Show of 03-28-2015

Tech Talk

March 28, 2015

Email and Forum Questions
  • Email from Mary in Bethesda: Dear Dr. Shurtz, I know that when I click on the WiFi icon in the upper R corner of my screen on the iMac a dropdown list shows up. How do I tell which one of the many names/numbers is me? Verizon is my ISP and I have FiOS. Thanks, Mary Bethesda
  • Tech Talk Responds: Mary, you will need your Wi-Fi password too. You can figure out which one is yours by simply turning it on and off to see which signal is affected. I actually logged onto my router and changed the name of my Wi-Fi network. I also changed the password. You have that option. Once you are on the network, use your browser to go to 192.168.1.1. User name is admin. You will need the router password. Verizon frequently puts this information on a label attached to the bottom or back of the router. At least Verizon secures your router at the time of installation.
  • Email from Lolita in Maryland: Dear Dr. Shurtz.  I own a Verizon iPhone 5. Shortly after I got this I cancelled the Verizon service plan and didn’t use the phone at all. A few days ago I plugged it in and fully charged it. It did come back with right date/time and looks fine. I’ve contacted T-Mobile and they are sending me a sim card that I assume I’ll pop out the Verizon one and insert the T-Mobile card. T-Mobile plans are cheaper than Verizon’s. The latest iOS version is 8 and I don’t know what this has. I assume an upgrade is free. A friend told me that Verizon is CDMA and that is different than GSM. Verizon supports GSM overseas. Will the T-Mobile sim card work in the US? Thanks! Lolita in Maryland
  • Tech Talk Responds: The good news is that the Verizon iPhone 5 supports both CDMA and GSM. CDMA is the Qualcomm standard (Code Division Multiple Access). GSM is the European standard (Global System for Mobile Communications). Since the iPhone 5 Verizon delivers their phones with the SIM card unlocked, so you can change it to another carrier. It should work with a T-Mobile SIM Card. I have left a foreign SIM in my phone and when I returned I was connected to a US GSM network using Indian roaming charges. I am certain that Verizon charged you for the phone when you cancelled. The cancellation penalty is designed to fully pay for the phone. If you didn’t fully pay for the phone, they may have locked the SIM card. I am not certain about that policy.
  • Email from Desirable: Dear Doc Shurtz, I write an email to person A. I want to write a very similar email to business B, personalizing it with their Name and BIz at the top. When I cut it out of person A’s email & paste the text into a new blank email body I get these vertical lines at the left margin that I hate! How do I avoid this? I am using the Apple Mail application on an iMac running Yosemite.  Thanks! Desirable
  • Tech Talk Responds: The vertical line is automatically generated by the email client when you forward or respond to an email. I suggest that you create the text in a word processor and then paste it into the email client. Better yet, there are mail merge program that can create them emails for you. Doing it manually is a drag. You could use Constant Contact (http://www.constantcontact.com/) .
  • You can also use email merge within Microsoft Office. You can also use e-mail merge to send personalized e-mail to recipients in your address list. The unique information in each message comes from entries in a data file. You must have a MAPI-compatible e-mail program installed. The capabilities of Outlook MAPI (Messaging Application Program Interface) make it possible for Microsoft Office Word and Microsoft Office Outlook to share information when sending the merged e-mail. You must use the same versions of Outlook and Word. If you are using Microsoft Office Word 2007, you must also use Microsoft Office Outlook 2007.
  • Dear Dr. Shurtz: Thank you for the great show you had on pi day. I enjoyed it immensely. Your enthusiasm for that special pi day was contagious. I wish I had run across this website (http://mypiday.com/) before you did that show so you could have maybe given this website out to you audience. It would have been so fitting for pi day. On this website you can put you birthday in and it will show you when your birthday comes up in the calculation of pi. And then if you’re so inclined you can get it printed on a t-shirt or poster. Anyway I thought you and your audience might enjoy it. Thanks to you and Jim for the best technology show and podcast anywhere. Carl Tyler
  • Tech Talk Responds: This website is quite a bit of fun. Just put in your birthday and it will locate those digits somewhere is the pi sequence. So everyday can be sort of a pi day.
