Show of 08-08-2015

Tech Talk

August 8, 2015

Email and Forum Questions
  • Email from Arnie in Colorado Springs: Hi Dr. Shurtz. You mention on one of Tech Talk programs that you have or use VPN. Does one have to have a server to have & use multiple email addresses to use VPN? Or does VPN apply to one email address at a time? Great show. Arnie, Colorado Springs, CO
  • Tech Talk Responds: A VPN does not use an email address. It uses an encrypted communications channel between your computer and a proxy server. The encryption ensures that someone cannot snoop on your conversation. The proxy server makes your Internet requests on your behalf so it looks like your IP address is the address of the proxy server.
  • Email from Carl Tyler: Dear Dr. Shurtz: I have read a lot about exploits and malware getting into systems using buffer overflow and a stack overflow. What exactly are they and how are they exploited. Could you do a Profiles In IT profile of Nick Szabo. He is a computer scientist who has done a lot of work in digital currency and digital contracts. He is also the person who a lot of people speculate is really Satoshi Nakamoto, creator of Bit Coin. I could not find a lot of information on him and I couldn’t find a photograph of him either. I think he would be an interesting person to profile on my favorite segment of your podcast of which I thank you for. Carl Tyler.
  • Tech Talk Responds: A great suggestion for Profiles in IT. We will cover it next week in the show. In software, a stack buffer overflow or stack buffer overrun occurs when a program writes to a memory address on the program’s call stack outside of the intended data structure, which is usually a fixed-length buffer. Stack buffer overflow bugs are caused when a program writes more data to a buffer located on the stack than what is actually allocated for that buffer. This almost always results in corruption of adjacent data on the stack, and in cases where the overflow was triggered by mistake, will often cause the program to crash or operate incorrectly. 
  • Overfilling a buffer on the stack can derail program execution because the stack contains the return addresses for all active function calls. Stack buffer overflow can be caused deliberately as part of an attack known as stack smashing. If the affected program is running with special privileges, or accepts data from untrusted network hosts (e.g. a webserver) then the bug is a potential security vulnerability. If the stack buffer is filled with data supplied from an untrusted user then that user can corrupt the stack in such a way as to inject executable code into the running program and take control of the process. This is one of the oldest and more reliable methods for attackers to gain unauthorized access to a computer. The standard method for exploiting a stack based buffer overflow is to overwrite the function return address with a pointer to attacker-controlled data (usually on the stack itself).
  • Email from Lauren in Bethesda; Dear Dr. Shurtz. I have the OOMA phone service basic plan with no blacklist option. I don’t want to pay more for this. I have my OOMA acct set up so when I am on a call and I have an incoming call the incoming caller gets voicemail. Part of the message I was able to decipher sounded a lot like he knew what I’ve been discussing in recent calls. Is it possible for people to hack into a phone call from a VoIP phone line. Anything I can do to better secure my FiOS internet service to avoid this weirdness?  Thanks, Lauren in Bethesda.
  • Tech Talk Responds: It is very unlikely that your OOMA calls have been intercepted. I would not worried about that. As far as configuring FIOS to be more secure, I would make certain that you have WPA2 (Wi-Fi Protected Access 2) encryption on your Wi-Fi router and have a secure login password. BTW, I love the blacklist feature on OOMA. I get almost no sales calls now.
  • Email from John in Reston: Dear Tech Talk. I have been given the option to upgrade to Windows 10. I currently have Windows 8.1. I have a desktop without a touch screen. What do you recommend? Love the show. John in Reston
  • Tech Talk Responds: Windows 8 was designed for a touch screen. Without a touchscreen, it is a dog. I would run, not walk, to that upgrade. On the other hand, if you have Windows 7, the choice is not so clear. They made Windows 10 a hybrid, good for both the touch screen and the standard screen. As a reference point, I had Windows 7 and did the upgrade. I am happy with it so far. It is stable and fast. I think that I will keep it.
  • Email from Lynn in Ohio: Dear Doc and Jim. I recently upgrade from Windows 7 to Windows 10 and don’t like the way it stores all my pictures. It there a way to go back to Windows 7. I did not do a backup before upgrading. Love the show. Lynn in Ohio.
