Show of 04-09-2016

Tech Talk

April 9, 2016
Email and Forum Questions
  • Email from Arnie in Colorado Springs: Hi Dr. Shurtz, Many are familiar with a byte of data or say, a 500 gigabyte hard drive. I’m reading a book that mentions: Gigabytes, Terabytes,Petabytes, Exabytes, Zettabytes, Yottabytes, etc. Are there any more types of bytes? Seems like companies like Google, Facebook & others have need for such storage. Wonder how big the buildings have to be to house the equipment needed for such large amounts of data? Lots of personal data at these facilities. Does Stratford have a lot of capacity? Great show & enjoy it immensely. Arnie, Colorado Springs.
  • Tech Talk Responds: The tech industry has not settles are the names after Yattobytes because we don’t need them yet. However, the tech industry has been circling around the terms brontobyte (a thousand yottabytes) and geopbyte (a thousand brontobytes) as the next levels in the big data hierarchy. Here are some of these terms in use.
    • Telecommunications capacity: The world’s effective capacity to exchange information through two-way telecommunication networks was 281 petabytes of information in 1986, 471 petabytes in 1993, 2,200 petabytes in 2000, and 65,000 petabytes in 2007. This is the informational equivalent to every person exchanging 6 newspapers per day.
    • Telecommunications usage: In 2008, AT&T transfers about 30 petabytes of data through its networks each day.
    • Internet: Google processed about 24 petabytes of data per day in 2009. The BBC’s iPlayer is reported to have transferred up to 7 petabytes each month in 2010. Imgur transfers about 4 petabytes of data per month.
  • By the way, Stratford has not reached the petabyte level. Our data center is still at the terabyte level, but growing.
  • Email form Feroze in Fredericksburg: Dear Tech Talk. I am confused about Apple iCloud. It is a backup system or a synchronization system. If I delete a picture from my computer is it also deleted from iCloud and from all devices? How does this work? Love the show. Feroze in Fredericksburg
  • Tech Talk Responds: iCloud Drive is one of several ways to store, sync, and update data between your Apple (and even Windows) devices. Apple has now updated its cloud storage system to make it more visible and accessible to users and third-party developers.
  • To my knowledge, you can’t lock down Photos to prevent deletions entirely. You could set up a separate user account on your iMac for use by your grandchildren or other people, and they would then not have any direct access to your Photos library. This is a good way to limit damage and access even by the most honorable relatives and friends, in any case. 
  • Should a photo or video be deleted from iOS or OS X if you have iCloud Photo Library enabled—yes, it is deleted everywhere, whether you’re deleting an optimized version or the full-resolution one on a Mac. 
  • However, the deletion isn’t immediate without an extra step. Instead, iCloud Photo Library moves it to a Recently Deleted album. Items are moved here and retained for weeks. Prior to that time, you can recover the deleted picture from the deleted folder.
  • If you want to save pictures permanently you need to save them to another directory and out of the iCloud ecosystem.
  • Email from Jim in Kansas: Dear Tech Talk. I keep hearing that I’m supposed to use a different password on every internet site where I have an account. What a pain! I can’t remember all of those passwords. You want me to use a password manager thing, but that seems like putting a bunch of really important things into a single basket. What if that basket gets hacked? I use a strong password, why isn’t that enough? Jim in Kansas
  • Tech Talk Responds: You must use different strong passwords on every site where you have an account – at least, every important site. And yes, you must devise a way to manage them all.
  • Let’s say you have an account at some online service – I’ll call it Service A. In addition, you have a Yahoo! account because you use Flickr, a Google account because you use Gmail and a number of other Google services, a Microsoft account because you have Windows, and we’ll throw in a Dropbox account. You have lots of accounts to a number of online services. You also have a strong password: 14 completely random characters that you’ve memorized. And you use that same password everywhere.
  • Service A doesn’t understand security well enough. Perhaps they store passwords in their database in plain text, allowing anyone with access to see them. They do that because it’s easy, it’s fast, and it allows them to solve the problem quickly. One day, a hacker breaches site security and steals a copy of the customer/user database. 
