Created with Sketch.
Raymond Tec News
20 minutes | 2 years ago
Weekly Tech News for April 21, 2019
Intro Welcome to the April 21st, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news. I’ll start off like I always do with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. Then I’ll do this week’s feature, technology and its impact on America’s drug crisis, and I’ll wrap up the show with a series of stories to restore your faith in technology, and, maybe, humanity. Let’s dive in to data breaches. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Featured Story Good News Data Breaches Bounty UK, a website for new parents, has been fined 400,000 pounds for sharing and selling information of 14 million individuals without consent. ZDNet Garfield County, Utah was attacked by ransomware. Not many details are known, but it’s believed that an employee clicked on a link in a phishing email. Security Week 3 chapters of the FBI National Academy Associates, a nonprofit training and education organization, independent of the FBI was breached and the attackers leaked personal information on over 23,000 individuals, including law enforcement officers. Data Breach Today The most widely televised, or not televised, really, breach this week was a ransomware attack against the Weather Channel. This attack took the live broadcast off the air for more than an hour while the IT staff restored data from backups rather than paying the ransom. ZDNet That’s it for data breaches, let’s move on to privacy headlines. Privacy Headlines If you’ve setup a new Facebook account in the last two years Facebook may have “accidentally” stolen your email contacts. About 1.5 million new users had their email contacts exposed by the social media giant. Business Insider Disabling location tracking on your Android device doesn’t keep you safe from Google’s SensorVault. Google maps, weather apps, and other sources are used by Google to keep track of your whereabouts. This information is then shared with law enforcement. Fortunately, law enforcement must first get a warrant for basic information then, Google requires that a shortlist of individuals be provided before they’ll release details that could identify you. The Hacker News German camera maker Leica has felt the sting of China’s censors after an ad dramatizing the 1989 Tiananmen Square protests has been blocked by the nation. The Verge Despite vehement denials that they have inappropriate ties to the Russian government, the Associated Press revealed that an agent has been following and questioning critics of Russian-based Kaspersky Labs. Kaspersky declined to respond for comment on whether he was hired directly by the firm. AP News An Australian company that manufactures smartwatches that allow parents to track their children has shut down, after it was revealed that hackers could access personal data and even spoof children’s locations due to vulnerabilities. Data Breach Today 19 of the 28 member countries in the European Union have cast shadows on the future of Google News as we know it today. After passing the copyright directive, many of the details that Google News provides, including excerpts and even headlines, will require a royalty payment to the publisher. 9 to 5 Google That’s a wrap for important privacy news. Let’s move on to security headlines. Security Headlines To prevent criminals from using legitimate accounts as an excuse for loitering around people’s homes, Amazon is requiring delivery drivers take selfies as they make deliveries for identity verification. The Verge To decrease loan fraud and claims, Brazil’s Itaú Unibanco will introduce facial biometrics at over 10,000 locations this month. ZDNet This week Kaspersky Labs released research showing that 70 percent of all attacks now target Microsoft Office applications. ZDNet Back in January I reported on a flaw in WinRAR compression software that went undiscovered for 19 years. Cyber criminals are exploiting these vulnerabilities, because so few people have heeded the warning to update the software. If you have WinRAR installed on your machine, please update it to protect yourself. Sophos Naked Security Marcus Hutchins, the security researcher who is solely responsible for stopping the 2017 WannaCry ransomware attacks, has pleaded guilty to two charges related to computer hacking conspiracy relating to his role in the development of the Kronos banking trojan software. The Verge Cisco’s Talos security division discovered a group that has hacked 40 different organizations using DNS hijacking techniques. By hijacking the DNS, these hackers were able to spy on all traffic on these sites. The scariest part about these attacks is that the hackers were hijacking top level domains like .co.uk and .ru. Wired ASML, a Dutch chip manufacturer, has been accused of helping the Chinese government acquire trade secrets of companies. Some of their employees stole sensitive data from Silicon Valley companies. ZDNet UK police are gearing up for a new campaign to deter online gamers from cybercrime. Though the links are tenuous, British law enforcement claim that 82 percent of young people recruited by online criminals gained their hacking skills through gaming. Sophos Naked Security Since March 25th, a public channel on instant messaging platform Telegram, called Read My Lips, has been leaking hacking tools and personal information of Iranian hackers. The channel’s stated mission is to expose the Iranian Ministry’s methods and motives for their cyberattacks. Wired The Committee on Foreign Investment in the US, or CFIUS, the governing body behind the failed Broadcom-Qualcomm merger and Chinese divestment of dating app Grindr, has again forced Chinese investors to divest their holdings in a US-based companie. This time the target was a healthcare startup called PatientsLikeMe. TechCrunch SafeGuard Cyber, a digital risk protection provider, released a statement saying that known Russian Twitter bot activity spiked after the release of the Mueller report. ZDNet Two pieces of information in the heavily redacted Mueller Report highlight how far Russia had its tentacles into the US’ information networks. The report shows evidence that Russia attempted to hack into Clinton’s campaign five hours after then candidate Trump called for Clinton to produce deleted emails. It also shows that an unnamed county in Florida had its election system compromised. CNN We’re all done with security headlines. Let’s move on to all the news that doesn’t fit one of our other categories. Other Headlines Zoom, the video conferencing company, and the social media network Pinterest both had hugely successful IPOs this week, roughly 81 percent and 25 percent above expectations, respectively. TechCrunch Audi’s new E-tron electric vehicle has had its planned production numbers slashed due to a battery availability shortage. The Verge SiriusXM’s has announced a new Essential plan that includes over 300 stations for $8.99 per month. This package is for online streaming only and doesn’t include Howard Stern’s 2 channels. The Verge ZDNet has some recommendations for cord cutters this week, with their article “10 best free video streaming services for cord cutters.” If you’re looking to lose the cable bill or reduce your monthly spending on streaming services, check out the article in the show notes. ZDNet Lyft’s e-bike division is pulling thousands of bikes out of service in New York City, San Francisco, and Washington D.C. after dozens of reports of riders being hurt when front brakes malfunctioned. The Verge Google is adding new features to its Lens app for Android phones, which will allow users to sort what they see through the mixed reality camera. With these coming updates, users will be able to find dining and shopping destinations, as well as translate text real-time on the screen. 9 to 5 Google Prosper, a company that offers low interest fixed term personal loans, was fined three-million-dollars by the SEC this week after the company made a coding error. The error showed investors receiving returns on loans that had been defaulted on, inaccurately inflating investor expectations. TechCrunch Keeper is a new startup that is helping gig economy workers save money on taxes. Uber, Lyft, and many other companies classify their employees as independent contractors which makes paying taxes difficult. Keeper estimates that gig workers who make more than $25,000 per year are overpaying their taxes by $1,550 a year. By offering a service that connects to financial accounts, Keeper is attempting to be the accountant that gig workers can’t afford. TechCrunch Google is facepalming hard this week after a Pixel 3 user requested a refund on his defective device, returned it, and placed an order for a different model. Rather than refunding and sending out the replacement unit, Google’s shipping department sent out 10 brand new Pixel 3 devices, bringing the total cost of the mishap for Google to nine-thousand-dollars. Legally, Google can’t force the user to return them. 9 to 5 Google Ancestry is in hot water after a Canadian market ad went viral this week. As you heard at the top of the show, a white man asks a black woman to marry him and move north to escape what will surely be a horrific fate. Most of the retweets of the ad asked the company why they felt it necessary to romanticize and whitewash what was a traumatic experience for black females in the south. Wired Ahold Delhaize, a Dutch grocery conglomerate, has been rolling out robots in many of its US stores. These robots currently roam the aisles looking for and announcing spills and other hazards but will soon be upgraded with the ability to scan shelves to keep items in stock for customers. The newly equipped robots will debut in Giant Eagle stores in Pittsburgh, Cleveland, and Akron. ZDNet The United Kingdom has added the ability to get information about citizen services to Amazon’s Alexa and Google Home. UK residents will be able to ask questions about banking holidays, the national minimum wage, pensions, childcare, and taxes. Computer Weekly New York City’s IT teams are back in the news this week. In 2017, the city created a taskforce to analyze the algorithms the government’s departments use to service residents to avoid bias. Members of the task force have begun speaking out after many agencies have failed to provide the necessary data to analyze and are calling the task force a publicity stunt. The Verge Now it’s time for this week’s feature story. Featured Story My feature topic this week, technology’s role in America’s drug crisis, may be inappropriate for young or sensitive ears. Listener discretion is advised. Whether you or a loved one are recovering from addiction or, in the worst-case scenario, grieving from the loss of someone you know, this elephant sits quietly in the corner of every American living room. Overdose deaths are the number one killer of Americans under the age of 50. The number of overdose deaths in the United States has grown from about 16,000 in 1999 to over 70,000 in 2017. That’s 12,000 more people dead in one year than all the American casualties during the entire Vietnam war. Over that 18-year period, more than 300,000 people were lost to drug overdoses. Drug Abuse | The Vietnam War Illegal drug sales are a huge business and like any business it looks for ways to maximize profits and drive down costs. The internet has played a small role in increasing these disheartening numbers. Dark web marketplaces like the Silk Road, Silk Road 2, and Dream Market have all contributed to the ease with which addicts can get their drug of choice. But what happens when the supply runs low? Drugs are mixed with easily made alternatives like Fentanyl. Fentanyl is a legal drug that was designed in 1959 for anesthetic use and over the next five decades became available in a wider variety of forms including pills and patches for chronic pain treatment. The common availability of the ingredients and the ease of making it makes fentanyl an ideal option for cutting other drugs, even drugs that don’t have a sedative effect like heroin. Vice | Rapid Response Industrial Group | News-Herald Just this month, a popular seller on the dark web called sinmed, was taken down by a federal joint task force. Sinmed was in the top 3 percent of vendors on Dream Market. The trio behind the screenname were caught after shipping more than 1,000 packages to buyers in 43 states. Once the indictment was unsealed, it was revealed the group had laundered more than 2.3 million dollars in cryptocurrency and were sitting on an inventory of about half a million Xanax pills they’d cut, stamped, and bottled themselves. There was also a significant amount of fentanyl-laced heroin and other assorted drugs on the premises. Wired But there’s more to this epidemic than just death statistics and drug dealers. Laws and social attitudes cause the issues that lead to illegal drug use. The US’s war on drugs has been a long fought and resounding failure. A modern prohibition that has worked as well as alcohol prohibition in the 1920’s. The drug war started with the criminalization of marijuana and heroin by President Nixon and his Chief Domestic Advisor John Ehrlichman who saw the anti-war left and pro-civil rights blacks as enemies of the White House. President Reagan further criminalized non-violent drug offenses with policies that saw the country’s incarceration rate skyrocket. These policies continued through George H.W. Bush and Bill Clinton’s presidency, despite Clinton’s advocacy of treatment over incarceration during his 1992 campaign. CNN | Drug Policy.org When a nation has become so deeply entrenched in the vilification of drug dealers and users, how do you get out of it? Portugal’s answer, in 2001, was decriminalization. Portugal abolished all criminal penalties for personal possession of drugs. A 2009 study by the libertarian think-tank the Cato Institute concluded that the policies were a resounding success. Illegal drug use among teens was down, rates of new HIV and hepatitis infections dropped, and the number of people seeking treatment doubled. That last point is the real key: it means drug users were no longer shamed and driven underground. Time | The Guardian The internet didn’t start this epidemic. Opioids have been used and abused for over two hundred years; morphine was invented in 1803 and marketed by the German pharmaceutical company Merck. The invention of the hypodermic needle in 1853 meant an easier, quicker delivery of pain relief. It’s been estimated that by the end of the 1860’s 400,000 male veterans of the US Civil War were addicted to opioids. Smart Drug Policy That also means ineffective drug policies didn’t start the current health crisis. So, what did? A combination of ease of access, policies that shamed, compassionate but misguided doctors, and a public uneducated about the warning signs of addiction. Doctors did their best to ease the pain and suffering of millions of patients with opioids. Many patients took those opioids and found the associated relief of physical and mental anguish addictive. New York Times So, how can we, as a nation, address the issue? It requires a complex, multi-faceted approach. President Trump took a positive step in August of 2017 by declaring the opioid epidemic a national emergency, but more needs to be done on the legislative side. Pre-emptive education to reduce the likelihood of addiction is a necessary goal. Addiction often results from trauma such as difficult family situations or childhood physical, sexual, or emotional abuse. Exposure to alcohol and drug abuse as a child and family histories of addiction can also increase the likelihood of becoming an addict as an adult. Educational campaigns on social media coupled with informational apps can be helpful on this front. Twin Lakes Recovery Center | Positive Choices Treatment over incarceration would be a big step in reducing the stigma around finding and getting help. This point is critical to save those who are currently caught in the addictive cycle. Finally, in the interim until these previous two suggestions can be implemented, additional resources both on and offline can be used to reduce the chances of overdose deaths. I reported back in January on an app developed by researchers at the University of Washington that can turn a smartphone into a breathing rate monitor to detect when an opioid user is on the precipice of an overdose. This sort of technology coupled with safe injection sites where users can go to be monitored while using can dramatically decrease the instances of overdose deaths. Engadget Using data-driven, science-based approaches to solve problems is key, especially when the problem is as large as this national health crisis. Alright, that was really heavy, let’s wrap up this episode with some good news. Good News US Senator Edward Markey, a Massachusetts Democrat, has introduced new consumer privacy legislation on Friday that will give users more transparency and control over how and when their data is collected and used. Named the Privacy Bill of Rights Act, it would prohibit companies from using personal data in discriminatory ways and force companies to safeguard all obtained data. The Federal Trade Commission would receive a website to inform consumers of their rights, and companies would be required to inform users what and how personal information is being collected, used, or retained, how the company is sharing or selling their personal information, and how long the information will be retained. I’ll keep an eye on this one and keep the podcast updated. Health IT Security An island country named Berylia has undergone a massive cyberattack during their national elections. The attack has compromised their 4G cellphone networks, power grid, and water purification systems. Of course, their election systems weren’t safe either. Fortunately, Berylia is a fictional island nation and what I’ve described is this year’s Locked Shields annual exercise. Organized by the NATO Cooperative Cyber Defence Centre of Excellence, the event gives national cybersecurity teams a chance to participate in a live-fire cyber-attack. The good guys, or in cybersecurity jargon, blue teams, participate from their home counties to protect the fake infrastructure which has been built in Estonia. Seeing cooperative events to thwart malicious attacks is always exciting. ZDNet Andre T. Mitchell of Brooklyn has seen a lot in his 52 years. One of eight children raised by a single mother in Brooklyn’s Brownsville neighborhood, his excellence in school made him the target of ridicule which eventually led to him becoming a drug user and teen father. Trying to raise a child on minimum wage is impossible, so he resorted to selling drugs and stealing, eventually landing him in jail. This lifelong Brooklyn resident has created a group called “Man Up!” which aims to reduce violence in communities. The community organization is built on the Cure Violence model which uses three data-driven approaches. 1 Interrupt the transmission by preventing potentially violent situations. 2 Identify and treat those at high risk of participating in violence. 3 Mobilize the community to change cultural norms. An independent study by the John Jay College of Criminal Justice Research and Evaluation Center found that rates of gun violence have fallen by 50 percent since “Man Up!” started operating. Free Think That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will always link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast. Links to source articles and other noteworthy news are in the show notes. Articles in this week’s extracurricular reading include an study on how sleep deprivation can be deadly, how pro-diversity hiring can do as much harm as good, how the Starz Network is abusing the DMCA to harass journalists, and so much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out. Thanks for listening and have a great week! Additional Reading Microsoft Faces Down a New Claim that Pro-Diversity Hiring isn’t Fair to White Men The PDF Association Thinks the Mueller Report Sucks You’re Not Getting Enough Sleep – and It’s Killing You Tesla’s Board is About to Get a Lot Smaller Fastly, the Content Delivery Network, Files for an IPO Large-Scale DDoS Attack Abuses HTML’s Hyperlink Audit Ping Facility Microsoft’s Chromium-Based Edge Browser Quietly Adds Google to Search Providers, Native Translator Coming Soon Tweet Complaining About DMCA Takedown Abuse Gets Hit with DMCA Takedown iOS 13 Will Reportedly Include a Dark Mode and Huge Improvements to iPad Multitasking Lyft Brings Back the Taxi Line as it Desperately Tries to Crack the Airport Pickup Credits Article featured image photo by Matthew T Rader on Unsplash. Cold open courtesy Ancestry via Wired. Outro music is Drug Dealer by Macklemore feat. Ariana DeBoo. Available on Amazon Music and iTunes. The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. All samples, sounds, and music are from FreeSound.org.
