Show of 09-18-2021

Tech Talk September 18, 2021

Email and Forum Questions

  • Email from Adil in Fairfax: Dear Tech Talk. Should I like my own Facebook posts. I have noticed that many of my friends their own posts just as soon as they post them. That can be viewed as a form of vanity? Is it really a good idea to like your own posts? Adil in Fairfax, VA
  • Tech Talk Responds: In most cases, it isn’t vanity at work at all. It is simply a method you can use to jumpstart the engagement you will receive on every post you publish on Facebook. As you probably know, Facebook’s algorithm is making it increasingly difficult for our posts to gain any exposure. After every algorithm update it seems that fewer of our friends see our posts, and the effective “reach” of published posts is even worse for those who maintain a business page on Facebook. In fact, Facebook has reduced the distribution of page posts so much that they are now virtually useless as an advertising vehicle unless the poster is willing to pay Google a fee to literally advertise the post on their platform.
  • Liking your own posts gives those posts a little extra nudge in terms of engagement. Having at least one Like draws attention to a post and gives it a little extra perceived importance in the minds of your friends and page “ikers” But that first initial Like also does something even more important. It “primes the pump” by psychologically encouraging others to Like the post as well. Several studies have shown that posts that receive an immediate initial Like end up receiving more engagement overall.
  • Email from John in Kilmarnock: Dear Tech Talk. I would like to control some outside lights with using Alexa. Then I will not have to bring in an electrician to install in switch and wire back to the house. I do have an electrical outlet near the lights. These are strings of Edison lights (incandescent) with a total wattage of 675 watts. What are my options? Love the podcast. John in Kilmarnock
  • Tech Talk Responds: This is very doable if you have sufficient WiFi signal near the lights. You can carry a laptop back to the switch location and try to connect to WiFi. I would choose the 2.4 GHz band because it penetrates walls better. I would also try and position the WiFi router so that it has a direct line of sight through a windows to the switch location.
  • If you have sufficient signal, you will need a WiFi switch (not a WiFi dimmer). Getting a dimmer with more than 400-watt capacity is a problem. Switches are not limited by wattage, only by current (15 amps). The good news is that Edison lights do not need a dimmer.
  • I have done this very thing in the past with an Smart Home Smart WiFi Outlet Plug from Smart Home. It is $16.34 on Amazon. I actually ordered it and tested it functionality immediately so that I could return it if it did not work with the available WiFi signal. I then renamed the plug, Fire Pit, and linked it to Alexa. Not I simply say, Alexa, turn on Fire Pit when I want the fire pit lights turned on.
  • Email from Lilly in Fairfax: Dear Doc. I just heard that I needed to complete an emergency update on my iPhone. It has something to do with spyware, but I do not really understand it. Why is this so important? How can I check whether the update has been completed? Thanks for your show, very informative. Lilly in Fairfax, VA
  • Tech Talk Responds: Emergency software patches, in which users are pushed to immediately update phones and computers because hackers have figured out some novel way to break in, are becoming more common.
  • Researchers raised the alarm about a dangerous iPhone vulnerability. The Israeli spyware company NSO Group, which sells programs for governments to remotely take over people’s smartphones and computers, had figured out a new way into practically any Apple device by sending a fake GIF through iMessage. The only way to guard against it is to install Apple’s emergency software update.
  • You can check if you have the latest update (iOS14.8) by going to Setting/General/Software Update. BTW, make certain that automatic updates is set to on to ensure that all updates are installed automatically.
  • Email from Tina in Cleveland: Dear Doc. I have noticed that the lights on my modem are blinking more or less constantly. In fact, they even blink when I am not using a web browser, checking my email or doing anything else on the Internet. Is it normal for all those lights to be constantly blinking or should I be worried? Tina in Cleveland, OH
  • Tech Talk Responds: There is always data being passed between your computer and the Internet any time you have a live connection established. It is normal to see the data lights on your modem flashing pretty much all the time. Your ISP is responsible for much of the data being sent back and forth because they love to “check in” to see if your connection is healthy along with other mundane housekeeping tasks. Also, your computer is also constantly being probed by botnets and hackers trying to find a security hole through which to gain access to your system. I know that probably sounds pretty ominous, and if your computer is left unprotected it sure can be. But as long as you have a good antivirus program installed and occasionally run this series of malware scans you’ll be fine. Finally, some apps and services phone home to check for available updates, causing data to be transmitted back and forth through your modem at what appear to you to be random times.
  • Email from Lois in Erie: Dear Tech Talk. I am worried about going to a website with malware and infecting my computer. How can I tell if a page might have malware and what should I do if I land on one? Lois in Erie, KS
  • Tech Talk Responds: If you happen to load a malicious web page into your web browser, bad things can happen in a hurry due to malware and other nasties being downloading onto your computer.
  • It is possible to avoid landing on a dangerous site by simply being careful about the links you click, but there’s always a chance that it will still happen some day regardless of how careful you are. Some malicious web pages don’t offer any clues as to their devious nature, but many of them do. Here are a few of the clues to look out for:
    • You landed on a page that you weren’t expecting to land on when you clicked a link.
    • You click a link and your computer instantly freezes up (it won’t respond to any mouse clicks or key presses).
    • Instead of an actual web page (or perhaps in addition to one) you see a message warning you that your computer has a virus and you need to call either “Microsoft” or “Apple” to have them remove it for you.
    • A message pops up on the screen demanding that you pay a ransom to prevent your files from being encrypted.
    • You notice other strange things happening that should not be happening (you notice new toolbars on your browser, your mouse pointer starts jumping around the screen on its own, etc.
  • If you notice any of the above symptoms or anything else that just seems wrong, it is important to attempt to mitigate the potential threat as quickly as possible.
  • First, don’t do either of the following:
    • DO NOT click the “Back” button in your browser or interact with the current web page in any way.
    • DO NOT call any phone number listed on a warning message. If you do you’ll be calling a scammer, not Microsoft or Apple.
  • Now that you know what not to do, here are the things you should do:
    • Shut down your computer.
      • First, try shutting it down the usual way by clicking the Shutdown option on the Start menu.
      • If you can’t get the computer to shut down that way, you can force it to shut down by pressing and holding the PC’s Power button.
    • Turn the computer back on and allow it to boot back up into Windows.
    • Run an AV or Malware scan to track down and remove any malware that the malicious web page might have downloaded onto your machine.
    • Clear your browser’s cache to prevent the possibility of accidentally revisiting a cached version of the malicious page. This page explains how to quickly clear the cache in any popular web browser.
  • Your computer should now be cleaned of any malware that was placed on it by the malicious website.


