All Shows

Show of 05-18-2019

Tech Talk

May 18, 2019

Email and Forum Questions

  • Email from Jacob in Ashburn, VA: Dear Tech Talk. I have heard of a phone scam. Where callers leave a message and hand up. When you return the call, you reach a expensive toll line. Is there any way to protect yourself from this type of attack? Jacob in Ashburn
  • Tech Talk Responds: The “ring scam” is back. That’s when you get a phone call from a number you don’t know, and the call stops after just one ring. The scammer is hoping you will call back, because it is really an international toll number and will appear as a charge on your phone bill, with most of the money going to the scammer. You cannot tell if the number is a toll number until you get your bill. The FCC has issued with advisor: “Consumers Should Not Call Back Unknown Late-Night Callers Using the ‘222’ West African Country Code.”
  • Email from Jim in North Carolina: Dear Doc and Jim. I have heard about these devices that can report about problems with your car. They can notify the dealer or the owner when something is wrong. How do these devices work and are they worth it? Jim in North Carolina.
  • Tech Talk Responds: If you purchased a car after 1996, chances are it has an OBD-II (On-board diagnostics II) port. Every car or truck on the road manufactured after 1996 is legally mandated to have one installed. OBD-II is an on-board computer that monitors emissions, mileage, speed, and other data about your car. It is connected to the Check Engine light, which illuminates when the computer detects a problem. The OBD-II on-board computer features a 16-pin port located under the driver’s side dash. It allows a mechanic or anyone else to read the error code using a special scan tool. You simply plug the scan tool into the port and read the codes. You can also get a Bluetooth dongle for the plug and wirelessly connect to a scanner. If you use a laptop or smart phone to read the data, you will need to download the app that supports that particular Bluetooth scanner. You can get a scanner for under $50. Make certain that it support your car’s manufacturer. There is unfortunately some variation between how each manufacturer connects the plug. Some more expensive scanners support all OBD-II protocols and multiple manufacturers.
  • Bob in Fayetteville: Dear Tech Talk. I get a lot of Spam emails and would like to get rid of them. They all have a unsubscribe button at the bottom. This is worth it? Bob in Fayetteville, Arkansas
  • Tech Talk Responds: Whatever you do, don’t click that link! Clicking “Unsubscribe” in a fraudulent email will not result in your email address being removed from the scammer’s email list. What it WILL do is one, or both of the following:
    • Verify for the scammer that your email address is in fact a valid and active address.
    • Take you to a malicious website that will download malware onto your computer and/or trick you into falling for a scam offer of some sort.
  • The best way to handle SPAM and other forms of unwanted email is to simply mark them as “SPAM” or “Junk” (depending on which word your email provider uses) and then delete them without even opening them. If you accidentally click ANY link in a SPAM message you should first deal with the email as explained above, then thoroughly scan your computer for malware by following the steps listed in this post.
  • Email from Dennis in Texas: Dear Tech Talk. I get calls from sales people all the time. I try to block the number, but they keep changing the caller ID. Is it legal to have a fake caller ID? There is something fishy with those numbers. Love the show. Dennis in Texas
  • Tech Talk Responds: Calling (or texting) someone and having another person’s phone number show up in the recipient’s Caller ID display is called spoofing, and it happens all the time. Services like SpoofCard (https://www.spoofcard.com) make it extremely easy to spoof a phone number and trick the recipient into thinking the call or text is from either someone they know personally or from a local business.
  • Under the Truth in Caller ID Act, FCC rules prohibit anyone from transmitting misleading or inaccurate caller ID information with the intent to defraud, cause harm or wrongly obtain anything of value. Anyone who is illegally spoofing can face penalties of up to $10,000 for each violation. However, spoofing is not always illegal. There are legitimate, legal uses for spoofing, like when a doctor calls a patient from her personal mobile phone and displays the office number rather than the personal phone number or a business displays its toll-free call-back number.”
  • As the passage above clearly states, spoofing a phone number without the intent to harm or defraud the recipient in some way is completely legal as long as no actual harm ends up being caused. Luckily, telemarketers ARE NOT allowed to spoof their phone numbers in any case, and there are no gray areas. But they still do.
  • My solution. Don’t answer calls from unknown numbers.
  • Email form Don in Baltimore: Dear Doc and Jim. My neighbor wants to use my WiFi. He is a nice guy. What is the risk? Should I do it your not. Don in Baltimore
  • Tech Talk Responds: You need to know him well because there is a risk. A man in Camden, New Jersey piggybacked onto his neighbors’ unprotected, open WiFi network and used it to download thousands of images and videos depicting child pornography onto his own laptop. Of course when the cops came looking for the culprit, they didn’t knock on the perpetrator’s door. Instead, they followed the digital trail of the crime to the home of the innocent neighbors because the illegal images and videos were downloaded using their Wi-Fi network. Since the couple were actually innocent of the crime, a thorough search of all the computers in the home found nothing incriminating so the police began to suspect a piggy-backing neighbor.
  • Luckily, the innocent couple was exonerated in this case and the real culprit was apprehended, but it’s never a good thing to have the police show up to search your home at 5:30am!
  • Another risk is that all your computers are can be accessed if you are not properly password protected. If you have someone on the network, make certain that any shared drives have passwords and are not simply open to the network. So do file and disk sharing carefully.
  • Email from Russel in Fairfax: I am an amateur photographer but I’m hoping to go pro before too long. I regularly upload some of my best photos to my Facebook profile to get feedback from my friends and other photographers. Someone told me that once I upload a photo to Facebook they automatically become the copyright holder of that photo and they can do anything they want to with it. Is that true. I am worried. Russel in Fairfax
  • Tech Talk Responds: When you take a picture you automatically become the copyright holder of that photo the instant it is taken. According to this page on the US Copyright Office’s website you will own the copyright to that photo until the day you pass away. Simply uploading a photo to your Facebook profile doesn’t affect that photo’s copyright in any way.
  • Facebook states it on this page of their Terms of Service (TOS).
    • “You own the content you create and share on Facebook and the other Facebook products you use, and nothing in these Terms takes away the rights you have to your own content. You are free to share your content with anyone else, wherever you want.”
  • When you upload a photo to Facebook’s website that does give Facebook the right to USE that photo in pretty much any way they see fit as long as they don’t share it with people who aren’t allowed to see it (based upon your privacy settings).
  • For example, if your privacy settings allow the Public to view your photos then Facebook is allowed to share them with everyone on Facebook via advertisements and other common uses as they see fit. What’s more, your “Public” photos can be also be shared with third parties outside of Facebook if those entities support Facebook in some way.

