Show of 03-14-2015

Tech Talk

March 14, 2015

Email and Forum Questions
  • Email from Mary Wilson: Dear Dr. Richard Shurtz, Over a year ago I contacted this group and showed interest in possibly attending their mtgs. I went in another direction and never did attend any. BUT,   I still get these reminders every Fri. I have tried various things that seemed to remove these calendar notices yet they are still coming back! I am on an iMac running Yosemite with all updates installed. How can I make them stop? Thanks! Mary Wilson
  • Tech Talk Responds: Mary, this looks like a recurrent event on your calendar. When you delete these events, make certain to delete all future events too. Your calendar ma be syncing with another calendar, like Google calendar or Facebook calendar, and those notifications are coming form that calendar. I could find a virus that does this, so it must be a calendar activity.
  • Email form Arnie in Crownsville: Hi Dr. Shurtz, Could you go over Mobile Hotspots on Tech Talk for us. A Mobile Hotspot can operate with up to ten devices. Can they be mixed between Android & Apple devices? We’re looking to buy a Verizon MiFi Mobile Hotspot for our iPads on a trip across country. Truckers apparently use them a lot. I’m looking at a Verizon Jetpack 4G LTE Mobile Hotspot MiFi 4620L Seems Verizon still wants a two year contract. I thought 2-year contracts were going out. Heard anything about no more contracts as a result of law that prohibited locking phones? Think Verizon wants $50.00 per month for their Mobile Devices. Does that seem steep to you? How about substituting a hotspot where DSL service or other services did not have adequate coverage? Many thanks. Great show! Keep it up! Arnie, Crownsville, MD
  • Tech Talk Responds: If you are going on a road trip, I would just use the hotspot in our cell phone. I changed my plan to support five devices (with shared data) and the hotspot was counted as one device. I monthly bill went. Now when I need internet for my laptop or iPad in the car, I just turn on the hotspot. It didn’t cost me anything. The MiFi hotspot may be useful as a home Internet connection, if the wired Internet is bad. It probably has a stronger signal to cover the house with Wi-Fi.  50/month could be a reasonable charge is you have enough data to stream Netflix at home. By the way, I don’t stream video when using my mobile hotspot. All hotspots use standard Wi-Fi protocols so any type of device can be connected (Android, Apple, or Microsoft). The Jetpack got good reviews and has excellent battery life.  The downside is the lack of low cost data plans.
  • Email from Rev. David Griesemer: Dear Tech Talk: You mentioned sites where you could get pictures and then also Upload pictures for others to buy.  Can you send me those sites. Thanks.  How does one sell photos on there? Thanks. Great show. Rev. David W. Griesemer,  Landover Hills Baptist Church.
  • Tech Talk Responds: Here is the contributor lounge on iStock Photos (http://www.istockphoto.com/participate/contributor-lounge). You must submit your three best pictures to iStock for review. If they believe that these pictures meet the standard, you are selected as a contributor and can begin uploading your photos. Each of sites has a different revenues split. If you become exclusive to one site, you may get a better split. The five sites that I mentioned previously are: They include:  www.istockphoto.com/www.shutterstock.com/, www.gettyimages.com/, www.fotolia.com/, and www.bigstockphoto.com/. I have only used iStock personally.
  • Email from Alice in Wonderland: Dear Dr. Shurtz, How did this spammer change the actual email address of mind to read ‘Friend’? I’ve created a RULE in mail preferences to move their address, after the @ symbol, which is: resourceexpertsweekly.com into the Trash. but these creeps are also writing me from: info@dailyresourceexperts.com and I’m beginning to believe they will auto change their address to continue to spam spam me a lot more!! It is so frustrating the amount of Spam I get and I seem to have no way to cope other than create yet another rule after rule after rule…I just don’t follow how MS nor Apple have found a way to stop this. Hope you can offer ways to beat the spammers? Thanks Alice
  • Tech Talk Responds: Spammers keep changing the source email address, so rules don’t work very well. Spam filters use crowd sourcing to identify spam that is sent to many people and this gets most of it. They also use heuristic filters that learn to detect the spam using patterns. This has all gotten quite good. Is the spam filter turned on in or your email system. Did you report this as spam so it can learn.
