Show of 03-25-2017

Tech Talk

March 25, 2017

Email and Forum Questions

  • Email from Carl Tyler: Dear Dr. Shurtz: I read on the Ars Technica website that IBM will selling a 50-qubit quantum computer in the next few years. The article said it might sell for around $15,000,000. Please explain in non-technical language what a 50-qubit quantum computer is, how it works, and what it will be used for. Have you ever done a “Profiles In IT” on Joseph Carl Robnett Licklider? I read an article on him and it called him the “Johnny Appleseed” of computing. I think he would be an interesting candidate. Thanks for the best technology podcast on the internet. Carl Tyler
  • Tech Talk Responds: Licklider is a great suggestion. We have talked about him before, but his impact warrants another visit.
  • The key features of an ordinary computer—bits, registers, logic gates, algorithms, and so on—have analogous features in a quantum computer. Instead of bits, a quantum computer has quantum bits or qubits, which work in a particularly intriguing way. Where a bit can store either a zero or a 1, a qubit can store a zero, a one, both zero and one, or an infinite number of values in between—and be in multiple states (store multiple values) at the same time! A way to think of the numbers qubits store is through the physics concept of superposition (where two waves add to make a third one that contains both of the originals).
  • Just as a quantum computer can store multiple numbers at once, so it can process them simultaneously. Instead of working in serial (doing a series of things one at a time in a sequence), it can work in parallel (doing multiple things at the same time). Only when you try to find out what state it’s actually in at any given moment (by measuring it, in other words) does it “collapse” into one of its possible states—and that gives you the answer to your problem. Estimates suggest a quantum computer’s ability to work in parallel would make it millions of times faster than any conventional computer… if only we could build it! So how would we do that?
  • In reality, qubits would have to be stored by atoms, ions (atoms with too many or too few electrons) or even smaller things such as electrons and photons (energy packets). You would need mechanisms for containing atoms, ions, or subatomic particles, for putting them into certain states (so you can store information), knocking them into other states (so you can make them process information), and figuring out what their states are after particular operations have been performed.
  • In practice, there are lots of possible ways of containing atoms and changing their states using laser beams, electromagnetic fields, radio waves, and an assortment of other techniques. One method is to make qubits using quantum dots, which are nanoscopically tiny particles of semiconductors inside which individual charge carriers, electrons and holes (missing electrons), can be controlled. Another method makes qubits from what are called ion traps: you add or take away electrons from an atom to make an ion, hold it steady in a kind of laser spotlight (so it’s locked in place like a nanoscopic rabbit dancing in a very bright headlight), and then flip it into different states with laser pulses. In another technique, the qubits are photons inside optical cavities.
  • Hi Dr. Shurtz. You have featured Grace Hopper several times on Tech Talk. Just the same, I thought you would like to see this article about her. She was a real pioneer in the computer field. In addition, the Naval Academy’s new cyber center is being named after as well. Arnie, Colorado Springs, CO
  • Tech Talk Responds: Grace Hopper was a real computer pioneer. She coded computers and developed a compiler. Thanks for the article.
  • Email from Jim in Bowie: Dear Tech Talk. I am cutting the cord with my TV system at home. Is there any way to combine digital channels with over-the-air-channels using one simple remote? If I change the system and drop all cable channels, my only requirement is that the result be simple to operate. Enjoy the show live. Jim in Bowie
  • Tech Talk Responds: This is the classic problem, bringing over-the-air TV into your system conveniently. The first device, AirTV, to achieve integration was announced by Dish Network at CES 2017. AirTV brings streaming and broadcast TV together in one device. I have not used it yet but it has gotten good review.
  • AirTV is an android TV based streaming device from the makers of Sling TV. It includes an option for a TV Antenna adapter. This allows channels received from your antenna to be shown in the same interface as your streaming services.
  • You can purchase AirTV with an OTA adaptor for watching TV channels received from an antenna. The combo costs $129.99.
  • AirTV also comes with $50 of Sling TV credits, so you can add a month or two of Sling TV free when you purchase AirTV. Although, Sling TV isn’t required to use the device. AirTV function’s using apps you can download from Google Play Store. This allows services like Hulu, Netflix, and HBO Now to also be used on AirTV. Ultimately, it works like any other streaming device.
  • The AirTV was surprisingly easy to set up.
    • Connect the Air TV device to your TV with the included HDMI cable
    • Plug the USB/Coaxial adapter in the USB port on the AirTV
    • Connect the coaxial cable from your antenna to the coaxial connection on the adapter.
    • Connect the power adapter to power the device and turn on your AirTV using the included remote.
  • Once powered, AirTV walks you through each part of the setup step by step. It easily connects the device to your network, links you to your Google Play account, and scans your antenna for local channels. It even auto discovers TV and audio setup. The AirTV remote is able to control the volume and power on my TV without extra programming.
  • From this interface, you have access to not only Sling TV content, but Netflix content, and your local OTA channels as well. Provided, you have hooked up an antenna to your AirTV. BTW, you don’t have to be a Sling TV subscriber for the menu to work.
  • Email from Harry in Chantilly: Hi there Doc and Jim. I was wondering if you could explain what Kodi is, and whether it is worth looking into. Harry in Chantilly
  • Tech Talk Responds: Kodi (formerly XBMC) is a free and open-source media player software application developed by the XBMC Foundation, a non-profit technology consortium. Kodi is available for multiple operating systems and hardware platforms, with an interface for use with televisions and remote controls. It allows users to play and view most streaming media, such as videos, music, podcasts, and videos from the internet, as well as all common digital media files from local and network storage media.
  • It is a multi-platform home-theater PC (HTPC) application. Kodi is highly customizable: a variety of skins can change its appearance, and various plug-ins allow users to access streaming media content via online services such as Amazon Prime Instant Video, Crackle, Pandora Internet Radio, Rhapsody, Spotify, and YouTube. The later versions also have a personal video-recorder (PVR) graphical front end for receiving live television with electronic program guide (EPG) and high-definition digital video recorder (DVR) support.
  • The software was created as an independently developed homebrew media player application named Xbox Media Center (abbreviated as XBMC) for the first-generation Xbox game console, and was later made available under the name XBMC as a native application for Android, Linux, BSD, macOS, iOS/tvOS, and Microsoft Windows-based operating systems.
  • It is a project much like Linux. You need to find device drivers, download and install various options and tinker. It is a great way to learn about open source systems. It is probably not a good option if you simply want a convenient home theater system.