12 minutes | 2 years ago
Weekly Tech News for April 14, 2019
Intro Welcome to the April 14th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news. But this week will be a little shorter than usual since I didn’t have an opportunity to write a feature story. Otherwise, I’ll start off like I always do with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. Then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity. The cold open today was from Naked Security Live, a video series available on YouTube, discussing the fallout from another security camera found in the private living space of an Airbnb that I reported on last week. There’s a link in the show notes to the YouTube video. YouTube Let’s dive in to data breaches. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Good News Data Breaches AeroGrow International, makers of the AeroGarden smart countertop gardens, have begun notifying customers of a MageCart style attack which stole customer’s credit card data during the check out process. SecurityWeek Microsoft announced a breach this week which revealed cybercriminals compromised one of its customer support representatives, giving the attackers access to personal information and credentials shared with the rep by customers. ZDNet A just released study has announced that the healthcare sector is the number one target for major data breaches, being fully a quarter of all data breaches last year. Data Breach Today Yahoo has finally reached a deal in US federal court to remedy the largest data breach in history. Yahoo will have to pay a 117.5 million-dollar settlement. Reuters | Bloomberg Law Two Romanians were convicted on a variety of fraud and hacking charges this week. Court documents revealed the pair infected and controlled more than 400,000 computers, mostly in the US to steal identities, mine cryptocurrency, and commit other acts of fraud. DarkReading That’s it for data breaches, let’s move on to privacy headlines. Privacy Headlines IBM X-Force researchers have released an alert about TrickBot, which is Tax-Themed malware hidden within Microsoft Excel spreadsheets. The malware is being distributed via spam email. Security Intelligence To continue developing its marketing push to be the most secure mobile platform, Apple has added another confirmation step before you subscribe to apps on its app store. TechCrunch Russia has fined Facebook 3,000 Rubles, or $47, for not complying with its laws that require online companies to store Russian user data on Russia-based servers. Mark Zuckerberg is, reportedly, still laughing. The Hacker News Apple is in hot water with the US Congress and human rights advocates after it removed several Hong Kong artists from its Apple Music China platform. Critics say it missed a chance to ‘be a stronger voice for freedom around the globe.’ The Verge Bloomberg released a report this week on the teams Amazon has listening to conversations from its Alexa smart speakers. Most of the news sources I saw blew this one out of proportion, leaving out details about how minimal personal data is included with recorded conversations. The primary jobs of the teams are to improve Alexa’s understanding of user’s commands and reduce the likelihood that Alexa is woken by accident. One thing that wasn’t mentioned in the original report was whether this was an opt-in program or whether every Alexa user is immediately enrolled. Bloomberg That’s a wrap for important privacy news. Let’s move on to security headlines. Security Headlines This week at the Kaspersky Security Analyst Summit, security researchers revealed a new state-sponsored hacking group and their previously unknown spyware multi-tool that featured more than 80 distinct components capable of unique cyberespionage tricks. Wired | Wired An IBM Security Researcher has discovered a vulnerability in TP-Link brand home internet routers that will allow remote attackers to take complete control of this critical device in your home. Security Intelligence Mobile security firm, Lookout, announced that Exodus spyware was available on iOS as well as Android this week. The iOS version of Exodus poses as a legitimate mobile carrier support app and steals as much data as possible from victims. Wired To help eliminate reliance on passwords, Google has rolled out a new feature for Android phones running version 7 or higher. The feature turns the phone into a security key, wirelessly communicating with PCs and other devices to add an additional layer of security. The Verge WPA3, or Wi-Fi Protected Access third generation, was finalized for roll out about 15 months ago and was hailed as the answer to flaws in the current WPA2 standard. Unfortunately, a slew of new vulnerabilities have been found. ARS Technica A popular Firefox web browser extension called NoScript has been made available for Google Chrome users. NoScript helps users block tracking attempts and dangerous cross-site scripting attacks. It’s a great extension, but in my experience it can break some websites. ZDNet The US Department of Homeland Security has published an alert for users of enterprise VPNs from Cisco, Palo Alto Networks, Pulse Secure, and F5 Networks that their secure networking protocols are vulnerable to attack. TechCrunch The United Kingdom has declared an end to self-regulation for social media and online sharing platforms by creating laws to fine platforms that allow harmful content to be posted. This is a direct result of the Christchurch, New Zealand shootings. 9 to 5 Mac We’re all done with security headlines. Let’s move on to all the news that doesn’t fit one of our other categories. Other Headlines Disney’s new Disney plus streaming service will be launching on November 12th with subscriptions costing $6.99 per month. TechCrunch You may recall a few weeks ago when MySpace admitted to losing more than 50 million songs as they were moving servers. Apparently, someone has found a backup of almost half a million of them, and the Internet Archive has published them. Sophos Naked Security Oculus, manufacturer of virtual reality hardware, announced that it accidently left hidden messages inside its controllers. These messages were inside jokes the company hid in prototype versions of the devices and said things like “This Space for Rent” and “Big Brother is Watching.” The company wanted to dispel any rumors about tampered equipment. The Verge Snapchat has developed what’s calling Snap Kit, to stop companies like Facebook from copying its business model. Snap kit now allows developers to integrate Snapchat’s filters and stories functions into their own websites and apps. TechCrunch Sony is proactively attempting to stop hate speech by replacing offensive users names on its PlayStation network with temporary usernames. The Verge Juul Labs, manufacturers of popular vaping devices, have begun a Track and Trace program in cooperation with law enforcement to figure out how their devices are winding up in the hands of minors. TechCrunch Microsoft is changing the way it pushes out updates. Rather than forcing users to install updates that may break their system, users will be able to choose if and when updates happen. Sophos Naked Security | ZDNet Uber has filed its documents with the SEC to go public next month, revealing many previously unknown details, including it’s almost half-a-billion-dollar investment on autonomous vehicles. TechCrunch California’s DMV announced on Friday that it will soon be allowing testing of autonomous light duty pickup trucks and utility vans on public roadways. The Verge The week’s biggest tech-related news, was, of course, Julian Assange’s arrest by the London Metropolitan Police after the Ecuadorean government withdrew their political asylum. He was physically and forcefully removed from the embassy on charges of hacking by the US, and sexual misconduct by Sweden. Wired Thomas White, also known as Dread Pirate Roberts 2, has made an astonishing news comeback this week. Most people will remember when Ross Ulbricht, or Dread Pirate Roberts, was arrested, bringing an end to the dark web marketplace the Silk Road. Almost as soon as his arrest was announced the Silk Road 2 popped up, run by Dread Pirate Roberts 2. Some tech news outlets listed him as a cybercriminal who got away. It turns out that Thomas White was actually arrested in November 2014 and has been quietly held in England. He has been sentenced to 5 years and 4 months in prison for his role as a dark web drug lord. Motherboard Now it’s time for this week’s Good News. Good News New York City’s IT infrastructure is enormous. 330,000 employees, 8.6 million residents, hundreds of web applications for things like street plowing, and the popular NYC dot gov site provide an ample attack surface for cybercriminals. In response, the city government has created the New York City Cyber Command. The NYC3 has built a secure data pipeline for cybersecurity experts that allows for alerts, visualization, and analysis. Using open source tools that are built to be blisteringly fast, the pipeline enables analysts to easily and quickly make decisions about the safety of its infrastructure and, more importantly, it’s millions of residents and visitors. ZDNet NASA has completed a new study that indicates interplanetary travel should not negatively affect the human body. Dubbed, the Twins Study, NASA sent astronaut Scott Kelly into space to live aboard the International Space Station for 340 days while keeping his twin brother Mark on Earth as a control subject. NASA compared the twins on a molecular level to come to these conclusions and believes that it is physically possible for humans to safely make trips to and from Mars, which could take up to three years. Most of the DNA measurements taken of the two brothers returned to normal when Scott returned to Earth. Scientists will continue studying the effects of space on the human body, but did note that specific portions of Scott Kelly’s DNA, related to immune response and DNA repair, did not return to normal. TechCrunch | NASA Unless you live in a blackhole, you’ve probably seen the news about the first ever picture of a super massive blackhole. Supercomputers, eight telescopes on five continents, hundreds of researchers, and 5 petabytes of data across more than half a ton of hard drives. But how did we get this image from 55 million light years away? Community. Experts worked for years to photograph and compile the data from all those different telescopes. As you can imagine, storing all that picture data was a monumental task. 5 petabytes is 1,000 terabytes. You can fit about 300 high definition movies into 1 petabyte. That means all that data that makes up the blackhole picture fit in the same space as 1,500 HD feature-length movies. Now we have a group of data storage experts managing and safely storing that data. Then we need programmers to piece the data together from all those telescopes and all that data. Thanks to all these talented and wonderful people working together we can see what a blackhole looks like to better understand the universe we live in. How cool is that? The Verge That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will always link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast. Links to source articles and other noteworthy news are in the show notes. Articles in this week’s extracurricular reading include an article from Wired about how to build algorithms to support rather than exploiting children online, how the Weather Channel is using mixed reality to show the damage climate change can cause, how to detect hidden cameras in hotel rooms, and so much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media. Thanks for listening and have a great week! Additional Reading Spy on your Smart Home with this Open Source Research Tool Delete Those Useless Apps from Your Phonel Optimize Algorithms to Support Kids Online, Not Exploit Them Online Trolls are Harassing a Scientist who Helped Take the First Picture of a Black Hole The Weather Channel Flooded Charleston to Make You Give a Damn How to Make Your Amazon Echo and Google Home as Private as Possible How Android Fought an Epic Botnet – and Won Twitch’s First-Ever Video Game is a Free Karaoke Title Built for Live Streaming Can you Detect Hidden Cameras in Hotel Rooms? ADHA Seeking Feedback for National Health Interoperability Roadmap The Julian Assange I Met in 2010 Doesn’t Exist Anymore | Four Theories About Julian Assange’s Cat Tesla’s Original Plan for the $35,000 Model 3 is Dead | Tesla is Raising the Price of its Full Self-Driving Option Foxconn is Confusing the Hell out of Wisconsin | Foxconn Says Empty Buildings in Wisconsin are Not Empty Credits Article featured image by NASA via Unsplash. Cold open provided courtesy Sophos Naked Security via YouTube The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. All samples, sounds, and music are from FreeSound.org.
