Show of 01-06-2018

Tech Talk

January 6, 2018

Email and Forum Questions

  • Email from Dave in Elkridge: Hello Dr. Shurtz, Thanks for all your cord-cutting information. Just an observation…I was just wondering why you (and they) call it “cord cutting”. Aren’t you really just cord swapping? It seems you are just swapping one cord (cabletv cord) for another (Ethernet cable). You still have a cord, although I guess you got rid of one. So really it is “cabletv cord cutting”. If you go entirely with OTA for your tv channels, that seems like real cord-cutting. Thanks, Dave in Elkridge
  • Tech Talk Responds: You are right. Pure cord cutting means going exclusively with OTA television and not using any OTT Internet services. I really swapping not cutting.
  • Email from Carl Tyler: Dear Dr. Shurtz: Could you please explain “Blockchain” in regard to cryptocurrency? I know there are lots of articles on the web but I know you can explain it so we can all understand it. Can this be used for anything other than cryptocurrency? Could you do a “Profiles in IT” about Vitalik Buterin. He is the inventor of the cryptocurrency Ethereum. I think he would be an interesting person to learn about. I’ve noticed that Mr. Big Voice gets a lot more air time now than in years past. Is Jim grooming him to eventually take his place when he retires or is this a union thing where it states that he must get more air time? Thanks for the great podcast. Carl Tyler
  • Tech Talk Responds: Great suggestion for Profiles in IT. However, we already featured Vitalik Buterin on July 15, 2017. A blockchain database is managed autonomously using a peer-to-peer network and a distributed timestamping server. The first blockchain was conceptualized by an anonymous person or group known as Satoshi Nakamoto in 2008. It was implemented the following year as a core component of the digital currency bitcoin, where it serves as the public ledger for all transactions on the network. By using a blockchain, bitcoin became the first digital currency to solve the double spending problem without requiring a trusted administrator and has been the inspiration for many additional applications.
  • Blockchain can be used for smart contracts, land transactions, art transactions, voting records, health records, identity protection, supply chain tracking, contribution tracking in charities, voting, smart contracts. Crypto currency is only one application. Ethereum is an excellent application platform for the development of new applications. It has a complete scripting language built on top of a distributed ledger with validation.
  • Email from Arnie in Colorado Springs: Hi Dr. Shurtz, Happy New Year! Some additional information regarding Champagne bubbles. The simple act of opening a bottle of bubbly wine involves some fascinating physics, including high speeds, a giant drop in temperature and oscillating gas. Arnie in Colorado Springs, CO
  • Tech Talk Responds: Thanks for the article. Champagne physics has made all the way to the Wall Street Journal.
  • Email from Rich in Silver Spring, Maryland: Dear Dr Shurtz, You probably remember my crazy idea of using a HD Flow system(HDS200) to transmit(WEP Key) wirelessly in our house(6/19/17). Thank you for correcting me with your words to connect by Ethernet both the receiver and transmitter (to router ports), by retaining their static IP addresses. I did manage to mimic the hard-wired-to-router “receiver” Ethernet connection to a wireless bridge way from router and did get reception from the HD Transmitter, but to my surprise the picture on my TV was really pixalated, because the bridge didn’t pick up all the HD formatting that the hard wired option would have, so this was a big fiasco. Also like your cutting the chord series, which makes more sense that the HDFlow, of course.
  • On a unrelated question, per the KRACK vulnerability you talked about on your 12/2/17 show, could you comment on using MAC address authentication of a Verizon(Action Tech) router and whether this could add to the security of our home devices, pending or in addition to Apple OS update WPA2 update forthcoming in early 2018? Many Thanks , really love your show and both your senses of humor:) Rich in Silver Spring, MD
  • Tech Talk Responds: A flaw in Wi-Fi’s WPA security protocol makes it possible for attackers to eavesdrop on your data when you connect to Wi-Fi. Dubbed KRACK, the issue affects the Wi-Fi protocol itself—not specific products or implementations—and “works against all modern protected Wi-Fi networks. That means that if your device uses Wi-Fi, KRACK likely affects it.
  • KRACK (Key Reinstallation AttaCK) targets the third step in a four-way authentication “handshake” performed when your Wi-Fi client device attempts to connect to a protected Wi-Fi network. The encryption key can be resent multiple times during step three, and if attackers collect and replay those retransmissions in particular ways, Wi-Fi security encryption can be broken.
  • Fortunately, major tech companies are moving quickly to patch the issue. Be on the lookout for patches to your Wi-Fi router and operating system. Windows 10 machines have already been protected against KRACK.
  • MAC address authentication will not really provide much protection. You can spoof MAC addresses quite easily and they can be easily detected with a network sniffer. My son used to use MAC address spoofing to log onto the University network without permission. The MAC address that he spoofed could not gain access while he was using the network. I enjoyed challenging the school’s IT security systems. It was his hobby while going through school.
  • Email from Rita in Fairfax: Dear Tech Talk. I was dating a guy who installed Linux on my computer and is also the administrator on my computer. He can completely monitor my computer from his home. We are no longer dating but he is still doing things to my computer. What can I do? He also knows my passwords. Rita in Fairfax
  • Tech Talk Responds: We need to be very clear about something: whoever sets up your computer has total access to it, not just at the time they set it up, but potentially until you reformat the machine. As part of the installation, they at least set an administrative password. Of course you can change that password and that might work to a point. If the person who set up your computer is trustworthy, changing passwords would be enough to prevent their further access.
  • Changing passwords is not enough if you cannot trust the person who set up your computer. They could easily have installed spyware, back doors, and used other techniques to continue to give them access. The only way to ensure that you and only you have complete control over your machine is to:
    • Back up to preserve your data and anything else currently on the machine.
    • Reformat, erasing everything on the machine, including anything your ex may have left behind.
    • Reinstall the operating system and all applications from scratch.
  • Anything short of that could easily leave your ex a backdoor he can still use to access your system and spy on you, or worse.