 

Profiles in IT: Pavel Durov

  • Pavel Durov is a Russian-born entrepreneur who is best known for being the founder of the social networking site VK (the Russian Facebook) and of Telegram Messenger
  • Pavel Durov was born October 10, 1984, in Leningrad (now Saint Petersburg), but spent most of his childhood in Turin, Italy, where his father was employed.
  • He attended an Italian elementary school, and after returning to Russia in 2001 attended the Academic Gymnasium in St. Petersburg.
  • In 2006, he graduated from the Philology Department of the Saint Petersburg State University, where he received a first-class degree.
  • Durov started VKontakte (VK), in 2006, which was initially influenced by Facebook. Its name means: In Contact With. He is known as the Mark Zuckerberg of Russia.
  • While he and his brother Nikolai ran the VKontakte website, the company grew to a value of $3 billion.
  • In 2011, he was involved in a standoff with police in St. Petersburg when the government demanded the removal of opposition politicians’ pages after the 2011 election to the Duma.
  • Durov posted a picture of a dog with his tongue out wearing a hoodie and the police left after an hour when he did not answer the door.
  • In 2012, Durov publicly posted a picture of himself extending his middle finger and calling it his official response to Mail.ru Group’s efforts to buy VK.
  • In December 2013, Durov decided to sell his 12% to Ivan Tavrin. At that, time 40%of the shares belonged to Mail.ru Group, and 48% to the United Capital Partners. Later, Tavrin resold these shares to Mail.ru Group.
  • On 1 April 2014, Durov submitted his resignation to the board; at first, due to the fact the company confirmed he had resigned, it was believed to be related to the Ukrainian crisis, which had started in February.
  • However, Durov himself claimed it was an April Fool’s Joke on 3 April 2014.
  • On 16 April 2014, Durov publicly refused to hand over data of Ukrainian protesters to Russia’s security agencies and block Alexei Navalny’s page on VK.
  • Instead, he posted the relevant orders on his own VK page, claiming that the requests were unlawful.
  • On 21 April 2014 Durov was dismissed as CEO of VK. The company claimed it was acting on his letter of resignation a month earlier that he failed to recall.
  • Durov then claimed the company had been effectively taken over by Vladimir Putin’s allies, suggesting his ouster was the result of both his refusal to hand over personal details of users to federal law enforcement.
  • Durov then left Russia and stated that he had “no plans to go back and that the country is incompatible with Internet business at the moment.
  • Upon leaving Russia, he obtained Saint Kitts and Nevis citizenship through donating $250,000 to the country’s Sugar Industry Diversification Foundation.
  • He secured $300 million in cash within Swiss banks. This allowed him to focus on creating his next company, Telegram, focused on an encrypted messaging service of the same name.
  • The company was headquartered in Berlin and later moved to Dubai.
  • Later he tried to launch the “Gram” cryptocurrency and the TON platform, raising a $1.7 billion startup with investors including the widow of Steve Jobs.
  • However, these ventures were halted by the SEC and the federal courts in the US.
  • He was listed on the Forbes Billionaires List in 2021, with a net worth of $17.2 billion. His fortune is largely driven by his ownership of Telegram.
  • As of April 2021, Durov was the 112th richest person in the world.[2]
  • Durov is a self-described libertarian, teetotaler and vegetarian.
  • In 2012, he published manifestos described by commentators as “libertarianism” detailing his ideas on improving Russia.
  • For his twenty-seventh birthday in 2011, he donated a million dollars to the Wikimedia Foundation.
  • Durov claims to have an ascetic lifestyle, and promotes freedom from property.
  • In August 2014, Durov was named the most promising Northern European leader under 30.
  • In 2018, Fortune magazine included Durov in their “40 Under 40” list, an annual ranking of the most influential young people in business.

