Show of 05-26-2018

Tech Talk

May 26, 2018

 

Best of Tech Talk Edition

  • Segments replayed from previous shows

Email and Forum Questions

  • Email from Doug in Baton Rouge: Dear Dr. Shurtz (Hey, Jim), I searched and found on my computer (Microsoft Win-10) the internet folder for stored “cookie”. When I look at the named files, I see mumbo-jumbo letters and numbers ending with the extension “.cookie” (1TXSOP442.cookie).
  • When I open it in NOTEPAD there is an extremely long and continuous string of numbers and letters (BD901B2E226822E2F5787FA6E10F5DBDbing.com /5908481600631734SRCHHPGUSR).
  • Then, there is a second type of cookie file (cookie:JohnSmith@fedex.com/)
  • These files do not seem to have openable contents. What is the difference between the two types of cookies? Is there any way to read cookies to find out which website (company) dumped a cookie to my computer? I have around a thousand cookies and it would be nice to be able to delete unused, old or unwanted cookies. However, I need to retain the cookies from secure sites and registered sites. Your shows are so informative and just great! Thanks, Doug in Baton Rouge, LA
  • Tech Talk Responds: To read cookies, you can use a browser extension. There are several. I good one for Chrome is Encoder/Decoder by theemergency.com.
  • An HTTP cookie (web cookie, browser cookie) is a small piece of data that a server sends to the user’s web browser. The browser may store it and send it back with the next request to the same server. Typically, it’s used to tell if two requests came from the same browser — keeping a user logged-in, for example. It remembers stateful information for the stateless HTTP protocol. Cookies are mainly used for three purposes:
    • Session management: Logins, shopping carts, game scores, or anything else the server should remember; Personalization
    • User preferences, themes, and other settings
    • Tracking: Recording and analyzing user behavior
  • Cookies can be session cookies, permanent cookies (with expiration date). Cookies hace a scope (domain name, subdirectory, etc.). They can be same site only. They can force communication only over a secure channel (https). Cookies include: data pairs (User ID, xxxxxx), domain name, expiration date (or max age in second). Chrome is able to encrypt cookies to keep the data private on your computer.
  • Email from Ken Meyers: Love your show! I keep missing it, I know you have the podcasts, Thank You!!  Please put the time, day, and station call letters on your edu. website, it would make it easier for mostly everyone to find you live, I prefer live radio listening, of course I found it but for some reason I thought you were live on Sundays….Proving I need more education. Thanks again for a great show…Ken Meyers
  • Tech Talk Responds: The time is on the Tech Talk page: http://techtalk.stratford.edu/. It is, of course, on 1500 AM in Washington DC at 9 AM Saturdays. You can download the app, TuneIn Radio, to either or Android or iPhone. Search for Federal News Radio and you can listen anywhere in the world. Thanks for listening to the show. And, of course, the podcasts are always available on the Tech Talk webpage.
  • Email from Arnie in Crownsville, MD: Hi Dr. Shurtz, I saw this story on the BBC News.  Users of the “dark net” service Tor who visited hidden websites may have had their identities revealed by a five-month long cyber-attack. This TOR thing has sure showed a lot of interest lately (sent you two emails on TOR previously). Who usually uses TOR? Seems like governments have lots of interest. Any particular use by common email users? Arnie, Crownsville, MD
  • Tech Talk Responds: Tor was originally designed, implemented, and deployed as a third-generation onion routing project of the U.S. Naval Research Laboratory. It was originally developed with the U.S. Navy in mind, for the primary purpose of protecting government communications. TOR originally stood for The Onion Router, but that acronym is no longer by the developers.
  • Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. Tor provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy.
  • Individuals use Tor to keep websites from tracking them and their family members, or to connect to news sites, instant messaging services, or the like when these are blocked by their local Internet providers.
  • Journalists use Tor to communicate more safely with whistleblowers and dissidents.
  • It was also used by Edward Snowden exclusively. He loved Tails, the companion OS that only accessed the web with TOR.
  • Email from Tracy in Fairfax: Dear Tech Talk. I have an iPhone and us iMessage for most of my communication. My boss communicates by iMessage with me on the weekend. I don’t like him to know that I have read the iMessage because sometimes I don’t want to respond. Can I turn off the “read message” notification for him, but leave it on for everyone else? That would make my life so much easier. Love the show. Tracy in Fairfax
  • Tech Talk Responds: Everyone knows that you can enable or disable read receipts across the board by opening the Settings app and toggling read receipts on or off from within the Messages menu. Most people want to leave them on, but there are always a few contacts who send you messages and you don’t want them to know if and when you’ve read them.