Profiles in IT: Irwin Mark Jacobs

  • Irwin Mark Jacobs is an electrical engineer, best known as a co-founder and former chair of Qualcomm.
  • Jacobs was born October 18, 1933 in New Bedford, Massachusetts.
  • In 1956, he earned his B.S. degree in electrical engineering from Cornell University.
  • He received his Master’s (1957) and Doctorate (1959) from MIT Electrical Engineering and Computer Science.
  • Jacobs was Assistant and Associate Professor of EE at MIT from 1959 to 1966.
  • He was Professor of CS and Engineering at UC San Diego from 1966 to 1972.
  • He co-authored a textbook, Principles of Communication Engineering, in 1965, developing a vision of ubiquitous digital communications worldwide.
  • This vision led to the founding of his first company, LINKABIT, in 1968, to develop satellite encryption devices. Dr. Jacobs guided the growth of LINKABIT from a handful of employees in 1969 to over 1700 in 1985.
  • LINKABIT merged with M/A-COM in 1980.
  • While at LINKABIT and M/A-COM, he led the team that developed the first microprocessor-based, spread spectrum, satellite communication modem for military anti-jam airborne applications (1973-75);
  • He guided the development and manufacture of the first successful Ku-band V SAT terminal (1980-82);
  • His team developed the first successful video scrambling system (1983-85), currently operating to descramble premium programming TV transmission.
  • In 1985, Dr. Jacobs founded QUALCOMM, leading the company into mobile satellite communications and digital wireless telephony on an international scope.
  • QUALCOMM’s OmniTRACS system is one of the world’s most “technologically advanced two-way mobile satellite communications and tracking systems.
  • It’s Code Division Multiple Access (CDMA) has been adopted as one of two digital standards for the next generation of cellular telephones in North America.
  • CDMA use bandwidth more efficiently than the older time-sliced TDMA.
  • Unlike GSM, CDMA grants users full access to the entire spectrum of bands, thus allowing more users to connect at any given time.
  • CDMA encodes each user’s individual conversation via a pseudo-randomized digital sequence. Each phone has a digital key to decode their particular conversation.
  • He holds seven patents in wireless digital communications, and shares in 31 more patents through QUALCOMM.
  • In March 3, 2009, he stepped down as chair of Qualcomm and that Paul E. Jacobs, his son, had been named to succeed him.
  • He is a member of the National Academy of Engineering and a Fellow of the IEEE.