19 minutes | 2 years ago
Weekly Tech News for April 7, 2019
IntroWelcome to the April 7th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news.I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow with this week’s feature, then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity.Let’s dive in. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Featured Story Good News Data BreachesCultura Colectiva, a Mexico-based content publisher, and At the Pool, a defunct app maker, have exposed more than 540 million Facebook records after improperly storing data accessible from the social media site. TechCrunchA database managed by an Indian government healthcare agency was without password protection for more than three weeks, exposing 12.5 million pregnant women’s medical records. ZDNetVoterVoice, a company that provides email contact forms for US legislators, has been caught insecurely storing details of people who contact their senators and representatives exposing email addresses and other personally identifiable information. TechCrunchMacon, Georgia-based Navicent Health has determined a cyberattack from last year exposed records of more than a quarter of a million patients. Data Breach TodayMissouri-based Burrell Behavioral Health exposed about 67,000 patients’ data when a third-party business improperly configured an internet accessible server. Health IT SecurityLet’s move on to Privacy Headlines. Privacy HeadlinesA researcher at Talos, Cisco’s security division, revealed that cybercriminal groups are operating in plain sight on Facebook, some using their real profiles. These groups trafficked in stolen credit card data, identity info, spam lists, and hacking tools. WiredAirbnb is back in privacy news this week, when a family from New Zealand found a camera hidden in a fake smoke detector live streaming the living room of their vacation rental. CNNWhatsApp has added a new feature that will allow users to control who can add them to groups, in an effort to improve privacy and prevent the spread of fake news. This announcement comes on the heels of a new fact-checking tip line Facebook launched in India ahead of this year’s contentious elections. TechCrunchA hoax dating back to 2011 has reared its head again this week on Facebook. This is a copy and paste post stating that hackers are publishing sexual videos on your timeline that you can’t see but your friends can; don’t fall for it. Sophos Naked SecurityAI researchers at Google, Facebook, Microsoft, and in academia have published an open letter requesting that Amazon stop selling biased facial recognition technology to law enforcement agencies. The VergeAmazon has announced that Alexa will now talk to internet-connected health monitoring devices, allowing users to verbally check their blood sugar, schedule doctors’ appointments, and receive post-op instructions from hospitals. Personally, I’d rather Amazon not know how I got pink eye. WiredIsraeli security researchers have published a proof of concept that shows malware can access medical scanners to automatically add and remove cancer from CT scans. Security WeekSanitation workers in Nanjing, China are required to wear a bracelet that tracks their movement and vibrates if it detects that they’re idle for more than 20 minutes. The VergeThe US Justice Department’s Inspector General has announced that the FBI is not notifying victims of cybercrime of their rights in a timely manner. In response, the FBI announced it’s in the process of replacing their current notification system. Data Breach TodaySeveral members of the European Parliament have voted the wrong way on the Copyright directive, not realizing what the for and against buttons actually meant. These members have requested their votes be changed. Sophos Naked SecurityJackson Cosko, a former staffer of Senator Maggie Hassan, has admitted to doxing 5 senators by publishing their private phone numbers and home addresses to Wikipedia. The details emerged after Cosko pleaded guilty to computer fraud and other offenses. The VergeLet’s move on to security headlines. Security HeadlinesA phishing campaign has been targeting Verizon Mobile users since November of last year according to security research firm, Lookout Phishing AI. DarkReadingA new type of malware that targets IoT devices has been spotted in the wild. Dubbed Bashlite by researchers, the new strain focuses on WeMo brand home automation devices. ZDNetHuawei has released a patch for its MateBook laptops that could have allowed an attacker to gain access to the system. This bug was first disclosed by Microsoft security researchers in January. The VergeDropbox, a leading cloud storage provider for individuals, has discovered 264 vulnerabilities after it ran a one-day bug bounty program. Reportedly, the company paid hackers more than $300,000 in bounties. ZDNetThe Android operating system now powers some 2 billion devices worldwide. Google has announced 75.7 billion downloads, or .04 percent of all downloads from its Google Play store in 2018 were harmful. These estimates are double the number from 2017. TechCrunchPharmaceutical giant, Bayer, has announced that they have successfully detected and defeated a Chinese cyberattack. Health IT SecurityA critical security vulnerability has been discovered in Xiaomi’s MI and Mint browsers. Users are advised to discontinue using these browsers until a patch is released. The Hacker NewsScammers have been using a new trick to get more clicks on their advertising campaigns. By detecting when your mouse gets to the close button, the page resizes the ad forcing you to click on the ad. To avoid the scam, move your mouse to the close button and pause before clicking. ZDNetA new report has announced that about 17,000 home and small office modems and routers are vulnerable to DNS Hijack Attacks. These attacks redirect your requests for legitimate sites to sites that serve malware. DarkReadingWaltham, Mass-based Care dot com has deleted tens of thousands of providers after a Wall Street Journal exposé revealed some providers were unlicensed and others had criminal backgrounds. The VergeFormer NSA contractor, Harold Thomas Martin III, has pleaded guilty to illegally accessing top-secret documents and cyber warfare tools. These tools have been found in the wild, most notably in the ransomware WannaCry. Sophos Naked SecurityChinese National Yujing Zhang was arrested last weekend for attempting to bring malware under the guise of attending a fabricated event to President Trump’s Mar-a-Lago golf club. President Trump was on the premises at the time. DarkReadingChina has been trying to reunify with Taiwan for many years. To prevent China from tampering in the 2020 presidential election, Taiwan plans to ban Chinese search engine Baidu, and social media giant Tencent. ZDNetGPS spoofing attacks have been rare and limited to cybercriminal groups until recently. Russia has been accused of the first large-scale GPS spoofing attack. These attacks interfere with the signals bounced back to GPS receivers to confuse navigation. Sophos Naked SecurityLet’s move on to other headlines. Other HeadlinesThough still very limited, Verizon has begun rolling out 5G in parts of Chicago and Minneapolis. The VergeGoogle is continuing to take features from subsidiary Waze for its Google Maps application. Google Maps will soon warn you of traffic slowdowns. The VergeSome Android TV users turned on their streaming devices to find Google has begun placing ads on their home screens. Many users were angered by the discovery. The VergeGoogle and Walmart have announced that they’re teaming up to bring voice-based grocery shopping to consumers to combat Amazon’s push to be everything to everyone. ZDNetNorth, the company that’s bringing stylish smart glasses to a wider market, have announced a slew of new features in their latest update including music playback controls, note transcriptions, and transit directions. The VergeNetflix has announced that users will no longer be able to send shows between Apple devices using the AirPlay feature due to what it’s calling a technical limitation. The VergeTo compete with Apple TV and Amazon, Roku is now offering HBO subscriptions through its Roku Channel. TechCrunchFortnite developer Epic has announced they will be bringing more creative tools to its game to expand its community. This comes the same week that England’s Prince Harry called for the game to be banned, citing mental health professionals claims that it’s more addictive than drugs or alcohol. 9 to 5 Google | VarietySnapchat is mirroring Chinese messaging apps by moving into the social gaming market. TechCrunchTikTok, the China-based video streaming app, has developed a new talent show feature to draw more attention from users in Korea and Japan. The VergeOn November 20th of this year, Microsoft will be closing its HealthVault Patient-Records Service; all remaining data will be deleted. ZDNetMicrosoft is getting rid of that annoying requirement to click “safely remove hardware” when you disconnect USB thumb drives, hard drives, and smart phones. Unfortunately, it’s at the expense of transfer speed. ZDNetMicrosoft’s Skype has concluded a beta test of its new 50-person group video chat feature and is now available as an update. The VergeTo comply with the European Union’s antitrust ruling, Android devices will now prompt users to select browsers and search engines from a list, rather than defaulting to Google provided products. 9 to 5 GoogleNew York state has joined the ranks of California and Hawaii by enacting legislation to ban plastic bags in 2020. The VergeMany publishers will release games exclusive to the North American or Asian markets and Steam has honored this tradition by blocking users from activating games they’ve purchased legitimately if they’re not in those locations. The European Union intends to put an end to this practice. TechCrunchHayabusa 2, a project team from the Japan Aerospace Exploration Agency, succeeded in the first part of its mission this week by landing rovers on an asteroid and collecting samples. In a few weeks, the team plans to fly around the asteroid, land on the other side, collect more samples, then fly the samples back to Earth. Adam Shostack & FriendsAustralia is rushing laws through its legislature that could see executives do jail time if serious, violent crimes are streamed on their online platforms. ZDNetThe BBC and Discovery have announced they will be teaming up for a new streaming service focused on factual programming. TechCrunchYou’d almost think I planned that segue. Let’s move onto this week’s feature story, Fake News. FeatureIf someone asked you to define fake news, how would you answer? WebwiseI consider fake news to be the next logical step after yellow journalism to divide, conquer, and create tribalized groups. These groups become loyal to their news sources and the idols those news sources, on both sides of the political aisle, create and promote. WikipediaThe roots of these tactics, and the term yellow journalism, date back more than a hundred years to the newspaper circulation war between Joseph Pulitzer and William Randolph Hearst. Pulitzer was a Hungarian immigrant, fluent in 4 languages, and a Union Army Veteran of the American Civil War, who worked his way up in the newspaper industry to become the owner of the New York World in 1883. William Randolph Hearst was handed his first editorial job at a newspaper by his wealthy father. Yellow Journalism BlogPulitzer created a journalistic style that appealed to the average person with simple words and phrases and dramatic headlines; this was looked down upon by his contemporaries. He believed news was important for everyone and, as if to prove it, people flocked to newsstands for his sensationalized headlines. Hearst initially worked for, revered, then mimicked Pulitzer’s style. Hearst’s father first gave him editorial control of The San Francisco Examiner, then, after circulation skyrocketed, he purchased the New York Journal to compete directly with Pulitzer.Although, that doesn’t really explain where the term yellow journalism comes from. That tangent has a quaint start. Pulitzer ran a comic strip that became popular in his newspaper. It featured a child dressed in yellow. After Hearst purchased the New York Journal, he poached the cartoonist that created the yellow kid. An editor of another New York paper began referring to Pulitzer and Hearst’s tactics as yellow journalism sometime after that. WikipediaBut the term has much more significance than stealing an employee.In 1895, a revolt broke out in Cuba that became the Cuban War of Independence. Hearst and Pulitzer sensationalized stories and even created outright lies to provoke the interest of the general public in becoming involved in this war for independence. While the sinking of the USS Maine in Havana Harbor is generally considered to be the final straw that pushed America into this war between two foreign countries, there were many events politicized by Hearst and Pulitzer in the years between 1895 and 1898 which created a fervor for Americans to become involved in the war. Sound familiar? The Spanish American War Centennial WebsiteIn the ensuing hundred and twenty-one years and countless technological advancements since the Spanish-American War, social media and the internet at large have bred a general distrust of the mainstream news media and further polarized our politics. Beyond that, they’ve created such a high baseline of general noise that it’s become nearly impossible to separate the media spin from the outright fabrications of fake news outlets.To understand spin versus fake news, let’s say the US Department of Defense releases a report stating that 80 percent of all drones successfully hit their targets. A right-wing news agency might tout the efficiency and accuracy of American engineered weapons with the headline, “US Drones Have Near Perfect Record.” Whereas, a left-wing media outlet might use the headline, “Nearly a quarter of all US drones may kill unintended targets.” Both headlines are technically correct.Or, consider the fact that I used spin at the beginning of the story to paint Pulitzer as a hard-working immigrant turned civil war veteran and Hearst as a spoiled rich kid.But I want to make an important distinction between spin and fake news. Spin is massaging words to fit an agenda. Real new stories will be picked up and vetted by mainstream news media from both sides. Each will present differing views, but the basic facts will remain unchanged. Fake news takes tiny grains of truth or even rumors to build a following around its agenda. It’s important when consuming news to look past the headlines, read the articles, think critically about what’s being presented, and verify the sources.One article I read recently claimed that cases of unaccompanied children crossing the southern border rose dramatically during the second half of the Obama presidency and stated explicitly that federal and state agencies were paying for these children to be trafficked. Doing my due diligence, I followed a link to a source article on the LA Times and found a retraction, at the bottom of the article, which contradicted the headline the fake news site was basing their opinion on. That retraction should have been at the top, not the bottom. Shame on you, Los Angeles Times. LA TimesWhen mainstream media makes a mistake, other MSM outlets will pounce on these flaws. Look at the 2000 election. CNN called Al Gore the winner then retracted that statement and called George W. Bush the winner, then retracted that because Florida wasn’t done counting votes. More recently, a Fox News graphic stated that President Trump was withdrawing funding from 3 Mexican countries. Mistakes and spin happen but aren’t malicious; fake news is malicious. Washington Post | SnopesSo, what can be done about fake news? There are many initiatives using artificial intelligence, machine learning, human moderators, and fact checking organizations. When it comes down to a machine deciding what’s real versus what’s fake, how can a programmer decide the criteria? Is it how repeated the story is? Claims were made during the 2016 presidential election that Hillary Clinton sold 20% of the US’s Uranium to the Russians in exchange for contributions to the Clinton Foundation. The claims were continued by President Trump well into his Presidency. But the claims were false. So, repeatability isn’t a metric. How can artificial intelligence or machine learning fix this? SnopesIt can’t. What it really comes down to is you, the consumer, doing your part to identify what’s real. Don’t form beliefs based on your news consumption, form opinions. Beliefs are forged to be unchangeable. Opinions are malleable to changing circumstances. Technology Review | TechCrunch | The TelegraphAlright, let’s wrap up this episode with some good news. Good NewsFacebook users may remember when they added the “Why am I seeing this ad?” button in 2014. This week the social media giant announced it would be adding a “Why am I seeing this post?” button as well. This will give users more transparency about why they’re seeing one post versus another but, more interesting than that, it will give us a look at the algorithm that decides the content on our News Feeds, something Facebook has been very secretive about. Having this knowledge will allow Facebook users to more intelligently interact with the site. TechCrunchIn today’s world of streaming video and immediate gratification, movement of physical items is often much slower than we would like. Nowhere is this more obvious than in the world of medicine, where hours and minutes may mean the difference between life and death. Until now, old-fashioned human courier services were still the norm for moving tissue and blood samples from where they’re extracted by your doctor to where they’re analyzed by lab technicians. This week, the FAA granted UPS the first license for commercial, profit-generating drones. UPS will be transporting tissue and blood samples by drone in North Carolina, testing the waters for a wider, national system. Thanks to this smart move, doctors will no longer have to depend on humans traversing traffic-filled roads to make medical diagnoses. WiredA Scottish teenager named Kal Turnbull has turned a simple subreddit into a forum for rational, reasoned discourse with over 700,000 members. In 2013, the 17-year-old realized the cultural limitations of his upbringing in the Scottish Highlands, so he created a subreddit called “Change My View.” 6 years on CMV is heralded by some as an online oasis. Turnbull and his small team of moderators have spent a great deal of time modifying Reddit’s flawed algorithms which decided what topics should be pushed to the top by hacking together a system that ranked users based on their ability to be civil, rational, and impactful. Unfortunately, this system was a bit complicated and time-consuming, so the now 23-year-old Turnbull has launched a stand-alone website called “Change a View” dot com. Beyond streamlining the way the subreddit worked, Turnbull and his team have built-in a system that allows users to see why conversations have been flagged and allows moderators to talk directly to users. The new site also eschews private messaging in favor of keeping discussions public, and, therefore, civil. This is an exciting win for logic, reason, and discourse on the internet. Wired Additional Reading Is it OK to Make Your Dog Vegan?Google to Expand Advanced Protection Program to Chrome with Download SafeguardsHow to Enable and Use Gmail’s AI-Powered Smart Reply and Smart Compose ToolsGPS Rollover is Today. Here’s Why Devices Might Get WackyHere’s the US Army Version of HoloLens that Microsoft Employees were ProtestingAttackers Store Malware in Hidden Directories of Compromised HTTPS SitesThe US Is Slow to Adopt EHRs, But That Might Actually Be a Good Thing for Healthcare Security5G and the Health Effects of Cell PhonesDefining the Values of the Intellectual Dark WebInside the Democrats’ Plan to Fix Their Crumbling Data OperationHacker Eva Galperin Has a Plan to Eradicate StalkerwareThe Construction Industry Needs a Robot Revolution5G’s First Five Years: A Look AheadThe Most Innovative Phone Cases are Made in a Los Angeles Shed Credits Cold open audio courtesy CNN via YouTube Featured article image by Julia Kuzenkov from Pexels.The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds.Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer.All samples, sounds, and music are from FreeSound.org.