Profiles in IT: Joseph Carl Robnett Licklider

  • Joseph Carl Robnett Licklider was a computer scientist who has been called computing’s Johnny Appleseed for planting the seeds of computing in the digital age.
  • JCR Lickliker, or Lick, conceived of cybernetics, interactive computing, an intergalactic computer network (Internet), and artificial intelligence.
  • Licklider was born on March 11, 1915, in St. Louis, Missouri, United States.
  • He was the only child of Joseph Parron Licklider, a Baptist minister
  • He received a triple BA degree in physics, mathematics, and psychology (1937), and an MS in psychology (1938) from Washington University in St. Louis
  • He received a PhD in psychoacoustics from the University of Rochester in 1942, and worked at the Psycho-Acoustic Laboratory at Harvard University from 1943 to 1950.
  • In 1950, he became interested in information technology and moved to MIT.
  • At MIT, he worked on Semi-Automatic Ground Environment (SAGE for computer-aided air defense systems. He saw the potential for human/computer interfaces.
  • In 1957, he became a VP at Bolt Beranek and Newman, Inc., where he conducted the first public demonstration of time-sharing using a PDP-1 computer.
  • In 1960 his paper on “Man-Computer Symbiosis” foreshadowed interactive computing. , and he went on to fund early efforts in time-sharing, including the work of Douglas Engelbart, who created the famous On-Line System where the computer mouse was invented.
  • He formulated the earliest ideas of a global computer network in August 1962 at BBN, in a series of memos discussing the “Intergalactic Computer Network” concept. These memos predicted the Internet of today, including cloud computing.
  • In 1962, Licklider was appointed head of the Information Processing Techniques Office (IPTO) at DARPA. His goal was to fund projects to bring his ideas to life (interactive computer and a global computer network).
  • He funded Douglas Engelbart, who created the famous On-Line System where the computer mouse was invented.
  • He funded Project MAC where a large mainframe computer was designed to be shared by up to 30 simultaneous users.
  • In 1964, he went to work at IBM. In 1968, he returned to MIT to lead Project MAC.
  • In 1985, he retired and became Professor Emeritus in 1985. He died in 1990.
  • His ideas foretold of graphical computing, point-and-click interfaces, digital libraries, e-commerce, online banking, and software that would exist on a network and migrate as needed. He foresaw the need for networked computers with easy user interfaces.
  • Licklider’s contribution to the development of the Internet consists of ideas, not inventions. He foresaw the need for networked computers with easy user interfaces.
  • Licklider was instrumental in conceiving, funding and managing the research that led to modern personal computers and the Internet. He was computer’s Johnny Appleseed

Google says Chrome will no longer trust Symantec certificates.

