Show of 03-05-2022

Tech Talk

March 5, 2022

Email and Forum Questions

  • Email from Ovette in Woodbridge: Dear Doc and Andrew. I am thinking of becoming a developer. What programming languages should I start learning? I hope to get a job about a year from now. Ovette in Woodbridge
  • Tech Talk Responds: Currently, software development is one of the most sought-after careers. Job growth for programmers is expected to increase by 21 percent between 2018 and 2028, more than four times the average for all occupations.
  • Here are some of the most promising languages for a programming career:
    • Python — Because of its readability, Python is one of the best programming languages and most used language accessible to people of all levels.
    • Java — For decades, Java has been one of the most used programming languages in large enterprises. For large-scale online applications, it is a popular choice. To land a job in the software development department of a major company, you need Java.
    • C and C++ — Programming languages such as Java, C#, and JavaScript are derived from C, the oldest and most popular programming language. In comparison to C, C++ is a more advanced variant of C. Both C and C++ are regarded as high-performance.
  • Good command in any of the above languages can land you a great paying job after college. You should think about what kind of software you want to create before deciding which programming language to study. This is the best way to learn to code.
  • Email from Bob in Maryland: Dear Doc and Andrew. I stumbled across this article describing a planned move to update the version of C that Linux uses. I had not realized that our current Linux systems are using such an old out-dated version of C. They are moving from the 1989 version (C89) to the 2011 version (C11). What do you think, Doc? All the best, your faithful listener, Bob in Maryland
  • Tech Talk Responds: We all know Linux is written in C. It is written in a long-outdated C dialect: The 1989 version of the C language standard, C89. Linus Torvalds has decided that enough is enough and will move Linux’s official C to 2011’s C11 standard. This isn’t as big a transition as it may seem. C89 still has almost universal support. Because any C compiler is backward compatible with earlier versions, you will not have any trouble compiling or running a C89 program. Therefore, a C11 compliant compiler will not have any trouble with any C89 legacy code. This is a good, conservative move.
  • Email from John in Bethesda: Dear Tech Talk. I have three semesters worth of very important notes stored on a USB flash drive. My friend wants to borrow that drive so he can use the notes to study for a certification exam. I cannot afford to lose those files for any reason because they cannot be re-created or replaced. Is there some way to prevent my friend from accidentally deleting the files from the drive? Unfortunately, this particular flash drive does not have a “write protect” switch. Any help you can provide will be greatly appreciated. John in Bethesda, MD
  • Tech Talk Responds: There are several ways to enable write protection on a USB flash drive. But unfortunately none of them are easy to enact and none of them are 100% fool-proof. In my opinion, there is a much simpler way to protect the critical files on your flash drive: Copy them onto a second USB flash drive and loan (or simply give) him the copy! The information stored on your flash drive is obviously extremely important to you, therefore I strongly recommend that you give your friend a BACKUP drive containing that information.
  • Email from Hac in Bowie: Dear Tech Talk. I installed an app on my iPhone but I cannot find it. I thought new apps always went on the Home screen, but this one did not. How can I find it so I can add it to my Home screen? My phone is an iPhone 12 with iOS 15. Hac in Bowie, Maryland
  • Tech Talk Responds: There are several ways to find a “missing” app on an iPhone, but the easiest way is to just search for it in the App Library. Here’s how:
  • While on the Home screen, swipe left to display the App Library. If you have more than one Home screen, keep swiping left until you see the App Library.
    • Tap inside the App Library search box to launch the on-screen keyboard.
    • Start typing the name of the app you’re looking for into the search box. After the app appears in the list of search results, stop typing.
    • Tap and hold the app’s icon and drag it to an edge of the screen. That will place the app’s icon on your iPhone’s last Home screen. If the icon is on a secondary Home screen you can drag it to the left and place it on the primary Home screen.
  • You should now see the icon for the new app on your iPhone’s Home screen.
  • Email from Peter in Fairfax, VA: Dear Tech Talk. I have an email exchange account with my work. I would like to add it to the Microsoft Mail client on my Windows 10 computer. I already have Gmail in this client. How can do this? Peter in Fairfax, VA
  • Tech Talk Responds: You can easily install your business email to Microsoft Mail. Open the Mail app. Click on Accounts at the top left. Click Add Account on the right bottom. Click on Office 365, Exchange in the pop up window. Enter email address and then the password. Click create and you are done. I may take a few minutes to synchronize with your mail server.
  • Email from Audrey in Manhattan: Dear Tech Talk.How can I retrieve a forgotten WiFi password from a Windows 11 PC? Audrey in Ashburn, Manhattan, Kansas
  • You can easily retrieve the passwords with Windows 11. Here’s how to do it:
    • Connected the computer to the WiFi network that you need to retrieve.
    • Right-click on the Start button, then click Settings.
    • In the left-hand pane, click Network & internet.
    • In the right-hand pane, scroll down and click Advanced network settings.
    • Scroll down and click More network adapter options.
    • Right-click on the active WiFi connection and select Status from menu.
    • Click the Wireless Properties button.
    • Select the Security tab.
    • Check the box beside “Show characters”.
    • Write down the characters displayed in the “Network security key” box.
  • You now have the password for your WiFi network written down. Save it.