18 minutes | 2 years ago
Weekly Tech News for March 31, 2019
Intro Welcome to the March 31st, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news. I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow with this week’s feature, then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity. Let’s dive in. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Featured Story Good News Data Breaches A popular South Korean cryptocurrency exchange was robbed by hackers Friday. Bithumb was attacked resulting in a loss of approximately 19 million dollars in cryptocurrency. The Hacker News Earl Enterprises, a hospitality industry giant, has announced a breach of its payment card processing systems. Affected restaurants include: Buca di Beppo, Earl of Sandwich, Planet Hollywood, Chicken Guy!, Mixology, and Tequila Taqueria. ZDNet Toyota dealerships in Japan were hit with a cyberattack compromising data on 3 million customers. DarkReading A hacker named Zammis Clark, was sentenced in the UK this week. Court documents reveal he hacked into electronics manufacturers Vtech and Nintendo, as well as stealing files from internal Microsoft servers. The Verge Thankfully it was a quiet week in data breaches. Let’s move on to Privacy Headlines. Privacy Headlines Mastercard has announced that it will be developing a secure, decentralized, universal ID system that lives on your local devices. Wired Google has been wishy-washy on its position on China. Senator Josh Hawley, a Missouri Republican, has demanded Google be forthright in a public letter. The Verge Telegram, an encrypted instant messaging app, has rolled out new unsend features. These will allow either party to delete messages from both the sender’s and recipient’s inboxes. 9 to 5 Mac Facebook announced that it has quote, “mistakenly deleted,” end quote years of Mark Zuckerberg’s old Facebook posts. Yeah, right. Business Insider The UK, having previously announced that it would break from the US and allow Huawei products in its 5G infrastructure, released a report this week stating that the issue with Huawei isn’t Chinese government backdoors, but buggy software. Wired Poland, in its first court case enforcing Europe’s General Data Privacy Regulation, has drawn a hard line in the sand against non-consensual data scraping online. This could impact IBM and the US Government’s training of facial recognition systems, which I reported on last week. TechCrunch According to a report by Motherboard, the Italian Government has been caught releasing spyware on the Google Play store to catch criminals, but unintentionally ensnaring innocent victims. Motherboard Russia has ordered major VPN providers to adhere to its website blacklist, to ensure that Russian users can’t access sites the Russian government deems illegal. Torrent Freak Australia has proposed a new bill increasing the financial penalties for privacy breaches which is scheduled to go to a vote in the second half of 2019. ZDNet Microsoft warned this week, that if Australia’s anti-encryption law remains on the books, many companies will stop storing data there, potentially crippling Australia’s technological economy. Sophos Naked Security In 2016, Chinese gaming company Beijing Kunlun Tech purchased a 60% stake of gay dating app Grindr. In 2018 they purchased the remaining shares. The US Government has demanded that Beijing Kunlun Tech sell the app due to concerns over the Chinese government spying on users. Wired On Tuesday the European Union passed a directive to overhaul copyright law which could mean the end of memes, at least in Europe, but, likely, all over the world. Wired Let’s move on to security headlines. Security Headlines A security researcher publicly disclosed two unpatched flaws in Microsoft Edge and Internet Explorer browsers after Microsoft did not respond to his private disclosure. Be on the look out for updates coming for those browsers in the next few weeks. The Hacker News A Google Security engineer has released information on an unpatched flaw in TP-Link brand smart home routers after the company has failed to respond to a responsible disclosure. ZDNet Kaspersky Labs announced that hackers had compromised Asus computer’s servers to poison software updates. These hacked updates allow attackers to gain remote access to end user’s computers. Despite this security breach, I still recommend updating your software regularly. Motherboard Gustuff is a new Android Trojan that targets more than 100 banking, cryptocurrency, mobile payment, and ecommerce apps. It’s being distributed by a link in a text message. DarkReading Microsoft has won a legal battle to take over and shut down 99 Iranian run phishing domains by proving in US court that it was illegal for these hacking groups to mislead users with sites that look like Microsoft sites. Axios Apple has announced their new Apple Card, developed with Mastercard and Goldman Sachs which allows users to take advantage of the security of its Apple Pay service where Apple Pay isn’t accepted. Wired Security researchers have recovered unencrypted crash footage, navigation data, including speeds, and much more on a salvaged Tesla Model 3. The Verge Thatcham Research, a nonprofit UK insurer research center, has released a report listing the cars which are most and least vulnerable to wireless theft. It would seem not all keyless entry and ignition systems are built the same. Sophos Naked Security The University of Hertfordshire has released a study that shows most users fail to properly erase USB drives before recycling them, potentially exposing sensitive data to unintended eyes. Data Breach Today The Swiss Government’s e-voting system concluded its month-long penetration test this week, and a second flaw was discovered that could have been exploited for undetectable vote manipulation. Security Week The US General Accountability Office, or GAO, has found dangerous security flaws in the Treasury Department’s systems for tracking the national debt, which could allow access for attackers to view a wealth of government data. Data Breach Today The US Department of Homeland Security has issued a warning about several Medtronic devices, including their implanted insulin pumps. Attackers in close range can intercept the RF signals of the devices and potentially steal data transmitted because the devices don’t use any kind of authentication. Security Week Let’s move on to other headlines. Other Headlines Facebook COO Sheryl Sandberg announced three steps the company is taking to prevent the spread of hate. Accounts that have previously violated community standards will have limited or no access to live broadcasting. They’ll be banning all white nationalist and separatist content. And, to support the affected in Christchurch New Zealand more directly, Facebook will be donating to four local well-being and mental health organizations. The Verge Dream Market, the top dark web marketplace after the Silk Road was shut down, will be shutting down April 30th. There is much speculation from users about whether this is a sting by law enforcement. ZDNet Tyler Barriss, a notorious swatter and bomb hoaxer was sentenced to 20 years in prison for his deadly pranks. For those unfamiliar, swatting is a term that refers to online harassers who spoof their location to get armed police or SWAT teams to target individuals. In one of Barriss’ attacks, the individual he was targeting no longer lived at the address where he sent the police, and the police shot and killed the current resident, Andrew Finch. TechCrunch A 27-year-old Georgia man pleaded guilty to hacking Apple accounts of athletes and musicians. He stole personal data and spent thousands on stolen credit cards. He’s scheduled for sentencing on June 24, 2019. Security Week Gavin de Becker, Jeff Bezos’ personal security chief, published an article in the Daily Beast this week stating that he believes the Saudi Government illegally obtained compromising photos of Bezos and gave them to the National Enquirer’s parent company AMI. Link in the show notes to the article. The Daily Beast Google has finally removed a gay conversion therapy app from its Play Store, months after Apple and Amazon removed it from their marketplaces. Still no word on whether Google will stop allowing Saudi men to track women in their family. The Verge Google has signed a deal with Cuba to install undersea fiber-optic cable to improve Cuba’s internet connection. 9 to 5 Google Google has started rolling out changes to Google Maps, which will allow users to create events, similar to Facebook’s event features. The Verge A 35-year-old mystery has been solved. Since the 80’s, bright orange pieces of Garfield phones have been washing up on a beach in France. A local farmer led environmental activists to a shipping container in a sea cave accessible only at low tide. The Verge The Lyft IPO dominated news this week, with a valuation of 2.3 billion dollars, the stock closed up 9% on the first day of trading. But it wasn’t all good news, because drivers for both Uber and the perpetual money loser Lyft went on strike in protest of low wages and poor working conditions. TechCrunch | The Verge Apple Music is coming to Android and its new Android interface paves the way for streaming your Apple Music library on Chromecast. I love the idea of not needing to have specific devices for each company’s eco-system. 9 to 5 Google Apple’s product announcements this week included information on its soon-to-launch Apple News+ subscription news service as well as its subscription video streaming service. Their News+ service was built on the Texture platform Apple acquired last year. Since there’s no longer a need for the standalone Texture news service, that app will cease to operate on May 28th. TechCrunch | The Verge Canoo, that’s c-a-n-o-o, is a new electric vehicle company started by defectors from EV company Faraday Future. Their first vehicle is set to go on sale in 2021 and all their vehicles will be available on a subscription model. The Verge Sega will be releasing its Genesis Mini retro console in the third quarter of this year. The Verge Valve, the company behind the Steam PC gaming platform, has just announced its own virtual reality headset called the Valve Index. The Verge A study performed by the National Academy of the Sciences has determined that students in the US outperform their counterparts in Russia, China, and India in computer science skills. ZDNet A new study has found that female privacy professionals now outnumber males in the US 53% to 47%. DarkReading Melbourne, Australia and the wider Victoria region are now able to pay for mass transit tickets with their Android smartphones. ZDNet That’s it for other news. Now for this week’s feature story. Feature The topic of this week’s feature story is Human Trafficking. Some of what I’m discussing may be inappropriate for young or sensitive listeners. The BBC, and several other news organizations, announced this week that 50 women who were trafficking victims were suing Salesforce for their involvement with Backpage. Backpage was notorious for being a site where johns could find sex workers easily. It’s been estimated that as many as 1 in 20 of the ads on the site featured victims of trafficking. According to documents from the law suit, Salesforce, whose primary business is providing a tool for companies to find and retain customers, was heavily involved with setting up and maintaining the database system Backpage used. BBC | Business Insider Let me back up a little. On March 21st, 2018 the US Senate passed the Fight Online Sex Trafficking Act, or FOSTA bill into law. This law changed the way online platforms are handled by the government. Previously, online publishers weren’t held responsible for the things their users posted, because they were protected by Section 230 of the Communications Decency Act. With the passing of FOSTA, site owners can now be held criminally liable for assisting, supporting, or facilitating sex trafficking. This is the bill that brought Backpage, Craigslist’s personal ads, and many other sites to an end. Daily Dot This is, in theory, a good thing. Human trafficking is an enormous problem and even happens in “first world” countries. But laws like FOSTA in the US make more problems for legal sex workers and law enforcement alike. Legal sex workers, including those who provide services over the internet, used sites like Backpage and Craigslist personals to advertise their services, now, rather than having a centralized location for finding clients they’re forced to use multiple sites, decreasing the effectiveness of their efforts. Law enforcement is hampered for much the same reason. Now, rather than watching 2-3 sites for human trafficking, their time is spread thin across a wider range of ever-changing sites. With an estimated 25 million victims, how did human trafficking come to be such a large problem? It started with The African slave trade, which was the first known instance of large-scale human trafficking. It was first outlawed by the British in 1807 and then the US in 1820. But then the issue of “white slavery” cropped up. In 1899 and 1902 international conferences were organized in Paris to tackle the issue of white slavery resulting in the 1904 International Agreement for the Suppression of “White Slave Traffic.” Shortly thereafter, WWI and WWII saw human trafficking for sexual purposes spike; the highest profile example of this would be the Japanese use of “comfort women.” Hankering for History Modern trafficking is no longer exclusive to forced sexual servitude, even though prostitution is still one of the top reasons humans are treated like cattle. The internationally recognized definition for human trafficking now includes forced labor and organ farming, as well. This definition was changed after a case in 1997 where it was discovered that dozens of deaf Mexican men, women, and children were illegally transported to Queens, New York to sell trinkets on the streets, then were forced to turn all the money over to a family-operated trafficking ring. Human Rights First | Fair Observer The internet has expanded the global market for human trafficking and made it easier for traffickers to connect with both victims and buyers. But it’s not just the internet that makes human trafficking so profitable, it’s legislation. Most states in the US, and many countries globally prohibit prostitution. But, as we’re well aware, prohibition is what creates these black markets. The United States’ war on drugs is an excellent example of how prohibition exacerbates problems rather than fixes them. Scoop Whoop Beyond the US, countries like Cambodia have attempted to stem the tide of trafficking with laws but have missed the mark. Cambodia is a very poor country, and sex work is often seen as a viable and realistic option, but Cambodia’s Law on Suppression of Humans Trafficking and Sexual Exploitation has gone so far as to make carrying condoms illegal, which has created a public health crisis. The Muse Thankfully, it’s not all bad news. There are many organizations making a difference. Forbes Thorn: Digital Defenders has created an online tool for law enforcement agencies, called Spotlight, which has reduced investigation time by 43%. Thorn The Defense Advanced Research Projects Agency, or DARPA, has created an advanced search engine called Memex that better organizes information to sift out the most important details for law enforcement officers. DARPA Microsoft has developed PhotoDNA, which takes images of child exploitation and helps qualifying organizations search for identical images across the internet to identify victims of trafficking. Microsoft The National Human Trafficking Resource Center, or NHTRC, operates a toll-free hotline, email service, and online tip reporting form for victims. NHTRC | Hotline | Email | Online Form The solution to this problem is complex and requires cooperation from individuals, governments, and NGOs. Individuals can learn more about how to spot human trafficking by visiting the US State Department’s website. The State Department has put together a great list of things to look out for and resources for what to do if you’ve discovered a person being trafficked. US State Department Governments need to engage with counter-trafficking activists to develop rational laws that don’t adversely impact sex workers and other uninvolved parties. Finally, NGOs need support from both individuals and governments to continue doing the necessary research, development, and educational campaigns that assist in bringing attention to the problem. Alright, that was heavy, let’s wrap up this episode with some good news. Good News As Venezuela’s internal struggles bubble over onto the world stage, residents struggle to survive in what may become a civil war. Communication is key for survival, and that has been made more difficult by the warring factions shutting down access to portions of the internet. Now, a voice chat app called Zello has become the saving grace of those trying to live in the country. The app can be used as a replacement for either shortwave radio or walkie-talkies allowing both broadcast-type communications as well as person-to-person conversations. With the power of the internet in their pockets, users can do more than just get updates on the latest happenings; Zello has been used to save lives in Venezuela by coordinating food and medicine drops for those in need. Wired Sidewalk Labs, the urban planning subsidiary of Google’s parent company Alphabet, has created an app called CommonSpace to empower park operators. A simple idea based on crowdsourced data, the tool creates an evidence-based approach to making changes in how parks and public spaces are run. Currently, park managers can make guesses about how their public spaces are used and allot resources like trash collection and maintenance, but CommonSpace aims to improve the efficiency of this process by empowering managers with real data. And, in a move designed to ease privacy concerns, Sidewalk Labs has adhered to Privacy by Design by committing to not collecting any personal information about bystanders observed for the app. TechCrunch Whether you’re a staunch advocate of the environment or just simply living on planet Earth, the move away from energies that pollute and deplete is beneficial for everyone. Finding methods to harness naturally occurring means of power production is crucial to continuing to live our best lives. Germany is leading the way in this climate charge, with over 120,000 households and small-business owners investing in solar technologies. Half of all these systems also include battery storage technology, enabling the household to run off solar power, even at night. 120,000 households are only a small percentage of Germany’s 81 million residents, but proponents of a green future see this as a step in the right direction. It will allow a decentralization of renewable energy generation and storage by using the existing power grid to transfer power from individual household generation points to where it’s needed. Wired That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will always link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast. As always, there are bonus links in the show notes. Articles in this week’s extracurricular reading include a Wired expose on tracking down the Robocall King, how to check if your computer has the Asus update malware, an article about what Fantasy Birding is, and so much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media. Thanks for listening and have a great week! Additional Reading The Tao of Zero Trust Meet the Texas Startup that Wants to Decarbonize the Chemical Industry Thousands of API and Cryptographic Keys Leaking on GitHub Every Day MoviePass Parent’s CEO Discusses the Service’s Rocky Year Snap CEO’s Sister Caroline Spiegel Starts a No-Visuals Porn Site Your Apples May Soon Be Picked by Laser-Shooting Robots On the Trail of the Robocall King Hack Brief: How to Check Your Computer for Asus Update Malware Fantasy Birding is Real, and it’s Spectacular Watch This Mesmerizing Animation that Shows How Quickly Couples Move Through Relationship Stages Credits Audio for the cold open provided by KXAN via YouTube. Article featured image by MR WONG on Unsplash The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. All samples, sounds, and music are from FreeSound.org.