  • Email from June Cunha in Burke: Dear Doc and Jim. Please discuss cell phone security . How safe are apps we download to the phone.  What about the side-channel emissions from computers in public places. See the attached article? Thank you, June Cunha, Burke Virginia.
  • Tech Talk Responds: Here is a quick summary of the article. Great referral, June. Security experts are discovering computers and smartphones being used in public places are vulnerable to hackers even if they are not connected to the Internet. Low-power electronic signals that laptops emit could be read by spies or other eavesdroppers. Because the spying is passive and emits no signals itself, users of computers and smartphones wouldn’t know they’re being watched. By studying emissions from multiple computers, the researchers have developed a metric for measuring the strength of the leaks — known as “side-channel signals” — to help prioritize security efforts. Side-channel emissions can be measured several feet away from an operating computer by using a variety of spying methods. For example, they can be received using antennas hidden in a briefcase. Acoustic emissions can come from capacitor noise and may allow one to identify the device type. The danger here is pretty remote, unless you are doing top secret work at the airport.
  • Apple apps are scrutinized more than Android apps and hence are more secure. Always look at reviews before downloading an app, especially if it is an Android app. Cell phone signals are encrypted and quite secure. However, the advent of rouge cell phone towers creates the possibility of a man-in-the-middle attack. Most think these rogue towers are government facilities….but that is speculation. And, of course, if you use your cell phone at a hotspot, you are vulnerable unless you enable a VPN. I use ExpressVPN for all my devices.
  • Email from Nhan in Atlanta: Dear Doc and Jim. What is the difference between “Save” and “Run” when downloading a program. I get this question often and am never sure which option to use. Love the Podcast. Nhan in Atlanta.
  • Tech Talk Responds: When you select Run, it begins a two-step process: The file you’ve requested is downloaded to your machine and placed in a temporary location. The file is then run exactly as if you had used Windows Explorer to navigate to the temporary location and double-clicked the file. The temporary location is either your browser’s cache or temporary folder, or one of your Windows temporary folders. The file isn’t meant to be something you’d actually try to access directly could be deleted at any time thereafter.
  • When you select Save (sometimes only offered as Save As…) in response to a download, the browser simply downloads the file. The big difference is that it’s not downloaded into a temporary location. The file is downloaded into either: A default folder, such as “My Documents” or “Downloads. The file is placed into a folder that you specify or know how to access, and will not be automatically deleted. You have to decide what to do with it and when.
  • There is a third option: Save and Run. It is save in a default location and executed immediately. The file is not temporary and will not be deleted.
  • Choose Run when you only need the download once. When you want to keep whatever it is you’ve downloaded, choose Save. Use Save and Run to save the file to a location you control and then immediately run it.
Profiles in IT: Satya Narayana Nadella
  • Satya Narayan Nadella is the third CEO of Microsoft and responsible for moving the company from a Windows-first company to a Cloud-first company.
  • Satya Narayana Nadella was born 19 August 1967 in Hyderabad, India, an only son.
  • Nadella attended the Hyderabad Public School, Begumpet, from 1978 to 1984. Satya, a boarder, hung out at school and was active in cricket and football. He was active in debating. He was an above-average student. Satya has a vast friends circle at HPS.
  • In 1988 he received a BSEE from Manipal Institute of Technology.
  • Nadella said he “always wanted to build things”. He knew that computer science was what he wanted to pursue, but that emphasis was not available at Manipal University. In 1990, Nadella received an MS in Computer Science from University of Wisconsin.
  • After graduation, Nadella was hired by Sun Microsystems as a member of its technology staff. 
