Show of 04-22-2017

Tech Talk

April 22, 2017

Email and Forum Questions

  • Email from Jean: I am looking at buying a new TV and would like to know what you think of the OLED TVs. My vision is somewhat limited and am trying to find the best possible visibility. Seems as though the blacks which are so often used to show drama would be more visible. Have also read that smart TVs can be vulnerable to hackers and would like to know how to deal with that issue. Thanks. Appreciate your help in keeping up to date on the latest technologies. Jean
  • Tech Talk Responds: It used to be LCD versus Plasma. Now plasma is dead, and it is liquid crystal display (LCD) versus organic light emitting diode display (OLED). Most TVs sold are just LCD, but they are called: LED TVs, Super UHD TVs or Quantum Dot LED TVs.
  • Televisions based on Organic Light Emitting Diode display technology are fundamentally different from LCD TVs. The most basic difference is that each pixel provides its own illumination, while all of the pixels in an LCD TV are illuminated by an LED backlight. That difference leads to all kinds of picture quality effects, some of which favor LCD, but most of which benefit OLED.
  • OLED have the best picture quality and LCDs are the best bargain. Here a quick rundown of specs
    • Light output (brightness). Both TV types are very bright and can look good in even a sunny room.
    • Black level. OLED wins here because of its ability to turn off individual pixels completely. It can produce truly perfect black.
    • Contrast ratio (difference between the brightest and the darkest level). OLED is the winner here because it can get extremely bright, plus it can produce absolute black with no blooming. It has the best contrast ratio of any modern display.
    • Both OLED and LCD are widely available in Ultra HD 4K.
    • Viewing angle. OLED has the best viewing angle. LCDs are angle dependent
    • Screen size. LCDs go from 20 to 00 inches. OLEDs from 55 to 77 inches ($20K).
    • LCDs are the best buy. You can get 50-inch LCDs for around $500. It’s going to be a long time before OLEDs are that price.
    • Overall picture quality. OLED is the winner, but you pay for it.
  • As for hacking, keep your TV behind a firewall with a secure password. I would not worry about it too much, even though the CIA WikiLeaks’s release of information showed a few tools that could ease drop using the microphone built into the TV.
  • Email from Arnie in Colorado Springs: Hi Dr. Shurtz, I’m thinking of purchasing the new 2017 iPad as an upgrade to my current iPad. I’d like to keep my current iPad to keep only photos. How is the best way to do this? Do I have to have another Apple account since I will have two iPads? Do you have a list of things to consider to make this happen? Have to agree with another listener to Tech Talk. Lots of great tech info in easy to understand format. Super show! Thanks, Arnie in Colorado Springs, CO.
  • Tech Talk Responds: You only need on iCloud account. All of your pictures will be synced to that one account. You can set up the old iPad to store the full resolution of your iCloud account. If you take a picture with your iPhone or the new iPad, it will show up on the old iPad automatically (assuming it connected to Wi-Fi). You can adjust the photo and camera storage by going to Settings/Photos & Camera. Choose your storage options. You may choose to store no photos on your new iPad. If I were you, I would just get lots of storage and use the new iPad for both.
  • Email from Helen in Fairfax: Dear Tech Talk. I would like to remotely access by computer from my mobile phone. What is the easiest way to do this? Love the show. Helen in Fairfax
  • Tech Talk Responds: You’re best option is to use the Chrome Remote Desktop. It works on Windows, Mac, and Linux to Android and iOS.
  • First, you will need to install the Chrome Browser on your desktop. Then you will need to install the Chrome Remote Desktop extension in your browser. It’s available from the Chrome Web Store.
  • Once installed, you’ll launch the app from Chrome’s app menu. The first time you launch it, you’ll have to enable remote connections to the computer by installing a small utility. When the utility has been downloaded and installed, Chrome Remote Desktop will prompt you to enter a PIN. Make it easy to remember, but hard to guess.
  • After you enter the PIN, it will take a few seconds to enable the remote connection. From there, you can easily access any of your connected computers from any other computer or mobile device you’re logged into.
  • Now you’ll need to download the Chrome Remote Desktop app for your phone (Android or iOS). As soon as you launch the app, it should show a list if your computers. Tap the one you need to connect to. It will request your PIN. With your PIN entered, tap “Connect.” When you’re finished, just tap the “Stop Sharing” button at the bottom. The connection will be terminated.
  • Email from Tina in Ohio: Dear Tech Talk. I would like to connect my Android phone to my TV. What is my best option for this? My friends all have iPhones and AppleTV and am feeling left out. Love the show. Tina in Ohio.
  • Tech Talk Responds: Fortunately, Google has created a low cost option: Google Cast (formerly called Chromecast). Google Cast is supported by essentially all Android devices, has all the necessary properties to stream DRM-protect content. Google Cast is supported by apps like Google Photos and Slides for photo sharing. Other supported apps included: Netflix, YouTube, Hulu, or other movie services.
  • Regardless of which app or wireless standard you’re using to cast, the actual casting process is easy: just tap the cast button in the top corner of a supported app. Google Cast as the simplest and most effective way of connecting your Android phone to your TV. You can purchase a Chromecast for as little as $35.
  • Email from Tuc in Virginia Beach: Dear Doc and Jim. I frequently use the website for news relating to my business. The site does not have a search function and finding things can be difficult. Is there a way to search that site using Google? Love the show. Tuc in Virginia Beach
  • Tech Talk Responds: There’s a simple way to search a website, using any search engine—Google, Bing, DuckDuckGo, or even Yahoo It works in every browser as well. Go to your search engine of choice, or the search bar in your browser, then type what you want to find, just like you normally would.
  • But here’s the trick: before or after your query, type site: followed by the domain of the site you want to search within. So, if you wanted to search for cybersecurity articles at stratford.edu, you should search for: cybersecurity site: stratford.edu