17 minutes | 2 years ago
Weekly Tech News for March 24, 2019
Intro Welcome to the March 24th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news. I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow with this week’s feature, search and recommendation algorithms. Then I’ll balance out the negative with a series of stories to restore your faith in technology, and, maybe, humanity. Let’s dive in. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Featured Story Good News Data Breaches California-based Meditab, a supplier of electronic health records software, has been leaking thousands of records and doctor’s notes after one of their servers was improperly configured. TechCrunch Family Locator, an app designed to help parents keep tabs on their children’s location, was leaking real time location information for weeks when its developers neglected to password protect it. TechCrunch An unnamed company that sells software to spy on people has left their database unprotected on the internet revealing more than 95,000 images and 25,000 audio recordings that are extremely intimate in nature. Motherboard Ransomware named LockerGoga has struck several large companies this week, including Norwegian aluminum manufacturer Norsk Hydro, and American chemical companies Hexion and Momentive. Motherboard According to a report from the Office of the Inspector General, FEMA, the US Federal Emergency Management Agency, shared personal and financial information of 2.3 million disaster victims with an unnamed contractor. ZDNet Security Researchers have identified new attacks that have targeted online bedding retailers MyPillow and Amerisleep. The Hacker News The Pakistani hacker, known as Gnosticplayers, who’s been making headlines over the last couple of months hacking databases and selling user credentials is back with round 4, hacked from 8 websites. The Hacker News Moving on to Privacy Headlines. Privacy Headlines WhatsApp has rolled out a couple of new features to stem the tide of fake news. Unfortunately, these features are only for beta testers right now. 9 to 5 Google IBM has been scraping Flickr images to train facial recognition systems without users’ consent. Slate But, worse than that, the US government has been training their facial recognition systems using images of abused children and immigrants without their consent. Slate on US Government The US Defense Advanced Research Projects Agency, or DARPA, has been working on a secure voting system and is bringing it to a hacker conference for testing this summer. Sophos Naked Security Utah has passed a first-of-its-kind legislation. The law reinforces our fourth amendment right protecting against unreasonable search and seizure of data stored on services like Google and Facebook. Wired The UK is scheduled to introduce a porn blocker for internet users under the age of 18 next month. 76 percent of Britons surveyed were unaware of the coming censorship. The Verge I reported last week on protests in Europe regarding the EU’s disastrous ACTA2 legislation. I’m happy to announce that more than a quarter of a million people joined in the protest movement to make their voices heard to stop a bill that will end a free and open internet. Twitter Krebs on Security released a report this week that showed Facebook had been storing passwords in plain text for many years. Facebook acknowledged the report. Wired But you don’t have to worry about hackers getting access to your stuff with those stolen passwords, because you don’t reuse passwords, right? If you’re not, I recommend LastPass. LastPass allows you to sync passwords securely across your computer, phone, and tablets. More than just keeping a list of your logins, it generates secure random passwords for you and on many websites allows you to change your password with just a couple of clicks. Don’t get caught recycling passwords, use LastPass. You can learn more about LastPass by visiting my affiliate link at Raytec dot co slash LastPass, that’s r-a-y-t-e-c dot c-o slash l-a-s-t-p-a-s-s. Let’s move on to security headlines. Security Headlines Google has partially patched a five-year-old bug for its more than 2 billion Android users that could have allowed attackers to highjack any Android device with a simple web page. Wired Intel released a bunch of patches last week to prevent against dangerous vulnerabilities. Sophos Naked Security Microsoft has released Windows Defender extensions for Google’s Chrome and Mozilla’s Firefox browsers. Security Week The Verge convened 5 experts to provide their opinions on whether the ban of Huawei products in the upcoming 5G infrastructure is warranted. 4 of the 5 experts agreed that banning Huawei was a smart move, because there are no truly independent private industries in China. The dissenting opinion stated that there was no clear motive nor previous evidence to suggest Huawei has sabotaged equipment on behalf of the Chinese government and therefore likely would not do so in the future. The Verge The Christchurch massacre happened on Friday, March 15th. By Monday the 19th, scammers were already targeting philanthropists via phishing emails and fake crowd funding campaigns. Security Week The UN has released a report stating North Korea has been using their cybercrime abilities to circumvent sanctions by stealing money from banks and cryptocurrency exchanges. Data Breach Today Security experts in the Ukraine have been carrying out simulated cyber-attacks to prevent Russian meddling in their upcoming election, according to the Security Week blog. Security Week Let’s move on to other headlines. Other Headlines In a truth is stranger than fiction moment, AT&T CEO Randall Stephenson was doing a live interview announcing a new call authentication feature to reduce robocalls, when his apple watch rang with an incoming… you guessed it, robocall. CNET Google+ will officially cease to exist on April 2nd, but the Internet Archive, also known as the Wayback Machine, has been hard at work archiving all public posts for posterity. 9 to 5 Google Speaking at a Stanford computer science class, WhatsApp co-founder Brian Acton urged the students to delete Facebook citing Facebook’s inability to appropriately moderate content and their push to monetize every aspect of what’s its users share. The Verge Myspace, yes, they’re still around, migrated servers recently and accidentally lost more than a decade worth of user’s music. TechCrunch Airbnb has been quietly waging a legal war against local governments to avoid paying hotel and occupancy taxes. Wired The chairman of the House Oversight and Reform Committee announced that Jared Kushner and Ivanka Trump used private email accounts and personal WhatsApp accounts to conduct official government business. Washington Post The US Department of Transportation is beginning an unusual probe in the Federal Aviation Administration’s approval of Boeing’s 737 Max 8 planes after recent crashes. The Verge Presidential hopeful Beto O’Rourke remained all over my news feeds this week as experts talked about his hacker background. In my opinion, this was a brilliant way to get out ahead of any scandals that may arise in the future. One of the articles I read this week referred to a violent fictional story that O’Rourke wrote when he was 15 that could have been used against him; instead the article praised a teenaged boy utilizing his skills as a writer to avoid acting out this fantasy. Security Week The former CEO of a popular Bitcoin exchange received only a suspended sentence in a Tokyo court after beating charges of fraud and embezzlement. Data Breach Today A 20-year-old Dutch hacker was found guilty of crashing the BBC and Yahoo News websites when he was a minor but received no jail time. ZDNet Mimicking offerings from Samsung and Huawei, the next generation iPhones may be able to wirelessly charge your AirPods and other devices. The Verge Volvo continues its push to make driving safer. Beyond limiting its cars to a top speed of 112 MPH, it’ll also be installing inward facing cameras to analyze when drivers are distracted or intoxicated and trigger calls from Volvo’s On Call service, reduce the vehicle’s speed, or stop it completely. Wired A study funded by Apple and conducted by the Stanford University School of Medicine has released results that Apple watches have successfully found irregular heartbeats in over 2,000 of the study’s 419,093 participants. The Verge Mogul and Musician Moby has released his newest album exclusively to users of the Calm meditation app. This joint promotion for world sleep day contains 6 tracks each ~37 minutes in length. TechCrunch Netflix has teamed up with survivalist Bear Grylls for their latest interactive show called You vs. Wild. The choose-your-own-adventure TV series will be available starting April 10th. The Verge That’s it for other news. Now for this week’s feature story. Featured Story Contrary to what you heard at the top of the show an algorithm has nothing to do with former Vice President Al Gore or his ability to keep a beat. Algorithms predate the internet, Al Gore, and even computers. Rather than convolute my story with an etymology lesson that starts in Persia in the year 825, let’s just say an algorithm is a set of rules that precisely defines a sequence of operations. Wikipedia Let’s further put that in context for today: an algorithm is how a computer processes data. Come with me back in time to the late 1990’s. There were young entrepreneurs who saw great potential in the newly commercialized internet. These youthful visionaries knew the world could benefit by this linking of computers and the digitizing of all the world’s knowledge, but how could you make such a large catalog of information useful? Companies like Yahoo! had people that scoured the web and built directories, like the yellow pages, to help people find what they were looking for. It had real live humans deciding what content others saw, which meant moderation was built in, but so was censorship. Leaving the decision up to human beings wasn’t really the best way to rank and present the internet, especially as it expanded exponentially. Besides that, it was expensive and time consuming. Wayback Machine – Yahoo | Wayback Machine – The Mining Company Then along came a startup called Google. Google used what’s called a spider to crawl through the web automatically, creating an index of all the sites it could find. If all Google did was read every page on the internet and build an index that contained every word on every page, it wouldn’t make for a very useful search engine. If you searched for the word President, Google would return every webpage that had the word president on it. So, Google created a set of rules that would identify keywords on a page. This is an algorithm. Now, in our example here, we see how Google identifies keywords to figure out where in the index a webpage would go, but now we encounter the problem of how to rank those pages. So, Google then identifies the number of other websites that link to that page with that keyword. The more sites and pages that point to a page on president, the higher that page is in the search results. Cool, now we have a basic understanding of how Google works. All the same basic principles are applied to recommendation algorithms as well. Amazon keeps a shopping history for every user that visits its site. Let’s say you’re looking to invest in a new, red, Swingline-brand stapler. Amazon looks in its vast data stores and sees that out of 150,000 people who bought this item, 1,000 of them also bought a 10 pack of sticky notes. Now you see a link to that pack of sticky notes because you want a new stapler. This all seems fine, right? So, why do algorithms get such a bad name? Well, once you understand how they work it’s easier to manipulate them. Just from this brief description you know that by loading a page with keywords for Google to index and by getting lots of other pages to link to that page, you can quickly move up in Google’s search rankings. Using this knowledge, we pick keywords we know are being searched regularly and add those to our page, even if our page has nothing to do with those keywords. Then we place links from regularly indexed sites, like social media, to the content we want to promote, and the search and recommendation algorithms do their magic promoting our content to the masses. Now, we have a simple method for promoting whatever we want, globally. This is how word of the New Zealand massacre spread so quickly across the internet. A few malicious people creating content in the right places at the right times, and we have a virtual wildfire of hatred. But it didn’t start with the massacre of innocent Muslims in Christchurch. There are countless stories of these algorithms being used for evil. YouTube’s recommendation algorithm has been called into question for helping conspiracy theorists and child abusers promote their content. Twitter and Facebook pushed video of a reporter shooting his former colleagues on live television in 2015. Pinterest’s algorithm is accused of driving a 14-year-old girl over the edge to commit suicide by emailing her images of self-harm. So, how can it be fixed? The answer is complicated and not one-size-fits-all. Swing too far into human moderation or keyword bans and the critics cry censorship. Change nothing and our existing problems are exacerbated by copycats. The algorithm and its brawnier, brainier cousin Artificial Intelligence are creeping into more places in the world to make decisions for humans. Creating ethical automated decision-making systems are critical to our future. I’ve included a bit more reading in the show notes if you’d like to get an idea of some approaches to solving this issue. Alright, Let’s wrap up this episode with the good news. Google’s Clever Plan to Stop Aspiring ISIS Recruits Up Next: A Better Recommendation System The Mass Shooting in New Zealand was Designed to Spread on Social Media The People Trying to Make Internet Recommendations Less Toxic New Zealand ISPs are Blocking Sites that Do Not Remove Christchurch Shooting Video Researchers Built an ‘Online Lie Detector.’ Honestly, That Could Be a Problem People Want to Know About Algorithms – but Not Too Much Good News The practice of payday lending is, somehow, still legal in the United States. For those unfamiliar, payday lenders provide a short-term loan and charge anywhere from 200 to 3,000 percent interest. They prey upon workers who live paycheck to paycheck and often get people caught in a cycle that can be nearly impossible to escape. Branch, an app designed for companies to schedule and manage their employees has launched a pay service that will advance workers their pay instantly for only a dollar ninety-nine. This feature also helps the companies by incentivizing workers to pick up less-desirable shifts by reducing the amount of time they have to wait for their pay. TechCrunch Centuries of colonization, rebellion, and unstable governments have made it difficult for many African countries to build economies that allow local farmers and manufacturers to get their products to a wider market. The current age of smart phones and digital transactions have made a better life more realistic for many Africans. Benjamin Fernandes, a Tanzanian-born talk show host turned entrepreneur, has founded a new mobile payment app for the African market. He spent hundreds of hours discussing the challenges of getting paid with existing apps with people in his native Tanzania. There are currently about 282 different mobile money services available worldwide, about half of which are operating in Sub-Saharan Africa. Fernandes’ app, Nala, simplifies transactions by acting as a layer between users and all the various apps available to them. Now users can arrange the transaction very simply in one, easy to use app. TechCrunch Farmers in the dairy industry prefer female calves for their milk production while those in the beef industry prefer males for their superior meat production. The cheapest option is to send the animal to the slaughterhouse. Most ranchers prefer their bulls to be dehorned. This used to be a painful process involving burning the horns off the animal. Thanks to technological advances in gene editing such as CRISPR and TALEN, researchers around the world are finding ways to make livestock production more efficient and humane. These two technologies use specially crafted bacteria to identify, remove, and replace specific sections of DNA to create animals with the desired traits. Beyond the efficiency and humaneness, these techniques can have direct human benefits, as well. In January, researchers in Great Britain announced they would be bioengineering chickens to be resistant to influenza, better protecting both poultry and human populations from the flu. Wired Many episodes ago, I mentioned a new feature built into Skype that would automatically blur the backgrounds of your video calls, making calls with people you don’t know more secure. This week I found out how this feature was borne not from paranoia, but from love. A young software engineer at Microsoft named Swetha Machanavajhala was using Skype to keep in touch with her parents. Her parents’ internet connection in India was poor, the video was choppy, and it made it difficult for Swetha to read their lips, because Swetha was born deaf. She found it easier to concentrate on their lips when her parents dimmed the lights in the background of their calls. Now, with the aid of a little AI magic, Swetha and her parents can communicate more easily. Microsoft That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will always link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast. As always, there are bonus links in the show notes. Articles in this week’s extracurricular reading include how Pope Francis could shape the future of robotics, how to set up emergency location sharing on both Android and iOS, how to control tech companies without ruining the US economy, and so much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media. Thanks for listening and have a great week! Additional Reading Steele Dossier Case: Expert Traces Spear-Phishing of DNC What It’s Like to Be Thrown in Jail for Posting on Facebook How Pope Francis Could Shape the Future of Robotics Tesla Car Hacked at Pwn2Own Contest How to Set Up Emergency Location Sharing on Android and iOS How to Rein in Powerful Companies Without Ruining the US Tech Industry New Mirai Variant Targets Enterprise IoT Devices Department of Health Considers Overhaul of Screening IT YC-Backed Basement is a Social Network for Close Friends Only How Phones Went from $200 to $2,000 America Movil Acquires Nextel in Brazil for $905M Australia’s Intelligence Agency Publishes its Vulnerability Disclosure Process Welcome to the Hub of All Hubs: Cosmos has Launched For Workers in the Gig Economy, Client Interactions Can Get… Weird Everything We Think We Know About Google’s Mystery Gaming Announcement Credits Cold open audio from “Unbreakable Kimmy Schmidt” courtesy Netflix and NBC Universal. The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Featured Image Credit: Pixabay via Pexels Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. All samples, sounds, and music are from FreeSound.org.
