Show of 09-01-2018

Tech Talk

 September 1, 2018

Best of Tech Talk Edition

  • Segments replayed from previous shows.

Email and Forum Questions

  • Email from Susan in Alexandria: Hi Dr. Shurtz! What’s the story behind the FBI advice to reboot all routers to “temporarily” twart Russian hackers? I did the reboot, but now the latest advice seems to suggest doing a factory reset and changing the default password!  My family thoroughly enjoys your entertaining and informative show.  Thank you! Susan Church, Alexandria, VA
  • Tech Talk Responds: A new threat which targets a range of routers and network-attached storage (NAS) devices is capable of knocking out infected devices by rendering them unusable. The malware, known as VPNFilter, is unlike most other IoT threats because it is capable of maintaining a persistent presence on an infected device, even after a reboot. VPNFilter has a range of capabilities including spying on traffic being routed through the device. Its creators appear to have a particular interest in SCADA industrial control systems, creating a module which specifically intercepts Modbus SCADA communications.
  • According to new research from Cisco Talos, activity surrounding the malware has stepped up in recent weeks and the attackers appear to be particularly interested in targets in Ukraine. While VPNFilter has spread widely, data from Symantec’s honeypots and sensors indicate that unlike other IoT threats such as Mirai, it does not appear to be scanning and indiscriminately attempting to infect every vulnerable device globally.
  • A: To date, VPNFilter is known to be capable of infecting enterprise and small office/home office routers from Linksys, MikroTik, Netgear, and TP-Link, as well as QNAP network-attached storage (NAS) devices. These include: Linksys E1200, Linksys E2500, Linksys WRVS4400N, Mikrotik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072, Netgear DGN2200, Netgear R6400, Netgear R7000, Netgear R8000, Netgear WNR1000, Netgear WNR2000, QNAP TS251, QNAP, TS439 Pro, Other QNAP NAS devices running QTS software, TP-Link R600VPN
  • Most of the devices targeted are known to use default credentials and/or have known exploits, particularly for older versions. There is no indication at present that the exploit of zero-day vulnerabilities is involved in spreading the threat.
  • VPNFilter is a multi-staged piece of malware.
      • Stage 1 is installed first and is used to maintain a persistent presence on the infected device and will contact a command and control (C&C) server to download further modules.
      • Stage 2 contains the main payload and is capable of file collection, command execution, data exfiltration, and device management. It also has a destructive capability and can effectively “brick” the device if it receives a command from the attackers. It does this by overwriting a section of the device’s firmware and rebooting, rendering it unusable.
      • Stage 3 modules act as plugins for Stage 2. These include a packet sniffer for spying on traffic that is routed through the device, including theft of website credentials and monitoring of Modbus SCADA protocols. Another Stage 3 module allows Stage 2 to communicate using Tor.
  • Users of affected devices are advised to reboot them immediately. If the device is infected with VPNFilter, rebooting will remove Stage 2 and any Stage 3 elements present on the device. This will (temporarily at least) remove the destructive component of VPNFilter. However, if infected, the continuing presence of Stage 1 means that Stages 2 and 3 can be reinstalled by the attackers.
  • You should then apply the latest available patches to affected devices and ensure that none use default credentials.
  • Performing a hard reset of the device, which restores factory settings, should wipe it clean and remove Stage 1. With most devices this can be done by pressing and holding a small reset switch when power cycling the device. However, bear in mind that any configuration details or credentials stored on the router should be backed up as these will be wiped by a hard reset.
  • The FBI has announced that it has taken immediate action to disrupt the VPNFilter, securing a court order, authorizing it to seize a domain that is part of the malware’s C&C infrastructure.
  • Email from Tom Schum: Dear Tech Talk. I was listening this morning when you described 4K TV as having 4000 pixels in the vertical direction. I looked at specs for this TV and it has only half this many. The product description says, “UHD 3840 x 2160 OLED Panel.” This is only 2160 pixels in the vertical direction. Is this some sort of fraud?  On the other hand, are they right, that 4k TV is 2160 pixels in the vertical direction? Tom Schum
