Show of 03-31-2018

Tech Talk

March 31, 2018

Email and Forum Questions

  • Email from Carl Tyler: Dear Dr. Shurtz: What is “Coinhive” and should we be worried about them using our computing resources to harvest the Monero cryptocurrency? Are there some websites that we go to that uses our computing power to mine other cryptocurrencies such as Bitcoins in the background? And how can we prevent this by using adblockers? I use uBlock Origin. Will this prevent them from using my computing power? Have you done a “Profiles in IT” about Brian Krebs? I get his newsletter via email and he really informs me about a lot of the cyber criminal activities going on out there. Does Mr. Big Voice ever get a vacation? I think it’s time. Loyal listener for a long time, Carl Tyler
  • Tech Talk Responds: Thanks for the Profiles in IT suggestion. Coinhive is a brilliant idea to monetize internet traffic that seems to be going off the track. We have previously discussed it on Tech Talk. Coinhive first released its cryptocurrency miner in September 2017 as a novel way for websites to generate revenue. Once embedded into a website, the code mines the digital currency Monero by borrowing visitors’ CPU processing power. The more visitors, the more money earned. Site owners take a 70 percent share, while Coinhive grabs the rest.
  • However, the Coinhive code doesn’t tell website visitors that any mining is taking place. It can simply borrow CPU processing power via the browser, without any warning. One of Coinhive’s earliest adopters was The Pirate Bay, a site that already has a rather notorious reputation. In September, visitors to the site noticed it was hogging CPU resources, prompting complaints.
  • The crypto miner has been found in over 30,000 random sites. These sites were hacked and Coinhive code was installed to generate revenue for the hacker.
  • There’s a reason why hackers gravitate toward Coinhive: it’s easy to use.
  • Anyone can go to the Coinhive site and sign up for an account by providing a valid email address. In return, they’ll receive access to the Javascript code for the crypto miner, which can be easily embedded into a website.
  • AdGuard also found the Coinhive miner on over 30,000 sites and estimates the code generates $150,000 in Monero every month. For Coinhive, which takes a 30 percent cut, that amounts to $540,000 per year.
  • Last month, Malwarebytes blocked 248 million attempts by the miner to borrow PC resources from company users.
  • Ad blockers will not protect you from crypto hijacking. I have Malwarebytes installed on my computer. It does a pretty good job.
  • Email from Azra in Fredericksburg: Dear Tech Talk. I love to use the Facebook platform and have all my connections there. I would like to expand my presence on the site with blog style posts. What is the best way to create a blog using the Facebook platform? I want an easy way to format text and insert pictures. Enjoy the podcast. Azra in Fredericksburg.
  • Tech Talk Responds: Facebook Notes is an excellent option for you. It is is a re-imagined version of the note taking feature that Facebook launched years ago on its site.
  • Unlike the previous version, it has been designed more like a basic blog editor than a simple note taking application that does not look or feel that different from jotting down status updates on the site.
  • To open Notes on Facebook, click on the Notes entry listed on the left sidebar.
  • A click on “write a note” opens the editor interface which looks like many other blog editing tools out there on first glance.
  • You can add a cover photo to the article, a title, and use a handful of formatting options such as adding headlines, more photos or bullet points to it as well.
  • It has basic formatting options (two headline levels, quote insertion, bulleted and numbers lists, bold and italics fonts, embedded objects, images).
  • While that is sufficient in many cases, it lacks basic options such as adding video to the note or changing the formatting in basic ways, for instance by not allowing you to change text alignment, indenting text or changing font type or colors.
  • Photos are added directly from the uploaded image archive on the site with an option to upload photos from the local system as well.
  • Once you are done writing, you may save the note as a draft, or publish it to your account.
  • While that is useful initially, Notes will hold you back as you grow as you don’t get analytics, options to install plugins to extend the blog platform or use advertising or the majority of other monetization options when using notes.
  • Email from Stu in Kilmarnock: Dear Doc and Jim. Every time I put my phone in my pocket, I make “butt calls.” How can I keep my iPhone from dialing by mistake or from deleting icons? Stu in Kilmarnock
  • Tech Talk Responds: Stu, you are not locking your phone before putting in your pocket. Simply pushed the home button is not enough. Push the power button briefly to lock the phone. They it can’t take any action, until you unlock it. Hopefully, you butt calls didn’t bet you in trouble.
  • Kim in Ohio: Dear Doc and Jim. I am confused by cloud backup and cloud file syncing. Can you explain the difference and let me know which I should be using. Love the show. Kim in Ohio
  • Tech Talk Responds: There’s a big difference between file syncing tools and online backup services, when it comes to backing up your important files.
  • You’re probably familiar with services like Dropbox, Google Drive, Microsoft OneDrive. These services provide a special folder, and anything you place in that folder is synced with your online storage, as well as between other devices you have set up. Your files are also available via web browsers.
  • Because these services are designed for syncing, if you delete or change a file on another device, that change will sync and the file will be deleted or changed on all your computers. Most services do provide ways to restore old versions of files and recover deleted files from the trash, but you can’t just restore all your files to the state they were in at a point in time.
  • Dedicated backup services work differently. They do not automatically sync your files between all your devices. They work more like a traditional backup tool, which would back up all the files on your PC or Mac. However, instead of backing up those files to an external hard drive or another computer on your local network, they back it up to the backup service’s online storage.
  • The backup software can back up files stored anywhere on your computer, so you don’t have to put everything all in one folder.
  • Backup services generally cost money. You can use Backblaze, Carbonite, or iDrive. All are inexpensive. For instance, Backblaze provides unlimited storage for $5 per PC or Mac per month.