  • Tech Talk Responds: Microsoft provides an option to quickly go back to Windows 7 or 8.1 if they don’t like Windows 10, Before starting, there’s one critical thing that needs to be considered: the downgrade uses the Windows.old folder that the upgrade to Windows 10 automatically creates on your computer.
  • Click on the Start menu, launch Settings, click “Update and Security” and go to the Recovery section. An option called “Go back to Windows 7 should be there to let you start the downgrade. Once you click this option, Microsoft’s asking you for some feedback, trying to determine the reason you go back. You are allowed to choose between “my apps or devices don’t work on Windows 10” and “the old version of Windows seemed easier to use, faster, or more reliable. The downgrade process takes a while and you’ll lose all installed apps, so you have to re-install every single program on your computer. Changes made to the system configuration will also be lost. All your personal files will be kept though, so no backups are needed (nevertheless, they are recommended to make sure you are on the safe side). Once the downgrade process comes to an end, you should be able to log in back to your old Windows desktop just like before. This option is only available for 30 days after you have upgraded. After that the downgrade files are deleted to free up disk space.
  • Email from Michael in Boston: Dear Tech Talk. I have an old Yahoo email  account with years of history. I would like to transfer to Gmail. This there an easy to do the transfer. Love the podcast, Michael in Boston
  • Tech Talk Responds: There is an automated way to do this transfer. Open your Gmail account. Go to Settings. The settings button is the black gear icon on the top right of your Gmail account. Click on the “Accounts and Import” Tab. It should be in the middle of the Settings page. Click “Import mail and contacts” and enter the passwords for your Yahoo! mail account. Do not include the suffix (i.e. “@yahoo.com”) in your user name. 
  • The POP server name may vary depending on your country, but just change the last suffix in: pop.mail.yahoo.com. The standard Port address is 995.
  • Select the import options you want to use. You can decide to import all your contacts, and old mail, or some portion of thereof. Note that only messages currently in your inbox will be imported. They will be automatically labeled with the name of your yahoo account. If you have other folders in your yahoo account that you want imported, you’ll need to rotate those messages into your yahoo inbox. 
Profiles in IT: Martin Casado
  • Martin Casado is a networking research leader in infrastructure technology who spearheaded the current software-defined networking movement.
  • Martin Casado was born in 1976 in Cartagena, Spain
  • He received a BS in computer science from Northern Arizona University.
  • After graduation, Casado held a research position at Lawrence Livermore National Laboratory where he worked on network security.
  • Casado first began thinking about network virtualization in 2002, when he was working as a contractor for a United States intelligence agency. 
  • He used network virtualization to ensure fewer points of entry and maximum security by uncoupling the network from the underlying physical networking hardware. 
  • This level of abstraction creates virtual networks that deliver the same features as physical networks, but with the operational flexibility of virtualization.
  • He received an MS in 2005 and PhD in 2007 from Stanford in computer science.
  • His dissertation work led to the creation of the software-defined networking (SDN) movement, and laid the foundation for the new paradigm of network virtualization, including OpenFlow, one of the defining protocols of SDN.
  • While at Stanford, Martin co-founded Illuminics Systems, an IP analytics company, which was acquired by Quova Inc. in 2006.
  • In 2007, Casado co-founded Nicira with Nick McKeown and Scott Shenke, where he focused on software-defined networks (SDN) as CTO.
  • Nicira was one of the original developers of the Open vSwitch technology. Open vSwitch enables a virtual switch inside of software and has been part of the mainline Linux kernel since the Linux 3.3 release in March 2012.
  • Nicira built its own Network Virtualization Platform (NVP) technology, which uses vSwitch to create network virtualization.
  • Nicira NVP is network virtualization software that manages an abstraction layer between end systems and the physical network infrastructure and enables the creation of logical networks that are independent of the network hardware.
  • Nicira was acquired by VMWare for $1.26 billion in 2012. After the acquisition Casado became a VMware Fellow, and Senior VP and GM, Networking and Security Business Unit. He is currently CTO for Networking at VMware.
  • Martin has been recognized as one of the industry’s leading innovators, and has been featured as one of Business Insider’s “50 Most Powerful People in Enterprise Tech,” Forbes’ “Next Gen Innovators,” and Silicon Valley’s Business Journal’s “Silicon Valley 40 Under 40.” 