  • In 2012, Google rolled out Certificate Transparency, a system to spot corrupt “Certificate Authorities,” the entities who hand out the cryptographic certificates that secure the web.
  • Certificate Transparency uses an append-only, distributed ledger that Chrome users automatically contribute to by sending in anonymized evidence of the certificates they see, and which authorities issued those certificates.
  • In this way, sloppy or malicious CAs can be rapidly and undeniably identified and, in theory, removed from the list of authorities that browsers trust by default.
  • The first casualty of this is Symantec.
  • Google has announced that effective immediately, Symantic-issued certificates will not be treated as having “extended validation” (this is the highest level of trust a browser can place in a certificate, based on the belief that the issuer conducted a detailed investigation to make sure it wasn’t dealing with an impostor before issuing the cert).
  • From now on, Chrome will gradually reduce its trust in Symantec certs, over the coming years.
  • Because Symantec issues more than 30% of the web’s certs, and these are the most popularly relied-upon certs by web-users, constituting 42% of the certs that a Firefox user will encounter in a typical browsing session.
  • Google says it caught Symantec issuing more than 30,000 “improper” certificates.
  • Symantec’s denies any wrongdoing.
  • BTW: You can get as many free certificates as you need, instantly and automatically, using the nonprofit Let’s Encrypt Certificate Authority jointly operated by a number of groups including the Electronic Frontier Foundation and Mozilla.

What is a Certificate Authority?

  • A certificate authority or certification authority (CA) is an entity that issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate.
  • This allows others (relying parties) to rely upon signatures or on assertions made about the private key that corresponds to the certified public key.
  • In this model of trust relationships, a CA is a trusted third party—trusted both by the subject (owner) of the certificate and by the party relying upon the certificate. The most commonly encountered public-key infrastructure (PKI) schemes are those used to implement https on the worldwide web. All these are based upon the X.509 standard and feature CAs.
  • Trusted certificates can be used to create secure connections to a server via the Internet.
  • A certificate is essential in order to circumvent a malicious party that happens to be on the route to a target server, which acts as if it were the target. Such a scenario is commonly referred to as a man-in-the-middle attack.
  • The client uses the CA certificate to authenticate the CA signature on the server certificate, as part of the authorizations before launching a secure connection.
  • Usually, client software—for example, browsers—include a set of trusted CA certificates. This makes sense, as many users need to trust their client software. A malicious or compromised client can skip any security check and still fool its users into believing otherwise.

Research Found Backdoor in Chinese IoT Devices

  • IoT devices from a Chinese vendor contain a weird backdoor that the vendor is refusing to fix.
  • The vulnerability was discovered in almost all devices produced by VoIP specialist dbltek, and appears to have been purposely built in as a debugging aid.
  • The infosec biz says that it followed a responsible disclosure process, but claims the manufacturer responded only with modifications to its firmware that leave access open.
  • The security firm says it has since been able to write exploits that open both the old and new backdoors.
  • The vulnerable firmware is present in almost all dbltek GSM-to-VoIP devices, a range of equipment mostly used by small to medium size businesses.
  • Trustwave researchers claimed they had found hundreds of at-risk devices on the internet. According to the researchers:
    • Trustwave recently reported a remotely exploitable issue in the Telnet administrative interface of numerous DblTek branded devices. The issue permits a remote attacker to gain a shell with root privileges on the affected device due to a vendor backdoor in the authentication procedure.
    • An undocumented user, namely “dbladm”, is present which provides root level shell access on the device. Instead of a traditional password, this account is protected by a proprietary challenge-response authentication scheme.
  • Basically, when you try to telnet into the device as dbladm, the gadget tries to connect to UDP port 11000 on on its local network. If it receives a valid response, it grants access. This is perfect for malware, or some other miscreant, lurking on a corporate or home network.

