Show of 04-14-2018

Tech Talk

April 14, 2018

Email and Forum Questions

  • Susan in Alexandria; Hi Dr. Shurtz. On today’s show, you mentioned that you use Malwarebytes. Does Malwarebytes interfere with Windows Defender? If so, what do you recommend? Susan in Alexandria, VA
  • Tech Talk Responds: You can run Malwarebytes in addition to Windows Defender. It is not a resource hog.
  • Email from Raymond in Kansas: What is IFTTT? How can I trigger events with it? Love the podcast. Raymond in Kansas
  • Tech Talk Responds: IFTTT stands for IF This Then That (IFTTT). I really like this app. It supports many devices. For instance, it supports my garage door internet link, Nexx Garage. It set up a trigger to close my garage door at 9PM. The trigger reads If it is 9PM EST, then ask Nexx Garage to close the door. Nexx Garage has created. To set it up, I downloaded the IFTTT app on my iPhone and searched for Nexx Garage. I found several Applets already created, including the close trigger. I simply activated that Applet, after linking to my Nexx device by providing the password. You can ask it to send you a text message if the temperature is below zero or a reminder to take an umbrella if it is raining. Just download the IFTTT app and search the available applets.
  • Email form Jim in the Studio: Dear Doc, I bought a new thumb drive to use as a back-up for one I’ve had in use for several years. I dragged the files and folders I wanted to back up from the old drive to the new one. I have only had it for a couple of weeks and several folders containing .mp3 files have become corrupted. One entire folder is bad. Another has numerous corrupted audio files within the folder. I’ve tried to scan and repair the drive but that doesn’t work. I’ve tried to delete the corrupted files and folders from the drive and reload them. I can’t delete them. Is there a way to wipe the drive and start over, or is it even worth the effort? By the way, its a PNY 32GB drive…and yes, I know I should be using an external drive. Signed – The luddite sitting across from you.
  • Tech Talk Responds: You probably pulled the USB drive out before all the files had been transferred. Some were probably still in the buffer. Insert the USB drive into the USB port of your system. If you are using Windows 10.
    • Go to My Computer>Removable Disk Icon.
    • Right click the Removable Disk Icon and open its Properties.
    • Click on the Tools tab.
    • Click “Check” button.
    • Click the “Scan and Repair” button
  • If that fails, Right click on Removable Disk Icon
    • Click Format in the drop-down menu.
    • Click Restore Device Defaults in the popup window.
    • Click Start to begin the format process. You can uncheck the Quick format option if you want the computer to deep scan the drive/card for errors but this will take time. So, uncheck it only if you fail in the first attempt.
    • Click Ok in the next dialog box which will warn you that the data will be lost.
    • The format process will complete in a few moments, and you will have your error-free SD card or pen drive.
  • Email from Arnie in Colordo Springs: Hi Dr. Shurtz, I’m using “dslreports” for speed testing as you suggested a while back. Interesting that sometimes I’m lucky to get 300kilobits, other times 130megabit/s, and in most cases, “BufferBloat” is “F.” (Boy I sure miss Verizon FIOS like you have). So how can I decrease BufferBloat? Reboot router? Router & modem? Buy an app to decrease it? Comcast broadband is so fickle here in the Springs, I could shout. Really like Tech Talk show with all your info. Now for BufferBloat. Arnie in Colorado Springs, CO
  • Tech Talk Responds: Bufferbloat is high latency (or lag) that occurs when there’s other traffic on your network. If tests show bufferbloat, your router is letting bulk traffic (uploads/downloads) interfere with (and slow down) your time-sensitive traffic (gaming, Skype, Facetime, etc.) Changing your QoS might help, but a faster internet connection probably won’t help at all. You will need to find a way to fix the router.
  • A good router that protects against bufferbloat will hold the induced latency (extra latency above the no-traffic levels) below 30 msec. Above 100 msec, people will notice that the network feels slow: voice calls begin to sound bad, web browsing feels sticky, and you start to lag out when gaming.
  • You will need a router whose manufacturer understands the principles of bufferbloat, and has updated the firmware to use one of the Smart Queue Management algorithms.
  • If your router has SQM settings, you can measure latency under load without SQM, then turn on SQM and iterate: adjust the router settings and measure latency until the latency gets as low as possible while retaining good speeds. Some commercial router vendors will offer SQM in their stock firmware. Here is a list of those that do:
    • The IQrouter provides a good setup wizard for configuring SQM, and automatically tuning its settings.
    • Other routers that support QSM codes (fq_codel)
      • The Untangle NG Firewall
      • Ubiquiti
      • org has fq_codel settings
    • Call your router vendor’s support line. With the information from the DSLReports Speed Test or the Quick Test for Bufferbloat in hand, you can mention that the ping times get really high when up/downloading files, and that it really hurts your network performance. Ask if they’re working on the problem, and when they’re going to release a firmware update that solves it.