  • In 2013, Martin was also honored with the Grace Murray Hopper Award as Outstanding Young Computer Professional of the Year.
  • His first job was a paper route and his favorite car is a Honda Civic.
Verizon is Eliminating Contracts
  • Verizon Wireless announced on August 7, 2015,  a set of new data plans that require customers to pay for their smartphone in monthly installments or buy it outright. The new plans go into effect August 13. 
  • Customers are increasingly paying for their devices in exchange for lower service fees — a trend started by T-Mobile two years ago. 
  • Under the revamped system, there are no single-line options or family plans. 
  • Verizon will focus its efforts promoting four choices with varying amounts of data. All come with unlimited voice and text messages.
  • The data plans include: 1 gigabyte of data for $30 a month, 3GB of data for $45,  6GB of data for $60 and 12GB for $80. Data can be shared among devices and accounts. 
  • As there are no contracts, customers can switch between plans each month. Verizon also charges an “access” fee to connect the device. It will cost $20 a month to connect a smartphone, $10 to connect a tablet or “Jetpack” portable Wi-Fi hotspot, and $5 for a connected device like a smartwatch. 
  • The access was formerly $40 per months and included $20 per month to pay for the phone ($480 + $200 for a $650 iPhone).
  • Verizon will also offer large data plans, but won’t publicly promote them,
  • If a customer is on a contract, the person would have to continue paying $40 for the access fee until the contract is up. 
  • This is $5 per month more than Walmart’s Straight Talk Plan ($45 for 3GB of data).
Which Programming Languages Get Used Most At Hackathons?
  • Picking a programming language to learn can be a stressful task. 
  • According to ChallengePost, the Top 10 Languages At Devpost’s Hackathons are:
    • 1. HTML/CSS (not really a programming language)
    • 2. JavaScript (Scripting language)
    • 3. Python (Easy to learn)
    • 4. Java (Good choice for first object oriented programming language)
    • 5. C/C++ (the old standbys)
    • 6. PHP (Open Source)
    • 7. Objective-C (Apple)
    • 8. C# (Microsoft)
    • 9. Swift (Apple)
    • 10. JSON (not really a programming language) JSON (JavaScript Object Notation) is a lightweight data-interchange format. It is easy for humans to read and write.
    • 11. Ruby (Object oriented language designed to make programmers more productive)
IPhone Waterproof Cases
  • Here are a few waterproof cases for the iPhone 6 and iPhone 6 Plus.
  • Hitcase Pro for iPhone 6 ($100). The case is very solid, offering waterproofing up to 33 feet (10 meters) and rugged drop protection. The hinge mechanism makes it easy to open and close. You can use your iPhone with the case on, but you’ll need to take it off, or use an adapter, for most chargers and headphones. 
  • LifeBox Rugged Protection Case ($40). It’s fully submersible in water at a depth of up to 6.6 feet (2 meters) for an hour. It also meets military drop test standard 810F-516, which means it can survive falls of up to 6.6 feet unscathed. It will even guard against dust, dirt, and extreme temperatures. Unfortunately, it does impact touch sensitivity, the button covers are stiff, 
  • Vansky Universal Waterproof Case ($15). If you only need the waterproofing from time to time, you may be better served by a pouch design, like this one from Vansky. It will keep your iPhone dry up to depths of 100 feet (30 meters). You can also use your iPhone 6 in the pouch, but it’s definitely awkward.
  • Bessmate Underwater Case ($21). It will protect the iPhone 6 up to 6.6 feet (2 meters. It has the typical array of problems: firm button covers, some impact on sound and touch sensitivity, and the need to be perfectly aligned when closing to ensure it’s really waterproof
  • Optrix Body Glove Kit ($120). It includes a thin shell for your iPhone 6 with a larger waterproof case that it slides into easily. It clamps shut securely and offers waterproofing in depths of up to 33 feet (10 meters). You can screw in a range of different lenses, but it only comes with the normal and wide-angle varieties. There are also various mounts available, so you can attach it to anything, from a surfboard to a bike. It’s bulky, but you can use your phone with the case on.