  • Tech Talk Responds: The current standard for HD is 1080p, measured by the number of vertical pixels. 4k measures the horizontal pixels instead, and any TV described as 4K will have a resolution of at least 3840 x 2160. The result is a picture with about 8.3 million pixels, or about four times as many as a standard HDTV.
  • 4k and Ultra-HD are technically different things, but are sometimes used interchangeably. 4K is a standard for professional video production and cinema, while UHD is a standard for consumer displays and broadcast television. True 4k has a slightly different aspect ratio than most consumer displays, and runs at 4096 x 2160, whereas “ultra-HD” is the consumer term that technically refers to the aforementioned 3840 x 2160.
  • Email from Ken in Maryland:  Nice job, in doing a prerecorded or broadcasting older show as a new one! I listened to lot’s of radio over the years and never seen it done this way. Dead giveaway is not getting or taking an answer to the pop quiz. Last week I think I had the answer “chief lizard wrangler”. ken_in_md.
  • Tech Talk Responds: You are a very observant listener. You can credit Jim for this clever work around.
  • Email from Tom Schum: Dear Tech Talk. If quantum computers can quickly break any encryption, and security on the cloud is completely dependent on encryption, it seems to me that the cloud is on its way out and we are headed back to secure air-gapped in-house computer rooms for data storage. Am I missing something here? Tom Schum
  • Tech Talk Responds: If quantum computers become a reality, internet security will be broken. In particular, the public-private key system will not be secure. These public-key systems rely on the fact that the hidden subgroup problem is too difficult solve. Experts predict that once quantum computers are up and running, they will be able to solve hidden subgroup problems in no time. That is because while traditional computers manipulate every particle of information, or “bit”, as either an 0 or a 1, quantum bits or “qbits” can exist as 0, 1, and all points in between. That makes quantum computers millions of times more powerful than the computers that created those encryption algorithms. Nobody has created a quantum computer that can do anything of real importance yet, but it’s reasonable to assume they’ll be here sometime after 2025.
  • Our only hope is a research consortium on Post-Quantum Cryptography, which includes eleven university and companies to come up with new ways of encrypting data without the use of hidden subgroup problems. They haven’t sofved the problem yet. Hopefully they will by 2025.
  • Email from Dave in Everett, Washington: Hello tech talk! I’m a big fan of your show and listen via your podcasts. I was very proud of myself for cutting the cord due to my very high cable television rates. I tried many of the alternative platforms to include Sling TV, Chromecast and others. Once I was comfortable with a new platform, My internet data provider hit me with a huge price increase due to my high use of data. Apparently, unlimited data it was not really unlimited and they increased my internet rates for data $100 per month. This put me almost back to where I was paying for the entire Internet cable/TV package.  I am hooked on high definition TV, so going to standard definition to decrease data usage would be quite a sacrifice for me. My question is now: What are my options for unlimited data to accommodate the use of these other platforms? I do use over the air broadcasts, but many of the networks are not available. Any advice for me? Is this data charge the Cable TV providers counterpunch to the growth of the cut the cord movement? Many thanks in advance, Dave  in Everett, Washington
  • Tech Talk Responds: I checked you have only two ISPs in your area. You have a distant lack of competition. That is the only solution. In my case, we have many ISPs and competition has made this work for the consumer. I am using FiOS and have not had any data cap issues. FiOS has quite a high data cap, much higher than I would reach in my house. You might lobby for additional ISPs in your area. You might also try Direct TV, with Direct TV Now. They are currently not counting Direct TV Now data usage in their data cap and have appealed to the FCC that they are not violated net neutrality. If you use Direct TV and have ATT cell phones, you get even a better deal of the package. With only two ISPs in the area, you might try to move to the other one and negotiate a better deal and then move back when that runs out. And, of course, use as much OTA TV as you can. I love my Table with an antenna in the attack. I purchased quite a large antenna and can get stations from both DC and Baltimore. You might try to add to you station mix with a larger antenna. You can check available TV stations with several apps on your cell phone. I use TV Towers, WatchFreeTV, and AntennaPoint to check our tower location and distance.