Profiles in IT: Aubrey Cottle

  • Aubrey Cottle is a Canadian hacker, computer security researcher, software engineer. Cottle, best known as founder of the Anonymous hacking cooperative.
  • Cottle was born in 1986 or 1987 in Canada. He is married, but little is known about his personal life.
  • From April 2005 to June 2007, he served a computer technician for AlphaBeta Services in Toronto, Canada. He performed basic web development, server-side and shell scripting. He setup of sales management systems, office administration networks. Hardware and software troubleshooting.
  • From June 2007 to present, he served a web developer for Taima Lab in Toronto, Canada, helping business build a quality web presence.
  • Cottle was an active user of 4chan and Something Awful in the mid-2000s, where he and others began collectively referring to themselves as “Anonymous”, due to the 4chan moniker of the same name.
  • During this time Anonymous began trolling and “raiding” other websites, online games and chat rooms, as well as black-hat hacking: targeting Hal Turner, The Church of Scientology and others.
  • The Guy Fawkes mask became their logo. The Guy Fawkes mask is a stylized depiction of Guy Fawkes, the best-known member of the Gunpowder Plot, an attempt to blow up the House of Lords in London on 5 November 1605.
  • The DDoS attacks were carried out with the Low Orbit Ion Cannon (LOIC), a network stress-testing application allowing users to flood a server with TCP or UDP packets.
  • The LOIC became a signature weapon for Anonymous. It would also lead to a number of arrests of less experienced Anons who failed to conceal their IP addresses.
  • 4chan ultimately curtailed raiding from their platform, resulting in Cottle and others migrating to Cottle’s website 420chan, an imageboard with a focus drug culture, LGBT discussion, and raiding.
  • 420 (pronounced four-twenty) is cannabis culture slang for marijuana, especially smoking around 4:20 p.m. and the annual April 20 cannabis-oriented celebrations.
  • In a 2021 interview, he said that he retired for “a number of years” and was not continuously involved with Anonymous since its creation.
  • From 2014 to 2019, Cottle was a lead developer for The TechKnow Space in Mississauga, Ontario. He performed full-stack development of internal utilities, analytical reports, customer management, and work order management.
  • From March 2017 to March 2018, he was senior front-end engineer for Ericsson in Toronto, Canada.
  • In December 2020, he founded the Butt Security Group, an information technology consultancy organization dedicated to protecting your business’ sensitive assets from deep penetration.
  • His LinkedIn account also shows that he is currently a Shady Person with Weird Friends, who does freelance work for The Internet.
  • In 2020 Anonymous re-emerged following the George Floyd protests, performing the June 2020 BlueLeaks breach in which they publicly released a large amount of hacked U.S. law enforcement data. Reuters named Cottle as one of those responsible.
  • A video shows a black-clad figure in the group’s signature Guy Fawkes mask, saying, Greetings, citizens of the United States. This is a message from Anonymous to the Minneapolis Police Department. We will be exposing your many crimes to the world. We are legion. Expect us.
  • In August 2020, Cottle identified himself as a founder of Anonymous in an article by Dale Beran in The Atlantic. Cottle his only end-goal is bring down the QAnon.
  • He was one of the anti-QAnon researchers who exposed connections between QAnon figure Jim Watkins and domain names suggesting connections to child pornography.
  • In 2020, Cottle joined the white hat hacking group Sakura Samurai, and was involved in the January 2021 disclosure of a United Nations breach, which exposed more than 100,000 private employee records.
  • In August 2021, Cottle and other Sakura Samurai members helped to validate a vulnerability with Ford’s website, exposing company records and enabling malicious account takeovers. Cottle left Sakura Samurai saying he wished to avoid “entanglements” pertaining to his other activities.
  • In November 2020, Cottle was responsible for exploiting security flaws in Parler, a social networking service popular with the right wing.
  • In January 2021, Cottle exposed email logs from a company called Is It Wet Yet, which belongs to Jim Watkins and serves as the parent company for 8chan.
  • In August 2021, Cottle and open source intelligence analyst Libby Shaw were among the researchers who exposed the developer behind QAlerts, an app used by QAnon.
  • In February 2022, Aubrey Cottle claimed responsibility for a hack on Christian crowdfunding website GiveSendGo, which was hosting a fundraiser for the Canada convoy protest. He released donor’s names, personal information, and donations.
  • In February 2022, Anonymous collective hacked THREE state news agencies urging Russians to stop this madness after Moscow painted Ukrainian troops as Nazis and banned its media from calling attack an assault, invasion or war.

