Show of 07-27-2019

Tech Talk
July 27, 2019

Best of Tech Talk Edition

  • Segments taken from previous shows.

Email and Forum Questions

  • Email from June in Burke: Question about ExpressVPN. I noticed my public WiFi is was still active. Does that make me vulnerable to anyone on that network at a hotel? Just checking. This is important if I want to use this as a hotspot. Do not want to put others at risk. June in Burke
  • Tech Talk Responds: Once to activate the ExpressVPN application, if logs onto the proxy server and establishes an encryption data stream using either Wi-Fi or cellular connections. At this point your are not vulnerable. If you use your phone as a hotspot, the connection is made using cellular because Wi-Fi is used to connection to any hotspot clients. The connection to the Internet is still managed by ExpressVPN.
  • Question from David in Chantilly: Dear Doc and Jim. I have a DSL Internet connection. I want to switch to something else because my download speeds are only averaging about 2Mbps. Cable is not available in my area. HughesNet satellite Internet say they have unlimited data with no hard data limits. What exactly do they mean by that? David in Chantilly
  • Tech Talk Responds: Unlimited Data just that. As long as you are subscribed to a HugesNet data plan you can use all the data you want every month without having to worry about your Internet access being cut off. If you happen to exceed your plan’s data threshold at any time during a given month, your download speed will instantly drop from 25 Mbps to the 1-3 Mbps level for the remainder of that billing cycle. When your download speed drops to the fallback level your Internet experience will suffer.
  • Email from Tuc in Chantilly: Dear Tech Talk. Is there a way to see all of the friend requests I’ve sent out that haven’t been acted on? I’d like to send reminder messages to those people and ask them to accept my friend request. Tuc in Chantilly
  • Tech Talk Responds: If they ignore or delete your friend request you’ll never know it unless their name shows up in the “People you may know” section. There is a simple way to view all of your outstanding friend requests on one page, and here it is: This procedure only works with the full desktop version of Facebook.
      • Log in to your Facebook account.
      • Go to your Timeline page by clicking on your name.
      • Click the Friends button.
      • Click the Find Friends button.
      • Click the View Sent Requests link.
  • You should now see a list of all the people you have sent friend requests to that have not yet responded to them.
  • Question from Jeanie in Pittsburgh, PA: Dear Doc and Jim. Someone told me that hiding the Wi-Fi network name in my router would prevent my neighbors from finding and connecting to the Internet over my network. I live in an apartment building and I’m pretty sure I have this same problem right now. What do you think about this? Jeanie in Pittsburg, PA
  • Tech Talk Responds: The short answer is yes. You will just have to enter the network name or SSID manually every time you attempt to connect with a new device. This is no big deal as long as you can remember the name you gave your network.
  • However, I do not think that hiding the name of your network is the best solution to your problem. If someone is piggybacking on your Wi-Fi connection, you either have it set up as an open, non-password protected network or your password is so weak that they were able to hack it.
  • While changing the SSID and then hiding it would prevent the average person from finding your network and connecting to it, a hacker would still be able to in minutes. I would recommend that you do two things to protect your Wi-Fi network:
    • Enable the strongest encryption method supported by your router.
    • Change your Wi-Fi password to one that is easy to remember yet extremely difficult to crack.
    • Use free Fing app to check for unknown devices on your network.
  • Email from Mike in Florida: Dear Tech Talk. I have is a 4 year old laptop that had Windows 7 on it before the hard drive died. I would like to replace the bad drive and install a different operating system on it since I do not have a Windows disc. I have been reading a lot about Chromebooks and have tested a few. I like them. Can I install Chrome OS on my laptop and use it as a Chromebook? Enjoy the podcast. Mike in Florida
  • Tech Talk Responds: Chome OS will work on most recent laptops, but not all of them as there are some hardware devices that aren’t currently supported with working drivers. It is worth giving it a try.
    • Replace your laptop’s bad hard drive with a new solid state drive (SSD). The smallest one you can find should work fine since Chrome OS stores your user files in the cloud. A small one may cost as little as $30.
    • Use CloudReady, an enhanced version of Chrome OS that’s optimized to work with a wide variety of older laptops. Get the Free Version button.
    • Link to website: https://www.neverware.com/freedownload
    • Follow the instructions provided to build an installer onto a USB flash drive and install CloudReady onto your laptop.
    • Your old laptop should be converted into a fully-functioning Chromebook in just a few minutes.
  • CloudReady works just fine with many recent laptops, there’s no guarantee that it will work with yours.
  • Email from Chris in Atlanta: Dear Tech Talk. I just sent an email to the wrong email address. I am positive that the email I sent it to was wrong as I read it once it left and it asked if I wanted to add it to my contacts after I sent it! The @XXXX.com part of the address was my work. I am 100% certain that there is no one at work with that address. Where could possibly have gone and is someone going to be able to read it? I am really worried as it was quite personal. Chris in Atlanta
  • Tech Talk Responds: There is just no way to know. Unless someone did get it and then tells you they did.
    • You may get a bounce telling you the message was undeliverable. This is probably the best possible situation.
    • It may be silently discarded. No human may ever see it and you wouldn’t get notification one way or another.
    • It may have been forwarded to a “catch-all” mail address. Many email servers have the ability to forward email sent to an invalid address to one central address.
    • The bad address may be valid. Worst case for you.
  • Remember also that system administrators can see all mail, valid or not. Whether they do is unknown, but they could.
  • Email from David in Oklahoma: Dear Tech Talk. I would like to get a job in technology and am told that I need experience. How can I get experience if I don’t have a job? It seems like the impossible requirement. What is your advice? David in Oklahoma
  • Tech Talk Responds: I hear this question all the time. The key is to behavior and attitude. No one said the experience had to be paid.
    • You can complete a project at home. Install a LinuxOS, create a webserver with Apache, create a database driven website with PHP and MySQL. Find a project to your interested in and do it.