21 minutes | 2 years ago
Weekly Tech News for March 17, 2019
Intro Welcome to the March 17th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news. I’ll start off, like I always do, with the headlines to keep you up at night; data breaches, privacy concerns, and security threats. I’ll follow that with the feature of the week, which is 5G. Then, to balance out the negative chi at the start of the show, I’ll finish out with a series of stories to restore your faith in technology, and, maybe, humanity. Let’s dive in. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Featured Story Good News Data Breaches Gearbest, a Chinese company that ships worldwide and has hundreds of thousands of sales per day, has been exposing unencrypted customer information on the web. VPN Mentor A security researcher discovered a database containing more than a quarter million legal documents from all over the US. 30-40% of the documents were not intended for publication. The source of the database is unknown because it was taken down shortly after it was discovered. ZDNet Box, a cloud storage provider like Google Drive and Dropbox, was leaking information of dozens of companies because of misconfiguration by those companies. TechCrunch 63red Safe, an app billed as the Yelp for Conservatives, has been leaking user records and business reviews according to a French security researcher. ZDNet Singapore’s state-run health system has suffered another breach, this time exposing the data of more than 800,000 blood donors. ZDNet Two mental healthcare providers announced they were hit with ransomware in two separate attacks. The affected practices are Delaware Guidance Services for Children and Youth and Green Ridge Behavioral Health in Maryland. Data Breach Today Concord, Massachusetts-based Emerson Hospital has suffered a breach affecting 7,000 patients. Health IT Security Hackers have broken into a system called Slate, which is used by more than 900 colleges and universities to collect and manage information on applicants. Dark Reading Following up on last week’s Citrix breach, the company has announced it was Iranian hackers that stole 6TB of data from its internal network. Security Week Last week’s estimate of over 700 million leaked email addresses from Verifications.io may have been low. The number of leaked emails may be closer to 2 billion. Sophos Naked Security Equifax’s 2017 breach, which is still impacting the internet users, could have been avoided due to security weaknesses the company knew about for years, according to a new Senate report. Security Week Moving on to Privacy Headlines. Privacy Headlines Facebook has announced it will use AI to identify and put a stop to the practice of posting nude images and videos of people, known as revenge porn. 9 to 5 Mac Proving that it exercises too much control over what you see on its platform, Facebook has removed paid ads from Senator Elizabeth Warren criticizing the tech giant. TechCrunch Kaspersky Labs has reported a new phishing scam targeting Instagram users. Scammers are sending emails with very realistic looking copyright violations which then ask for credentials. Kaspersky Labs A second Tesla employee has filed a whistleblower tip with the SEC, alleging the company has been illegally spying on its employees. The Verge 9 to 5 Google has discovered two privacy flaws in Android. The first is in Android’s on-body detection smart lock. This feature is supposed to lock your phone automatically when it’s no longer in your hand or your pocket. Connecting a device to charge defeats the auto lock. The second flaw suggests that Android’s facial unlock is easily tricked and not as sophisticated as Apple’s facial recognition. 9 to 5 Google | 9 to 5 Google AV-Comparatives, a European company, has released research that says most Android Antivirus apps are garbage. Wired Mozilla, the makers of Firefox, have publicly launched their new free, secure, encrypted file sharing service. Besides being secure and encrypted, it also wipes files if uploaders set an expiration date. The service can be accessed from all browsers at send dot Firefox dot com. ZDNet Natwest, a British bank, is testing a new type of debit card that has a built-in fingerprint reader and tap to pay, or NFC contactless, features. The Verge Florida, mimicking Illinois’ progressive biometric data legislation, has proposed a bill that will protect people from the collection and use of biometric information like fingerprints and DNA. Health IT Security The NYPD disclosed that it is using a pattern recognition software called Patternizr to help solve crimes. The Verge Senators Ed Markey and Josh Hawley are planning to introduce a bipartisan bill that would give parents a set of privacy controls to prevent companies like Google and Facebook from collecting data about and targeting children with ads. The Verge The European Union is about to vote again on its disastrous copyright bill, known as ACTA2. In response, more than 75 protests are organized across much of the EU next Saturday. I’ve linked to a Google map detailing all the protest locations. Google Maps Russia has signaled that they intend to continue spying on their population by blocking encrypted email provider ProtonMail. TechCrunch Victor Gevers, the security researcher who exposed China’s Muslim tracking database, has found and reported a database of 1.8 million Chinese woman the country has identified as being quote, “breed ready,” end quote. The Verge Let’s move on to security headlines. Security Headlines Adobe has patched flaws in Sandbox, Photoshop CC, and its Digital Editions eBook reader. Security Week This month’s patch Tuesday from Microsoft saw patches for 64 vulnerabilities, 2 of which are currently being exploited in the wild. The Hacker News Microsoft has designed a new feature that will detect startup failures and uninstall buggy updates automatically. Now there’s even less reason to avoid updating your machines. The Hacker News Don’t forget, support updates for Windows 7 will end with the end of 2019. If you’re still running a PC with Windows 7, it’s time to look at upgrading the operating system. ZDNet A few weeks ago, I mentioned a 19-year-old bug in a Windows program called WinRAR. The bug is still being exploited, because the software doesn’t auto update. Please make sure you update to the latest version. The Hacker News Google will be updating its Chrome browser to stop automatic downloads that can be hidden in ads on websites, reducing the chances of accidental infection. ZDNet A first of its kind test is ending next week. Switzerland’s new e-voting system has been undergoing intense attacks by hackers and security researchers and they’ve discovered flaws which could have led to votes being changed. ZDNet Parents be advised, rather than getting caught passing notes, students have turned Google Docs into the hot chat app by writing their messages in a Google Doc and sharing it. Reddit Cisco has released a patch to a network monitoring tool used by many businesses that allowed attackers to access and view networks remotely because of a default password on a user account. Threatpost But you don’t have to worry about hackers getting access to your stuff with insecure passwords, because you’re using a password manager, right? If you’re not, I recommend LastPass. LastPass allows you to sync passwords securely across your computer, phone, and tablets. More than just keeping a list of your logins, it generates secure random passwords for you and on many websites allows you to change your password with just a couple of clicks. Don’t get caught recycling passwords, use LastPass. You can learn more about LastPass by visiting my affiliate link at Raytec dot co slash LastPass, that’s r-a-y-t-e-c dot c-o slash l-a-s-t-p-a-s-s. Let’s move on to other headlines. Other Headlines This week Spotify sued Apple over what it’s calling unfair business practices. Apple charges developers a 30% fee for subscriptions processed through apps on its devices. Apple fired back pointing out that after the first year, that 30% drops to 15% and that Spotify wouldn’t be the platform that it is without Apple. The Verge Google has publicly confirmed it paid two executives accused of sexual harassment 135 million dollars. The Verge April will signal the official end of several Google apps including Inbox, Allo, goo.gl, and Google+. 9 to 5 Google Tesla made two announcements this week. First, its Model Y compact SUV will be available in 2020, starting at 39,000 dollars. No word on if that price point will be available from the start. It’s second announcement was that only half of its showrooms will be closed, instead it will hike prices by 3%. The Verge | TechCrunch Telegram, a London-based instant messaging and voice app, saw a spike in user enrollment on Wednesday when a server configuration error at Facebook left much of the world unable to access Facebook, Facebook Messenger, WhatsApp, and Instagram. Sophos Naked Security Amazon has quietly ended a controversial pricing agreement with third-party sellers where it required some of them to sell at a lower price on Amazon than anywhere else. The Verge Netflix has agreed to remove footage from its horror movie, Birdbox, that contained actual video from a 2013 Canadian train wreck. The Verge NBC is jumping on the free news-streaming bandwagon starting in May when it will roll out the all-digital NBC News Now. TechCrunch PayPal has announced that it will soon be allowing instant transfer to bank accounts. TechCrunch Hulu basic is now included in the cost of Spotify’s premium paid service. 9 to 5 Mac Sydney, Australia has run into a new issue surrounding its smart city status. All its fancy, wirelessly connected gadgets are causing interference with Bluetooth audio devices. ZDNet The videos and posts surrounding the white supremacist terror attack in Christchurch, New Zealand are actively being scrubbed from the internet by social media to stop the spread of hatred and conspiracy theories related. This has been made more difficult by the attackers’ knowledge of search and social media recommendation algorithms to spread the story quickly. I’ve linked to a couple of articles that detailed how this was done, that don’t spread the message of these terrorists. The Verge | Independent That’s it for other news. Now for this week’s feature story. Featured Story Now that the dust has settled after MWC, or Mobile World Congress, 2019 I want to talk about the realities around 5G. 5G or Fifth Generation is the up and coming standard for cellular phone technology, replacing our current 4G LTE, or Fourth Generation Long Term Equipment, devices. I got bored just saying that, but it is, actually, pretty exciting. Just don’t believe the hype. It will make speeds faster, but only over a short distance. Here’s why: Cell phones operate off the same basic concept as Wi-Fi, Bluetooth, and radio. Yes, I mean, good old-fashioned turn the dial radio. The difference between all these different types of wireless communication is wavelength. The easiest way to understand wavelength is by picturing a large lake. If you drop a big boulder into the center of that lake, tall, widely-spaced waves will ripple outwards touching the shores. These would be your AM waves. When you get to things like Wi-Fi, Bluetooth, and cellular wavelengths, these would be more like dropping pebbles into the center of that lake. The waves would be closer, shorter in height, and wouldn’t reach as far. That’s why businesses have multiple Wi-Fi access points, to repeat signals like dropping multiple rocks at various points in the lake to increase the coverage of the waves you’re creating. 5G will use a very high frequency known as millimeter wavelengths. The height and distance between the waves are much shorter. We also call it high frequency because there’s less time between the start and end of a wave. Meaning more waves per second. This is where Hertz comes in. 1 Hertz is one wave per second. 5G standards call for more than 6Ghz, or 6 billion waves per second. Besides only being able to cover shorter distance, 5G will be more easily blocked by obstructions like trees and buildings. If we go back to our lake example, imagine a line of boulders blocking where you’re standing on shore. If we dropped a large, AM sized rock into the center of the lake the large wave that results would easily go over the line of boulders in front of us, and the wave would reach us. If we drop a tiny pebble in the lake, the wave would be dissipated by the boulders in front of us. That’s 5G. Why not use the AM frequency range for 5G, right? Well, each of those radio waves can only carry a small amount of information and they move very slowly. If you want to increase the amount of information transmitted, you have to move more waves more quickly, which is why newer technology moves towards smaller, faster radio waves. All of this means 5G will require more towers spaced more closely together. That’s both good and bad. It’s bad because now it will be possible for cellphone companies, and the people they release location data to, to track you. It’s also a bit disconcerting because Huawei is the world’s leader in manufacturing 5G tech right now and there’s been a lot of speculation over whether there’s technology built into their equipment that allows it to spy on people. 9 to 5 Mac More towers, closely spaced, are good, because in emergencies 911 dispatchers will be able to get your position more quickly through cell tower triangulation. The Verge More towers also mean more speed and more capacity. It’s entirely possible that with 5G the person standing 20 feet away from you may be connected to a different tower than you. Now each tower has fewer people to deal with, which means each tower can devote more time to sending each person data and voice. When will it be here? It depends on where here is. Verizon claimed in February that it would have 5G in 30 cities by the end of this year but didn’t specify what cities. T-Mobile also expects to start offering 5G service by the end of 2019. Of course, this brings up the chicken and the egg riddle; Telcos need users with 5G handsets to be on their 5G networks; much of this depends on early adopters. CNET | CNET Expect to see rollouts of 5G hit major metropolitan areas first. These areas will also see the fastest speeds, because, as I mentioned before, more towers mean more speed. Unfortunately, more towers mean more cost. Even if prices for the physical hardware of towers goes down telecommunications companies will have to install many more 5G towers to cover the same area as a 4G LTE tower. Expect the coverage of 5G to take about ten years to reach what 4G has in the last nine years. PC Mag Okay, so, we’ve got faster and more capacity but what else? Well, there’s a lot that can be done with so much speed and capacity. For instance, telephone companies are hoping to offer cloud computing edge services to content producers. Here’s what that means. Amazon is one of the world’s largest content delivery networks. They’ve got data centers that store, for instance, videos you watch on Netflix scattered around the world to reduce buffering time. Having those data centers closer to the person who’s consuming the content rather than in some centralized location far away is known as edge computing; pushing the content to the outer edge of the network. But even Amazon’s nearest data center probably goes through half a dozen or more points to get to your television. Your average home internet connection these days, in the US, is about 30 Mbps delivering the latest episode of the Great British Bake Off. 5G may hit speeds of 20Gbps. That’s six hundred times faster than the current average. So, if telephone companies build data centers, they can bypass the dozens of points Amazon has to go through and deliver content almost directly to your mobile devices six hundred times faster than Amazon. Whoa. ZDNet AT&T stated explicitly that it believes 5G will replace home broadband connections in 3 to 5 years. Rather than having a cable or DSL modem in your house connected to your Wi-Fi router, you’ll have an AT&T cellular modem broadcasting these signals throughout your home. Cord Cutters News So, what’s the takeaway? 5G is coming, it’s no longer just a pipe dream, but the average internet user won’t see the benefits for at least 2-3 years. I feel like I’ve provided a pretty good overview of 5G, its claims, and caveats but there’re more links in the show notes detailing what its challenges are and what benefits it will provide. Make sure to stop there and check them out. Alright, Let’s wrap up this episode with the good news. What is 5G? All You Need to Know About the Next Generation of Wireless Technology MWC 2019: Intel 5G Chip Will Be Ready by End of 2019 Europe is Prepared to Rule Over 5G Cybersecurity Windows 10 PCs to Get 5G for First Time as Qualcomm Unveils New Modem What is 5G and How Will it Make My Life Better? China Will Likely Corner the 5G Market – and the US Has No Plan Deploying 5G: Bringing the Next Generation of Wireless to Life – But it’s No Panacea Where Will 5G Find Fiber? The FCC is Planning New Rules for Tracking Indoor 911 Good News Push to open buttons on commercial doors are a great accessibility feature for wheelchair users but can be troublesome for those with upper body limitations. Portal Entryways, a new startup, has solved that problem with a smartphone app that will connect with modified push to open buttons. TechCrunch I know I often talk about how Facebook masquerades as a social media company when they’re just an advertising platform, but today I have a positive story of a community coming together on the world’s largest social media service. The Institute of Many, or T-I-M, is a grass-roots movement for HIV-positive people. It’s a closed Facebook group that gives its users a forum to talk about their condition, come to terms with the realities of it, and learn how to live with a positive diagnosis. According to the UN, there are close to 37 million people living with HIV and being diagnosed can be terrifying and isolating; T-I-M has been changing that. CNET The Trash Challenge, the latest viral social media challenge has had astounding results. A man from Arizona named Byron Roman, took a picture of himself sitting amongst a litter strewn landscape, then took a picture of himself standing behind 9 full trash bags with the photo tagged “all you bored teens out there.” His post has now been shared more than 300,000 times. Thank you to Mister Roman for suggesting teens do something more productive than dancing next to cars and eating soap. CBC Radio Back on December 23rd, I reported on Greta Thunberg, a Swedish teenager who began protesting the pollution causing policies of Sweden, the EU, and many other world governments. Her small but powerful voice at the United Nations Climate Change conference in Katowice, Poland have earned her a nomination for the Nobel Peace Prize and sparked a movement across the world. Students in 112 countries and over seventeen-hundred locales walked out of school for a peaceful strike on Friday, March 15th. Now, joined by hundreds of thousands of her peers, perhaps the world’s leaders may listen. The Verge That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast. As always, there are bonus links in the show notes. Articles in this week’s extracurricular reading include: a how to guide on getting your iPhone to stop tracking your every move, Beto O’Rourke’s announcement that he was in an infamous hacking group in his youth, a robotic claw inspired by a ferocious shrimp that shoots plasma, and much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media. Thanks for listening and have a great week! Additional Reading How Does Music Affect Your Brain? Every Imaginable Way This Banking Malware Just Returned with New Sneaky Tricks to Steal your Data People Want to Know About Algorithms – But Not Too Much Dealing with ‘Right to Be Forgotten’ Requirements BEWARE – New ‘Creative’ Phishing Attack You Really Should Pay Attention To How to Stop Your iPhone from Tracking and Storing the Locations of Where You Live, Work, and Visit Venezuela’s Maduro Says Cyber Attack Prevented Power Restoration Phishing Education, Training Can Reduce Healthcare Cyber Risk China Does Not Ask Firms to Spy on Others The Inevitability of Tokenized Data A Ferocious Shrimp Inspires a Robot Claw that Shoots Plasma Deadly Boeing Crashes Raise Questions About Airplane Automation Beto O’Rourke Could be the First Hacker President Credits The cold open provided courtesy of Fox News via YouTube. The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. Most samples, sounds, and music are from FreeSound.org.