  • You can turn off notification for just one contact too. And it is so easy. Here’s all you need to do:
    • From within the Messages app, open a conversation with the contact in question
    • Tap the “i” in the top-right corner
    • On that screen, go to “Send Read Receipts” — toggle it to off
  • That’s it. This setting will override your global setting and this specific contact will no longer know when you open his or her messages.
  • Email from Alex in Reston: Dear Doc and Jim. I recently got a notification from Lifelock that they had found information regarding my accounts on the Dark Web.
    • Account Password: Exposed Online (may or may not be readable)
    • Type of Compromise: Potential breach
    • Where your data was found: web page
    • Potential Impacted Site: www.linkedin.com
    • Email Password: Exposed Online (may or may not be readable)
    • Where your data was found: dark web
  • What should I do other than change the password? Is this really a serious threat? Love the show. Alex in Reston.
  • Tech Talk Responds: This does not mean your accounts have actually been hacked. It could mean your account is at risk. Your initial response to change passwords was correct.
  • Naturally, make sure to change it to a secure password, particularly if you’ve been lazy about that in the past. You’re at much higher risk if you previously used a weak password – even if the hackers didn’t actually get the password itself in the data breach. Depending on the data included in the breach, there are techniques hackers can use to try millions, if not billions, of different passwords at high speed to see which ones work. The weaker your password was, the more likely they are to discover it.
  • Do you use that same password for other accounts? If so, go change the password at each of those other accounts. Make sure to give each a unique password so you’re never using the same password twice.
  • Use a password manager if you have trouble keeping track of all your passwords. LastPass is a good option.
  • If you suspect your account actually has been hacked and accessed by someone else, you need to do much more than just change a password. You need to change or verify every bit of your account profile that could be used to reset or recover your password (for instance, phone numbers, security questions, and more). Hackers have been known to use this to re-hack an account, if all you’ve done was change your password. They’ve also been known to change this information so they can get back in whenever they want.
  • This is also a good time to consider two-factor authentication if your account provider(s) support it. Two factor, or multi-factor, authentication is an added security layer that prevents hackers from signing in to your account even if they know the password.
  • Email form Ammara in Fairfax: Dear Doc and Jim, I have a Windows 10 laptop. Everytime I reboot my computer, Microsoft OneDrive forces me to login or create an account. It is annoying. How can I get rid of this annoying popup. Enjoy the podcast. Ammara in Fairfax.
  • Tech Talk Responds: This is annoying. MS will do anything to get you to use OneDrive. If you want to make the annoying dialog go away for good, you’re going to need to disable OneDrive, and there are a couple of ways you could do this.
  • The reason OneDrive starts up with Windows every time is because it is listed in the startup items in your PC’s configuration. To disable OneDrive from starting up every single time you reboot your PC, just right-click on the Taskbar and choose the “Task Manager” option—or use the handy CTRL+SHIFT+ESC keyboard shortcut.
  • In Task Manager, choose the “More Details” option at the bottom, and then click on the Startup tab, where you’ll see the OnDrive. Simply disable it and your done. The next time you reboot your PC, that annoying OneDrive login window should be gone.
  • Rather than disable something you plan to never use, you can also uninstall it. Head into Settings (press Windows+I), click the “Apps” option, find Microsoft OneDrive under the “Apps & Features” section, and then click the “Uninstall” button.
  • Alternatively, you could actually use OneDrive if you want. If you have an Office 365 subscription you have access to a terabyte of space, and it works pretty well.
  • Email from Helen in Rockville: Dear Tech Talk. I would like to automate some tasks in Microsoft Word. How would I even begin to do this task. I am good a using Word, but am not a programmer. Helen in Rockville
  • Tech Talk Responds: Word has the ability to create small automation programs called Macros. You can activate a macro by hitting a keyboard shortcut to trigger a pre-recorded action. Here is how you can create a macro.
  • First, create a new blank Word document to work in. You will be able to save your macros in a system-wide database, so you don’t need to create new ones for each document you work on. In the blank document, switch to the “View” tab on the Ribbon, click the “Macros” dropdown menu, and then click the “Record Macro” command.
    • Next, give your macro an appropriate name and type a brief description.
    • Choose whether to assign your macro to a button or keyboard shortcut.
    • Choose where to store your macro. The default is to store it in Word’s master template (a file named Normal.dotm) so that you can use it in all your documents. You can also store it only in the current document if you want. Click the “OK” button when you’re done.