Profiles in IT: Dustin Aaron Moskovitz

  • Dustin Aaron Moskovitz is best known as co-founder and first CTO of Facebook.
  • Moskovitz born was May 22, 1984 in Gainesville, FL and grew up in Ocala, FL.
  • He attended Vanguard High School, graduating from the IB Diploma Program.
  • Moskovitz enrolled in Harvard in economics. His roommate was Mark Zuckerberg.
  • Zuckerberg had built Facebook in his dorm room using a programming language called PHP. Within a couple of weeks, a few thousand people had signed up.
  • Other colleges asking to launch it at their schools. Dustin wanted to help you do the expansion, but he didn’t know PHP.
  • That weekend he went home, bought the book PERL for Dummies and came back ready to help. However, Zuck told him the site was written is PHP, not PERL, dude.
  • Moskovitz learned that language in a couple of days and went to work helping Zuckerberg expand from one school to many.
  • Four people, three of whom were roommates—Mark Zuckerberg, Eduardo Saverin, Chris Hughes, and Dustin Moskovitz—founded Facebook in their Harvard University dorm room in February 2004.
  • Originally called, Facebook was an online directory of all Harvard’s students to help residential students identify members of other residences.
  • The most complicated calculation on the site was the social connection graph.
  • In June 2004, Zuckerberg, Hughes and Moskovitz took a year off from Harvard and moved Facebook’s base of operations to Palo Alto, CA, and hired eight employees.
  • At Facebook, Moskovitz was the company’s first CTO and then VP of Engineering; he led the technical staff and oversaw the major architecture of the site.
  • He was responsible for the company’s mobile strategy and development.
  • In 2008, Moskovitz announced that he was leaving Facebook to form a new company called Asana with Justin Rosenstein, an engineering manager at Facebook.
  • Asana is a web and mobile application designed to help teams track their work.
  • In 2011, Moskovitz co-founded the philanthropic organization Good Ventures with his girlfriend (and now wife) Cari Tuna in 2011.
  • Good Ventures has donated approximately $100 million to GiveWell top charities.
  • His collaboration with GiveWell led led to a spinoff called the Open Philanthropy Project, whose goal is to figure out the best possible way to use large sums of money.
  • Moskovitz and Tuna are the youngest couple to sign the Giving Pledge, which commits billionaires to giving away most of their wealth.
  • In March 2011, Forbes reported Moskovitz to be the youngest self-made billionaire, based on his 2.34% share in Facebook. His net worth was US$14.3B in 2017.
  • Moskovitz and Tuna attend Burning Man regularly. His loves the self-reliance and independence of the event.

Man who Invented Like Button, Delete Facebook

  • The man who invented the “Like” button has deleted Facebook from his phone.
  • Justin Rosenstein was the engineer who created the feature in 2007, but now fears the psychological effects apps are having on people around the world.
  • The 34-year-old is so concerned, he has blocked himself from Reddit and Snapchat, and imposed strict time-limits on his use of Facebook.
  • The tech executive has now bought a new iPhone and told his assistant to set up a feature that stops him downloading any apps at all.
  • Mr Rosenstein describes Facebook “Likes” as “bright dings of pseudo-pleasure”, one of many features that contribute to what Silicon Valley critics describe as the new “attention economy”.
  • “It is very common for humans to develop things with the best of intentions and for them to have unintended, negative consequences,” Mr Rosenstein told the newspaper.
  • A 2016 study found that the more time young adults spend on social media, the more likely they are to become depressed. Of those tested, people who checked their apps most regularly were 2.7 times from likely to develop it than those two checked least often.
  • Instagram was ranked as having the worst effect on young people’s mental health, according to a separate study.
  • And in January health officials warned the circulation of fake health news on social networks was potentially dangerous to people’s physical health.
  • As well as making users addicted and effecting their mental health, there is growing concern social media makes people more stupid. Known as “continuous partial attention”, it is feared apps limit the ability to focus and potentially lower IQ.
  • “Everyone is distracted. All of the time,” Mr Rosenstein says.