Baltimore Robbinhood Ransomware Update

  • Baltimore was hit with RobbinHood Ransomware, a strain that actively targeting government networks within the United States.”
  • Researchers have found that local governments often have poor defenses, and they present hackers with an attractive target.
  • Officials in Baltimore have said they will not pay the ransom.
  • Out of an abundance of precaution, the city has shut down the majority of its servers.
  • Last years, ransomware attack in Greenville, North Carolina was similar. A ransom message left on Greenville’s machines demanded the same payment the hackers are asking for in Baltimore: 3 Bitcoins to unlock each affected system, or 13 Bitcoins in exchange for unlocking all the city’s systems. As in Baltimore, the attackers said the cost would increase $10,000 per day after four days.
  • Kremez, a cybersecurity analyst at with Manhattan’s district attorney, determined that RobbinHood could not have spread from machine to machine on its own.
  • Rather, the attackers would have needed to obtain access that would make them appear to be legitimate administrators, and then target individual victim computers.
  • Baltimore officials have yet to provide an estimate of how many of the city’s computers the malware infected.
  • Greenville did not pay its hackers. For at least two weeks, departments relied on “skeletal systems,” filing some reports by pen and paper rather than electronically.
  • It took another couple of weeks to re-image employees’ PCs, a process that involved reverting to a backup of the computer system.
  • Greenville was insured against cyberattacks with a $50K deductible.
  • Baltimore’s head of computer security told City Council members last year at a budget hearing that the city needed such a policy, but officials did not obtain one.
  • The mayor has now directed the city’s finance and law departments to get coverage.
  • At a budge meeting last year, the head of security said the city was “woefully behind in cybersecurity capabilities, staff needs and infrastructure.”
  • The city’s email system was “running on-site on creaky old systems.” A firewall to stop intruders was being upgraded, but officials “still have a couple of years of work left.”
  • Installing software patches — which often include important security upgrades — had to be done one computer at a time, sometimes by “dispatching a technician physically to a user.”

WhatsApp Security Flaw allows Hackers to Install Malware

  • A newly discovered security flaw enables hackers to install a very dangerous piece of malware known as “Pegasus” onto your phone simply by dialing your phone number.
  • What’s more, the Pegasus malware will be installed on the phone even if you decline to answer the call.
  • Once Pegasus is installed the hacker will have complete access to every scrap of personal and financial data that’s stored on your phone.
  • Luckily, WhatsApp has released an update to the app that fixes the flaw.
  • This is what a WhatsApp company had to say: “WhatsApp encourages people to upgrade to the latest version of our app, as well as keep their mobile operating system up to date, to protect against potential targeted exploits designed to compromise information stored on mobile devices.”
  • If you have WhatsApp installed on your smartphone you need to update it with the latest (patched) version immediately.
  • You also need to ensure that everything else on your phone is up-to-date as well.
  • And if you have any kind of financial info stored on your phone (credit/debit card info, bank account info, etc.)
  • I strongly recommend that you keep a very close eye on those accounts AND your credit reports for the foreseeable future.

Carriers Promise They Stopped Selling Your Location… Again

  • Last year it was discovered that Verizon, Sprint, AT&T, and T-Mobile were all selling your real-time location data to third-party companies.
  • They offered no oversight of what the companies did with the data whatsoever, and if that’s not disturbing enough, those third-parties turned around and sold the data to yet other parties.
  • That access made it easier for the government to track citizens without going through a full warrant process and was a gold mine for advertisers.
  • LocationSmart accidentally leaked the data to the world with insecure API.
  • When all this came out, the companies pledged to stop selling your data in varying statements.
  • But last January, Sprint, T-Mobile, and AT&T got caught continuing the practice.
  • In that case, your location data was so laughably accessible; a bounty hunter could buy it for a mere $300.
  • The companies quickly promised that they’d investigate ending the programs very soon.
  • Now five months later (and a year after the original report), the big four are promising they stopped selling your location data to third parties.
  • Even as they stress that they had the right to do so, and did nothing wrong.