Observations from the Faculty Lounge

  • Cyber mercenaries have become the latest arms dealers, selling their wares to both sides.
  • Earlier this week, the Department of Justice revealed that three former U.S. intelligence operatives were facing federal charges in connection with their work for DarkMatter, a foreign cybersecurity company based in the United Arab Emirates.
  • The men, who formerly worked for the National Security Agency, were part of a secretive operation entitled “Project Raven,” which, between 2016 and 2019, helped the UAE government spy on critics of its regime.
  • The hackers-for-hire helped the Middle Eastern monarchy break into computer systems and devices throughout the world—including ones located in the U.S.
  • The idea of former American national security operatives targeting U.S. systems at the behest of a foreign government is a pretty chilling scenario.
  • The “Raven” incident itself shows that there are few constraints on U.S.-based companies that want to sell powerful cyber weapons to foreign governments:
  • DarkMatter operatives apparently collaborated with an American cyber firm, Denver-based Accuvant—which sold them a $1.6 million iPhone hacking tool that was used in subsequent hacking escapades.
  • Also compounding the scandal is the fact that one of the accused, Daniel Gericke, is currently employed as the chief information officer of ExpressVPN, one of the most widely used privacy products of its kind on the market. The company has defended its decision to hire him and even admitted that it knew about his background when it hired him back in 2019.
  • Then we have the case of the NSO Group, started by three individuals who worked to Israeli intelligence. The NSO Group has been known to sell its powerful, device-compromising malware to repressive regimes throughout the world. The software is only sold to governments and the sale must be approved by the Israeli government since the software is classified as a weapon, according to the NSO Group.
  • However, a number of non-profits and news outlets began publishing stories connected to the “Pegasus Project,” an investigation into the extent to which the company’s malware has been distributed globally. The investigation revealed 50,000 “potential targets” of Pegasus which, according to researchers, included the phones of dignitaries and diplomats such as French leader Emmanuel Macron, as well as devices belonging to other presidents, former prime ministers, and the king of Morocco, among others.
  • Even more problematically, just last week Apple announced patches for security flaws that had been seeing Pegasus-related exploitation. The patches applied to some 1.65 billion Apple products, the likes of which had been vulnerable since March.
  • It was never an easy job to understand the full scope of the hacker-for-hire industry. Now the techniques and indicators investigators have long relied on as clues are becoming rarer, quieter, and more difficult to spot. The stealthy new arsenal makes it extraordinarily difficult to hold hacking companies and intelligence agencies accountable when human rights abuses occur.
  • We need tighter regulation of these spyware companies, with criminal penalties included.