Baltimore 911 Infected with Rasomware

  • The ransomware attack forced Baltimore’s 911-dispatch system to be temporarily shut down over the weekend on March 24.
  • Frank Johnson, chief information officer in the Mayor’s Office of Information Technology, said he was not aware of any specific ransom request made by the hackers of Baltimore’s network, but federal authorities are investigating.
  • The attack infiltrated a server that runs the city’s computer-aided dispatch, or CAD, system for 911 and 311 calls.
  • The system automatically populates 911 callers’ locations on maps and dispatches the closest emergency responders there more seamlessly than is possible with manual dispatching. It also relays information to first responders in some cases and logs information for data retention and records.
  • The breach shut down the CAD system from Sunday morning until Monday morning, forcing the city to revert to manual dispatching during that time.
  • While the city’s 911 calls are normally recorded online on Open Baltimore, the city dispatch logs stopped recording them at 9:54 a.m. Sunday and didn’t resume recording them again until 7:42 a.m. Monday.
  • Johnson said the attack was made possible after a city information technology team troubleshooting a separate communications issue with the server inadvertently changed a firewall and left a port open for about 24 hours.
  • The hackers who were likely running automated port scans of networks looking for such vulnerabilities found it and gained access.
  • The penetration was detected quickly and the response was quite good. The isolated the infected server to protect the system. It took seventeen hours to clean and verify the entire system before coming back online.
  • Altanta and Boeing were also hit with ransomware the same week. Atlanta was infected with SamSam malware and Boeing with Wannacry malware.

Leaked NSA Hacking Tools Aided the Attacks

  • In April 2017, The Shadow Brokers, a hacking group, released a hacking tools from NSA (National Security Agency).
  • These cyber weapons can be used to compromise about 70% of Windows systems around the globe.
  • The hacking toolkit has been confirmed to be stolen from NSA’s Equation Group. Targets include Windows, Cisco firewalls, and even SWIFT Alliance Access.
  • The U.S. government used these tools to hack into and spy on foreign governments, banks, and other organizations with the arsenal.
  • Most leaked NSA Windows exploits are designed to take advantage of vulnerabilities existing in the SMB (Server Message Block) protocol. They have been termed External Blue or Eternal Romance Exploits, depending on the SMB vulnerability exploited.
  • This service enables file sharing between Windows computers. This vulnerability was first patched by MS in March 14, 2017 (MS 17-010)

Ransomware That Uses the NSA Toolkit

  • WannaCry ransomware first struck May 2017.
  • WannaCry was ransomware and held data hostage until a ransom is paid.
  • WannaCry targeted systems running the Windows OS only.
  • It used the EternalBlue exploit, which takes advantage of an SMB vulnerability to rapidly propagate through a network.
  • The use of this exploit provided worm capabilities, helping attackers maximize the damage.
  • SMB vulnerability was patched by Microsoft (MS 17-010), prior to May 2017.
  • Following the malicious encryption, victims were presented with a screen that informed them of the encryption and demanded a ransom, paid in Bitcoin, to retrieve the data.
  • Petya is a Wannacry variant. It makes ransom demands, but the encryption is randomly generated. So even if the ransom is paid, the files cannot be recovered.
  • Petya uses both the EternalBlue and the EternalRomance vulnerabilities, which enables remote privilege escalation on certain versions of Windows.
  • This vulnerability was also patched by Microsoft in MS 17-010, yet patching did not protect victims from the Petya variant.
  • Encryption Key randomly generated, so files cannot be recovered even if you pay ransom.

Ransomware Attacks Atlanta

  • According to DHS officials, the attack hit Atlanta at around 5 AM, March 22, 2018.
  • Files were encrypted and the attackers are reportedly demanding a large sum to be paid with Bitcoin.
  • The outage affected various internal and external customer facing applications,” including payment systems and court-related systems.
  • Hackers were demanding a payment of $6,800 in bitcoin to unlock each computer, or $51,000 to provide all the keys for affected systems.
  • The malware involved resembles the “MSIL” or “Samas” (SAMSAM) ransomware strain that has been circulating since at least 2016.
  • Atlanta had been penetrated in April 2017, using the NSA toolkit. Those computers were still infected at the time of the SamSam attack.
  • SamSam was first detected in late 2015. It was targeting vulnerabilities in JBoss, hitting organizations in the education and healthcare sectors

Ransomware Attack Vectors

  • Malicious Links. For instance, Bad Rabbit ransomware, was reportedly distributed via drive-by download attacks via compromised Russian media sites, using fake Adobe Flash players installer to lure victims’ into install malware unwittingly and demanding 0.05 bitcoin (~ $285) from victims to unlock their systems.
  • Open Ports in Firewalls. Malware is always scanning for open ports, exposing unpatched systems.
  • Email Attachments – Click on links in email attachments can install malware.
  • USB Drives. The penetration of the Iranian nuclear facility.