16 minutes | 2 years ago
Weekly Tech News for March 10, 2019
Intro Welcome to the March 10th, 2019 episode of the Raymond Tec News podcast. Each week I curate the articles, tweets, and backchannel sources to provide a 15 to 20-minute summary of tech news. This week I’ll be doing things a little differently. The basic format will be the same, but I’ll only be sharing the headlines, instead spending our time together focusing in-depth on a hot button issue of the week. Let’s dive in. Table of Contents Intro Data Breaches Privacy Headlines Security Headlines Other Headlines Featured Story Good News Data Breaches Citrix, a company that provides cloud computing services to the US government and over 400,000 companies worldwide, including 98% of the Fortune 500 has had their internal network breached this week. ZDNet | Dark Reading Jackson County, Georgia has paid a cybersecurity consultant to negotiate a ransomware fee after the local government’s IT systems were locked in an attack. ZDNet A pair of security researchers have discovered Verifications IO, an email marketing company, has left a database containing more than 700 million email addresses exposed on the web. Wired | Researchers’ Report Security Week reports that the Starwood hotels hack has cost parent company Marriott $28 Million dollars so far. Security Week Privacy Headlines The House of Lords in the United Kingdom has ordered the creation of an authority to regulate online services like Facebook and Google. Computer Weekly As you heard at the top of the show, NBC 7 in San Diego shocked the journalist community this week by revealing that the US and Mexican governments have been tracking more than 50 people including journalists, an attorney, and immigration advocates. NBC San Diego Chelsea Manning is back in jail after refusing to testify against Wikileaks founder, Julian Assange. NPR The NSA may finally be shutting down its phone spying program, not because of outrage, but because people have shifted to encrypted messaging. ARS Technica Equifax is back in the privacy news again, with their MyEquifax.com site. Brian Krebs, of Krebs on Security, reported this week that it was too easy to set up an account on this site that is meant to protect credit holders. TechCrunch Sue Kalina, a former patient coordinator at the University of Pittsburgh Medical Center, was found guilty in Federal court of disclosing patient information improperly and to cause harm this week. She faces a fine of up to $250,000 and 10 years in prison. Data Breach Today Google has stated that it will not be pulling the Saudi app Absher from its Google Play store, even though the app is used to track and control women by Saudi men. The Verge Facebook’s two factor authentication, which I recommend Facebook users enable, has a serious flaw that links your phone number with your account, allowing people with your phone number to find you in search. 9 to 5 Mac Let’s move on to security headlines. Security Headlines Car alarms made by Viper and Pandora which bill themselves as being unhackable, have been hacked allowing attackers to locate the cars, unlock the doors, and disable the alarms remotely. ZDNet Google announced a new, and admittedly rare, bug in Apple’s MacOS operating system affecting all laptops and desktops. The flaw is very technical and requires physical access to the machine. No word on a patch yet. Wired Google also announced a patch for its Chrome browser for a particularly nasty bug. Most Chrome browsers have auto-update on, but it still makes sense to check that you have the latest version. Wired The announcement of the Chrome vulnerability came in tandem with an announcement from Google that Microsoft’s Windows 7 Operating System is vulnerable to an attack that hackers are actually using in the wild. There is no update for this issue yet. The Verge With the 2020 US elections looming on the horizon, a report by New York University’s Brennan Center for Justice finds that state and federal governments need to boost their spending to fix and upgrade their voting machines. Wired A new study shows nearly half of programmers will take the easy way out and not properly obfuscate passwords. But, on further digging, the study is flawed and doesn’t give a representation of real-world application development. I wanted to mention this to do my part to rid the world of click bait. ZDNet Konstantin Ignatov and his sister Ruja Ignatova, have been arrested by US authorities for running a cryptocurrency pyramid scheme called OneCoin. The Verge Security researchers presenting at this week’s RSA security conference have exposed major security gaps in ultrasound medical devices. Dark Reading Trend Micro has discovered Slack, a messaging app, and GitHub, a tool used by programmers for storing and sharing source code, have been used to install backdoors in targeted attacks. Security Week Security companies Avast and Emsisoft have released decrypters for a strain of ransomware called BigBobRoss, which has been seen in the wild since mid-January. ZDNet Apple is well known for using China-based manufacturing for its iPhones. A new report this week shows that developer-only models are disappearing from factories and ending up on the black market for hackers to tamper with and find exploits on them. Sophos Naked Security Let’s move on to other news. Other Headlines Law makers in Philadelphia have become the first to ban cashless stores and restaurants in a move designed to help low income populations who don’t have bank accounts. CBS News A new startup named Ever Loved has been built to guide families through the expensive, and often confusing, funeral process. TechCrunch Finnish company, Jolla, is making waves in the business and government sectors with their Sailfish Operating System for mobile devices; an alternative to Google’s Android and Apple’s iOS. TechCrunch Major League Baseball is partnering with the independent Atlantic league to test out new tech that will automatically call balls and strikes. TechCrunch SpaceX’s Crew Dragon capsule has made history when it became the first privately built manned spacecraft to safely splash down in the Atlantic Ocean. TechCrunch A professor of technology and digital business at the University of Pennsylvania, spoke with The Verge this week about how to fix the problems with search and recommendation algorithms which have been dominating the news recently. The Verge Continuing its efforts to fight disinformation and conspiracy theories, YouTube has rolled out information panels on videos related to sensitive topics. 9 to 5 Google Monika Bickert, Facebook’s VP of Global Policy Management, has written a blog post detailing how the social media giant will combat anti-vax conspiracy theories. Wired FCC Chair Ajit Pai has come under fire again for allowing telecommunications companies to self-report new broadband connections, inflating the number, which is how the FCC determines where and how to spend money. TechCrunch I reported a few weeks ago on the Olli self-driving shuttle bus trial in Australia. This week the manufacturer has released footage of the 3D-printed vehicle’s crash tests to prove its safety. The Verge Older GPS devices will need to be updated before the end of the year to prevent a Y2K-like bug when 2020 finally arrives. The Verge Huawei is suing the US government, not simply to contest what it calls unfair business practices, but to defend its reputation as a global telecom provider. Wired Google has filed a patent for a new game controller which reveals details of its upcoming streaming video game service. The controller puts much of the storage and logic directly in the user’s hands. 9 to 5 Google That’s it for other news. Now for this week’s feature story. Featured Story In this week’s feature, I’d like to discuss privacy today, and where it should go in the future. In the 1970’s when computer networks were in their infancy, they were built across existing telephone networks. Telephones and computers at the time were similar. The phone sitting in your home didn’t do any of the routing when you dialed a phone number; this was handled by the telephone company’s switching equipment. Similarly, the computer terminal you sat in front of was used to access and manipulate mainframe computers; not do any of the processing on its own hardware. Errata Security To further complicate things, there was no standard for communications between different types of computers. IBM systems couldn’t talk with DEC computers, and neither of those could communicate with Xerox systems. Fixing the problem wasn’t as simple as designing a new widget that made them all communicate. Architects of the early internet devised a 7-layer system known as the Open Systems Interconnect, or OSI, model. Wikipedia At the bottom of OSI is layer 1, the physical layer. Layer 1 is the hardware; your cable modem, Wi-Fi router, network cards, and other physical equipment. Layer 2 is the data link layer, which takes the data from the network and breaks it up into smaller segments called frames for transmission. Layer 3 is the network layer, it moves the frames and keeps the different parts of data together. Layer 3 identifies that you requested a specific website and gets it to the computer you requested it on. Layer 4 is the transport layer, which keeps the data intact, checking for errors and congestion along the way, and resending when necessary. This layer is what tells Netflix that your network is slow and causes buffering. Layer 5 is the session layer which controls access and authentication. Layer 6 is the presentation layer which converts the data on your screen into the data that’s actually transmitted through the network; that picture of your cat becomes ones and zeroes here. Finally, layer 7 is the application layer, or what you work with on your screen; your email apps, web browsers, and chat apps. The original network gurus, Bob Kahn, Vint Cerf, and others looked, discussed, and debated many different networking models before they laid out the foundations of this global network we use every day. Just as the internet has continued to evolve and improve over the decades since its creation, so have web browsers. Tim Berners-Lee programmed the original web browser and in the mid-1990’s when the world wide web first became available commercially, browsers formatted text like a Microsoft word document. Now, web browsers can do things that were almost unthinkable 20 years ago. Each web page you load contains what’s called header information. These headers tell your browser what type of document you’re loading, give hints about the types of information contained inside, how it should be formatted, and defines how you interact with computers and people across the globe. I know I said this would be about privacy, we’re getting there. The current system for transmitting data was built at a time when computer networks were designed to transmit research articles. Only futurists dreamed of the ability to check whether I locked my front door in Orlando from the comfort of my Tokyo hotel room. But now nearly everyone on the planet is connected and soon, it would seem, everything will also be connected. Using a model that treats pictures of my breakfast the same as my social security number is silly. Much like computer networks before the development of OSI, our current system for protecting personal information is broken. Our health data, passwords, email addresses, and social security numbers are still being treated like traffic on a network, rather than unique pieces of information that need securing. Facebook’s much maligned Mark Zuckerberg announced that he would be pivoting Facebook to be more privacy oriented. But his concept relies on using the existing tools of the broken system that’s already in place. Wired What we need is a ground up rebuild of the way data is handled so it can be properly classified, transmitted, stored, secured, and wiped. For lack of a better term, an open data interconnect model would need to be built with cooperation from governments, software companies, and hardware manufacturers. Using the header information model from web browsers would allow data to be classified, indicate use, how long it should be stored and by whom, and the source of the data without having to reveal the data within to malicious parties. Building this model on a multilayer system would help to ensure its integrity without locking data to a specific corporate or government standard. In the ideal scenario, an open source standards body of government and non-government organizations would be convened to define this new data model to protect privacy and ensure standards are met and followed in all sectors. Hardware manufacturers must close holes that allow attackers to access information stored in memory after applications are closed. If you’ll recall, I mentioned a vulnerability in password managers that allows passwords to be read from memory even after they’re closed. This simply shouldn’t happen, and is another artefact left from when computers were meant solely for large organizations and research institutions. Software designers should be given a firm standard to be held to, not to make things more complicated, but to give them clear guidelines for how to build secure, functional applications that don’t result in weekly reports of data leaks and breaches. Governments need to have tools to identify what data should be secured and how to enforce standards violations. By identifying and classifying the various types of data and defining how, where, when, and for how long they’re transmitted, stored, and used we can work towards remediating the problem of data privacy that has crept up over the last decade. Let’s move on to the Good News. Good News In the feature, I mentioned being able to identify the source of information without revealing the personal details. This may be closer to reality thanks to a new standard by the World Wide Web Consortium, or W3C. WebAuthn, short for Web Authentication, has just been finalized and is already supported by Chrome, Firefox, Edge, and Safari web browsers. The standard will allow website to communicate with a physical authentication device. For instance, rather than having to use a password manager, you may plug a USB key into your computer which uniquely identifies you to a website without having to expose a password on the internet. The Verge Passwords won’t be going away just yet though, so I still recommend you use a password manager in the meantime. You are using one, right? If you’re not, I recommend LastPass. LastPass allows you to sync passwords securely across your computer, phone, and tablets. More than just keeping a list of your logins, it generates secure random passwords for you and on many websites allows you to change your password with just a couple of clicks. Don’t get caught recycling passwords, use LastPass. You can learn more about LastPass by visiting my affiliate link at Raytec dot co slash LastPass, that’s r-a-y-t-e-c dot c-o slash l-a-s-t-p-a-s-s. Back to the good technology news. Representatives Jim Langevin of Rhode Island and Glenn Thompson of Pennsylvania have reintroduced a bill in the US House of Representatives this week would fund cybersecurity education programs. The bill aims to ensure the workers of the future understand how to meet changing technical security needs. It focuses on funding for cybersecurity for power plants, dams, hospitals, and other critical infrastructure. Health IT Security Creative Commons, which is an alternative to copyright and public domain licensing got a big win this week when Flickr announced that photos licensed under the Creative Commons framework won’t be subject to its 1,000-picture limit. Creative Commons allows creators of original works to specify how their works are to be used and attributed. The least stringent being Creative Commons Zero, which doesn’t require attribution and may be used in any way. All the way to Creative Commons NC-ND, or Non-Commercial, No Derivative Works which specifies the original content may not be remixed into other work or used for commercial gain and must show attribution to the original creator. The Verge | Creative Commons Friday was International Women’s Day. To celebrate an app called Safe & the City, or SatC, released a slew of new features. SatC uses GPS, crowdsourced information, and police risk data to reduce the chances of women falling victim of crime and sexual harassment. Billed as a personal safety navigation app, it uses route sharing and geotagging then shares its data with businesses and authorities to advise insecurities. SatC is also adding safe sites identified by users as places where women can get support. Its pilot program focuses on London, but a global rollout is coming soon. TechCrunch That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please share what you found interesting in a post on your social media by linking to Raytec dot co slash listen. That’s r-a-y-t-e-c dot c-o slash listen. That will link directly to the current episode’s show notes along with a podcast player. I really appreciate anyone who’s willing to share my podcast. As always, there are bonus links in the show notes. Articles in this week’s extracurricular reading include: an update to the court case of Adnan Syed the star of Serial podcast’s first season, an interview with a Tufts University student who was unfairly expelled for grade hacking, a chat room that charges you a penny per letter to talk to others, and much more. The show notes have links to each of the podcast apps I’m listed on and links to my social media. If you have any information, updates, or constructive criticism, feel free to reach out via social media. Thanks for listening and have a great week! Additional Reading Halifax Inventor Creates Contact Lens to Help People Overcome Colour Blindness Maryland Court Reinstates Adnan Syed’s Conviction Comma.ai Founder George Hotz Wants to Free Humanity from the AI Simulation The Overlooked Security Threat of Sign-In Kiosks Why ‘ji32k7au4a83’ Is a Remarkably Common Password Exclusive: What Happened When the FBI Took Over the Instagram and Kik of a Child Porn Dealer 25% of Healthcare Providers Faced Mobile Device Breach in 2018 Tufts Expelled a Student for Grade Hacking. She Claims Innocence Humans vs Sexbots: How One Woman Decided to Fight Back, Painfully This Chat Room Charges You a Penny for Every Character You Type Credits Audio from the cold open provided courtesy NBC 7 San Diego. The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. All samples, sounds, and music are from FreeSound.org.