Observations from the Faculty Lounge

  • What is Anonymous? Good or bad?
  •  To some critics, the protest actions taken under the banner of Anonymous will be used by governments to exercise their repressive impulses.
  • Internet critic Evgeny Morozov puts this position in no uncertain terms: “Hacktivists keep supplying the industry with strong examples as to why more public money should be spent beefing up Internet security and surveillance while eliminating online anonymity.”
  • To others, Anonymous represents the finest the internet has to politically offer: “Anonymous demonstrates one of the new core aspects of power in a networked, democratic society: Individuals are vastly more effective and less susceptible to manipulation, control, and suppression by traditional sources of power than they were even a decade ago,” writes legal scholar Yochai Benkler.
  • Both perspectives are valid – but incomplete. Anonymous is so unstable and incoherent that any individual can take its name for good and for evil: They are chaotic good like Robin Hood, and there is chaotic evil as well.
  • In the blizzard of Anonymous-led operations there has never been a large-scale diabolical operation, nor has any existing node ever expressed the desire to do something as rash (and problematic) as taking down the power grid as the NSA purported. So all may not be bad, just unpredictable.

Billionaire Crypto Couple Caught with Gift Card

  • A $500 Walmart gift card was the smoking gun that led to the arrest of a Manhattan husband and wife, who called herself the Crocodile of Wall Street, in a $4.5 billion bitcoin theft.
  • Ilya ‘Dutch’ Lichtenstein, 34, and Heather R. Morgan, 31, were arrested after they allegedly conspired to launder cryptocurrency that was stolen during the 2016 hack of Bitfinex, a virtual currency exchange platform. 
  • Federal investigators say they were able to crack the six-year-old case and tie the couple to the missing cryptocurrency by tracking the $500 gift card after it was sent to a Russian-registered email. The transaction was conducted via an IP address linked to a cloud service provider in New York that investigators were able to tie to Lichtenstein..
  • That was one of more than a dozen other gift cards – including for Uber, Hotels.com and PlayStation – that investigators were able to trace back to emails and cloud service providers belonging to the couple.
  • Heather Morgan and Ilya Lichtenstein have been accused of creating a scheme to launder $4.5 billion in bitcoin in 2016
  • Morgan is a tech entrepreneur and journalist who called herself the Crocodile of Wall Street in rap songs about investing in meme stocks, dealing with the pandemic and getting high in a cemetery.
  • They are not being accused for actually stealing the bitcoin in the hack. The hackers have never been identified.
  • It revealed last week in court that more than $3.6 billion worth of bitcoin linked the 2016 hack has been seized having allegedly been in crypto wallets controlled by the couple