Best Practices to Protect against Ransomware Attacks

  • User Training. Don’t click on unknown links on the web or in attachments. Don’t fall for phishing scams. Since most ransomware spread through phishing emails, malicious adverts on websites, and third-party apps and programs, you should always exercise caution before falling for any of these.
  • Disable Unneeded Services Disable WMI (Windows Management Instrumentation) to prevent malware from spreading in the system.
  • Disable Open Ports on Firewalls. It may be easier to remotely manage your system, but those ports also are attack vectors.
  • Install Security Updates. Make sure to update your systems regularly and keep a good and effective anti-virus security suite on your system.
  • Backup Your Data. Maintain a good backup routine in place that makes and saves copies of your files to an external storage device that is not always connected to your PC.

Chemistry of Dyeing Easter Eggs

  • People have been dyeing fabrics and other items for many years. In fact, the earliest written record of the use of dye is from thousands of years ago in 2600 BC.
  • In 715 BC, Romans were already dyeing wool. People have used many different substances to dye fabrics and other materials, including a purple dye made from a sea snail called a murex. This dye was expensive and purple became the color of emperors and kings.
  • Dyeing Easter eggs is also a very old tradition. In the Ukraine, coloring eggs with wax and dye is called pysanky, and it has likely been practiced since ancient times.
  • In North America, people often dye eggs using plant or commercial dyes.
  • Food coloring is an acid dye. It bonds using hydrogen, and this chemical process only works in an acidic environment. Vinegar is added to the solution to make it acidic.
  • Vinegar is acidic and contains around 3% acetic acid. When you add vinegar to water, it creates ideal conditions for food coloring to dye the egg.
  • Since eggs are made out of calcium carbonate, this calcium in the shell reacts with the acid in the vinegar to make carbon dioxide. If you place an egg in vinegar and water, you can often see that chemical reaction taking place as bubbles of carbon dioxide form in the liquid.
  • We will experiment with different amounts of vinegar. Will the eggs in the vinegar get darker or lighter than the eggs in the water, or will they all be the same?
    • Get three containers and fill each one with a cup of distilled water. Distilled water is usually neutral, with a pH of 7.
    • Add several drops of food coloring to each container (
    • Add a teaspoon of vinegar to the first container and two teaspoons to the second.
    • Using a spoon, place a white egg into each container.
    • The egg that was immersed in the most vinegar is the brightest.

Apple just released iOS 11.3

  • On March 29, 2018, Apple released iOS 11.3.
  • The iOS 11.3 update includes new features like improved augmented-reality features, new Animoji (if you have an iPhone X), and a beta version of iPhone Battery Health, which lets you see information about your iPhone’s battery capacity and performance.
  • Apple added the battery-health feature after reports that it was intentionally slowing down iPhones with older batteries without disclosing the practice to customers.
  • To download the latest update, go to Settings > General > Software Update.
  • Augmented reality Kit 1.5 allows developers to place digital objects on vertical surfaces like walls and doors in addition to horizontal surfaces.
  • iPhone Battery Health (beta) Displays information on iPhone maximum battery capacity and peak performance capability. Recommends if a battery needs to be replaced.
  • Privacy is improved. When an Apple feature asks to use your personal information, an icon now appears along with a link to detailed information explaining how your data will be used and protected.
  • Plus much more.

Free Online Credit Reports

  • US law entitles you to a free yearly credit report directly from each agency, but you’ll have to go elsewhere if you want to get your credit report more frequently.
  • There are multiple credit reporting agencies. The “big three” in the USA are Equifax, TransUnion, and Experian.
  • Credit Karma.
    • The free Credit Karma website shows data from both your Equifax and TransUnion reports. They also have free apps available for iPhone and Android. This service is complete free.
    • Credit Karma lets you see updated information every seven days, so you can always see a recent copy of your credit report. They also send you alert emails when a new account appears on your report, or if they detect any change. So, if an identity thief ever steals your information and opens a new account in your name, you’ll get an early heads-up
  • Free Credit Score
    • Experian doesn’t make its data available on Credit Karma, but it does operate its own free credit score website. is owned by Experian and works similarly to Credit Karma. Apps for iPhone and Android are also available.
    • The website shows you a new Experian credit report every 30 days.