  • If you choose the “Button” option, you’re presented with a screen that lets you choose where to store the new button.
  • If you are assigning your macro to a keyboard shortcut, you will be able to create the shortcut using a popup window. Make sure the name of the macro is selected in the “Commands” pane, click inside the “Press New Shortcut Key” box, and then press the keyboard combo you want to use. When you’re done, click the “Assign” button, and then click the “Close” button.
  • Now click create and start the task you want to automate. While creating your macro, you can click the “Pause recording” button if you need to adjust something or make some quick notes. Click the “Resume recorder” button to continue working on your macro. When you’re done, open the “Macros” dropdown menu again, and then click the “Stop recording” command. Word creates a macro from your recording and saves it as a button or keyboard shortcut (whatever you decided).
  • To run the macro, click the button you assigned or the hit the keyboard shortcut you defined. BTW, macros can be used in all of the MS Office applications (Word, Excel, PowerPoints, and Access).
  • Email from Brian in Kansas: Dear Tech Talk. I have a dilemma. Employers will not hire me for an IT job without experience and I cannot get experience without a job. It seems like an impossible situation. What do you recommend for someone just starting out. Brian in Kansas.
  • Tech Talk Responds: This is always a frustrating dilemma, but you’re not the only one dealing with it. Career fields such as IT that rely on precise technical skills often want proof that candidates can actually deliver before they hire. So what can a beginner gain some IT experience?
  • Do projects at home. No one said that experience had to be paid.
  • Build something. Buy some servers or get some donated from a company and do something with them. Computer systems and networking equipment are upgraded so frequently that businesses, schools and even consumers often give away outdated equipment. Obtaining used equipment can provide great material for practice and experimentation.
  • Build a lab at your house. A home lab shows passion, hunger and hands on knowledge. Getting your hands dirty on projects at home will allow you to hone your skills without the fear of damaging a company’s expensive investment.
  • Once you feel comfortable on your own equipment, expand your services to your friends or family. Helping a friend recover from a computer virus or setting up a wireless router are examples of ways you can demonstrate expertise.
  • Earn certifications
  • Earning industry certifications is a great way to gain and showcase your IT experience before getting hired somewhere. Students gain skill sets in a specific technical area and receive a credential within a matter of days.
  • Some precise skills can be earned in the form of micro-certifications, which are essentially badges that signify you possess a certain skill. Passing these industry exams also helps showcase a specialized area of technical study.
  • Volunteer your services
  • One great way to do this is by volunteering to help small businesses create a new program, web site or mobile app for free. Charities are another great place to offer your services. It is a great way of showing a potential employer that you have acquired hands-on experience. As compensation for your work, ask the business or charity for a statement of recommendation you can highlight in your job search.
  • Become an intern
  • Paid, unpaid, summer, during the school year, for-credit or not, it doesn’t matter. And for students who think the internship market is competitive, just wait until you are competing for a full-time position. Checking out local job boards. But don’t be afraid to reach out to local companies without visible internship job postings.
  • Network, network, network!
  • IT is a surprisingly collaborative field, so candidates who can represent their ability to connect with other professionals. Go to professional networking events for the areas you want to get into. Forming professional relationships is also a great way to keep track on what is happening in the IT industry. If you are unsure of where to start, do some research on IT events in your area. Follow industry leaders and organizations on social media and maybe even reach out to some directly. Many professionals are happy to share their wisdom and career advice with the next generation of tech pros. Landers says he wishes more students would reach out.
  • Get educated
  • You likely know by now that a technology degree is not essential to getting your start in the tech world, but it can be a big differentiator on a resume. When faced with a decision between two candidates for one position, possessing a degree could very well be the deciding factor.
  • Most technology degree programs place a strong emphasis on hands-on training, which will allow you to acquire practical experience within the safe confines of a classroom. Many courses are also facilitated by professionals currently working in the field. Being able to develop your skills under expert supervision is just one of the many benefits to earning your degree.