  • Once they have your password, the hackers go hunting. The hackers start trying the information from Service A as if it were the correct information for Gmail, Outlook.com, Yahoo, Facebook, Twitter, Dropbox, and more. They try your email address and password to log in to the email service that you’re using. And very often, it works. The hackers gain access to another account of yours that was completely unrelated to the initial security breach.
  • Using a different password on each site limits your exposure if any of those sites are compromised. A good way to manage passwords is LastPass. The people at LastPass don’t know your master password. Decryption happens locally on your machine, so the only thing ever transmitted between your computer and LastPass is the encrypted data. In addition to using a strong password, LastPass supports two-factor authentication. If someone got the master password, they would still need the second factor to be able to unlock the LastPass vault.
  • Email from Ngoc in Ohio: Dear Tech Talk. I travel frequently between Ohio and Virginia and plane. I always carry my laptop with me. Do airport X-rays damage flash media, floppy diskettes, or laptop computers? Love the show. Ngoc in Ohio
  • Tech Talk Responds: Many users who travel or plan on traveling may be concerned about damage to their portable devices, or storage media when putting them through an X-ray machine at an airport. As the name indicates, these machines emit X-rays, which are not magnetic, and do not damage or destroy electrical equipment or data that is sensitive to magnetism. However, taking a laptop, hard drive, flash media, or other magnetic sensitive device through a metal detector can cause damage. The inductive current caused by metal detectors can be very damaging to sensitive electronics.
Profiles in IT: Brendan Eich
  • Brendan Eich is best known as creator of the JavaScript programming language and co-founder of the Mozilla Foundation.
  • Brendan Eich was born in 1961 in Pittsburgh, Pennsylvania, U.S. 
  • In 1983, Brendan Eich received a BS in Mathematics and Computer Science from Santa Clara University.
  • In 1985, he received an MS in Computer Science from the University of Illinois.
  • In 1985, he was hired by Silicon Graphics to work on operating system and network code.
  • In 1992, Eich was hired by MicroUnity Systems Engineering to write microkernel and DSP code. He did the first MIPS R4000 port of GCC
  • GCC is the GNU Compiler Collection, which includes front ends for C, C++, Objective-C, Fortran, Java, Ada, and Go, as well as libraries for these languages.
  • In 1995, he was hired by Netscape to put Scheme in the browser. Eich was redirected to create a new language that resembled Java for the Netscape browser. 
  • The first version was completed in ten days for the Navigator 2.0 Beta release. It was first called Mocha, then LiveScript, and finally JavaScript in September 1995.
  • Eich oversaw the development of SpiderMonkey, the specific implementation of JavaScript in Navigator.
  • In early 1998, Eich co-founded the Mozilla project with Mitchell Baker to manage open-source contributions to the Netscape source code. He served as chief architect. 
  • In 1999, AOL bought Netscape and shut down the Netscape browser unit in 2003.
  • In 2003, Eich helped spin out the Mozilla Foundation, as a non-profit.
  • In August 2005, after serving as Lead Technologist and as a member of the Board the Mozilla Foundation, Eich became CTO of the for-profit Mozilla Corporation.
  • Eich continued to manage the Mozilla SpiderMonkey module, its JavaScript engine.
  • On March 24, 2014, Eich was promoted to CEO of Mozilla Corporation. Three members of the Board resigned in protest to his appointment. They wanted a CEO with mobile platform experience.
  • Critics of Eich within Mozilla tweeted to gay activists that he had donated $1,000 to California Proposition 8, leading Eich to say the he was sorry for “causing pain.” 
  • Board members wanted him to stay in the company with a different role.
  • On April 3, 2014, Eich stepped down as CEO and resigned from working at Mozilla. 
  • In 2015, Eich co-founded Brave Software, raising $2.5M from angel investors.
  • On January 20, 2016, the company released developer versions of its open-source Brave web browser, which blocked ads and trackers and a micropayments system to offer users a choice between viewing ads or paying websites not to display them. 