Wikimedia Says Will Not Back Down to Russia

  • The Wikimedia Foundation has issued a statement supporting Russian Wikipedia volunteers after a censorship demand from internet regulators.
  • On Tuesday, tech and communications regulator Roskomnadzor threatened to block Wikipedia over the Russian-language page covering Russia’s invasion of Ukraine, claiming it contained “false messages” about war casualties and the effects of economic sanctions, among other things. “
  • On March 1st 2022 the Wikimedia Foundation received a Russian government demand to remove content related to the unprovoked invasion of Ukraine posted by volunteer contributors to Russian Wikipedia.
  • Wikipedia’s response: Wikipedia is an important source of reliable, factual information in this crisis. In recognition of this important role, we will not back down in the face of efforts to censor and intimidate members of our movement. We stand by our mission to deliver free knowledge to the world.
  • Bravo, Wikipedia

Impossible Dream: Russian Kaspersky Tries To Maintain

  • Kaspersky is one of the best-known Russian companies, and for years, its antivirus product has been among the most used in the world.
  • The antivirus software also harvests telemetry data for Kaspersky’s researchers who can then use that to identify and counter new threats.
  • Its researchers are some of the best in the world, with its Global Research & Analysis Team (GReAT) regularly publishing leading research on various government malware operations.
  • Kaspersky is trying to remain neutral. According to a press release, “Kaspersky is focused on its mission to build a safer world. For 25 years, the company delivers deep threat intelligence and security expertise that is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.
  • The company guarantees the fulfillment of its obligations to partners and customers — including product delivery and support and financial transaction continuity.
  • Kaspersky may not currently feel it is in a position to speculate or take a position on the invasion of Ukraine. This is an impossible strategy to maintain. Good luck.

Ukrainians turned to Encrypted Messaging App Signal

  • Ukrainians looked for digital security in the form of the end-to-end encrypted messaging. Signal usage in Ukraine shoot up just after midnight on Feb. 24.
  • The Russian invasion of Ukraine began at approximately the same time.
  • With multiple reports detailing the cybersecurity threat Russian forces pose to Ukraine, it’s understandable that Signal, which is generally agreed upon by cybersecurity experts to be the most secure messaging app, would see increased use.
  • Using Signal, of course, is not the only digital security step people should take to ensure that their private communications aren’t intercepted or blocked.
  • On Friday, Tor, a free, privacy-preserving internet browsing service, shared a detailed Twitter thread explaining how people in Ukraine and Russia can get around internet censorship.

Elon Musk’s SpaceX Satellite Dishes Arrive in Ukraine

  • Elon Musk fulfilled a promise to get additional SpaceX satellite dishes into Ukraine.
  • Starlink marks SpaceX’s first foray into a truly consumer-facing product. Though first customers have largely been people who live in rural areas in Canada and the northern U.S., there is enormous interest from the U.S. military in how a space-based broadband service operates in a battlefield.
  • Social media out of Kyiv, Ukraine’s capital shows that some users already have their equipment up and running.
  • Elon Musk warned users to be careful. Turn off satellite dish when not in use. Hide the disk with light cloth to avoid visual detection. This will be the only Internet connection in Ukraine and the world. Be careful.

3G Cellular Network Shutdown – Impact on Cars

  • Wireless carriers are starting to shut down older 3G networks, affecting millions of cars. 3G connectivity supports many features, including emergency crash notifications, remote start, and more.
    • In late February 2022, AT&T became the first major wireless carrier to phase out its 3G network.
    • Those with T-Mobile will see networks shut down by July 1, 2022, with 2G networks closing later. T-Mobile also confirmed Sprint’s CDMA network will “sunset” by March 31, 2022.
    • Cars with Verizon have a little longer to go, as the company announced it would slowly end support for 3G, and the network will finally shut down by December 31, 2022.
  • This will affect everyone from Acura, Audi, Honda, Tesla, Toyota, Subaru, Volkswagen, Nissan, Volvo, etc.
  • Some owners may not experience any problems and will instead get an over-the-air software update from the manufacturer, while others will need to go to a dealership.
  • Ford and Mazda use the driver’s mobile device emergency services connections, so that’s not a problem. A physical upgrade to 4G, and that cost can vary from a small fee to upwards of $900 if you own select Honda models. Another example is 2015 and older Tesla vehicles, which will lose 3G soon, but owners can schedule an upgrade for $200.
  • Volkswagen and others will offer solutions that range from $295 for the upgrade and monthly fees for unlimited data.