  • In 1992, at the same time he was accepted at the University of Chicago Booth School of Business, Satya Nadella received his first job offer from Microsoft. 
  • Nadella didn’t want to pass up either opportunity, so he deferred his admission.
  • In 1995 enrolled in Booth’s Weekend MBA Program.  That meant flying to Chicago on weekends for two-and-a-half years.  He received his MBA in 1997.
  • He held multiple positions at MS including VP of the Business Division, Corporate VP of Business Solutions and Search & Advertising Platform Group, and Executive VP of Cloud and Enterprise group.
  • In 2007 he was promoted to senior VP of R&D for the Online Services Division.
  • In 2011, he was promoted to President of MS’s Server and Tools Business and led a transformation from client services to cloud infrastructure and services. 
  • He has been credited for helping bring Microsoft’s database, Windows Server and developer tools to its Azure cloud.
  • In 2013, Nadella’s base salary was nearly $700,000, for a total compensation, with stock bonuses, of $7.6 million.
  • On 4 February 2014, Nadella became MS’s third CEO. In his first year in that position he has moved away from Balmer’s Window’s-first focus.
  • In 1992 Nadella married Anupama. Many think Satya had a love marriage with Anupama. Theirs was partly arranged and partly a love marriage They have three children, a son and two daughters, and live in Bellevue, Washington.
  • Nadella is an avid reader of American and Indian poetry. He is also interested in cricket, his passion growing up, having played on his school team. 
  • He mentioned having learned leadership and teamwork from cricket.
  • His first year a Microsoft has been a success. He oversaw a layoff, launched multiple new products, embraced all platforms, made MS cloud centric, created an exciting place for developers and employee, and ended bitter feuds with rivals like Oracle and Apple. Now he just has to grow revenue to make Wall Street happy.
Pi Day Celebration
  • Pi Day was dreamed up 27 years ago to celebrate 3.14 on 3/14, but this year the geek dial is being turned up to 15 — as in 3/14/15. 
  • And this’ll be the only year until 2115 that you can really celebrate, at 3/14/15, 9:26:53, and an exact match for pi’s first 10 digits (3.141592653). 
  • This Pi Second of the Century will occur during the show!
  • Pi is the ratio of the diameter of circle divided by the circumference. It is an irrational number, meaning that it cannot be expressed by a fraction. The Greeks hoped it would be equal to 22/7, but their hopes were crushed when it was clear that Pi was irrational.
  • The earliest known official or large-scale celebration of Pi Day was organized by Larry Shaw in 1988 at the San Francisco Exploratorium, where Shaw worked as a physicist, with staff and public marching around one of its circular spaces, then consuming fruit pies. The Exploratorium continues to hold Pi Day celebrations. 
  • On March 12, 2009, the U.S. House of Representatives passed a non-binding resolution (HRES 224),  recognizing March 14, 2009 as National Pi Day.
  • For Pi Day 2010, Google presented a Google Doodle celebrating the holiday, with the word Google laid over images of circles and pi symbols. Google did nothing this year. 
  • Pi Day has been observed in many ways, including eating pie, throwing pies and discussing the significance of the number ?. Some schools hold competitions as to which student can recall Pi to the highest number of decimal places.
  • Massachusetts Institute of Technology has often mailed its application decision letters to prospective students for delivery on Pi Day
  • The town of Princeton, New Jersey, hosts numerous events in a combined celebration of Pi Day and Albert Einstein’s birthday, which is also March 14.
  • Einstein lived in Princeton for more than twenty years while working at the Institute for Advanced Study. In addition to pie eating and recitation contests, there is an annual Einstein look-alike contest.
ANOTHER cyber security flaw discovered
  • Article suggested by Arnie, a long-time listener.
  • Researchers have discovered yet another security flaw that threatens millions of Internet users. 
  • This one goes by the clever acronym FREAK which stands for Factoring Attack on RSA-EXPORT Keys. 
