for true information, and that is just such a hunger that, A, is great to see in the next generation, but is also a very real concern. The main thing about the Internet they don't realize? Yeah. I don't think people realize quite how complex, maybe it's because I'm talking to someone from Cloudflare, quite how complex and interesting the process is by which information gets to you, and the number of different players along the stack from your CDN to, you know, your service provider, whether it's, whatever company is providing your ISP, and I don't think they realize the influence that those different companies have and the decisions they can make, and I think you're going to see some interesting ways, and I have no idea how that plays out in years to come. Hello, John. Good afternoon, morning, night, wherever you're watching this. Exactly, that's a recurrent catchphrase you're using. Someone asked about AI, how different is this AI moment we're living in now compared with the AI and machine learning you witnessed a few decades ago, and how can it impact the Internet in different aspects? Well, so given my age, I remember the AI winter, so when there was this great outpouring of research, money went into it, funnily enough, often using functional programming languages, which I love, there was this idea that the AI expert systems were going to be this incredible moment, and it's sort of in the late 1970s, and of course, that all died out because those systems reached a limit, and it was clear that they weren't going beyond that limit anytime soon, and of course, what we've seen recently is a real explosion in AI, in particular, because of transformers, and so we're seeing things like chat GPT, we're seeing things like stable diffusion, and DALI, and all these kinds of things, and I think that the real question to ask is, does that actually reach a limit in the way that happened with the AI winter, or are we into a bright new horizon? My view is actually that we're not hitting the limit. We might be hitting the limit in particular in the models we have today, but this has become a huge area of research, and so if you look at what was happening in the 1970s with AI, it was still a relatively small group of people doing the research, but now we see, partly because of the Internet, partly because of open source, which has made a big difference, seeing a tremendous amount of work going into AI, so I suspect there are new innovations to come, and I suspect that we are really living in a different AI world than we were, than the situation we had before the AI winter Is there one thing regarding Cloudflare and privacy that most people probably don't realize than they should? You know, the thing that I think a lot of people don't realize is, yes, there's a lot of data flowing across our network, but we don't retain that data, and I think it makes people, their customers, feel nervous when they think about how much data is going to go across our network, but the privacy commitments we have made from the day the company was founded about not monetizing that end-user data for advertising or behavioral tracking, those things are critically important to the company, and so I think this idea that, yes, there's a lot of data, but the creepy stuff isn't happening, I think that's one of the things that I want to make sure people know, and that, so I guess that there's not just one, but I think that the other thing is that we are developing products with privacy in mind, and so all of the security services we offer are services that are privacy-first security, so we really want to make sure that there's a lot of control over what is and isn't gathered when it comes to personal data for our customers, and making sure that people know that security is a way to really protect personal data. Cybersecurity will never be resolved in a way, right? You know, it never is a long time, but cybersecurity is fundamentally about people, not about technology, and people will always be people. We're going to always have disputes. There are always going to be people who want to break the rules. There are always going to be parasitical strategies in society, so to the extent that cybersecurity mirrors human institutions and human social systems, there'll always be need for it, right? It's, which founding father said, if all men were angels, right, no security would be necessary, right? People will never be angels. It's not our nature. And there's a lot of people, so. There's a lot of people, so if you're Five Sigma, like, there's still a lot of you have to worry about. Yeah, so it's actually worth some history on that one. So when I started in 2017, Project Galileo had been around for three years already, which is amazing. You know, we launched Project Galileo, which is our project to provide free services to nonprofits three years earlier, actually. We were a very small company. And the idea behind it was really working with civil society partners who could help us figure out which entities needed protection. And since then, it has grown so, so much. We are, we're, we have, we protect entities in more than 111 countries. We, we have thousands of different entities. I think we're over, we're definitely over 2,500. I can't remember now. We are over 2,500. Maybe 2,900. I can't remember the exact number. But, but it's also the sort of understanding of why we do it and what it does, how it fits into our mission, our bigger mission and what it means. Because if you think about that idea, the power of serving everybody, that there are people in that world who are especially important. That sounds funny, but, but it's true, right? If you are somebody who is a human rights defender, if you are somebody who's an independent journalist, the idea of keeping you online is incredibly important. Making sure that you're safe online, thinking