Show of 09-13-2014

Tech Talk

September 13, 2014

Email and Forum Questions
  • Email from Peggy in Bethesda: Dear Dr. Shurtz, I have lived in my single family home in Bethesda since 2/ 2001. I got FiOS shortly after moving here, as soon as it was offered by Verizon. I don’t have a verizon bundle — Just get FiOS internet.  For many years I was paying, $39.99/mo. Then the charge card I had on file that they billed monthly expired and at that moment they raised the rate to: $47.99/mo for JUST FiOS internet. I asked why and they said my former plan did not exist anymore. Since then I’ve noticed a degradation in my FiOS performance and I ran this speed test today, 9/7 and you can see the sorry results. A friend of mine far smarter about computer matters than I wrote me this email today:”Are you still having problems with your download speeds? If you’re not getting around 15 Mbps downloads, you are not getting what you’re paying for, since that’s the lowest bandwidth offering that Verizon FiOS reportedly offers.” WHAT can I do to mandate this gets corrected? I have had it being overcharged and ripped off by verizon and value your thoughts on how to make them accountable. All the Best, Peggy
  • Tech Talk Responds: Bandwidth claims by Internet service providers are to maximum bandwidth (otherwise known as data rate). As they sell capacity their trunk lines may become crowded and the data rate drops. You can check your max data rate in the middle of the night when most are sleeping by going to www.dslreports.com. If you are not receiving the data rate that you were promised, talk to your ISP and have them check your router configuration. If that does not work, opt out of the high speed program and save money. Also check your Wi-Fi configuration. That could be the cause of your problems, if the signal is low.
  • Email from Ngoc in Ohio: Dear Tech Talk. I am afraid that someone has my Gmail password. I can’t figure out how to change my Gmail password. Please help. Thanks, Ngoc in Ohio
  • Tech Talk Responds: The steps are quite straight forward.
    • Login to your Gmail account. 
    • Click on your email address in the upper right corner of the Gmail page. 
    • On the dropdown menu, click on the word Account:
    • On that page click on the Security link/tab near the top:
    • Click on Change password, and you’ll get a traditional password change dialog:
    • Enter your old password (to once again confirm that you are you and not someone who just walked up to your logged-in computer), type in your new password twice, hit Change Password and you’re done.
  • As always, make sure that you have selected an appropriately secure password. Twelve characters or more of random letters, numbers and symbols is ideal.
  • Email from Alex in Fairfax: Dear Doc and Jim. How do I figure out who owns an IP address? Someone at this particular IP address keeps posting anonymously to Wikipedia and I want to find out who it is. Thanks, Alex in Alexandria
  • Tech Talk Responds: You will not be able to get the name and address of the person posting the information. You will only be able to get the location of the ISP or the name of the organization, if they have their own IP addresses. You get more information from your ISP, you will need a court order. There are several way to get information about IP addresses.
  • Whois is a service that basically answers the question “who is X” where X is an IP address, a domain name, and several other things. ARIN, the American Registry for Internet Numbers, is a fine place to start. The ARIN Whois can be accessed from http://whois.arin.net. In the upper right corner, enter the IP address you’re interested in and press Return. You’ll get: information that identifies the ISP who owns the “block” of IP addresses that contains the IP address that you asked about. With a court order, law enforcement would then approach the ISP for more detailed information about who that IP address was assigned to at the time in question.
  • Reverse DNS can be instructive. DNS is the mapping of a domain name, like “Stratford.edu”, to an IP address. Reverse DNS does, as its name implies, the reverse: given an IP address, it finds the domain name that has been assigned as the primary1 identifier. We can use, http://whois.domaintools.com. Occasionally you may find things in the reverse DNS that might lead you to some additional theories about the IP’s ownership including, perhaps, an actual domain name for an actual web site, or some kind of encoded general location.
  • Most people want the name of the person who owns an IP address, their physical address, their email address or their phone number. You can’t get there from here. The ISP provides that internet service to someone, it’s true, but they will not release that information, and that information is not available publicly. You’ll need the assistance of the courts, law enforcement, and possibly overseas law enforcement if the IP address is located in another country.
Profiles in IT: Harold Thomas Finney
  • Harold Thomas Finney was a crypto-activist, a key developer of PGP, and recipient of the first Bitcoin transfer from Satoshi Nakamoto.
  • Harold Thomas Finney II was born May 4, 1956 in Coalinga, CA.