Profiles in IT: Daniel Ek

  • Daniel Ek is a Swedish entrepreneur best known as the co-founder and CEO of the music streaming service Spotify.
  • Daniel Ek was born February 21, 1983, and grew up in Stockholm, Sweden.
  • In 2002, Ek graduated from the IT-Gymnasietin Sundbyberg.
  • After graduated from high school, he enrolled in the KTH Royal Institute of Technology, but dropped out after eight weeks to focus on his IT career.
  • Ek’s first foray into the business world began at age 13 when he started a business making websites for clients from his home.
  • He charged the first client $100, but then charged the next client who asked $200. Eventually, he started charging $5000 per website.
  • To help expand the business, Ek recruited students from his class to work on the websites from the school computer lab by bribing them with video games.
  • His earnings reached $50,000 per month and by 18 he was managing a team of 25.
  • He bought some servers to see what made them tick, and earned another $5,000 a month hosting Web pages.
  • At 16, obsessed with Google’s speed, he set out to build his own search company.
  • That project failed, but led to a gig at a company called Jajja, where he worked on search engine optimization. The money was good. He bought more servers.
  • A Stockholm-based ad network called Tradedoubler asked him to build a program to track member sites and Ek built something so effective that the company paid him about $1M for the rights to it in 2006; he made another $1M selling related patents.
  • After selling Advertigo, Ek briefly became the CEO of μTorrent, working with μTorrent founder Ludvig Strigeus. μTorrent was sold to BitTorrent in 2006.
  • The sale of Advertigo made Ek wealthy enough that he decided to retire.
  • A self-made millionaire at 23, Ek found himself holed up alone in the woods 20 miles south of Stockholm in the winter, suffering from a bout of depression.
  • He sold the Ferrari and moved into a cabin, where he played guitar and meditated.
  • During this time Ek started hanging out with Tradedoubler’s chairman, Martin Lorentzon. A Silicon Valley veteran, Lorentzon took Tradedoubler public in 2005.
  • Ek first had the idea for Spotify in 2002 when peer-to-peer music service Napster shut down and another illegal site Kazaa took over.
  • Ek said he that the only way to solve the music’s problem was to create a service that was better than piracy and at the same time compensates the music industry.
  • Ek incorporated Spotify AB with Martin Lorentzon in Stockholm, Sweden in 2006.
  • In October 2008, the company launched its legal music streaming service Spotify.
  • Initially, Spotify ran on a peer-to-peer distribution model, similar to uTorrent, but switched to a server-client model in 2014. Ek served as CEO of Spotify.
  • In 2017, Ek was named as the most powerful person in music by Billboard.
  • As of 2018, Spotify has 159M active users, including over 70M paying subscribers.
  • Spotify has been valued at $16 billion which would put Ek’s share at $1.6 billion.

The Spotify Business Model

  • The service’s 10 million active users (people who have listened in the past month) have access to 15 million songs on their desktops, all for the cost of hearing an occasional advertisement.
  • It has the speed and ease of iTunes, the flexibility and breadth of Napster and the attractive pricing of online radio service Pandora.
  • Spotify was social from the start, with tools that let you share playlists with friends—more than 1.5 billion songs have been swapped on Facebook so far.
  • You explore your friends’ playlists, discover new music with apps from Rolling Stone, Billboard and Last.fm, and build your own jukebox.
  • Eventually you want to take your playlist everywhere. That’s where Ek has you trapped. With Spotify you pay for portability—$10 a month buys you access to your collection on your mobile device.
  • This model has proven it can save the music business—in Sweden. One-third of Ek’s home country has signed up, and about one-quarter of those pay for premium access
  • Spotify single-handedly stemmed a decade of nonstop revenue drop when it launched in 2008; in 2011 Sweden’s music industry will likely see its first growth in ten years.
  • Spotify in Sweden accounts for 50% of all sales (up from 25% last year). This in a country that has long been a hotbed of piracy.
  • The business model seems to be working.

How to Use Your Amazon Echos As a Household PA System

  • Echo users: your house has a PA system now. Just say “Alexa announce that it’s time for dinner” and your statement, “it’s time for dinner,” will be repeated by every Echo in the house, in your own voice.
  • This beats the traditional option, which is yelling that its time to eat or get up.
  • If you want an intercom is use Echo’s Drop In feature, which lets you listen to other rooms in your house.

Stop Facebook’s ‘On This Day’ From Bringing Up Painful Memories

  • Facebook’s “On This Day” is mostly harmless nostalgia, but every once and a while it dredges up painful memories.
  • You can stop this by manually excluding certain dates and people.
  • Whether it’s an ex-boyfriend, or just a jerk you’d rather not think about ever again.
  • And there are some days, like the passing of a loved one, that cutesy social media features just shouldn’t be highlighting.
  • To control the options that drive this feature
  • Its better to deal with this now than have something painful dredged up later.