about how to make sure your internal networks don't get breached, right? All of those things for an entity like that is especially important. And so for us, there's this, this collaboration with, there's sort of alignment with the mission for the, for our impact programs that I find incredibly powerful. And it's sort of a, who is Cloudflare component? What are we trying to do? It's a, it's a, it's a reflection of the mission that we already have, not something that's an independent project. I think that's the most powerful thing about it. TCP, the protocol TCP, is doing this month, May, 50 years since the paper from Vint Cerf and Bob Kahn was published. It was in May, 1974, and it was published by the IEEE. So the organization in terms of engineering published that protocol, the transmission control protocol at the time. So 50 years is a long time. Most folks don't know what TCP is all about, but they sure use it in a sense, right? Well, they do. And so, you know, you're referring, I think, to RFC 675, which was the RFC that came out of the article you're talking about. And it's, what's interesting about the original description of TCP is it's the first thing that actually refers to the Internet. It refers to an inter -network, which is what the Internet is, right? It's a network of networks and uses the, you know, the short, the short form of Internet, if I remember well. And so that's actually, you know, interesting in itself. And the TCP protocol, what's amazing is, I mean, I can't believe it's 50 years, is the fact that we have this protocol, which was created when the network essentially didn't exist and has really stood the test of time with only quite minor tweaks over a 50-year period. And I think perhaps its most important feature is that it has prevented the Internet from collapsing under its own weight. Because of the way TCP works, it is able to prevent a, what's called a congestion collapse, where you just get congestion at the point where the network no longer works. And it has a method of doing congestion avoidance. Should I ask a more broad question? Why is TCP important? TCP is fundamental to the Internet. Relatively speaking, it's one of the few technologies that has been able to assist. TCP is the part that most Internet software uses on a constant basis. I suppose to understand why TCP matters, you should actually go back to the beginning and understand the environment in which it was designed. When we talk about Internet protocols, you know, the core, what they call the narrow waste, or what everything kind of funnels through, is TCP-IP, this pair of protocols. There's been lots of things that have come and gone, or been overtaken by newer versions and updates, but TCP is a great example of something that's like, well, I like to think of quite elastic. I have this, you know, this idea, and I would like to think that we can sort of make it a reality, is imagine firing up your favorite deep research product from any one of these amazing sort of foundation model or sort of AI-driven companies. And you say, I want to get, I want to educate me about this particular topic. Maybe it's a health topic. Maybe it's a legal brief analysis. Maybe it's about gardening, whatever the concept is. And you say, here's my budget. You know, here is $10, $20, $200. Whatever the amount is, here is some budget to go out there. And that deep research agent can go out and find you the best, most interesting, highly relevant, curated content for you and your particular need. Like, I just, I keep going back to this example when I think about it, because that, for me as a consumer, that'd be amazing. I think the big thing that we're going to see changing in the next few years is there's going to be, people worry about AI, meaning there's fewer developers. I actually think it's going to be that there's way more developers, you know, 10 times as many developers in the next few years as there have been in the past, because AI assistants will allow so many more people to become developers. And what that means is that we will have people who are writing niche apps for niche use cases, often for themselves, using AI as an assistant. Maybe in some cases, people who don't even know how to code, but if they're building apps, I still count them as developers. I'm not going to keep that. Because the models have been getting better so quickly, I don't think people realize how ready they are for day-to-day activities. One of my predictions is that almost at least every developer, if not every human being, is going to have a little personal AI assistant that they use and talk to by the end of the year. One of the other pitches I make is that developers, for the last 10 years, people have been making a website as their side project on weekends. By the end of the year, everyone is going to be making little personal AI assistants for themselves. And it's because technology goes through a paradigm shift where it starts off as being expensive and the purview of subject matter experts and billion-dollar companies, and they get commodified to the point that actors, enthusiasts, stinkers like me can write it in a few lines of code. And I think we are almost there. We should use the AI Agents SDK to do that. But I suspect it's going to be so much more widespread and mainstream by the end of the year, simply because the models have gotten good and the infrastructure app layer is so fun to hack on right now. I was trying to put my sweater or jumper, as you say in Britain, with the lights. It has some lights, but it's not working now. So, bummer. Well, my lights aren't working either. They're meant to do this and click it. Yeah, they stop after a while. So there's some disclaimers here, right? I don't think I could name a single Taylor Swift song, and I didn't go to the concert. And so I have four of these things, and she