Adobe Issues Emergency Patch For Flash
  • A To Zero-Day Flash Exploit is being exploited by hackers to install ransomware.
  • Adobe had deviated from its regular upgrade schedule (the second Tuesday of the month) to issue a critical patch. This is not your usual patch.
  • Cybersecurity company Proofpoint first identified the severe vulnerability in Adobe Flash at the end of last week. With confirmation from fellow cybersecurity researchers at FireEye, the Proofpoint team classified the vulnerability as a “zero day” exploit—a previously unknown flaw in the system—that cyber criminals were using to deliver ransomware to computers via Flash.
  • On April 7, 2016, Adobe issued a patch to address the vulnerability (now known as CVE-2016-1019), which Proofpoint first became aware of on April 2, when it prevented the exploit from affecting a client. 
  • Prior to the patch, all versions of Flash were vulnerable to the attack—even the most up to date version. Interestingly, however, the exploit was only targeting older versions of Flash since it entered the wild on March 31.
  • All it needs is Flash on the computer. It doesn’t need to be open. Most software programs can basically be turned on by other software programs, or what we call invoked programmatically. So if Flash is there—that’s enough.
  • The company first observed it primarily spreading Cerber ransomware, which takes control of victims’ computers and encrypts files until they pay a Bitcoin ransom.
  • It was also observed spreading Locky ransomware.
  • The cyber criminals used an exploit kit. On the black market, exploit kits can run anywhere from a few hundred dollars to subscription based kits that can cost a threat actor tens of thousands of dollars, depending on how effective they are. 
  • This particular threat actor was using an exploit kit by the name of Magnitude, but since the exploit has been found in other kits.
  • Warning: upgrade Flash today.
Data Scientist the Job of the 21st Century
  • Data scientist is one of the most in demand jobs of the future. 
  • Harvard Business Review once called it “the sexiest job of the 21st century.”
  • But there may not be enough people to fill it. A McKinsey report predicted that by 2018, “the United States alone could face a shortage of 140,000 to 190,000 people with deep analytical skills, as well as 1.5 million managers and analysts with the know-how to use the analysis of big data to make effective decisions.”
  • To become a data scientist, an individual needs to have skills in database management, statistics, machine learning, and distributed and parallel systems, according to the American Statistical Association. Here are three online resources to help you enter the field.
  • Coursera has a Data Science option
    • An established player in the massive online open course (MOOC) landscape, Coursera announced that it will offer a professional data science master’s degree from the University of Illinois at Urbana-Champaign.  
    • The cost is $19,200 for the degree which is lower than the cost of a traditional on-campus master of computer science in data science (MCS-DS) degree. 
    • Students must apply for admission and the first cohort of 150 will begin classes on August 22, 2016.
  • DataCamp
    • DataCamp is an online learning platform that does not offer a degree, but bills itself as the first to focus on data science and claims to have trained over 250,000 aspiring data scientists in over 150 countries since opening in November of 2013. 
    • DataCamp gives students a certificate of completion for every course at a cost of $25 per month (or $9 per month for students enrolled in other schools). 
    • On average, a student completes courses after four to six hours and students can then share their course completion certificate on LinkedIn.
    • DataCamp’s students are completing at rates between 30% and 60% for most of courses. DataCamp students are predominately professionals, 60% are working in technology, finance, and health care, and 10% are professors or researchers. 
  • Correlation One
    • Correlation One is a job matching platform for data scientists that just launched on March 31 after 18 months of beta testing.
    • Employers typically look for candidates who have deep expertise in statistics, math, Bayesian nonparametrics, and programming.
    • 800 data scientists have joined the platform and almost two dozen employers have utilized one of the services provided by Correlation One.
    • Correlation One allows data scientists to create portfolios and validates their skills via a battery of proprietary online tests. A resume analysis algorithm (patent pending) identifies relevant factors from a candidate’s resume and issues a “report card” for employers so they can find the right talent more quickly.
techtalk
Device of the Week: VoCore: Mini Linux Computer 
  • VoCore plus Dock is priced at $39 (with free free shipping)
  • Website: http://vocore.io/
  • With this mini Linux machine, you can make a tiny router, invent a new device, build a motherboard, or even repurpose old speakers into smart wireless versions. Its small size gives you options: use it as a standalone device running OpenWrt or use it as an embedded component of a larger system. With some knowledge of electronics and the included Dock that extends the Ethernet and USB ports, the electronic world is your oyster.