  • Email form Robert Taylor in Amarillo: Hi Doctor Shurtz! It has been awhile since I asked a question and while my question may not be as exciting as Tung’s in Ohio, it might be interesting to some.  My Windows 8.1 computer has been locking up lately and I believe I have traced to problem down to it overheating due to over-clocking and maybe dust in the computer. It locked up while I was testing Windows 10 preview and the computer froze up and then would not reboot, giving the message that a component of Windows 10 had expired. Fortunately about a week earlier I cloned my hard drive.  I cloned the image of my Windows 8.1 over the Windows 10 partition and it came back to life.  The computer is 4 years old and maybe the hard drive might need to be replaced. I believe I have read that if you clone your hard drive to a new drive and then use the new drive to replace your old hard drive, that it would not work because the system would recognize that you had a new hard drive and not allow it, forcing you to reload everything from scratch.  Is that true or can I simply clone my hard drive to a new drive and swap them out?  If so, will all of my installed apps and programs work or will they have to be reinstalled?  By the way the new Windows 10 is actually pretty good. : I listen to your show every week and you guys are still the best! Robert Taylor Chief of Police in Amarillo, Texas
  • Tech Talk Responds: Robert you can put the Windows OS on a cloned disk. As long the disk is put into the same computer you will not have a problem. However, if put the disk in another computer with significantly different components, it will think that it is an unauthorized installation. No problem in your case. And BTW, congratulations on making a disk image of your computer. Most users to do that. In the future I would recommend that you install VMWare and then install your test OS in a virtual machine. It will not affect the base machine and when you are done playing, just delete the virtual machine. That is how we have our students play with both Windows and Linux on the same machine.
  • Email from Hac in Bowie: Dear Doc and Jim. I am refitting my house with LED lights and would like to set up the basement for parties. I understand that you have Wi-Fi controlled lights in your house. What type of LEDs to you use and can be used for a party lights. I would like to have all the colors that you find in a bag of M & Ms. BTW, I may give some of these lights to my sister Tung in Ohio. Love the show. Hac in Bowie
  • Tech Talk Responds: I am using the Phillips Hue bulbs. They connect to my wireless hub using the Zigbee (www.zigbee.org) is the wireless standard for the home. I plug the Hue Zigbee hub into my Wi-Fi router to connect with my iPhone. The hub support up to 50 LED bulbs. I use Phillips Hue app on my iPhone to control the bulbs in each room. I can select color and intensity for each bulb individually. But they are grouped to control easily. I have the Hue disco app ($1.99). It flashes and changes color with music. The disadvantage of Hue bulbs is their price ($79 each).  The bridge is free when you buy the three bulb starter pack. I have 50 bulbs in my house ($4k total) and can control each room individually. The prices are dropping fast and there are cheaper options available now. GE has come out with a series of LED lights (white only) at about half the price. They also conform to the Zigbee standard. There are others on the market. Make certain to get the Zigbee standard to be future-proofed. There are Bluetooth enabled bulbs, but I am not certain how convenient that would be. They are made by ChiChin Lighting and are only $30 per bulb.?
Profiles in IT: Parisa Tabriz
  • Parisa Tabriz, an American computer security expert, works for Google, as its self-appointed Security Princess, and leads the team that secures the Chrome browser.
  • Parisa Tabriz was born in 1983 in Chicago, where she grew up, with her Iranian-immigrant father, a doctor, and Polish-American nurse mother.
  • As the older sister of two brothers, she was used to bossing boys around. She played them at their own game, in sports on the field, and at video games.
  • She took a career test in HS. It recommended that she become a police officer. 
  • Talented in math and science, she chose the University of Illinois and discovered computer science. This was her first real experience with computers.
  • Parisa Tabriz loved to paint and draw. At college, web design became her medium. 
  • She taught herself web design  using the free online service Angelfire to build website after website. She hacked the service and found a way to remove banner ads. 
  • Angelfire would then change its service, to combat such workarounds. And then she would find another way of blocking the ads. That’s how I got into computer security.
  • She joined a computer club, SIGMil, a group of hacker nerds. SIGMil meetings were only held on Friday nights to keep out casual attendees.
  • She the only woman in the group and held her own with the boys. Tabriz introduced them to cross-site scripting and cross-site request forgery, common web hacks.
  • She was inspired by the story of one of the earliest hackers, John Draper, otherwise known as Captain Crunch. He discovered how to make free long-distance calls using a toy whistle (2600 hertz) packaged in boxes of Cap’n Crunch cereal. 
  • She became interested in steganography—the art of concealing a coded message in plain sight. The group sent encrypted messages to each other in cat images.
  • She earned her BS and MS in CS from the University of Illinois and did research in wireless networking security and attacks on privacy enhancing technologies.