wanted to know how they work. Well, actually, luckily, a bunch of reverse engineering has been done at these things. But I have to say this thing is a beautiful piece of technology. It's very, very simple. So essentially how this works is each one of these things, the little black thing you can kind of see in here, that is an infrared receiver, exactly like on your TV when you use the remote control. Exactly the same. And what's happening in the stadium is there is a really, really big TV remote, okay? You can think of it like that. It's a very big infrared projector. You see that little black thing there? There's a big infrared projector in the stadium, which is movable. And it points at the audience, and it covers a section of the audience, and sends out an infrared signal saying, do this, change to this color, fade to orange, flash, whatever you want the effect to be. And by shining infrared light, like shining that remote on the audience, by moving it around, you can create all sorts of amazing effects. And it really is that simple. It's a very clever, simple piece of technology. And of course, the obvious thing is if it's infrared, since infrared is such a well -developed piece of technology, can you control this? And of course, some people have gone and reverse engineered the signals. And if you've ever used a universal remote, you've used this kind of thing, right, where it can produce the signal of your TV. You know, I think people may not realize how much so a legal department is reliant on and integrated with the technical folks within the company. You know, and most of the cases that we see have at least something to do with the way our products work. And so in order to do our jobs well, and to help our outside counsel do their jobs well, we always need input and feedback from and education from the engineering and product teams. And so that close relationship and how much of the technology we have to ourselves as lawyers who are maybe not, you know, don't have that sort of background, have to onboard and understand, I think is something that people might not appreciate. Yeah, the other thing I'll say, I think that's 100% true. The sort of lawyer as translator between sort of the real technology folks and the external world is a big part of the role. The other thing specific to Cloudflare that I always tell people is that Cloudflare is, you know, we are a mission-oriented company. You know, we want to help make a better Internet. We have sort of a real perspective on a lot of the issues that then come up in litigation. And I think that sets us apart from a lot of other companies. And it makes the job really interesting and fulfilling because we do, you know, we sort of do take on some of these fights because we really believe in our positions. And so working, we work hand in hand with our policy team, for example, very closely to make sure the positions we're taking in litigation are aligned with sort of Cloudflare's broader position. And so that's a really sort of interesting part of the job as well. So two things come to mind. And one myth is that I'm not a lucrative target, so I won't be attacked. Over the past few years, since the war between Ukraine and Russia, then in the Middle East and the tensions between Taiwan and China and so on and so forth, we've seen unlikely organizations or industries become the target of attacks just because they're on one side of the conflict or another. So one myth is that, you know, is that I won't be attacked. I'm not that important. I won't be attacked. I'm not like a government, right? Exactly. I'm not a government. I'm not a bank or something like that. And it's just not the case anymore. There have been countless headlines covering various types of attacks that targeted various industries ranging from airport website, educational, healthcare, and so on. That's the first thing. The second thing is that you can rely on an on-demand service that you activate once you're under attack. It's just not applicable for the world we live in. The analogy that I like to give is like a boxing match. So if you are, you know, in a boxing match and you get punched in the face because your guard was down, the time of impact can be a fraction of the second. But if it hits you just right, then it's a knockout and they broke your nose and it'll take you a lot longer to recover. That's the same with DDoS attacks. Like we said, even the largest ones of 6.5 terabit per second or the smallest ones, they can last seconds or minutes. And even after the attack is over, the trickle effect, the network failures, the application failures can last much longer beyond that short attack. And this is why our recommendation for organizations is to be prepared, to have a strategy in place and to leverage an always-on, in-line DDoS defense capability. Well, we just introduced a large risk, LLMs that every organization is trying to figure out. How do we secure? Well, I don't have the budget. How do I, you know, I have a lot of complexity. How do I manage this, right? So, you know, keep it simple, right? I think it's something that's there. And, you know, when we start to build architectures that are complicated, it's a recipe for disaster. A little bit for doing it. I think that to give the hacker or the attacker too much credit is the mistake that a lot of people make. Cyber actors, just like they're just people, they're lazy, they make mistakes. They're not, they don't know everything about anything. And that's really the role where technology can come in and smooth that. It might mean that you're successful or you can be quick to success. The first hour of a campaign is success, the first day. But over the long term, the ability to prevent damages, especially catastrophic damages, is definitely on the side of the attender through the work, you know, that you're talking about. And