  • He received a BSEE from CalTech in 1979.
  • After graduation from Caltech, he went to work in the computer gaming field for a company that developed video games like Astroblast and Space Attack.
  • In 1991, he began doing volunteer work for a new software project known as Pretty Good Privacy, or PGP, and immediately became one of the central players.
  • PGP aimed to make it possible for people everywhere to encrypt email. Concepts used in PGP were deployed in both TOR and Bitcoin.
  • The original author of PGP, Philip R. Zimmermann, became the target of federal prosecutors, for violating US laws against exporting encryption software.
  • While the investigation went on, Finney continued to develop PGP secretly.
  • When the investigation concluded in 1996 without any charges being filed, PGP was founded by Zimmermann hired and Finney became as his first employee.
  • He remained with PGP until his retirement in 2011.
  • While working on PGP, Mr. Finney was a regular participant in a number of futurist mailing lists, which gave birth to the Cypherpunk movement.
  • He was involved in many experiments aimed at creating an anonymous form of digital money, including his own invention, in 2004, of reusable proofs of work.
  • When the idea for Bitcoin first appeared on a cryptography mailing in 2008, posted by Satoshi Nakamoto, Finney responded with curious questions. 
  • During his Bitcoin experimentation, Finney corresponded with Nakamoto, sending him a series of bug reports and suggestions for fixes. 
  • Finney downloaded the early Bitcoin code and began running it on an IBM PC.
  • In January 2009, Nakamoto also sent Finney the first ever test transfer of bitcoins. Finney said at the time he’d repay the ten coins back to Nakamoto. He never did 
  • He kept it running for weeks.He was able to mine as much as a hundred coins a day. 
  • After mining a thousand coins, Finney turned the machine off to keep it from overheating. This was the biggest financial mistake in his life. His 1,000 Bitcoin are now worth over $500,000. The stash of bitcoins were later burned to a DVD.
  • Soon after getting started with Bitcoin, Mr. Finney learned in 2009 that he had ALS, and he withdrew, for a time, from active participation in the project.
  • By March 2013, Finney was essentially paralyzed, but felt thankful that he could still program. He was working on experimental software called bcflick, which used Trusted Computing to strengthen Bitcoin wallets.
  • Hal Finney died in Phoenix August 28, 2014 at age 58. He was cryopreserved by the Alcor Life Extension Foundation.
iPhone 6 Update
  • Apple has finally given the people what they want: an iPhone 6 with a larger-screen.
  • The 4.7-inch iPhone 6 and the 5.5-inch iPhone 6 Plus.
  • Minor improvements in the 8MP camera and a faster A8 processor with 50 percent faster graphics and a 25 percent faster CPU. The real news is the changed screen size and the payment system.
  • Focus time is down, colors look more lifelike when the flash is engaged, and the imaging chip has better ways to battle noise. HDR is now automatically applied as well, something we’re starting to see on other phones, too.
  • The iPhone 6 has digital image stabilization, but if you want the optical image stabilization, you’ll need to upgrade to the iPhone 6 Plus.
  • On the video front, you’ll be capturing 1080p HD video at either 30 or 60fps, with slow motion coming in at 120 or 240fps. Continuous autofocus while you’re shooting video means that the camera will adjust as the subjects move around — or as you do. You can shoot video in HDR mode as well.
  • The iPhone 6 is rated to last up to 10 hours over 3G and 4G LTE, and up to 11 hours on Wi?Fi and video. 
  • After resisting NFC, or near-field communication, for years, the iPhone 6 and iPhone 6 Plus not only add the short-range communications protocol to the phone, but also build an entire mobile payment system around it.
  • Apple Pay, a US-only system at launch, works with the Passbook app on your phone, and independently as well, to let you buy goods and services with a single touch of the phone. Like other mobile-payment systems, the merchant never sees your credit card details, and a handy feature incorporating the camera will add new credit card details to Passbook, which saves you some typing.
  • Starting in US with Visa, MasterCard, and American Express, Apple Pay is backed by six major banks, with more to come. Right out of the gate, you’ll be able to use the service at 220,000 merchants that accept it, including Macy’s, Walgreens and Duane Reed drug stores, Whole Foods, and McDonald’s at all their store locations.
  • The iPhone 6 (and its 6 Plus) will launch in eight countries on September 19, with pre-orders beginning September 12.