Idea of the Week: Treat Facebook like Big Tobacco

  • This idea was proposed by Bloomberg opinion columnist Elaine Ou.
  • Facebook achieved outsize market share with an addictive product.
  • A competing platform would need to do an even better job of exploiting psychological vulnerability to topple the incumbent.
  • But the solution to a harmful industry dominated by a monopoly is not to foster equally harmful competitors; it’s to reduce our dependence on the industry as a whole.
  • Regulatory proposals should begin by protecting the youth. Facebook has a messaging app designed for kids under 13, but expecting the platform to protect children from harmful content is like asking the tobacco industry to make a kid-friendly cigarette.
  • If Silicon Valley execs refuse to let their own children use apps, perhaps they shouldn’t be allowed to market their apps to other people’s children either.
  • A lot of our complacency toward social media platforms stems from a lack of understanding of how they take advantage of emotional vulnerabilities to keep users engaged.
  • This is not unintentional. And much like the tobacco companies that spent four decades denying a link between smoking and lung cancer, Facebook has been equivocal in acknowledging its own harmful effects.
  • That brings us to another response outside the realm of antitrust: Tobacco companies are now required to disclose the contents of their products and open their processing facilities to inspection to reduce information asymmetry between the consumer and manufacturer.
  • The source code behind Facebook’s news feed should be made available for inspection as well. The nationwide decline in tobacco use was the result of decades of public awareness campaigns. The government should recognize social media for its psychologically exploitative properties and treat these companies the same way – with restrictions on youth targeting and with publicity about the risks.

Invention of the Week: Pro Tech DNA Gel

  • A new technology is helping investigators return stolen property. Thousands of Central Floridians are using a nearly invisible gel that links back to their owners.
  • The gel is free for anyone who enrolls on Protech’s website.
  • Protech mails owners the gel in a package a few days after consumers sign up. People then spread it on their property using a wand and log the items into an online database, along with their contact information.
  • The company sends law enforcement agencies a microscope that clips onto smartphones. The microscope gives phone cameras the ability to zoom in close enough to read identification numbers on very tiny dots inside the gel.
  • “You don’t have to apply very much. There’s thousands of microdots in (the)
  • Investigators can track the stolen property back to the owner using their portal on Protech’s website.
  • Kissimmee Police say more than 3,600 people are using the gel in their area. The Police Department is now urging others to enroll and protect their property.
  • Link to Website: https://protechdna.com/

TikTok is China’s Most Important Export

  • Silicon Valley may have begun the era of social media, but its future could be in China.
  • Tensions between America and China are pushing the world’s two largest economies into an escalating trade war.
  • President Donald Trump continues to threaten a tariff hike on more Chinese goods.
  • TikTok, one of the most popular social media platforms in the US and the world, is Chines.
  • TikTok could be the arrival of a subtler form of algorithmic influence, with sophisticated Chinese AI controlling what becomes viral content potentially shared among millions of young Americans.
  • Which is not unlike the global influence Facebook, Google, and Twitter have been exerting for the last decade.
  • Silicon Valley may have begun the era of social media, but its future could be in China.
  • TikTok, a video-sharing app designed by a Beijing-based tech company called ByteDance, became the first Chinese-owned app to reach No. 1 in the US Apple App Store.
  • It aggressively mines user data, its videos require sound, it is largely oriented around a central recommendation algorithm instead of a network of friends and family, it emphasizes memes and challenges over individual influencers.
  • It continues to add addictive features to make it impossible to avoid binging.

New Kilogram Standard, Le Grand K is Gone

  • On May 20th, World Metrology Day, the scientific community will officially change the definition of the kilogram.
  • For 130 years, the kilo has been defined by a physical cylinder of platinum-iridium alloy, known as Le Grand K and stored in a vault outside of Paris.
  • But every time scientists handled it, the cylinder lost atoms — an estimated 50 micrograms over its lifetime.
  • So, beginning Monday, the kilogram will officially be measured by a physical constant known as the Planck constant.
  • The change has been years in the making, and on May 20th, three other units of measurement — the ampere, kelvin and mole — will also get new definitions.
  • Those proved to be easier to update, as they weren’t based on a Victorian-era lump in France. The kilo will now correspond to the mass of an exact number of photons, or particles of light, of a particular wavelength.
  • With this change, the kilo will be defined in terms of seconds and the meter, which are physical constants and therefore more reliable than a man-made object.
  • It will give researchers far more accurate tools with which to make measurements and that could help reexamine the laws of physics.