that's, if it wasn't possible, you wouldn't be able to have the data to present it in a chart, right? And so the fact that we're able to have the data is an example of every one of those billion messages that you talked about is a fail, basically, for the attacker. They don't want to get caught, right? And so what we want to do is we want to shrink the time window from when they're able to evade, basically down to a period where damages can't exist. And I think we're continuing to be successful in that and sort of proving that out through analytic rigor. I would say the surprise sometimes is how easy it is to bypass security controls, right? So like you're a building and you're trying to secure your building. You have key card readers set up everywhere, but someone left the door open up the fire escape and now anyone can just go out. That is real. It happens all the time. And things like that that occur and it causes us a lot of issues with there's, you know, just these, like, how do you have a control for that? Right? Someone propped the door open. That's a real threat and it happens. And so I think from kind of my experience, I've seen a lot of that where it's just like this one thing. The other thing I'll say is like people, they always have these backup or archive servers. It's like some old server somewhere that's like just for emergencies. Every single time that I talk to someone, they're like, well, that was an emergency server and it's been hacked. You know why it's been hacked? Because it was an emergency server. No one's updating and no one's tracking it. So it's those sorts of things that are like kind of the backdoor backdoor no one knows about. And I don't mean backdoor in the malware sense, but like the backdoor into the network, no one knew existed. I had a story one time where I was talking about someone doing some incident response work and the customer had a DMZ between their public and private networks, but they had firewall rules that allowed traffic to go any, any and all directions. That's DMZ. Those are just firewalls, right? Pushing traffic back and forth. But they consider it a DMZ because from an architectural perspective, the devices existed. They just were not configured properly. And so, you know, configuration, these sort of things, there's a whole bunch of a water list of issues. They're really hard to get your head around and really get them right. But they're what matters. And once again, it's not AI. It's how things matter most of the time. It's hey, there's misconfiguration here. This guy didn't update the backup server. You know what I mean? Things of that nature. That's interesting. If you have visibility to what you use, vulnerabilities that you can actually have, you can act better, know better in a sense, right? Exactly. Exactly. I don't, you know, public, everyone now has a public cloud, multi -cloud, all these sort of big, big, big keywords. The complexity is, we go in cycles in computer science, right? Complexity is going up again quite a bit. And what excites you the most, Phil, about this area? I'm, so the exciting thing for me is always changing. I've now been working in cybersecurity for 16 years, which is not a small number anymore. And I've not stopped learning. And every day there's something new coming up, right? I'll mention one other example, bot management, automated traffic. There's attackers out there building automated tools to scrape information. And there's a continuous fight going on between the security providers like us and the attackers trying to come up with the next best bot that can go unnoticed by our detection. And every day there's a new idea. There's a new thing coming up. We have things now that are also making it harder for us in a good way. Apple private relay and other technologies, because of course we want anonymity on the Internet, right? And those are all really good things. But at the same time, it makes detecting bad behavior harder, right? So we need to adapt our technologies to take that into account. We just, actually, I was speaking to some engineers on the team. There's attackers out there that compromised Internet of things. So if you're running a smart fridge at home, you never know, there might be a little bot there. And then they resell that access to that bot for someone who may want to scrape someone's website. But because the connector is coming from your fridge, from your residential IP, it's very hard for us to detect that and block it. And these are just some examples. It's constantly changing. I'm still learning every day something new. And it's the opposite of boring at this point. So yes, I'm excited about it. I don't know. Let's see what's going to come up in the next year or so. I think you'll see more cases where some companies are going to explore dropping password requirements in some cases as a way. And there's obviously like, well, if you have to log in from not your device, you might need to do something. There's definitely still problems there. But I think more and more people are starting to see passwords as more of a burden and less than a true security measure. It's a little bit of anti-community. Not very sophisticated, right? Exactly. It's not very sophisticated. Not very current in a way. And you mentioned a few biometrics, your face, you already use that for your phone and things like that. That definitely makes sense to use because there's security, there's ease of abuse, not remembering your password. So it makes perfect sense. Yeah, I do think it's actually worth calling out that, you know, for us, for our 2FA and now many companies, it's not maybe super ubiquitous yet, is that you can use Face ID, Touch ID, these sort of on-device biometric authentications as your second factor. And so you don't have to do the code thing. You don't have to get text. You don't necessarily