Profiles in IT: John Atanasoff

  • John Atanasoff was born on 4 October 1903 near Hamilton, New York.
  • His family moved to Brewster, Florida soon after his birth.
  • John became fascinated with his father’s slide rule, especially in the mathematical principles behind it operation ? logarithms.
  • At 9, he read A College Algebra, by J.M. Taylor, with included chapters on differential calculus, infinite series, and logarithms.
  • He completed the Mulberry High School in Old Chicora, Florida in two years.
  • In 1921, he entered the University of Florida in Gainesville. Since the university did not offer a degree in theoretic physics, he started taking EE courses.
  • He graduated from the University of Florida in 1925 with a BSEE.
  • In June 1926, Atanasoff received his MS in mathematics from Iowa State College.
  • He enrolled in a PhD program at University of Wisconsin. His doctoral thesis, "The Dielectric Constant of Helium," required serious computing.
  • He spent hours on a Monroe calculator, one of the most advanced calculating machines of the time.
  • After receiving his Ph.D. in theoretical physics in July 1930, he returned to Iowa State College with a determination to try to create a faster, better computing machine.
  • Atanasoff concluded that computers fell into two classes–analog and digital. Since the term "digital" was not used until much later, Atanasoff contrasted the analog devices to what he called "computing machines proper."
  • He began by building analog computers, but soon realized only a digital machine could give him the accuracy that he wanted.
  • One night in 1937, frustrated after many discouraging events, he got into his car and started driving without destination. Two hundred miles later, he pulled onto a roadhouse. He drank Scotch that night and thought about digital computing.
  • He envisioned a computer with several innovations, including a binary system of arithmetic, parallel processing, regenerative memory using condensers, and a separation of memory and computing functions.
  • After receiving a $650 grant from Iowa State College in 1939, Atanasoff was ready to build the first digital computer. He hired an EE student, Clifford E. Berry.
  • Atanasoff and Berry completed the Atanasoff-Berry Computer (ABC) in 1941.
  • When WWII began in 1941, work came to a halt and patenting was never completed.
  • Presper Eckert and John Mauchly were the first to patent a digital computing device, the ENIAC (Electronic Numerical Integrator And Computer). A patent infringement case (Sperry Rand Vs. Honeywell, 1973) voided the ENIAC patent as a derivative of Atanasoff’s invention. ENIAC was sponsored by the Army Ballistics Research Lab.
  • In 1939, he accepted a job with the Naval Ordnance Laboratory in DC as Chief of the Acoustics Division and was tasked with developing a computer for the Navy.
  • In 1949, he became chief scientist for the Army Field Forces in Fort Monroe, VA.
  • In 1950, he returned to Naval Ordnance Laboratory as Navy Fuse Program Director.
  • In 1952 he established The Ordnance Engineering Corporation, a research and engineering company in Rockville, Maryland, which was sold to Aerojet in 1957.
  • He worked for Aerojet until his retirement in 1961.

Tel Aviv is a Startup Paradise

  • With the world’s highest number of startups per capita, Israel is a dream come true for many young entrepreneurs.
  • The DLD Innovation Festival in Tel Aviv, Israel, is one of the most important annual events for startups in Israel.
  • Roughly 400 startup companies looked for potential investors during the two-day festival and accompanying conference.
  • Isreal has helped numerous new tech companies rise to prominence. The most recognized among them is the messaging provider ICQ. Another product originating from Israel is Mobileye — a sort of camera software developed for self-driving cars.
  • These two brands were eclipsed, however, by Google’s 2013 acquisition of mapping service Waze to the tune of $1 billion (831 billion euro). This transaction put Israel on the map when it comes to significant investments in startups.
  • The country’s entrepreneurial spirit has also inspired several US-based companies to relocate their research divisions to Israel. Intel now works on building new computer chips in Israel, while Microsoft improves its operating system and e-book reader Kindle keeps Israeli programmers busy.
  • Israel’s army trains up young men and women to be cybersecurity experts who help keep the country digitally safe. Many of the startup founders here have a background in the tech division of the Israeli army.
  • Israel’s manageable size and its military know-how are major factors for its success.
  • It’s a part of Israel’s culture to try new things and to aim to succeed while doing so, and to create something of your own. This patriotic drive is pushing Israeli tech.
  • This is something that sets us apart from other countries.

Nazareth: A Hub of Palestinian Innovation

  • Nazareth, cradle of Christianity, is now establishing a reputation as the hub of Palestinian entrepreneurship and innovation.
  • Palestinian citizens of Israel are seeking their share of high-tech success in a “startup nation,” a quest that has already turned Nazareth into an incubator for innovation.
  • But scarce funding and the disadvantage of not serving in the Isrelai military are obstacles the Palestinian community faces.
  • Over the past decade about 7,000 tech companies have been founded in Israel, where high-tech goods and services account for 12.5% of gross domestic product.
  • Only 30 Palestinian-led tech firms, however, the majority of them in software, are generating revenue.
  • For example, SolidRun makes small cube-shaped computers sold through distributors in Europe and Australia and throughout the world over the Internet.
  • There are also several dozen, pre-revenue Palestinian startups, focused on the natural sciences, medical devices, hardware and Internet, mostly in Nazareth.
  • The Israeli government budgeted $739 million to economic development of what they call the “Arab sector” including tech entrepreneurship, of which the most notable initiatives are in Nazareth, the biggest Palestinian town within the Green Line.
  • Access to startup funding, especially from key private sources, has often been the biggest challenge: Nazareth is a 90-minute drive from Tel Aviv, the country’s main commercial center.
  • With few Palestinian citizens serving in Israel’s army, the source of much of the country’s innovation, they cannot tap into relationships built during military service that help many Jewish entrepreneurs.
  • Change can already be seen at the Technion University in the northern Israeli city of Haifa. Often referred to as the MIT of Israel, about 21% of its undergraduate students in 2014 were Palestinians — the same proportion as in Israel’s overall population of 8.3 million, and up from 11% in 2001.
  • Since its founding in 2012, the incubator, NBIC, has worked with 70 Palestinian companies, of which a fifth have secured outside funding.
  • While some graduates of the Nazareth incubator are standing on their own feet, there is still no “success story” like a company acquired for a large sum.
  • The government is trying to increase the visibility of Palestinian firms by attracting them to economically thriving central Israel to meet potential investors.