Profiles in IT: Dustin Aaron Moskovitz

  • Dustin Aaron Moskovitz is best known as co-founder and first CTO of Facebook.
  • Moskovitz born was May 22, 1984 in Gainesville, FL and grew up in Ocala, FL.
  • He attended Vanguard High School, graduating from the IB Diploma Program.
  • Moskovitz enrolled in Harvard in economics. His roommate was Mark Zuckerberg.
  • Zuckerberg had built Facebook in his dorm room using a programming language called PHP. Within a couple of weeks, a few thousand people had signed up.
  • Other colleges asking to launch it at their schools. Dustin wanted to help you do the expansion, but he didn’t know PHP.
  • That weekend he went home, bought the book PERL for Dummies and came back ready to help. However, Zuck told him the site was written is PHP, not PERL, dude.
  • Moskovitz learned that language in a couple of days and went to work helping Zuckerberg expand from one school to many.
  • Four people, three of whom were roommates—Mark Zuckerberg, Eduardo Saverin, Chris Hughes, and Dustin Moskovitz—founded Facebook in their Harvard University dorm room in February 2004.
  • Originally called thefacebook.com, Facebook was an online directory of all Harvard’s students to help residential students identify members of other residences.
  • The most complicated calculation on the site was the social connection graph.
  • In June 2004, Zuckerberg, Hughes and Moskovitz took a year off from Harvard and moved Facebook’s base of operations to Palo Alto, CA, and hired eight employees.
  • At Facebook, Moskovitz was the company’s first CTO and then VP of Engineering; he led the technical staff and oversaw the major architecture of the site.
  • He was responsible for the company’s mobile strategy and development.
  • In 2008, Moskovitz announced that he was leaving Facebook to form a new company called Asana with Justin Rosenstein, an engineering manager at Facebook.
  • Asana is a web and mobile application designed to help teams track their work.
  • In 2011, Moskovitz co-founded the philanthropic organization Good Ventures with his girlfriend (and now wife) Cari Tuna in 2011.
  • Good Ventures has donated approximately $100 million to GiveWell top charities.
  • His collaboration with GiveWell led led to a spinoff called the Open Philanthropy Project, whose goal is to figure out the best possible way to use large sums of money.
  • Moskovitz and Tuna are the youngest couple to sign the Giving Pledge, which commits billionaires to giving away most of their wealth.
  • In March 2011, Forbes reported Moskovitz to be the youngest self-made billionaire, based on his 2.34% share in Facebook. His net worth was US$14.3B in 2017.
  • Moskovitz and Tuna attend Burning Man regularly. His loves the self-reliance and independence of the event.