even have to have like a separate physical hardware key, which I would say is still, it's a great thing. You can use the devices you already have in a way that, you know, not like, oh, if I went online, I just need to look at my phone and it will send a notification that basically like, yeah, I've approved this login. So our year in review started in 2020. So this is a new edition with new sections. We're going to talk to you about different countries. So this is a microsite we're going to show you in this episode, that microsite. So we're going to show you trends all about our beautiful planet in 2024. And of course, the Internet. Absolutely. So I think at a high level, Cloudflare Radar is basically a, I'll call it a portal for lack of a better term, from Cloudflare that helps us bring insights into the Internet to the general public. And, you know, that can be just journalists. It can be, you know, network practitioners, security practitioners, just members of the general public who are interested in various topics, you know, by virtue of the global deployment and the global footprint that Cloudflare has, the millions of customers that we sort of content for, protect, you know, we're able to get, we're able to basically gather up a lot of what I call data exhaust from that usage, from those services. We analyze it and then break it up by country or network, you know, allowing end users to see trends across various topics, you know, whether it's security, whether it's traffic, Internet quality, Internet outages, the adoption and usage of certain protocols, things like that. And with me, I have for the first time in our show, Cloudflare's co-founder, president and COO, Michelle Zetlin. Hello, Michelle. How are you? Good, I'm great. So happy to be here. I can't wait to talk about Internet trends and the Olympics. Two of my favorite things mashed together. So first, where does this show find you? Where are you? Not at the Olympics right now. Of course, it already ended for more than a week. Where are you? I'm back in the Bay Area after a great summer. It's kind of back to reality. I'm back in the Bay Area and my kids are getting ready to go back to school. And so it's a beautiful day here in the Bay Area. So how was that experience of talking with the interns and seeing what they achieved during their internship? You know, actually, thanks for bringing it up. And as you were asking me the question, it kind of brought me back to this moment of the Olympics where I was sitting there watching these sports. And I mean, I went to wrestling. I don't even really know how scoring or wrestling went. And the whole experience was just so uplifting and energizing because of how hard these folks work, how accomplished they are, these athletes. And yesterday, speaking to our summer interns, I spent time with 13 of them from around the world, Lisbon, London, New York, Austin, San Francisco. And I was left so energized. Same feeling that I had from the Olympics because you just feel like these folks are so smart. They're so competent. They're really articulate. They're excited at curious individuals. And you think, OK, this is uplifting. You almost gain a lot of energy talking from folks kind of earlier in their career. And it almost re-energized me for the day. It was the best way to start the day. And so I left extremely energized, uplifted for both what I was doing at Cloudflare, but also just for the world. I was like, we're going to be OK when you have people like that coming up, being the next generation of leaders. It's quite impressive what kids in college and university can do today and just how much more confident they are than maybe even when I went to university, just how much more they believe in themselves, how much more they've done. And I think that's a really great thing for society. There's a new social media to be an alternative to Twitter around, right? Yay. Exactly. I'm so excited. Exactly. Yeah. It's difficult to be excited. That's true. I mean, obviously, 50 million people are excited about it. So I mean, there are people excited. For those who don't know, what is Minitel? Look, I'll show you. I've got one right here. Oh, you shouldn't. Disconnect your background. Let me just put it in my background and then you're going to see. Press this right button. You see this? There you go. This is a Minitel. This thing. So it seems like an old TV. It looks like an old TV and it's got a keyboard that pops out the front. And on the back of it, it's got three things. One of them is a connection to your phone line, which you can kind of see here. And another one is this little port here, which allows you to connect to a peripheral. It's an RS-232 port. So what is this thing? And this one was about 40 years old. What is this thing? Look, it's a computer with a screen that was designed to work with a service offered by French telecommunications folks, France Telecom. And very, very slowly, it's a 1200 board modem inside it. But the idea was you could access services online. And the reason the French did this was that in the 1970s, France identified online interactions as a threat in the sense that they believed that in particular, IBM was likely to dominate a world where people were using computers to access online information. And they didn't want this to happen. It's quite forward-thinking because if you think about that period, very few people had access to online things. There weren't that many online services. There were BBSs and stuff like that. It really, in the beginning of the 70s, when they start thinking about it, it's very forward-looking. So what they did was they said, we're going to create a service. And the service consists of two things. One is the device I just showed you, which is a Minitel. That's a Minitel 1B, which is sort of the second model that was made. The reason I have that