Hurricane Tracking Models

  • Different approaches to forecasting have led to different predicted storm paths for Irma, with the variance being the difference between a direct hit on Miami from 185mph winds, or a mildly windy day on the beach.
  • Historically, the most accurate model for predicting the track of a storm is that produced by the European Center for Medium-Range Weather Forecasts, known as the “European model.”
  • It uses an array of supercomputers to model weather for the entire planet. By knowing what the weather will be like all round the world, the theory goes, it’s easier to predict the path of any one particular storm.
  • The downside to the European model is that it only runs twice a day, thanks to the amount of computational power required.
  • The American equivalent is called the Global Forecasting System (GFS), run by the National Weather Service. It’s run four times per day at a lower resolution, and although it’s not held in as high regard as the ECMWF, the timely data is still useful to forecasters.
  • The National Hurricane Center in Miami uses data from both models, as well as other inputs, when producing its reports.
  • The US also has the Hurricane Weather Research and Forecasting (HWRF), which uses real-time data from aircraft and satellites to monitor changing weather conditions faster than the scientific models.
  • The HWRF was recently key in monitoring the intensity of Hurricane Harvey.
  • The National Hurricane Center produces a number of constantly-updated maps and advisories for tracking a hurricane.
  • The best visual aide is the interactive warnings/cone map (, which shows the current best-guess prediction for the hurricane’s path.
  • The “cone” shown on the map is where the eye of the storm is probably going to pass; anywhere within that cone is possible, with the line down the middle showing the storm’s most likely path.

US Hurricanes All Start in Africa

  • Hurricanes begin in the African Sahara.
  • In the Sudanese highlands, the same place the Nile begins, sun-heated air rises upward and condenses into mushroom-shaped thunderheads thousands of miles high.
  • While these tall clouds are growing out of the high desert, a massive, atmospheric pattern called the Africa Easterly Wave is pushed East thousands of feet above.
  • It’s a vast, sine wave-shaped air flow that carries weather across the Sahara, east to west. When those Sudanese thunderstorms rise, they get caught up in the flow and to drench Africa’s west coast. And there they stop because the Atlantic Ocean is cold.
  • Out in the mid-Atlantic, the water is warmer, the air more humid, and the wind stronger. And the Africa Easterly Wave’s undulations spin all those conditions into a nice cyclonic spiral.
  • Only about one in 10 of the African storms re-emerge as storms. What causes some of the storms in these Africa Easterly Waves to develop into a tropical cyclone?”
  • In new research, meteorologists from Tel Aviv University used geostationary satellites to look at the thunderstorms right before they disappeared off the coast of Africa into the Atlantic.
  • These tall, cold clouds often prefigured later tropical storms. If the temperature of about 5 percent of the clouds in a thunderstorm drops to -58ËšF mark, the odds jump that it’ll resurrect as a cyclone.
  • It is ironic that hurricanes that produce so much flooding originate in the Sahara, one of the driest places on Earth.

Website of the Week: Amazon Price Checker

  • Free Amazon price tracker monitors millions of products.
  • Amazon Price Drop Alerts — Create Amazon price watches and get alerts via email and Twitter when prices drop.
  • Amazon Price History Charts —View the price history of over 18 million Amazon products.
  • Browser Addons —Add price history charts to your browser with The Camelizer, an extension for Mozilla Firefox and Google Chrome.
  • Link:

John Deere Invests in Robot Farming Firm

  • The John Deere brand owner this week announced plans to purchase robotics firm Blue River Technology for $305 million.
  • Blue River’s growing portfolio includes high-tech agricultural spraying equipment, dubbed “See & Spray,” which enables farmers to reduce the use of herbicides by spraying only where weeds are present.
  • Using artificially intelligent tools, growers can scan fields, assess crops, and exterminate weeds in one fell swoop.
  • A set of cameras fixed to crop sprayers use deep learning algorithms to identify various types of greenery; the machine automatically knows to shower weeds with herbicide and squirt fertilizer or fungicide on plants as needed.
  • The multi-million-dollar transaction is expected to close this month.
  • The 60-person Blue River team will remain in Sunnyvale, Calif., where it has been operating since 2011.
  • Despite working on autonomous tractors for two decades, Deere & Company hasn’t yet reached the same level of success as industry giants like Google and Tesla.
  • Even its most advanced vehicles, which use the proprietary AutoTrac guidance system, can only assist with navigation, and require a human in the cab.
  • The agricultural robotics sector, expected to reach $16.3 billion by 2020. This is the furture of farming.