History Lesson of the Week: Development of Modern Radar

  • Radar is an acronym that stands for Radio Detection and Ranging. The raw science behind radar was discovered all the way back in the 19th century by Heinrich Hertz. Although he demonstrated in his lab that radio waves could be reflected off solid objects, he did not continue with the research in a meaningful way.
  • Later, in 1895, Alexander Popov developed a radar-based device that was used to detect lighting strikes–it was the first time radar was put into application detecting things at a distance.
  • Popov was also the first to observe that you could use radar to detect ships out at sea when he noticed he could detect ships passing between his apparatus and the distant lightning strikes he was recording. While he wrote of how his lighting strike detector could be used for detecting ships and such, he did not pursue the topic.
  • In 1917, Nikola Tesla outlined research on how radar could be used to detect ships and their speed. In 1922, A. Hoyt Taylor pitched the idea of a 60 MHz radar system to the Navy arguing that it would be excellent for detecting ships in foggy and poor weather conditions. The Navy remained uninterested until, years later, they wanted to apply the technology to tracking aircraft.
  • Around the world research on radar continued in a fragmented and halting fashion until the 1930s when research by Robert M. Page, at the Naval Research Laboratory, demonstrated the first modern pulse-based radar system. By the time World War II was underway, most of the world’s super powers like the United States, Britain, France, and the Soviet Union had independently developed radar-based defense systems.

Trivia of the Week: What Product Foreshadowed QR-Code Advertising?

  • These days, it’s fairly commonplace to see QR codes everywhere—from magazine ads to the care tags on potted plants. Hundreds of millions of people have smartphones that allow them to quickly and easily scan the codes and access information online.
  • At the end of the 1990s, however, the idea of scanning a product or advertisement to get more information about it was a foreign one and mobile phones were not advanced enough to handle the task. It was in this environment that the ill-fated CueCat, from the Digital Convergence Corporation, struggled to survive.
  • The CueCat was a physical peripheral you hooked up to your computer, much like a computer mouse. The slim and vaguely cat-shaped device was just a cheap barcode scanner that ran on propriety software and allowed you to scan product barcodes and barcodes placed in printed advertisements to get more information from the company in question—much in the same way that we now use QR and barcodes with our smartphones.
  • In 2000, however, consumers simply failed to see the utility of the device. Nobody wanted to drag things to their computer to scan them; the entire system lacked the ease and spontaneity that future consumers would enjoy with simple barcode scanners. Between the impracticality of using the device, concerns over privacy, and the company’s particularly aggressive stance against people tinkering with or modifying the CueCat hardware and software, the product was destined for failure. When the CueCat was finally put down, it took 185 million dollars worth of investment capital with it.

Powerful Spanish Botnet Launching DDoS Attacks

  • This specific botnet, which enabled DDoS attacks of up to 2TB/s, sets a new record over the entire life of the internet as we know it so far.
  • Originating from Spain, the botnet, which consisted of 49,000 thousand servers, was openly available to hire online, costing from $2,500 for two days usage.
  • According to Stormwall, most of the detected DDoS attacks were directed at the gaming industry.
  • The attacks carried out by the new botnet are quite standard and it can launch attacks using the UDP, TCP, and HTTP protocols.
  • Attacks of such power affect not only the victim but also the entire chain of its providers and can cause problems with access to the Internet at the same time for hundreds of thousands of users and online resources.
  • Hackers have had access to the new tool for around a month.
  • Only cloud DDoS protection services with sufficient filtering network capacity will be able to cope with the scale of the attacks caused by the botnet.

Reasons behind the Computer Chip Shortage

  • We are in the middle of a massive semiconductor shortage. This was first noticed with the lack of new graphic cards. Then with a shortage of new cars.
  • There are two main driving factors behind the shortage. The most obvious of these, of course, is the COVID-19 pandemic. Semiconductors, like most products, are made by workers in factories. Because these workers were either prompted to stay at home or were on a limited schedule, for months in the first half of 2020, the production of new chips slowed to crawl. This drastically affected the entire supply chain.
  • The other factor is the mismatch between supply and demand, which has become even more pronounced due to the rising need for home office devices. It costs a lot of money to create a semiconductor manufacturing plant. And as you’ll see later, the demand for semiconductors across various companies has risen drastically over the last few years. The global chip industry can’t make them quickly enough to meet the rising demand.
  • This shortage has affected even the largest technology and manufacturing companies in the world. It forced Apple to move the release of their new mobile devices by months.
  • According to Reuters, the CEO of chip-making company STMicro believes that chip availability will come back to normal in the first half of 2023. Until then, maybe consider staying with your current devices and holding off on an upgrade.