    • Join a user group. There are dozens in your area devoted to many topics. Windows, Oracle, Linux. Professionals are at these user groups. Talk about your project. Do not look for a job.
    • Read industry magazines so you know the latest trends.
    • Get some informational interviews to learn about the field. You can get some great advice the Dick Bolles book, What Color is Your Parachute.
  • The key is to behave like a professional already working in the field, not like someone who needs a job to begin working in the field.
  • Question from Sarah in Baltimore: Dear Doc and Jim. I recently hid all of my Facebook contacts because I have some friends who do not get along with each other. However, I just found out that all of my friends can still see a list of the friends we have in common (i.e. our mutual friends). How can I hide the list of our mutual friends from the people I am friends with on Facebook? Enjoy the show. Sarah in Baltimore.
  • Tech Talk Responds: Unfortunately, there is no setting available that will prevent your friends from seeing who your mutual friends are. While you can easily hide your entire friends list from strangers, Facebook won’t allow you to hide your mutual friends list from the people you’re friends with. Even if you could hide your mutual friends that wouldn’t prevent your friends from figuring out which friends the two of you have in common. All they would have to do is look at your Timeline to see who is interacting with your posts.
  • Dear Tech Talk. Email from Nicole in Fairfax: Dear Doc and Jim. I am planning on buying a Chromebook, but most Chromebooks come with only 4 GB of RAM. Is that enough RAM or should I opt for more? My Windows laptop has so much more RAM. Nicole in Fairfax.
  • Tech Talk Responds: The short answer is that Chromebooks do not need that much RAM. The Chrome OS manages RAM much more efficiently than Windows. It uses a compressed block of RAM is dynamically reallocated as it fills.
  • Some Chromebooks come with as little as 2 GB of RAM, while others come with as much as 16 GB. The standard across most systems has been 4 GB for the longest time, but we are also starting to see an uptick in ‘books with 8 GB. If this will be a coffee table machine that you plan on using for light browsing, email, social networking, and the like, then, by all means, go for the 4 GB model. It is probably cheaper.
  • But if you plan on getting a Chromebook to use as your primary machine for work, school, play, and more, then you’ll likely want to spring for more RAM. While 8 GB is generally more than enough for nearly all users, the heaviest of users may want to even look at 16 GB systems.
  • Email from Mark in Richmond, VA: Dear Tech Talk. I have always encrypted the hard drive on my laptop security. I sometimes change my Windows password and am confused. If your password is used to encrypt your hard disk, how can you change your password and still be able to decrypt your disk? How is it possible that you can change your Windows password without re-encrypting a hard disk that was encrypted using that password? Enjoy the show using Alexa. Mark in Richmond, VA
  • Tech Talk Responds: I will assume you mean BitLocker whole-disk encryption used by Microsoft. You can often change the password (or passphrase) without needing to re-encrypt. The secret is simply this: your password wasn’t used to encrypt the disk.
  • When you first encrypt a disk, an encryption key is manufactured for you. It is a key you never see. It is generally what referred to as a “128-bit” or “256-bit” encryption key. It is not even something you would recognize as text. It is a purely random1 binary number. This encryption key is used to encrypt your data, not your password. In fact, your password hasn’t even been involved yet.
  • That randomly generated encryption key is itself then encrypted using your password (or some number based on your password). That encrypted encryption key is then stored somewhere, usually in your user profile on Windows. Your password unlocks the key, which unlocks the data.
  • When you change your login password, all the system has to do is
    • Decrypt the encrypted encryption key using your old password
    • Re-encrypt it using the new password
    • The actual key used to decrypt your hard disk never changed.
  • If you needed to change the encryption key used to actually encrypt your data, you would need to decrypt it completely and then re-encrypt.
  • Email from Mia in Reston: Dear Tech Talk. I would like to schedule my email delivery for a future time. I work very late at night on my emails, but I do not want them delivered until the morning when everyone is at work. I am currently using Gmail as my primary account. Love the show. Mia in Richmond.
  • Tech Talk Responds: Your in luck. Google added this feature in April 2019. Scheduling emails previously required a third-party extension. You can have up to 100 scheduled emails at a time.
  • In the Gmail website in desktop browsers, compose your email regularly. Instead of clicking the usual Send button, click the down arrow to the right of the Send button and then click “Schedule Send.” Tell Gmail when you want to send the email. You can pick a time like “tomorrow morning” or provide a custom date and time.
  • You can even schedule an email for a few years out. Perhaps you want to send a message to your future self a few years from now! Gmail will let you schedule emails up to the year 2068. If Gmail is still around in 48 years and Google has not changed the way this feature works, Gmail will send the email to your desired recipient—assuming they still have that email address.
  • In the Gmail app for iPhone or Android, compose your email normally. Instead of tapping the “Send” button, tap the menu button at the top right corner of the screen and then tap “Schedule Send.”
  • You can view your scheduled emails by clicking “Scheduled” in the left pane of the Gmail interface on your computer. Open the scheduled email that you want to stop. To cancel sending the email, click “Cancel Send” at the top right corner of the email.
  • Email from Linda in Myrtle Beach: Dear Tech Talk. I would like to connect my laptop to the HDTV in my living room. I have game apps on my laptop and would like to see them on the big screen. How can I make this connection? Linda in Myrtle Beach
  • Tech Talk Responds: A TV can even be thought of as a big computer monitor. To connect a laptop or desktop to your TV, you just need to connect an HDMI cable to the HDMI-out port on your PC and the HDMI-in port on your TV. Laptops make this extra easy, as you can just carry the laptop into your living room and set it down within cable length of your TV. Many laptops don’t have a full-size HDMI port to save space, so you may need to adapter cable. If your computer or TV is old and doesn’t support HDMI, it may support VGA or something similar. You can get an HDMI to VGA /audio adapter. Now you can view your computer’s screen on your TV.