Creating an Anonymous Email Account

  • It’s not easy to be anonymous on the internet. Privacy is almost dead.
  • What do you do if you want to set up an email address that is completely secret and nameless, with no obvious connection to you whatsoever.
  • First Step: Browse Anonymously
  • Your browser’s incognito/private mode can only do so much—sites are still going to record your IP address, for example.
  • If you want to browse the web anonymously (and use that private time to set up an email), you need not only a virtual private network, but also the Tor Browser, a security-laden, Mozilla-based browser from the Tor Project.
  • If you don’t know about Tor, it’s what used to be called The Onion Router.
  • The free Tor Browser is available in 16 languages, for Windows, macOS, and Linux.
  • Second Step: Anonymous Email
  • Hushmail is recommended by the EFF and others, Hushmail’s entire claim to fame is that it’s easy to use, doesn’t include advertising, and has built-in encryption between members. Of course, to get all that, you have to pay for it, starting at $49.98 per year for 10GB of online storage; a free version offers 25MB of storage. Access it on the web or iOS. Servers are in the US and may be subject to legal search.
  • Guerrilla Mail provides disposable, temporary email. Technically, the address will exist forever, and never be used again. Any messages received at the address, accessible at guerrillamail.com, only last one hour. You get a totally scrambled email address that’s easily copied to the clipboard. There’s an option to use your own domain name as well, but that’s probably not keeping you under the radar.
  • Mailinator is easy to use. It is a free, disposable email. Whenever you’re asked for an email, just make up a name and stick @mailinator.com at the end. Then visit the site, enter the name, and you’ll see if it’s received any messages. If someone else comes up with the same name, then you both get access to the messages received. There are no passwords.
  • ProtonMail over Tor is a nice service with servers in Switzerland (a country that appreciates secrecy) that provides fully encrypted messages. Anyone can get an account for free that holds 500MB of data and up to 150 messages per day, or pay 4 euros per month to get the advanced features. Encryption is one thing, but anonymity comes with the ProtonMail’s specific support for Tor via an onion site. ProtonMail doesn’t require any personal info when you sign up. It even supports two-factor authentication.

Zuckerberg in Congress: What was Accomplished?

  • Mark Zuckerberg, Facebook’s founder, appeared before Congress.
  • He faced almost 600 questions, including whether the company should be more heavily regulated, whether it intentionally censors conservative content and how much Russians may have meddled with America’s democratic process through the social network.
  • The hearings came in the wake of revelations that the political consulting firm Cambridge Analytica improperly harvested data of up to 87 million Facebook users.
  • Mark Zuckerberg has been on an apology tour. He tried to tell Congress that he understood where his company had failed, and outlined the work that Facebook was doing to avoid similar issues in the future.
  • The company made a series of announcements that it said would help people to take better control of their information.
    • It cut off advertisers’ access to information from third-party data brokers, which had allowed marketers to increasingly target users on the social network.
    • The company also promoted ways for people to download and review their data.
  • Lawmakers are trying to see how to regulate companies like Facebook.
  • Privacy experts agree with the calls for regulation, saying the time now.
  • Regulators in Europe are already cracking down on Facebook.
    • Forcing it to stop using facial recognition technology within the EU
    • Curtailing some of its internet-use tracking practices in the EU.
  • What did I learn from the hearing? Congress is not very tech saavy. They are swimming in ignorance.

SCADA Devices a Major Security Weak Point

  • Supervisory control and data acquisition (SCADA) networks perform key functions in providing essential services and commodities, such as electricity, natural gas, gasoline, water, waste treatment, transportation.
  • They are part of the nation’s critical infrastructure and require protection from a variety of threats that exist in cyber space today.
  • By allowing the collection and analysis of data and control of equipment such as pumps and valves from remote locations, SCADA networks provide great efficiency and are widely used.
  • However, they also present a security risk. SCADA networks were initially designed to maximize functionality, with little attention paid to security.
  • As a result, performance, reliability, flexibility and safety of distributed control/SCADA systems are robust, while the security of these systems is often weak.
  • This makes some SCADA networks potentially vulnerable to disruption of service, process redirection, or manipulation of operational data that could result in public safety concerns and/or serious disruptions to the nation’s critical infrastructure.
  • Action is required by all organizations, government or commercial, to secure their SCADA networks as part of the effort to adequately protect the nation’s critical infrastructure.
  • The President’s Critical Infrastructure Protection Board, and the Department of Energy, have developed the steps outlined here to help any organization improve the security of its SCADA networks.
  • The steps are divided into two categories: specific actions to improve implementation, and actions to establish essential underlying management processes and policies.
  • Link: https://www.energy.gov/sites/prod/files/oeprod/DocumentsandMedia/21_Steps_-_SCADA.pdf