    • Works on open-source hardware
    • Provides up to 20 GPIO lines
    • Runs OpenWRT Linux
    • Includes an on-board Wi-Fi adapter so you don’t need an external one
    • Easily connects to peripheral devices 
    • Small size enables it to act as an embedded system 
    • Extends Ethernet & USB interfaces w/ the Dock
    • Operates as a fully functional 2.4GHz Wi-Fi router
    • Acts as a general purpose low-power COM for IoT applications
    • Includes full hardware design & full-source code
    • Integrates a 802.11n MAC, baseband, radio, FEM & 5-port 10/100Mbps Ethernet switch
Tip of the Week: Search a Single Website
  • Sometimes you need to find stuff on the web and you basically know where to look: one particular website. 
  • Google has a secret feature called “site:” It’s not a new feature. But some years ago, Google basically hid it. 
  • For instance, let’s say you find to find all the listings for iPhone 5 on eBay. Or you 
  • To search a single website.
    • Type “site:” into the Google search bar.
    • Type the name of the website you want to search, but remove the “http://” and the “www.” Make sure you include the full name, including the .com or .edu. or .org.
    • Type the search term you are looking for on the same line separated by a space.
  • Tip: Click on the “Images” or “Videos” tab to find just photos or videos involving your search term on that single website.
Tesla’s New Car Has Apple-like Hype
  • When Tesla unveiled a prototype of its newest car, the $35,000 Model 3, and made it available for preorder online.
  • Within 90 minutes, some 115,000 people had paid $1,000 apiece to reserve one when it comes out in late 2017. And within two days, that number had hit 276,000. 
  • The Model 3 has been Tesla’s goal for years: the vehicle that will bring electric cars to the masses. 
  • The company’s latest all-new model, the Model S, quickly broke sales records for an all-electric vehicle. 
  • But if the early demand for the Model 3 is any indication, it has a chance to set some records that even conventional cars can’t touch.
  • Reservations are not sales. The people paying $1,000 to preorder a Model 3 now could easily change their minds by the time the car is ready, given that Tesla has made it clear that the deposits are refundable. 
  • The Model 3 will cost $27,500 after a federal tax credit. But not everyone will get that rebate.
  • But production may be a problem. Tesla has been steadily ramping up production of its Model S since it debuted in 2012, nearly doubling its output each year. 
  • But the pace of Model 3 reservations suggests Tesla may have to exceed even this exponential growth curve if it is to keep up with demand.
  • The $7,500 tax credit for buying an electric car starts to phase out once a company has sold 200,000 qualifying electric vehicles. 
Department of Commerce is Addressing Internet of Things Security
  • Link: https://www.ntia.doc.gov/files/ntia/publications/fr_rfc_iot_04062016.pdf
  • The US government is working on a “green paper” – the first step in a formal policy process – on the internet of things (IoT).
  • Titled “The Benefits, Challenges, and Potential Roles for the Government in Fostering the Advancement of the Internet of Things,” the policy paper will take a broad look [PDF] at the “potential benefits and challenges” of IoT. 
  • The government is looking for input from everyone including business, civil society and the technical community.
  • The department behind the work will be the same one that oversees the internet – the National Telecommunications and Information Administration (NTIA), which is part of the Commerce Department – and it has identified a number of issues it wants to focus on. They include:
    • What the “key issues” are that impact the deployment of IoT.
    • IoT’s “potential benefits and challenges.” We can already think of some.
    • Possible roles for the federal government in helping to push IoT technologies.
  • The notice then provides 28 questions through which the NTIA is hoping to formulate this policy. They range from proposed definitions, to how to get technologies to interoperate, to ways to get people working together both within the US and internationally on global solutions.
  • Comments from the general public are requested.