Transcribing Voice Recording on iPhone

  • Third-party apps and services that convert spoken words into text files on iOS devices are plentiful in Apple’s online store, but depending on when you need the transcribing to happen, you may not need to download anything extra.
  • For example, the Siri assistant software built onto iOS can open the iPhone’s Notes app and transcribe your words as you speak them.
  • Hold down the iPhone’s Home button (or say “Hey Siri” to wake up the software), say “Make a new note,” and then speak your thoughts — reciting the punctuation like “period” or “comma” aloud. The resulting note can be emailed, copied, pasted or shared with a compatible text app.
  • Siri may be the quickest way to dictate a quick set of thoughts without fumbling with other apps, but if you do not use the Siri assistant, you can turn on the Dictation tool in the iPhone’s Settings app.
  • In Settings, go to General and then to keyboard to find the Dictation option buried at the bottom of the screen. When the setting is enabled, a small microphone appears on the keyboard of text-entering apps like Notes, Google Docs, Microsoft Word for iOS, or Apple’s own Pages word processor.
  • Converting live speech is one thing, but if you have a collection of previously recorded memos you want to translate into text, look for an app or service that allows you to upload audio files for transcription. The Rev Voice Recorder, SpeakWrite and TranscribeMe for iOS and Android are among the free apps that can do this, but you need to pay for the transcription; fees typically range from about 79 cents to $1 per minute of audio.

Gartner’s Top 10 Trend for 2017

  • AI & Advanced Machine Learning. AI and machine learning, which include technologies such as deep learning, neural networks and natural-language processing, can also encompass more advanced systems that understand, learn, predict, adapt and potentially operate autonomously.
  • Intelligent Apps. Intelligent apps, which include technologies like virtual personal assistants (VPAs), have the potential to transform the workplace by making everyday tasks easier (prioritizing emails) and its users more effective (highlighting important content and interactions). Every existing software category from security tooling to enterprise applications such as marketing or enterprise resource planning (ERP) will be infused with AI enabled capabilities.
  • Intelligent Things. New intelligent things generally fall into three categories: robots, drones and autonomous vehicles. Existing things including Internet of Things (IoT) devices will become intelligent things delivering the power of AI enabled systems everywhere including the home, office, factory floor, and medical facility.
  • Virtual & Augmented Reality. Virtual reality (VR) and augmented reality (AR) transform the way individuals interact with each other and with software systems creating an immersive environment. AR, which enables a blending of the real and virtual worlds, means businesses can overlay graphics onto real-world objects, such as hidden wires on the image of a wall. Over time AR and VR expand beyond visual immersion to include all human senses.
  • Digital Twin. Within three to five years, billions of things will be represented by digital twins, a dynamic software model of a physical thing or system. Using physics data on how the components of a thing operate and respond to the environment, as well as data provided by sensors in the physical world, a digital twin can be used to analyze and simulate real world conditions, responds to changes, improve operations and add value.
  • Blockchain is a type of distributed ledger in which value exchange transactions (in bitcoin or other token) are sequentially grouped into blocks. Blockchain and distributed-ledger concepts are gaining traction because they hold the promise of transforming industry operating models in industries such as music distribution, identify verification and title registry.
  • The mesh refers to the dynamic connection of people, processes, things and services supporting intelligent digital ecosystems. As the mesh evolves, the user experience fundamentally changes and the supporting technology and security architectures and platforms must change as well.
  • Conversational Systems. Conversational systems can range from simple informal, bidirectional text or voice conversations such as an answer to “What time is it?” to more complex interactions such as collecting oral testimony from crime witnesses to generate a sketch of a suspect.
  • Mesh App and Service Architecture. The intelligent digital mesh will require changes to the architecture, technology and tools used to develop solutions. The mesh app and service architecture (MASA) is a multichannel solution architecture that leverages cloud and serverless computing, containers and microservices as well as APIs and events to deliver modular, flexible and dynamic solutions.
  • Digital Technology Platforms. Digital technology platforms are the building blocks for a digital business and are necessary to break into digital. Every organization will have some mix of five digital technology platforms: Information systems, customer experience, analytics and intelligence, the IoT and business ecosystems.
  • Adaptive Security Architecture. The evolution of the intelligent digital mesh and digital technology platforms and application architectures means that security has to become fluid and adaptive. Security in the IoT environment is particularly challenging. Security teams need to work with application, solution and enterprise architects to consider security early in the design of applications or IoT solutions.