Man who Invented Like Button, Delete Facebook

  • The man who invented the “Like” button has deleted Facebook from his phone.
  • Justin Rosenstein was the engineer who created the feature in 2007, but now fears the psychological effects apps are having on people around the world.
  • The 34-year-old is so concerned, he has blocked himself from Reddit and Snapchat, and imposed strict time-limits on his use of Facebook.
  • The tech executive has now bought a new iPhone and told his assistant to set up a feature that stops him downloading any apps at all.
  • Mr Rosenstein describes Facebook “Likes” as “bright dings of pseudo-pleasure”, one of many features that contribute to what Silicon Valley critics describe as the new “attention economy”.
  • “It is very common for humans to develop things with the best of intentions and for them to have unintended, negative consequences,” Mr Rosenstein told the newspaper.
  • A 2016 study found that the more time young adults spend on social media, the more likely they are to become depressed. Of those tested, people who checked their apps most regularly were 2.7 times from likely to develop it than those two checked least often.
  • Instagram was ranked as having the worst effect on young people’s mental health, according to a separate study.
  • And in January health officials warned the circulation of fake health news on social networks was potentially dangerous to people’s physical health.
  • As well as making users addicted and effecting their mental health, there is growing concern social media makes people more stupid. Known as “continuous partial attention”, it is feared apps limit the ability to focus and potentially lower IQ.
  • “Everyone is distracted. All of the time,” Mr Rosenstein says.

Baltimore 911 Infected with Rasomware

  • The ransomware attack forced Baltimore’s 911-dispatch system to be temporarily shut down over the weekend on March 24.
  • Frank Johnson, chief information officer in the Mayor’s Office of Information Technology, said he was not aware of any specific ransom request made by the hackers of Baltimore’s network, but federal authorities are investigating.
  • The attack infiltrated a server that runs the city’s computer-aided dispatch, or CAD, system for 911 and 311 calls.
  • The system automatically populates 911 callers’ locations on maps and dispatches the closest emergency responders there more seamlessly than is possible with manual dispatching. It also relays information to first responders in some cases and logs information for data retention and records.
  • The breach shut down the CAD system from Sunday morning until Monday morning, forcing the city to revert to manual dispatching during that time.
  • While the city’s 911 calls are normally recorded online on Open Baltimore, the city dispatch logs stopped recording them at 9:54 a.m. Sunday and didn’t resume recording them again until 7:42 a.m. Monday.
  • Johnson said the attack was made possible after a city information technology team troubleshooting a separate communications issue with the server inadvertently changed a firewall and left a port open for about 24 hours.
  • The hackers who were likely running automated port scans of networks looking for such vulnerabilities found it and gained access.
  • The penetration was detected quickly and the response was quite good. The isolated the infected server to protect the system. It took seventeen hours to clean and verify the entire system before coming back online.
  • Altanta and Boeing were also hit with ransomware the same week. Atlanta was infected with SamSam malware and Boeing with Wannacry malware.

Leaked NSA Hacking Tools Aided the Attacks

  • In April 2017, The Shadow Brokers, a hacking group, released a hacking tools from NSA (National Security Agency).
  • These cyber weapons can be used to compromise about 70% of Windows systems around the globe.
  • The hacking toolkit has been confirmed to be stolen from NSA’s Equation Group. Targets include Windows, Cisco firewalls, and even SWIFT Alliance Access.
  • The U.S. government used these tools to hack into and spy on foreign governments, banks, and other organizations with the arsenal.
  • Most leaked NSA Windows exploits are designed to take advantage of vulnerabilities existing in the SMB (Server Message Block) protocol. They have been termed External Blue or Eternal Romance Exploits, depending on the SMB vulnerability exploited.
  • This service enables file sharing between Windows computers. This vulnerability was first patched by MS in March 14, 2017 (MS 17-010)

David Burd Visit

David stops by to discuss Mohu antennas, video storage on the cloud and poetry.