Profiles in IT: Dr Martin Cooper

  • Martin Cooper was born December 26, 1926 in Chicago.
  • He is considered the father of the cell phone.
  • He received his degree in electrical engineering from the Illinois Institute of Technology in 1950 and received his master’s degree from the same institution in 1957.
  • After four years in the navy serving on destroyers and a submarine, he worked for a year at a telecommunications company.
  • Hired by Motorola in 1954, he worked on developing portable products, including the first portable handheld police radios, made for the Chicago police department in 1967.
  • He then led Motorola’s cellular research. He was eventually promoted to Corporate Director of Research and Development for Motorola.
  • Cooper is the inventor named on US patent 3,906,166, Radio telephone system.
  • Cooper is considered the inventor of the first portable handset and the first person to make a call on a portable cell phone on April 3, 1973 in New York. That first call, placed to his rival Joel Engel, Bell Labs’ head of research.
  • The brick-like phone weighed 30 ounces (1.87 pounds). The phone was 10 inches high, 3 inches deep and an inch-and-a-half wide. The commercially available model was 2.5 pounds, 10 inches x 5inches x 1.75 inches, 35 minute talk time, and 10 hour charge time.
  • Cooper later revealed that watching Captain Kirk talking in his communicator on the TV-show Star Trek inspired him to research the mobile phone.
  • Cooper’s Law is the semantically incorrect name used for his observation that the number of radio frequency conversations which can be concurrently conducted in a given area has doubled every 30 months since Marconi’s spark gap transmitter, over 100 years ago.
  • Cooper believes the next big advancement in the wireless industry will be ubiquitous, wide-area, high-speed access to the Internet.
  • To that end, he is currently serving as chairman and chief executive of privately held San Jose, California-based ArrayComm, which developed a technology which uses smart antennas to increase spectral efficiency and network throughput.
  • Quote from Martin Cooper: I’m rich beyond all imagination in satisfaction and in happiness and in self-fulfillment. But not necessarily in dollars and cents.