Profiles in IT: Robert William Taylor

  • Robert William Taylor was an American Internet pioneer, who led teams that made major contributions to the personal computer, and other related technologies.
  • Robert W. Taylor was born February 10, 1932 in Dallas, Texas.
  • At 16, he enrolled in SMUand dropped out to join US Navy (Korean war).
  • In 1954, he enrolled in University of Texas at Austin under the GI Bill. He earned a BS in experimental psychology (1957) and an MS in psychology (1959).
  • Taylor then taught math and coached basketball for a year at Howey Academy.
  • In 1960, he joined Martin Marietta and worked on the MGM-31 Pershing design.
  • In 1962, he joined NASA’s Office of Advanced Research and Technology as a program manager for the manned flight control and display division.
  • Taylor funded to Engelbart’s computer-display technology at SRI (led to the mouse).
  • In late 1962 Taylor met J. C. R. Licklider, who was heading APRA’s new Information Processing Techniques. They both had studied psychoacoustics.
  • In 1965 Taylor moved to ARPA, to fund advanced research in computing.
  • Among the computer projects that ARPA supported was time-sharing, in which many users could work at terminals to share a single large computer.
  • Taylor hoped to build a computer network to connect the ARPA-sponsored projects.
  • In 1966, Taylor was named director of Information Processing Techniques Office.
  • He awarded a contract to Bolt, Beranek and Newman (BBN) to build a computer, called the Interface Message Processor for each node of a distributed network.
  • In 1969 he joined University of Utah to help with ARPA contracts.
  • In 1970, Taylor was hired to co-manage the Computer Systems Laboratory (CSL) at the new Palo Alto Research Center of Xerox Corporation.
  • Technologies developed at PARC between 1970 and 1983 focused on reaching beyond ARPAnet developing the systems that support today’s personal computers.
  • Developments included: windowed displays and GUI (Mac), software with desktop metaphor (Windows), Ethernet, laser printer (Adobe) with WYSIWYG (MS Word),
  • In 1983, Taylor was hired by Digital Equipment Corp to form the Systems Research Center in Palo Alto. Many of the PARC employees joined him.
  • His team developed thee Modula-3 programming language; the first multi-threaded Unix system; the first User Interface editor; the AltaVista search engine and a networked Window System.
  • Taylor retired in 1996 and lived in Woodside, California, until his death.
  • On April 13, 2017, he died at his home in Woodside, California.
  • In 1999, Taylor received a National Medal of Technology and Innovation.
  • In 2004, the National Academy of Engineering awarded him along with Lampson, Thacker and Alan Kay their highest award, the Draper Prize.
  • In 2013, the Computer History Museum named him a Museum Fellow.

Over 36,000 Computers Infected with NSA’s DoublePulsar

  • DOUBLEPULSAR, one of the NSA hacking tools leaked April 14, 2017, by the Shadow Brokers, has been used in the wild by ordinary hackers, who infected over 36,000 computers across the world.
  • The Shadow Brokers leak from last Friday contained many Windows hacking tools.
  • Among these, there was FUZZBUNCH, a platform for delivering exploits against a selected target, similar to the Metasploit framework used by security researchers and pen-testers around the world.
  • The Shadow Brokers also leaked over 20 exploit packages that could be used together with FUZZBUNCH.
  • A large number of the leaked NSA Windows exploits are designed to take advantage of vulnerabilities in the SMB (Server Message Block) protocol, which provides file sharing capabilities between Windows computers.
  • Included in the Shadow Brokers dump from last week were also “implants,” the technical term used for malware planted on targeted computers.
  • One of those implants is DOUBLEPULSAR, which is a “malware downloader” used as an intermediary for downloading more potent malware executables on infected hosts.
  • Earlier this week, trying to assess the number of users vulnerable to the malware leaked last Friday, cyber-security firm Below0Day has performed an Internet-wide scan for Windows computers with open SMB ports (port 445).
  • Their scan returned a number of 5,561,708 Windows computers with port 445 exposed to external connections.
  • If the owners of these 5.5 million computers haven’t installed patches Microsoft made available for the SMB flaws exploited by the NSA tools, they are vulnerable.
  • When the results came in, researchers discovered 30,625 computers that provided an SMB reply consistent with a DOUBLEPULSAR infection.
  • It takes a malware developer roughly a few hours to download the Shadow Brokers dump, scan the Internet, and run FUZZBUNCH to deliver some exploits.
  • Experts expect more unpatched computers to fall victims to DOUBLEPULSAR.
  • The message: get the latest security patches now!