  • After college she landed an internship at Livermore’s Sandia Labs and in 2007 she got a job with Google’s tiny “hired hacker” team. 
  • The division Tabriz heads has more than 30 hackers handling security threats specific to Google’s Chrome browser. The team prides itself on daily silent security updates. 
  • Because of her ability to get inside the mind of the “bad guys”, she was her put in charge of the in-house training of Google engineers wanting to get into security.
  • She starts by asking them to think of a way to hack a vending machine. 
  • Google offers outside hackers cash rewards of up to $30,000 to find bugs, or faults, in Chrome. By October 2014, they had awarded $1.25 million, fixing more than 700 bugs. This program is converting some black hats to white hat hackers.
  • Parisa enjoys rock climbing and photography. Picking the right path is rock climbing is actually an optimization problem.
  • In 2012 Forbes named her to the “30 Under 30” list (30 tech pioneers under 30)
Organization of the Week: Women in Technology
  • Women in Technology (WIT) is a not-for-profit organization with the mission of advancing women in technology – from the classroom to the boardroom – by providing advocacy, leadership development, networking, mentoring and technology education. 
  • With nearly 1000 members in the Washington, D.C.-area, WIT strives to meet its vision of being the premier organization empowering women to be architects of change in the technology industry.
  • WIT membership is $115 per year or $200 for two years. 
  • WIT also offers a student discount rate of $50.
  • Website: http://www.womenintechnology.org/
Website of the Week: InfoSecRocks
  • Link: https://sites.google.com/site/infosecrocks/
  • Site created by Parisa Tabriz, Google’s Security Princess
  • INFOSEC ROCKS is a collection of activities and training resources for anyone interested in learning about information security topics in a fun and easy way.
  • Crypto Cramming
    • A series of activities that overviews the early early forms of cryptography and modern encryption on the Internet.
  • Colorful Key Exchange
    • An activity that demonstrates how the Diffie-Hellman key exchange works using jars of water and food coloring.
  • Learn the web like a hacker
    • Learn the web like a hacker is a beginner-level activity in which you pretend to be a hacker exploiting a common web security flaw to learn some of the building blocks of modern websites.
  • Learn Cross-Site Scripting
    • Learn XSS is an interactive guide that describes cross-site scripting (XSS), the most common web security flaw on the Internet.
  • Cross-Site Scripting War Games
    • XSS War Games is a self-guided training application that guides you through increasingly difficult, “find and exploit XSS” exercises. 
  • Gruyere
    • Gruyere is a web application that, like the cheese, has tiny (security) holes. This self-guided codelab will teach you about how to find and fix common web application vulnerabilities.
A Lifeguard Drone to the Rescue
  • A beach in Chile is piloting a program of lifeguard drones that can fly over the sea and drop a life preserver to struggling swimmers, buying time for the human lifeguard to retrieve them.
  • It could be just the sort of thing to keep someone afloat long enough to survive and to stop them from ingesting water. By hovering over the victim, the drone also can help lifeguards find the person in need, even in choppy waters.
  • The drone is equipped with GPS and video devices that allow a human pilot to assist in dropping the floatation device.
  • Green Solution and X-Cam designed the drone, and it’s not hard to see them going international in beachside towns.
PayPal uses Deep Learning to Detect Fraud
  • PayPal is using Deep Learning to catch criminals and level the playing field.
  • Deep learning is a somewhat new approach to machine learning and artificial intelligence that is used by companies such as Google, Facebook, Microsoft and Baidu.
  • The field draws a lot of comparisons to the workings of the human brain because deep learning systems use artificial neural network algorithms, although “inspired by the brain” might be a more accurate description than “modeled after the brain.”
  • Essentially, the stacks of neural networks that comprise deep learning models are very good at recognizing patterns and features of the data they’re trained on, which has led to some huge advances in computer vision, speech recognition, text analysis, machine listening and even video-game playing in the past few years. 
  • It turns out deep learning models are also good at identifying the complex patterns and characteristics of cybercrime and online fraud. 
  • PayPal has been working with deep learning itself for the past two or three years.
  • Some of these efforts are already running in production as part of the company’s anti-fraud systems, often in conjunction with human experts.
  • The deep learning algorithms are able to analyze potentially tens of thousands of latent features (time signals, actors and geographic location are some easy examples) that might make up a particular type of fraud.
  • Once the models detect possible fraud, human “detectives” can get to work assessing what’s real, what’s not and what to do next.