Show of 12-27-2014

Tech Talk

December 27, 2014

Email and Forum Questions
  • Email from Arnie in Crownsville: Hi, Dr. Shurtz. Here is follow up to the TOR discussion on Tech Talk a few programs ago. On December 22, 2014, the Tor Project’s blog sent this message: “The Tor Project has learned that there may be an attempt to incapacitate our network in the next few days.” In an email to the Tor-Talk list serve, the user responsible for a group of nodes said that his network had been abruptly taken down over the weekend, with the chassis of one server opened and an unknown USB device inserted 30-60 seconds before the connection was broken. He asserted that this is similar to the protocol of sophisticated law enforcement officers who carry out a search and seizure of running servers. What do you think about these developments? Arnie, Crownsville, MD
  • Tech Talk Responds: The TOR network is under attack. Its ability to provide anonymity on the Internet has been a problem for some governments, particularly those with repressive governments. TOR stands for The Onion Router. It is a collection of proxy servers that are used to mask the originating IP address. It was develop by NRL to help individual bypass firewalls and remain anonymous in repressive countries. It’s encryption is so good that the NSA doesn’t like it either.
  • Email from Tung in Ohio: Dear Tech Talk. My computer is getting old and I would like to upgrade. Desktop or Laptop or Tablet or Hybrid? What kind of computer should I get? Love the show. Tung in Ohio.
  • Tech Talk Responds: This is an extremely common question. The problem, of course, is that there’s no single answer. It depends on your needs and your budget. 
  • Laptops are perfect for traveling when you need what I’ll call a “real” computer. A laptop can often be a very reasonable “only” computer. Particularly, if most of what you do is online, today’s laptops easily have more than enough power to do what you need. However, laptops are typically more expensive than and limited in how far they can be upgraded. 
  • Desktops tend to have the latest and greatest technology. Desktops typically use more powerful CPUs and other components that make for a faster machine. Desktops are bigger and you get more flexibility when it comes time to upgrade. A  big screen and a powerful CPU are great for photo or video editing.  They are also great for complex jobs that require multiple windows open.
  • Tablets are an option, either iOS or Android. First, you have to deal with the applications eco-system. Tablets are fantastic content consumption devices – for reading email, surfing the web, even reading books and manuscripts – but they are not good at content creation. 
  • Finally, a hybrid has the power of a laptop and the utility of a tablet. These are typically Windows devices that operate either as a laptop with a keyboard or as a tablet with a touch screen. They are an interesting option, but more expensive.
  • By the way, I use a Sony Vaio laptop with a SSD for my only computer. It does not have a DVD, so I brought a USB DVD for the rare time that I need it. My primary concern was weight because I travel. But at my last 10XCEO meeting, I was the only Window machine at the table. Everyone else had a MacBook Air.
  • Email from Lois in Kansas: Dear Tech Talk. My computer has been infected with malware – lots of it – and I can’t seem to get rid of it all. I’m ready to throw in the towel. Should I just get a new computer? Wouldn’t that just solve everything? Thanks, Lois in Kansas
  • Tech Talk Responds: You should never have to buy a new computer because of malware. There is a difference between computer hardware and software. Your computer: the box, the power supply, the hard disks, the monitor, the CD-ROM drive are all hardware. They’re physical things that you can see, touch and feel.
  • Windows, your applications, your data, your pictures and anything else stored on your computer are software. They’re simply data.
  • Malware is software. It’s nothing more than data. Data that’s crafted to cause your computer to misbehave. And data can be erased.
  • There are several approaches to malware removal. One approach is to try to run anti-malware tools and follow instructions to remove the malware while leaving your system otherwise (and hopefully) unaffected.
  • The next option is a clean install.
    • Backup your existing machine with a complete system image. 
    • Reformat the computer. This will erase everything from it, including the malware. It’s gone. 
    • Reinstall Windows from scratch from the original installation media
    • Reinstall your applications from scratch. 
    • Restore your data from the backup or wherever else you happened to keep it.
  • Another way is to simply restore your machine to an image taken prior to the infestation having happened. Or restore your machine to an image you took on the day that machine arrived. That’s like starting over from scratch without needing to reinstall everything that was on the machine that day.
  • Email from Craig in Oakton: Dear Tech Talk. What is the Cloud? How does it differ from the Internet? I am confused. Thanks, Craig in Oakton.
  • Tech Talk Responds: I like to use the NIST Definition in Special Publication 800-145. Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction. This cloud model is composed of five essential characteristics, three service models, and four deployment models.
  • Essential Characteristics:
    • On-demand self-service. 