  • This bug affects SSL/TLS protocols used to encrypt data as it is transmitted over the Internet and potentially puts at risk private information sent over the Internet including passwords, banking and credit card information. 
  • To better understand FREAK, it is necessary to go back to restrictions of a maximum of 512-bit code encryption from the early 1990s used in software to be sold abroad.
  • The reason for this was that the federal government wanted to make it easier for federal intelligence agencies to spy on overseas software users. 
  • Following much criticism and protest by the technological community, these restrictions were ended. However, many software developers continued to use the weaker encryption.
  • When you use the Internet, your computer communicates with your server on how best to protect your data. Due to the FREAK flaw, some software, including Apple’s Secure Transport, can be manipulated into accepting the weaker encryption program, which can then be hacked by a sophisticated hacker to steal your data. 
  • This type of hacking is called a “man-in-the middle attack” and is used to steal and unencrypt what the victim believes is protected, encrypted communications.
  • This type of hacking is regularly done by Iran and China to spy on Internet communications by their citizens within their countries. 
  • You are particularly vulnerable to this type of attack when you use hotel Internet services, airport Wi-Fi, or Wi-Fi at your favorite coffee shop or mall. 
  • Exploiting the FREAK flaw is not particularly difficult. What would have been a daunting task for your average hacker in the 1990s can now be done in about seven hours with easily obtained computer programs. 
  • Comparatively, today’s stronger 1024-bit encryption programs would take a million PCs about a year to crack the code and many software developers now use even stronger 2048-bit security.
  • Not all browsers are affected by this security flaw. Google Chrome, for example, isn’t; however, older Android browsers are vulnerable to this flaw, as are Apple’s Secure Transport. 
  • About five million websites using the older encryption programs are also vulnerable. 
  • Even if you see on a website the familiar padlock icon which indicates that the information you are sending is encrypted and thereby protected, you cannot feel safe because millions of websites using this SSL technology are vulnerable to FREAK.
  • The FREAK flaw has existed for many years and was uncovered a few weeks ago by French researchers at the computer science lab, INRIA . 
  • Immediately upon discovering FREAK, the researchers notified governments and companies around the world. However, the news of FREAK was only made public earlier this week.
  • The discovery and discussion of this major security flaw is particularly timely in the light of FBI Director James Comey’s announced desire that software developers should specifically build in backdoors in the security of their products so that intelligence agencies can readily decrypt data for reasons of national security.
  • The good news is that we can expect security patches for this flaw soon. Apple expects to have a security patch for Apple computers and iPhones by mid-March 2015.
The secret your cellphone company doesn’t want you to know
  • Recently, AT&T surprised everyone when it added a new option to its GigaPower fiber Internet service: privacy. Yes, for just $29 more a month, AT&T promises it won’t sell your search and browsing history to advertisers. 
  • While there’s still some doubt about how private your information is even after you pay the $29, at least AT&T is being honest about how it finances operations. 
  • The truth is, the major cellphone carriers are more than happy to sell your information to advertisers and serve you targeted ads over their networks.
  • Here is how to stop this tracking.
  • iPhone
    • If you’re an iPhone user, go into Settings, and then tap Privacy. Scroll all the way down to Advertising.
    • You’ll see a button that says “Limit ad tracking.” Slide this button to make it green. This will stop ad companies from tracking what you do with your phone and from serving up targeted ads.
    • Right underneath that setting, by the way, you’ll see the “Reset Advertising Identifier” option. Tapping on that will zero out the anonymized identifier linked to your personal data on Apple’s servers.
    • In other words, to trackers you’ll appear to be a new user. This can make it more difficult (but not impossible) for advertisers to build up a profile on how you browse.
  • Android
    • To turn off the Google “AdID” system, do NOT go to your Android phone settings. Go instead to your Google Settings app. (You may have to look under your full list of apps to find it.)