Another Asteroid Near Miss

  • An asteroid stretching 650 metres (2,000 feet) pasted Earth on April 19, 2017, at a safe, but close, distance.
  • Dubbed 2014-JO25, the asteroid came within 1.1 million miles of Earth, less than five times the distance to the Moon.
  • It passed closest our planet after having looped around the Sun.
  • 2014-JO25 will then continue on past Jupiter before heading back toward the centre of our Solar System.
  • Smaller asteroids whizz by Earth several times a week. But the last time one at least this size came as close was in 2004, when Toutatis—five kilometres (3.1 miles) across—passed within four lunar distances.
  • The next scheduled close encounter with a big rock will not happen before 2027, when the 800-metre (half-mile) wide asteroid 199-AN10 will fly by at just one lunar distance, about 380,000 km (236,000 miles).
  • The last time 2014-JO25 was in our immediate neighbourhood was 400 years ago, and its next brush with Earth won’t happen until sometime after 2600.
  • Besides its size and trajectory, scientists also know that its surface is twice as reflective as that of the Moon.
  • It was visible with a small optical telescope for one or two nights before moving out of range.
  • 2014-JO25 was discovered in May 2014 by astronomers at the Catalina Sky Survey near Tucson, Arizona.

Home Routers used to Attack WordPress Sites

  • 7% of all attacks we see on WordPress sites come from hacked home routers.
  • In March 2017, over 57,000 unique home routers being used to attack WordPress sites.
  • Those home networks are now being explored by hackers who have full access to them via the hacked home router. They can access workstations, mobile devices, wifi cameras, wifi climate control and any other devices that use the home WiFi network.
  • Half of the internet service providers have routers with a very specific vulnerability. This vulnerability is known as the “misfortune cookie” or MC for short. It has been known for a few years and was first disclosed by CheckPoint in 2014. It is now being used to hack home routers.
  • The MC vulnerability exists in a service that your ISP uses to remotely manage your home router. That service listens on a “port” number, which is 7547. Besides the MC vulnerability, this port can have other vulnerabilities, one of which was disclosed a few months ago. Researchers have been discussing the dangers of port 7547 in home routers for a few years now.
  • Your ISP should not allow someone from the public internet to connect to your router’s port 7547. Only your ISP should be able to access this port to manage your home router. They have the ability to configure their network to prevent outsiders from accessing that port. Many ISPs do not block public access to port 7547.
  • Check your router now: https://www.wordfence.com/blog/2017/04/check-your-router/

Space debris Becoming a Problem.

  • It was on 23 August at 17:07 GMT that spacecraft operators at the European Space Agency’s (ESA) control centre in Darmstadt, Germany, noticed something was going wrong.
  • Their flagship Earth observation satellite, Sentinel-1A, had suddenly jumped into a slightly different orbit and a slightly different orientation.
  • More seriously, the electrical power had dropped, and was not returning to normal. The spacecraft was only in its third year in orbit.
  • Activating on-board cameras that had been used two years earlier to monitor the deployment of the solar panels, the operators found the problem.
  • There was a 40-centimetre-wide damaged area on one of the solar panels. It has been hit by space debris, travelling at orbital velocities, which are measured in kilometers per second.
  • Radar stations track 18,000 objects in orbit. Of these, only 7% are operational satellites. The rest is space debris. And radar only sees the big stuff.
  • The nightmare scenario that space debris experts contemplate is called the Kessler syndrome, after American astrophysicist Donald Kessler.
  • In 1978, while working for Nasa, he published an analysis that showed frequent collisions exponentially increased the amount of space debris, leading to many more collisions, leading to much more debris until we lose the use of certain orbits because anything we put there would certainly be hit.

Robots are racist and sexist, just like people.

  • Machines learn their prejudices in language. It’s not their fault, but we still need to fix the problem
  • Recent reports have shown that machine-learning systems are picking up racist and sexist ideas embedded in the language patterns they are fed by human engineers.
  • Robots have been racist and sexist for as long as the people who created them have been racist and sexist, because machines can work only from the information given to them.
  • Machine learning can function in this way as “money laundering” for bias.
  • This is a problem, and it will become a bigger problem unless we take active measures to fix it.
  • We are moving into an era when “smart” machines will have more and more influence on our lives.
  • The moral economy of machines is not subject to oversight in the way that human bureaucracies are.
  • Last year Microsoft created a chatbot, Tay, which could “learn” and develop as it engaged with users on social media.