one is that one has that extra socket on the back, which you can connect it to a peripheral. The things you can connect it to are quite interesting. You connect it to a printer. You can also connect it to a smart card reader. Bear in mind, this is 1980. People could use smart cards. So the French had built this whole world for themselves. So they built that device. And what they did was they gave it to people. They gave millions of them away to get the service booted up. And the service they really started with was looking up people's phone numbers. You could go online and you could type and you could find someone's phone number. But they also built the backend, built on a piece of technology called X25, which was a networking technology. And they built a way in which you could run a service on this network. And what was interesting about it, because they built this whole integrated thing, the services that were available on Minitel were the network actually assured the sort of reliability of everything. But it also included billing. And billing went to your phone bill. So that meant if you were coming online, you had a billing mechanism already built in. And it very, very quickly became popular. You could make train reservations. You could look at the telephone directory. There was mailboxes. There was chat. All these kind of things happened. And all this was chargeable to your phone bill. And I think that Minitel is often seen as like this sort of alternative Internet and people don't quite understand the details of it. I think the really interesting thing is that they built, it's often seen as a government project, which it was, but it was not a closed system. In fact, people could start services and run them on this thing. And there were thousands and thousands of these services. And if you were in France, while Minitel was active, you would see ads for these services on the underground, often starting 3615, which was the phone number you dialed. The 3615 and then the name of some service. And so, tons of stuff was online. Very famously, when Jacques Chirac became president, the TV showed his image slowly appearing in very blocky graphics on the screen to show that he was the one who was elected. Because it was very slow, 1200 bits per second. It was a huge success. A huge success. And the reason it survived until 2012 is that people were still using it, even though the Internet was very well established. Because for some specific services, it was very, very efficient. So, people were used to, particularly in the industry, using Minitel, for example, for ordering things. So, I remember reading about parts ordering for cars in GarageBiz. So, when you know the garage wants to order from their supplier, a lot of that was on Minitel because the service was really, really well developed. And I think what's interesting about that is, obviously, it's very slow, it's blocky graphics, it's just text on the screen. But I think that the fact that people optimized for that interface and made it work well, made it really popular. The other thing that happened was there was a section which was called Minitel Hose, which was pink messages, if you like, pink Minitel, which was all around chat, some of it pornographic, some of it looking for love online, dating kind of stuff, and became a huge, huge business. I've been learning about AI a lot over the last few months, just by being involved with teams that are building AI products. So, for me personally, it's been also a learning experience. I do think that there are levels of maturity when we talk about different AI models or different AI services. There are things that we know today that AI does pretty well. There are things that AI does very well today that we know, like recaps or summaries and texts or image analysis. I mean, there are models today that there's no risk there, just does the task very well. Even things like text-to-speech or speech recognition, it's so advanced and it's so easy to do that now. And you can just use AI for that. But then there are fields of AI that I think we're still experimenting. It's still evolving. And there are things about AI that we need to be careful with, the whole AI security thing, how we take for granted that what a large language model tells us is a fact or is the truth. We need to be really careful with that because that can have implications for people, for software, for applications. So I think in short, I think AI is a space where at the same time, we're still experimenting. There are things that you need to be careful with. But also at the same time, there are things that I also think are solved problems. And AI does very well a number of tasks today. Great. So hey, folks, I'm Brendan. I lead the workers product team here at Cloudflare. Next week is going to be birthday week. We're really excited about this. Cloudflare launched 14 years ago. And every year, we celebrate our own company's birthday by giving back to the Internet. And that's what we call birthday week. And so every year, we announce things that kind of further that mission, our mission to help build a better Internet. And so this year, we're really excited. We're always working at Cloudflare to make the Internet faster, safer, and more private. But AI is changing the Internet quite a lot right now. So my name is Jocelyn. I work on our public policy team. And under the public policy team houses our impact team. So our impact team really revolves all around how we can help build a better Internet at Cloudflare. And a majority of what I do is I manage a lot of our different impact projects. So as we'll talk about a little bit today, we have a ton of different projects where we provide free upgraded Cloudflare services to vulnerable groups. Well, that's it for this week. All right. Cheers, Jamal. Good to see you again. Bye-bye. Bye-bye. Bye.