    • Once you’re in Google Settings, tap the Ads link and then tap “Opt out of interest-based ads.” You can also see your advertising ID and tap “Reset advertising ID” to make a new one. This will make you look like a new user to advertisers.
    • Ads aren’t the only way you’re tracked on your phone. Google and Apple might be tracking your searches. Use DuckDuckGo search engine to remain private.
    • DuckDuckGo doesn’t track your IP address or search history, collect your data or store your personal information. You’ll be completely anonymous while surfing.
  • Windows Phone.
    • To turn off Personalized ads in Windows Phone, go to Microsoft’s ad opt-out page, and under “Personalize ads whenever I use my Microsoft account,” click “Off.”
    • You will need to be signed in with a Windows account to do this. Make sure you sign in with the same account you use on your Windows Phone. This also turns off personalized ads for Internet Explorer in Windows 8.
  • Unfortunately, the phone companies still have your MEID and can track you using super cookies and you have no way to opt out. They “say” that they are stopping this practice.
Idea of the Week: Bluetooth beacons Help Blind Navigate
  • Navigating London’s Underground for the visually impaired is very difficult.
  • Wayfindr has been developed by Ustwo ( the company folks behind the video game Monument Valley) and the Royal London Society for Blind People’s (RLSB) Youth Forum.
  • It will offer travellers audio-based directions and advice. A month-long trial at Pimlico station is now underway with 16 beacons tracking users’ smartphones and activating descriptive notes.
  • The information is basic, but could offer valuable guidance and, hopefully, confidence to blind and partially sighted people navigating the Underground independently.
  • Wayfindr app is paired with bone conduction earphones that allow the wearer to listen to their surroundings simultaneously. 
  • It’s a small trial for now, but Transport for London says it could lead to further tests and shape how beacons are integrated into each station’s physical architecture.
Microsoft gives eligible students free Office 365 subscriptions
  • Microsoft has offered Office365 free to US students for awhile.
  • MS is now bringing free Office 365 subscriptions to students outside the US, so long as they live in one of the countries where the product’s available. 
  • Schools will have to buy subscriptions for staff and faculty, but once they do, students (and even teachers) can self-install for no charge by using a school-issued email address at the Office in education website. 
  • After signing up, they’ll get access to the newest Office, Excel, PowerPoint, OneNote, Access and Publisher, and be able to install them on up to five computers and five phones or tablets. 
  • An account also comes with Office Online and, even better, 1TB of OneDrive storage, so users can go wild uploading anything without quickly running out of space.
Apple Watch release date, price and features
  • Apple Watch launches on Friday, April 24.
  • It’s an iPhone-compatible smartwatch officially dubbed Apple Watch.
  • When pre-orders begin on April 10, the price will range from $350 for the entry-level Sport model to $17,000 for the top-tier 18-karat gold editions.
  • You can read emails, summon Siri, receive calls and track fitness goals on your watch. Facebook alerts, WeChat messages and Twitter trends can also be beamed your wrist without pulling out your smartphone. It is purported to have an 18-hour battery life.
  • Apple Watch will launch in the US, UK, Australia, Canada, China, France, Germany, Hong Kong and Japan, with more countries due to get the Apple Watch at later date. 
  • Apple is clearly aiming for luxury given the sapphire glass-protected display, an imposing digital crown, two sizes and even the 18k gold edition.
  • There are more than a dozen ways to interact with the watch, from receiving glanceable notifications, to feeling “taptic” feedback, to calling upon Siri, according to the developers’ WatchKit software.
  • Apple Watch can also work without an iPhone for select apps, including Apple Pay, Passbook flight check-ins, listening to music during a run and tracking fitness metrics. And for telling the time accurately too.
  • The 8GB of storage with some restrictions limit the amount of photos and music that can be stored directly on the smartwatch.
  • It’s going to become especially convenient to pocket your iPhone or iPad. It will be much less of a distraction and you will only see critical notifications.