  • In the US, the 16GB version will sell for $199 on contract, but $100 more will get you a 64GB for $299. Another $100 on top of that will move you to 128GB for $399. 
  • AT&T, Sprint, T-Mobile, Verizon, and US Cellular will be among the first US carriers to sell the two new iPhones. 
  • Should you upgrade? No compelling reason, unless you crave a bigger screen or virtual payments.
Record orders will delay iPhone 6 Plus shipments
  • The new iPhone 6 goes on sale on Sept. 19 in the United States but the company began taking online orders on Thursday. While the larger 5.5-inch “Plus” models now display a wait time of up to a month, the 4.7-inch version remains available for delivery on Sept. 19.
  • Verizon Wireless, AT&T and Sprint Corp, also showed shipment delays of up to six weeks on their respective websites. Apple said the pace of orders has so far outstripped any of its previous iPhones.
  • Apple routinely grapples with iPhone supply constraints, particularly in years that involve a smartphone re-design. The latest iPhones come with larger screens this time and some analysts had anticipated that production issues may keep a lid on initial runs.
  • Its suppliers had scrambled to get enough screens ready because the need to redesign a key component had disrupted panel production.
  • Chinese customers may also have to wait until the year-end before they can buy the iPhone 6.
  • The company unveiled its latest iPhones along with a watch and a mobile payments service on Tuesday.
Apple Watch Features
  • The Apple watch will be available in stores early next year.
  • Owners will be able to take and make calls by speaking into it in the fashion of the 1930s comic-strip detective. Apple Watch has a small microphone and speaker designed to augment other features of the wearable tech gadget. 
  • The mike lets you access Siri, Apple’s digital personal assistant. A speaker allows you to hear a fellow Watch wearer’s transmitted heartbeat, for instance. But together they do allow for phone calls in quiet locations.
  • It will feature an as-yet-undisclosed storage capacity, allowing photos and music to be loaded onto the device. They can be accessed regardless of whether an iPhone is present.
  • It can be used to buy things through Apple’s new Pay system, in case you’re out on a jog without your phone and want to buy a drink at Whole Foods or another Pay-participating vendor.
  • All accelerometer-based fitness functions of the watch remain operative regardless of iPhone presence, which is required for any actions involving a cellular connection.
  • Apple Watch does have Bluetooth capability, allowing wireless headphones to play music or take a call.
  • It also has Wi-Fi capability, used primarily to allow for faster information-transfer speeds between a user’s iPhone and the watch.
  • For example, Apple is developing a “Hold Call” function. When pressed during an incoming call, it will trigger a voice message to the caller indicating that you’re aware the call is coming in but need a moment to get to your iPhone.
  • Walkie-Talkie is part of the product’s Digital Touch suite of features. The idea is that Apple wants to find ways to help people connect through their product that felt more personal than a text message. To that end, the watch has the ability to let users send each other small drawings using their fingernails, or gently tap each via a sensor in the watch.
  • Apps are still in development. They will tell the real story about its usefulnesss.
Feds Found Silk Road Boss Using Leaky CAPTCHA
  • You may have heard that the infamous Dread Pirate Robets AKA Ross Ulbricht’s Silk Road was taken down thanks to a problem in his anonymous Tor server. 
  • A hole in the Silk Road’s anonymity appeared because of a leaky CAPTCHA prompt.
  • CAPTCHA, as we all well know, is the little box that some sites use to prevent robots from filling out forms.
  • If misconfigured, it will point to the server to which it is connected. On a non-anonymous server this would be a non-issue. However, Ulbricht’s anonymous server was misconfigured and sent out the actual IP address of the Silk Road machines with every hit to the login page. 
  • The government described their process in a US District Court filing: The IP address leak we discovered came from the Silk Road user login interface. Upon examining the individual packets of data being sent back from the website, we noticed that the headers of some of the packets reflected a certain IP address not associated with any known Tor node as the source of the packets. When we typed the Subject IP Address into an ordinary (non-Tor) web browser, a part of the Silk Road login screen (the CAPTCHA prompt) appeared. This indicated that the Subject IP Address was the IP address of the SR Server, and that it was ‘leaking’ from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.
  • Ulbricht mixed anonymized and non-anonymous resources and misconfigured things to release his IP. The Feds used this IP address to locate the Silk Road server and to nab Ulbricht himself. It is difficult to be totally anonymous.