    • Broad network access
    • Resource pooling. (multiple users)
    • Rapid elasticity
    • Measured service. (for charging)
  • Service Models:
    • Software as a Service (SaaS)
    • Platform as a Service (PaaS)
    • Infrastructure as a Service (IaaS)
  • Deployment Models:
    • Private cloud. 
    • Community cloud. 
    • Public cloud.
    • Hybrid cloud. 
  • Email from Joe in Key Largo: Dear Tech Talk, I have been taking photos when I scuba dive. The color seems to be sifted in the pictures. How can I get a better color correction? Thanks, Joe in Key Largo.
  • Tech Talk Responds: Don’t you just hate it when you take underwater photos and they all have this blue-green color cast? Underwater, the longest wavelength is the first to be absorbed – hence red is the first to be absorbed, followed by orange and yellow and so on. That is why, the warmer red, orange and yellows are the first colors to disappear from your photos, leaving the green and blue cast.
  • How do you color correct our underwater photos? You can Photoshop’s Channel Mixer feature to restore the color red by “borrowing” from the blue and green pixels.
    • Check the Red, Green and Blue Channels of your image. You will see that the red channel is quite weak or faded.
    • Next use the Channel Mixer to borrow from the green and blue channel. Select “Red” from the “Output channel” option. Slide the green slider to the right until you see some return of red pixels in your image. Slide the blue slider to the left to balance out the overcompensation of the green turned red pixels. You can also play around with the red slider to adjust the luminosity of the few original working red pixels.
  • Next adjust black, white and midtone levels. Once you’ve adjusted all three levels, you should see improvements on both the color and contrast of the image.
  • Apply other adjustments such as hue, saturation, brightness, sharpening, clarity etc.
  • I like to use Corel’s Paint Shop Pro. This is the poor man’s version of Photoshop.
Profiles in IT: Ronald Gerald Wayne
  • Ronald Gerald Wayne co-founded Apple Computer with Steve Wozniak and Steve Jobs. He sold his 10% share for a total of $2,300. He is the unluckiest man in tech.
  • Ronald Gerald Wayne was born May 17, 1934 in Cleveland, Ohio.
  • Wayne worked with Steve Jobs at Atari. Jobs was impressed with him because he had actually started a company and wanted his expertise in starting a new venture.
  • On April 1, 1976, Jobs, Wozniak, and Wayne founded Apple Computer. Wayne wrote the partnership agreement. The split was 45%, 45% with 10% for Wayne.
  • Wayne was 43 and the others were 22 and 23 respectively. All were personally responsible for any debts incurred, but only Wayne had assets (however meager).
  • He served as the venture’s adult business supervision, keeping the others on track.
  • Wayne drew the first Apple logo and wrote the Apple I manual. 
  • However he was worried about the risk of this venture. The failure of a slot machine company that he had started five years earlier weighted heavily on his mind.
  • On April 12, 1976, he made the fateful decision to relinquish his stock for $800.
  • Wayne felt the Apple enterprise would be successful, but that there would be bumps along the way. He just couldn’t risk it, because of his prior business experiences. 
  • A year later, Wayne received an additional $1,500 to forfeit any additional claims.
  • By September 2012, Apple became the largest publicly traded corporation in the world by market capitalization, with an estimated value of $626 billion. 
  • Had he kept his 10% stock it would have been worth over $35 billion in August 2011.
  • Wayne has stated that he does not regret selling the stock as he made the “best decision with the information available to me at the time”.
  • He felt was too old to keep up. It was like having a tiger by the tail.
  • Wayne resisted Jobs’ attempts to get him to return and remained at Atari until 1978.
  • He joined Lawrence Livermore Labs and later an electronics company in Salinas, CA.
  • Wayne also ran a stamp shop in Milpitas, CA for a short time in the late 1970s. After a number of break-ins, he moved his stamp operations to Nevada.
  • Wayne, now retired and living a quiet lifestyle in a Pahrump, NV. He lives in a mobile home park selling stamps and rare coins.
  • He holds a dozen patents, mostly related to slot machines.
  • He never owned an Apple product until 2011, when he was given an iPad 2.
  • Wayne published Adventures of an Apple Founder on July 2011 and Insolence of Office, a socio-economic treatise, on October 1, 2011.
  • Wayne came out as gay to Jobs shortly after February 1974, while both men were employees at Atari. No one else at Atari knew. Jobs later told his biographer that this was his first encounter someone who he knew was gay.
  • Wayne described Steve Jobs’ as colder than an ice cube and ruthless at times.?
Jeans That Block RFID Signals
  • Article suggested by Arnie, a long time listener
  • A pair of jeans containing material that blocks wireless signals is being developed in conjunction with anti-virus firm Norton.
  • The trousers are intended to stop thieves hacking into radio frequency identification (RFID) tagged passports or contactless payment cards.