Profiles in IT: Andrew W. Houston

  • Andrew W. “Drew” Houston is best known as co-founder and CEO of Dropbox, an online backup and storage service.
  • Drew Houston was born in Acton, Massachusetts in 1983.
  • Growing up in suburban Boston he began tinkering at age 5 with an IBM PC Junior.
  • His mother, correctly deducing that her son was becoming a code geek, made him learn French and hang out with the jocks, and refused to let him skip a grade.
  • At 14, Houston signed up to beta test an online game, and began rooting out security flaws. They soon hired him as their networking programmer, in exchange for equity.
  • He attended Acton-Boxborough Regional High School in the 1990s.
  • In 2005, Drew graduated with a degree in Computer Science from the MIT, where he was a member of the Phi Delta Theta fraternity.
  • He worked at startups throughout high school and college, including Bit9, Accolade and Hubspot. Dropbox is his sixth.
  • Houston conceived of Dropbox on a bus trip from Boston to New York:
  • He had left his USB drive on his desk at home, leaving him with nothing to do.
  • He opened his text editor and started writing the first lines of code of Dropbox.
  • While still at MIT, Houston met Arash Ferdowsi, co-founder and CTO of Dropbox, through a friend at MIT and showed him an early version of Dropbox.
  • Houston founded Dropbox in June 2007 and secured funding from Y Combinator.
  • They eventually moved to San Francisco and received their first venture capital investment from Sequoia Capital, early investors in Google and Apple.
  • Dropbox officially launched at 2008’s TechCrunch50.
  • Due to trademark disputes, Dropbox’s official domain name was “getdropbox.com” until October 2009, when they acquired their current domain, “dropbox.com”.
  • His initial video describing Dropbox went viral while Dropbox was still in beta.
  • In December 2009, Steve Jobs met with Drew and tried to buy Dropbox saying it was just feature. Drew turned him down and Apple launched iCloud in June 2011.
  • Google Drive would launch April 2012. Dropbox had to scale or be crushed.
  • Dropbox solved the “freemium” riddle, with revenue on track to hit $240M in 2011.
  • In August 2011, he raised $250M on a $4B valuation from the five top tech VCs.
  • In May 2011, Dropbox struck deals with Softbank and Sony Ericsson to come preloaded on their mobile telephones. He had to penetrate the Android market.
  • In April 2012, Dropbox announced a new feature to automatically upload photos to up to 3GB of free space, a move against Google Drive and MS SkyDrive.
  • In September 2012, Facebook allowed users to share files using Dropbox.
  • In November 2014, MS allowed Office apps to store files using Dropbox.
  • On March 2016, Dropbox announced it had reached 500 million users.
  • Drew’s net worth is estimated to be around US$1.04B (March 2017).