Idea of the Week: Turning a Parking Spot into a Coworking Space

  • WePark is a project led by San Francisco-based web developer Victor Pontis, which uses a parking place to create a coworking space.
  • Pontis said he got the idea from a Twitter exchange in which Github’s Devon Zuegel pointed out that eight bicycles could fit in one park spot instead of a car.
  • Urbanist Annie Fryman, responded, suggesting that the metered parking spot be used as a coworking space instead.
  • Pontis turned that hypothetical into a reality, choosing popular real estate like Santa Monica’s Ocean Avenue.
  • The set-up was simple: he paid for a day’s worth of parking meter, then charged users people per hour. He said 30 people showed up on the first day in the three cities, paying the $2.25 per hour fee that WePark charged for a spot at a parking lot desk.
  • Paying for a desk at a regular coworking space, like WeWork is approximately $50 per day plus a monthly membership fee.

Right to Repair Legislation

  • Legislators in about 20 states have been working on some form of this legislation, but their efforts have been stymied by a number of tech companies, including Apple, Lexmark and Verizon.
  • CompTIA and 18 other trade organizations associated with big tech companies — including CTIA and the Entertainment Software Association expressed opposition to the bill.
  • If passed, manufacturers would have to share codes, tools and supply chain access to anyone who purchases a product.
  • This is largely about controlling the service revenue stream, which is currently holding up Apple’s sliding financials. It’s more profitable to lock users into manufacturers resources.

Right to repair laws would lower user costs and increase reuse while reducing premature disposal. As a result, they would sharply reduce both service and replacement sales revenues.

Baltimore Hit with Ransomware Attack

  • Baltimore Mayor Bernard C. “Jack” Young said Friday the city is “making progress” on recovering from the ransomware attack that crippled city government computers and servers on Tuesday.
  • The FBI is assisting city officials in an ongoing investigation, so Young couldn’t go into detail. However, he stressed that it is business as usual for city employees, except for the fact the computers are down.
  • “We’re moving forward and the citizens shouldn’t notice any difference other than they need to some and do things manually,” Young said.
  • According to officials, the city was struck by the RobinHood ransomware.
  • Authorities announced hackers were demanding about $76,000 to unlock encrypted files in city computers.
  • The same ransomware hit municipal networks in Greenville, North Carolina last month.
  • Last year, Baltimore’s 911 system was struck in a ransomware attack.
  • City employees who can’t work without computer systems may be asked if they’d be willing to help clean up the city if the attack takes longer than expected to fix.

Robinhood Ransomware Revealed

  • RobinHood ransomware is a variant of Golang ransomware.
  • It was originally coded in the Go programming language and compiled to a 32-bit executable.
  • RobinHood is a malware that encrypts the victim’s hard drive with the RSA+AES cryptographical combination and instructs the victim to reach out to them via Onion Tor website.
  • The RobinHood ransomware drops the victim notification file on the desktop detailing the demands and how to make contact.
  • Once contact is made, the attackers claim they will make a decryption tool available, thereby allowing the victim to recover their precious files, in return for payments made in bitcoin.
  • It is also notable that the ransomware does not spread within the network. It pushed on each machine individually after the initial network breach.
  • RobinHood ransomware’s CoolMaker function contains sub functions meant to disable and disrupt the victim’s PC backups and services. Some of the most interesting Golang functions are stored here, with names riddled with expletives. I can’t read those names onair. The F word is used liberally.
  • While the RobinHood ransomware does not appear to be sophisticated, it does include higher-level Go programming language code.
  • Based on the network intrusion and push tactic, this attack is reminiscent of previous SamSam ransomware attacks demanding high payouts ransoms set per machine.