  • According to security experts this type of theft is a growing problem.
  • The jeans are designed by online clothing company Betabrand and use a silver-based material to block signals. They are due to go on sale in February.
  • The jeans will retail at $151 and the blazer at $198.
  • Digital forensic firm Disklabs has used similar technology to make a wallet, which, like the Betabrand jeans, blocks RFID signals.
  • The majority of credit and debit cards are fitted with Near Field Communication chips, a type of RFID tech.
  • There is technology readily available for anyone to snatch other people’s credit and debit card data within seconds, according to Disklabs. These apps simply copy the card with all the information on it.
  • His firm also designs “faraday” bags which block mobile signals. Such bags are often used by police now to store mobile phones taken from suspects.
  • RFID-blocking wallet Disklab’s RFID-blocking wallet will go on sale in the new year 
What happened to North Korea’s Internet?
  • The Internet in North Korea went completely dark for more than 9 hours on December 22, 2014 and was still experiencing intermittent outages Tuesday. 
  • Rumors spread that the outage might have been a cyberattack.
  • On Friday, the FBI accused North Korea of being responsible for the massive and embarrassing Sony hack, and President Obama later pledged to respond to it. 
  • If it was an attack, who did it? Here are some of the most likely scenarios.
  • A distributed denial of service (DDoS) attack
  • If it was indeed a cyberattack of some kind — though even that isn’t certain — it could have been what’s known as a distributed denial of service (DDoS) attack. This consists of flooding a server with more requests than it can possibly handle, a technique used in the past by hacktivists such as Anonymous to shut down websites they don’t agree with.
  • Dan Holden, a researcher at Arbor Networks, a security firm that specializes in studying and trying to defend DDoS attacks, analyzed the outage and determined that North Korea was indeed under some sort of DDoS attack targeting government-owned and operated websites.
  • It’s unclear the attacks were responsible for the blackout. But experts concur that given North Korea’s limited Internet infrastructure, it wouldn’t be hard for pretty much anyone to knock it out with a DDoS. North Korea only has one link to the global Internet, and it reportedly carries less than 3 gigabits per second. 
  • To put that in perspective, the largest DDoS ever recorded hit Spamhaus, an anti-spam company, with a flood of 300 gigabits per second.  
  • Experts consulted by Mashable all agree that it’s unlikely that the United States were behind this attack. 
  • In fact, that massive 300 gigabits attack on Spamhaus in 2013 was carried out by a British teenager. In other words, anyone could have attacked North Korea yesterday.
  • Maybe it was some teenage jokers; maybe it was a clandestine hire of Sony Pictures; maybe it was the Sony hackers themselves.
Sony Hack Was Probably in Inside Job
  • Following the major hack on Sony Pictures, some experts in the United States are skeptical of the FBI’s claim that North Korea is responsible.
  • Instead of blaming North Korea for the hack, the Cybersecurity firm Norse, based in California, believes that the hack was actually an inside job, led by a former Sony employee identified as “Lena.”
  • On Wednesday, a senior vice president of the Norse firm, Kurt Stammberger, told CBS News that the firm’s investigation has led them to believe that the Sony hack was so devastating, it was something that could have only been accomplished by someone on the inside.
  • “We are very confident that this was not an attack masterminded by North Korea and that insiders were key to the implementation of one of the most devastating attacks in history.”
  • Stammberger identified the main hacker as a woman who calls herself “Lena,” claims she is connected to the “Guardians of Peace” hacking group, and was a Sony employee in Los Angeles for ten years, before leaving in May 2014.
  • “This woman was in precisely the right position and had the deep technical background she would need to locate the specific servers that were compromised,” Stammberger said.
  • The FBI released a statement last week, blaming the breach on North Korea:
  • “Technical analysis of the data deletion malware used in this attack revealed links to other malware that the FBI knows North Korean actors previously developed. For example, there were similarities in specific lines of code, encryption algorithms, data deletion methods, and compromised networks. The FBI also observed significant overlap between the infrastructure used in this attack and other malicious cyber activity the U.S. Government has previously linked directly to North Korea.”
  • Stammberger contested the claim, saying that any clues leading in that direction, such as the malware used to attack Sony having been used by North Korea before, have been easily ruled out by his firm, due to the fact that the same malware is used by hackers worldwide daily.
  • “There are certainly North Korean fingerprints on this but when we run all those leads to ground they turn out to be decoys or red herrings,” Stammberger said.
  • The massive hack on Sony came shortly before the company’s release of the movie “The Interview.”  While the movie’s plot involved an assassination attempt on the leader of North Korea, Kim Jong-un, CBS News reported that the “original demand of the hackers was for money from Sony in exchange for not releasing embarrassing information,” and that there was “no mention of the movie ‘The Interview.