Intel Chip Security Flaws: Meltdown and Spectre

  • Researchers found two major weaknesses in processors that could let attackers read sensitive information that should never leave the CPU, or central processing unit. In both cases, attackers could see data that the processor temporarily makes available outside of the chip.
  • To make computer processes run faster, a chip will essentially guess what information the computer needs to perform its next function. That’s called speculative execution. As the chip guesses, that sensitive information is momentarily easier to access.
  • One flaw, Spectre, would let attackers trick the processor into starting the speculative execution process. Then attackers could read the secret data the chip makes available as it tries to guess what function the computer will carry out next.
  • The other flaw, Meltdown, lets attackers access the secret information through a computer’s operating system, such as Microsoft Windows or Apple’s High Sierra.
  • Intel CEO Brian Krzanich says the problems are well on their way to being fixed, at least in the case of Intel-powered PCs and servers. Intel said that 90 percent of chips released in the last five years will have fixes available by January 6, 2018. Fixes for older chips will be released a few weeks later.
  • On January 3, 2018, Microsoft released patches for the Windows operating system and its Internet Explorer and Edge browsers, but warned that your antivirus software needs to be updated to support those patches.
  • Apple said that it has released mitigations for the Meltdown flaw for the operating systems on its Mac computers, Apple TVs, iPhones and iPads, and that neither Meltdown nor Spectre affects the Apple Watch. Apple also that it will release patches “in the coming days” for the Safari browser to help defend against Spectre exploits and that it will continue to release patches in future updates of its iOS, MacOS and TVOS software.
  • A number of chip designs from Intel, Arm and AMD are susceptible to one or more variants of the attacks. The issue is so widespread because those chips, used in devices made by Apple, Google, Microsoft, Amazon and others, all share a similar structure.
  • Researchers at Google’s Project Zero, as well as a separate team of academic researchers, discovered the problems in 2017, but the issue has existed on chips for a long time — perhaps more than 20 years.
  • Chromebooks received protection in Chrome OS 63, which released on December 15.
  • Firefox 57 released in November with some initial safeguards, and Edge and Internet Explorer received an update alongside Windows 10.

Online Sales Soar in 2017

  • An annual survey by analytics firm comScore found that consumers are now buying more things online than in stores.
  • According to results, shoppers now make 51% of their purchases online, compared to 48% in 2015 and 47% in 2014.
  • The survey showed that 44% of smartphone users made buys through their devices, compared to 41% a year ago.
  • About 190 million U.S. consumers—more than half the population—shopped online, according to Forrester Research
  • That’s a wakeup call for retailers, especially traditional department chains such as Macy’s, Nordstrom, J.C Penney, and Kohl’s, all of which reported sales slumps. Even big name stores such as Walmart and Target reported slim sales gains.
  • According to data released by eMarketer to Fortune, Amazon’s e-commerce revenue rose 15.8% in the last 12 months.

The Year That Made Twitter and Social Media Infamous

  • From political controversies to sexual harassment, Twitter was at the center of memes and movements that are shaking society.
  • Twitter has been used by the President (@realDonaldTrump). Nearly every morning.
  • On Oct. 15, activists, actors and women from across the US began tweeting with a two-word hashtag, #MeToo. They were inspired by sexual harassment allegations against Hollywood mogul Harvey Weinstein published in detail in The New York Times and The New Yorker.
  • Within 24 hours, the hashtag was trending globally and had been tweeted nearly a half-million times. Tweets referring to the #MeToo have been seen more than 15 billion times.
  • Social media was used by the Russians to disrupt the election and seed discontent in the US.
  • During last year’s presidential election, many Twitter users unknowingly felt the influence of Russian bots, or automated software posing as real users.
  • For example, Twitter counted 36,000 fake accounts between September and November 2016 that generated 1.4 million automated election-related tweets and received 288 million views.
  • One study, released in March, said bots make up about 48 million Twitter accounts, or 15 percent of the social network’s monthly users. Twitter, meanwhile, maintains that about 27 million of its accounts are bots.
  • Social media in general has changed how we process and disseminate information.

Website of the Week: Google Trends for 2017

  • Web link: https://trends.google.com/trends/yis/2017/
  • Search results by country or global.
  • Popular searches by category.
  • What is…
    • What is DACA?
    • What is Bitcoin?
    • What is a solar eclipse?
    • What is ANTIFA?
    • What is net neutrality?
  • How to…
    • How to make slime
    • How to make solar eclipse glasses
    • How to watch the solar eclipse
    • How to watch Mayweather vs McGregor
    • How to buy Bitcoin
  • Consumer Tech
    • iPhone 8
    • iPhone X
    • Nintendo Switch
    • Samsung Galaxy S8
    • Razer Phone
  • People
    • Matt Lauer
    • Meghan Markle
    • Harvey Weinstein
    • Michael Flynn
    • Kevin Spacey