19 minutes | 2 years ago
Weekly Tech News for March 3, 2019
26 minutes | 2 years ago
Raymond Tec News for February 24, 2019
21 minutes | 2 years ago
Raymond Tec News for February 17, 2019
Intro Welcome to the February 17th, 2019 episode of the Raymond Tec News podcast. I scour the web and curate the articles, tweets, and backchannel sources to provide you, the non-nerd, a concise summary of the bullet points and takeaways from the week’s tech news. I start off each episode with the stuff to keep you up at night; data breaches, privacy concerns, and security threats. But I like to instill a bit of joy around technology so I end with a series of stories that will restore your faith in technology, and, maybe, humanity. Let’s dive in to data breaches. Table of Contents Intro Data Breaches Privacy News Security News Other News Good News Data Breaches First up, a devastating hack of email provider VFEmail.net wiped all primary and backup data from their servers. Unlike most hacks I report on where an attacker is out for financial gain by locking data or stealing account information, this one was solely intended to destroy the target. The primary domain is back online, but all secondary domains are still down. These secondary domains are chewiemail.com, clovermail.net, mail-on.us, manlymail.net, metadatamitigator.com, offensivelytolerant.com, openmail.cc, powdermail.com, and toothandmail.com. Malta’s largest bank, the Bank of Valletta, was attacked on Wednesday. Hackers attempted to steal about 13 million euros, transferring them to banks in the US, UK, and Hong Kong. All IT systems were shut down and the transactions were reversed. No customer accounts were impacted, according to the bank. A Chinese company that uses facial recognition to track Muslims in the country has left a database exposed online, leaking information about 2.5 million people. The leak was discovered by a security researcher named Victor Gevers. Gevers said the data was highly sensitive and included GPS coordinates of the users. A Pakistani hacker emailed the Hacker News with a list of websites he’s hacked attempting to sell the login credentials he’s stolen. A lot of these are popular services, and these are recent hacks, unlike the Collection 1-5 data dumps I’ve reported on the past couple weeks. The biggest names among them include MyFitnessPal, MyHeritage, Whitepages, 500px, CoffeeMeetsBagel, and Houzz. The complete list is in the show notes. Two other dating apps have also been affected, OkCupid and Jack’d. OkCupid is denying being breached. Of those last two, it’s unclear if they’re linked with the Pakistani hacker. LandMark White, an Australian commercial and residential property valuation firm admits that it exposed up to 100,000 records online containing client’s personal details and property valuation records. TechCrunch has received an update from Marriott on the Marriott/Starwood breach. Marriott has partnered with security firm OneTrust to provide a checker to see if your information has been included in the breach. Link in the show notes for this one. Dunkin’ Donuts was hacked again with another credential stuffing attack. Credential stuffing means attackers take compromised usernames and passwords from other websites and try to log in. People who recycle passwords are vulnerable to these attacks. Of course, you don’t have to worry about changing passwords, because you don’t recycle your passwords, do you? Well, if you do, I’d recommend you break that habit by using a password manager. I use LastPass. The LastPass password manager works on your computers, phones, and tablets. It randomly generates passwords for you each time you create an account, plus for many sites, it will automatically change passwords for you during installation. It’s simple and makes your online life more secure. Learn more about LastPass by visiting my affiliate link at Raytec dot co slash LastPass. That’s r-a-y-t-e-c dot c-o slash l-a-s-t-p-a-s-s. If you purchase a subscription using my affiliate link, I will receive compensation for it. But, if I didn’t use it, I wouldn’t recommend it. Moving on to Privacy News. Data Breach Links Hackers Wipe US Servers of Email Provider VFEmail Cyber Attack on Malta’s Bank of Valletta | Hackers Tried to Steal eur13 Million from Malta’s Bank of Valletta Chinese Facial Recognition Database Exposes 2.5M People | Chinese Company Leaves Muslim-Tracking Facial Recognition Database Exposed Online Hacker Breaches Dozens of Sites, Puts 127 Million New Records Up for Sale | 127 Million User Records from 8 Companies Put up for Sale on the Dark Web | Photography Site 500PX Resets 14.8 Million Passwords After Data Breach OkCupid Denies Data Breach Amid Account Hack Complaints | Coffee Meets Bagel Confirms Hack on Valentine’s Day | Hacks, Nudes, and Breaches: It’s Been a Rough Month for Dating Apps Up to 100,000 Reported Affected in Landmark White Data Breach Marriott Now Lets You Check if You’re a Victim of the Starwood Hack Dunkin’ Donuts Accounts Compromised in Second Credential Stuffing Attack in Three Months Privacy News A recent addition to the browser marketplace, Brave, whose focus is on enhanced privacy, has revealed that Facebook and Twitter trackers are allowed by default in the browser. This has brought some in the information security industry to call into question the quality of privacy protection in the new browser. While we’re talking about browsers, Google has announced that Chrome will soon make it harder for websites to detect that you’re using its private Incognito mode. Once this update is rolled out, your web activity will be harder to track if you’re still using Chrome. The International Computer Science Institute has shared research with CNET revealing about 17,000 Android apps track your activity over time and create a permanent record on your device, even if you tell the app to delete previous data. Google Voice will now have an option to hide your caller ID on all outgoing calls, allowing you to hide your number from people you don’t want to have it. The European Union’s General Data Protection Regulation forces companies to allow users to download their data from websites. While downloading data from Twitter this week, a user discovered that deleted direct messages were kept in Twitter’s database, even messages to accounts that were suspended or deleted. The bug has been reported to Twitter and they’re, reportedly, looking into it. Apple’s recent push for improved user privacy has resulted in a law suit. A New York resident has filed a class action lawsuit against Apple for forcing users to use two-factor authentication. The New Yorker claims that having to enter the code can take up to five minutes and is causing economic losses to him and other Apple customers. In another blow to Apple’s privacy cred, a new flaw has been found in the macOS privacy protection features. A developer has inadvertently found a way to access the address book on macOS without requesting permission from the operating system or the user, meaning a malicious program or app could grab data from your address book without your knowing it. This same developer also discovered a flaw that will allow malicious apps to access your browsing history. The latter has been fixed with an update released for macOS on February 7th. I came across several articles this week detailing the ways that children are currently being exploited online. From recruiting teens for money laundering from Instagram and Snapchat, to sexual exploitation via live streaming apps, children as young as 8 are becoming victims of online fraudsters and predators. While this is disturbing and disheartening, the Australian government has set aside 10 million dollars to hand out to non-government organizations to deliver online safety education and training targeted at children. While we’re talking about Australia, their disastrous Assistance and Access bill is back in the news this week. If you’ll recall, this bill was rushed through in December and granted sweeping powers for law enforcement to coerce people into granting access to encrypted devices, as well as force companies to create back doors into encrypted communications. This means chat services like WhatsApp would no longer be secure and private. The newly convened legislation has proposed an amendment to that bill that would mitigate the most damaging sections. South Korea, in a move reminiscent of China’s internet surveillance, has begun snooping encrypted traffic on its networks to block websites it doesn’t want its citizens to see. South Korea has, for many years, blocked traffic from websites that are unencrypted, meaning they use http not https. This move now means encrypted traffic will be blocked as well. This is detrimental to a free and open internet. While working on plans to partner with Hungary for defense, US Secretary of State Mike Pompeo has warned central European nations that using Huawei equipment make it more difficult for America to be present in their countries. On Wednesday, the US Government Accountability Office released a 56-page report that included a recommendation for the US to adopt a GDPR type privacy rule. The GAO suggested that the Federal Trade Commission be the governing body for internet privacy issues, noting that it was already partially in that role, but lacked sufficient enforcement abilities. That’s it for Privacy News, moving on to Security News. Privacy News Links These Android Apps Have Been Tracking You, Even When You Say Stop Facebook, Twitter Trackers Whitelisted by Brave Browser Google Wants to Make it Harder for Sites to Detect That You’re Using Chrome’s Incognito Mode Google Voice Adding ‘Anonymous Caller ID’ Option in Settings Twitter Has Been Storing Your ‘Deleted’ DMs for Years Apple Sued for ‘forcing’ 2FA on Accounts Another Flaw Found in macOS Mojave’s Privacy Protection | Privacy Protection Bypass Flaw in macOS Gives Access to Browsing History Fraudsters Scamming Teenage ‘money mules’ on Social Media | Get-Rich-Quick Social Media Scams are Turning Teens into Money Mules | Australian Government Offers AU$10m in Grants for children’s Online Safety | Kids as Young as Eight Falling Victim to Online Predators Dueling Ghosts Battle Over Encryption Laws in a Dying Parliament South Korea is Censoring the Internet by Snooping on SNI Traffic US Government Warns Allies About Huawei Again US Needs an Internet Data Privacy Law, GAO Tells Congress Security News A new variant of malware targeting macOS has been discovered this week. Known as Shlayer, the malware poses as an Adobe Flash update and can bypass macOS’s Gatekeeper security software. This new variant has been discovered on fake and hijacked legitimate websites. Very few sites use Adobe Flash any more, and you should probably uninstall it if you still have it. After a bunch of reports of Nest devices getting attacked in recent weeks, Google’s Nest has proactively reset user’s passwords for them. Typically, companies will send an email notifying users that they should reset their passwords, in this case, Nest is forcing the reset and recommending users enable two-factor authentication. A new malware has been discovered on the Android app store. Known as Clipper, the malware pretends to be MetaMask, a legitimate cryptocurrency wallet. The app steals credentials and then attackers empty users’ crypto wallets. A new flaw was discovered in the Android version of the OkCupid dating app which may be the cause of the data breach that OkCupid denied this week. The flaw, basically, allows attackers to re-direct users to a fake login form to steal their credentials. Attackers are then accessing the users accounts and changing email addresses and passwords. Updates this month from both Adobe and Microsoft have fixed more than 70 bugs each. Adobe has patched some dangerous flaws in its Adobe Reader app. Microsoft has patched Exchange, SharePoint, and, of all things, Internet Explorer in its most recent patches. If you haven’t yet, it’s time to update your computers. Microsoft also announced that it removed 8 apps from its Windows app store after it discovered these apps were actually mining cryptocurrency on users’ systems without their knowledge. Apps include Fast-search Lite, Battery Optimizer (Tutorials), VPN Browser+, Downloader for YouTube Videos, Clean Master+ (Tutorials), FastTube, Findoo Browser 2019, and Findoo Mobile & Desktop Search. If you have these apps on your computer, you should uninstall them. Apache’s OpenOffice, a free, open-source alternative to Microsoft’s Office suite, has had a patch released to fix a vulnerability that has been on the books since last year. Switzerland has invited hackers to penetration test its e-voting system offering cash rewards worth as much as $50,000. Running from February 25th to March 24th, companies and security researchers will have to sign up to receive permission to attack the system. More governments and companies should adopt this model before rolling out new systems. Even if the bounties are lower, it can shore up weaknesses. Email fraud attacks in the Healthcare sector jumped 473% since 2017. This revelation comes on the heels of a new phishing attack that may fool even savvy users. Attackers are now requesting users log in to Facebook to view blog posts. In reality, when a user clicks on the login with Facebook link, it shows a very realistic copy of a Facebook login, capturing your credentials. Security researchers recommend enabling two-factor authentication on accounts in case you fall prey to one of these scams. Security researchers are warning that a new spate of phishing emails have been designed to exploit the lonely. These romantic emails have a zip file containing a particularly nasty ransomware known as GandCrab. Emotet malware, a banking trojan, has become more destructive. Malicious groups have begun selling access to the Trojan and making money as a distribution platform allowing less sophisticated groups and individuals to wet their beaks on a larger scale. Finally, in security news, a technology researcher named Mike Grover has developed a USB cable that will make any phone connected to it vulnerable to attacks via Wi-Fi. His thought was, why be obvious by connecting a USB drive, when you can leave this cable somewhere for someone to charge their phone, and they’ll never have any idea. Moving on to Other News. Security News Links New Variant of Shlayer macOS Malware Discovered | macOS Trojan Disables Gatekeeper to Deploy Malicious Payloads Nest Resetting Compromised Passwords Instead of Just Recommending Users Do So Clipper Malware Slips into Google Play Android Dating App Flaw Could Have Opened the Door to Phishing Attacks Unofficial Patch Released for Adobe Reader Zero-Day | Micropatch Released for Adobe Reader Zero-Day Vulnerability | Update Now! Microsoft and Adobe’s February 2019 Patch Tuesday is Here | Microsoft, Adobe Both Close More Than 70 Security Issues Microsoft Removes Eight Cryptojacking Apps from Official Store Third-Party Patch Released for Code Execution Flaw in OpenOffice Swiss Government Invites Hackers to Pen-Test its E-Voting System Warning – New Phishing Attack That Even Most Vigilant Users Could Fall For | Email Fraud Attacks on Healthcare Jumped 473% Since 2017 Ransomware Warning: That Romantic Message May Hide a Nasty Surprise Emotet Malware Tweaks Tactics in Fresh Attack Wave Evil USB O.MG Cable Opens Up Wi-Fi to Remote Attacks Other News Apex Legends, a new competitor to Epic Games’ Fortnite, has tallied 25 million players in its first week. Microsoft’s LinkedIn social networking site is launching a new live video tool. Currently it’s in an invite-only beta test. It will allow individuals and companies to broadcast to select groups or all of LinkedIn. No one’s quite sure why, but Russia has announced it will be disconnecting itself from the Internet sometime in the coming months. The country could be doing a resiliency test on its own systems, beefing up cyberwarfare capabilities, or planning new ways to censor content for its citizens. I’ll be watching for more information on this one, because it’s the first test of its kind. MGM has announced its Epix television network will enter the streaming video fray with its new EpixNow offering. This was announced the same week that Epix has purchased the rights to turn Slate’s Slow Burn podcast into a documentary series. For those unfamiliar, Slow Burn is a podcast about the Watergate scandal. CBS has announced its All Access and Showtime streaming platforms have reached 8 million subscribers, beating their expectations. Their next goal is 25 million subscribers by 2022. Amazon’s HQ2 in Queens has been scrapped. Pressure from citizens has forced the tech behemoth to re-think its expansion. In other Amazon news this week, they’ve purchased eero, a company that makes home mesh routers. A mesh router enables Wi-Fi to be spread more evenly throughout a home without the need to run an ethernet cable to each access point. The systems ‘mesh’ together wirelessly. On Monday, President Trump signed an executive order to create the American AI Initiative. The order will invest in AI R&D, establish governmental standards, educate workers about AI, and promote international AI R&D cooperation. Details are a little murky, but it’s a forward-thinking step. As I’ve mentioned in past podcasts, Windows 7 support ends in the coming year. That means no more security upgrades. ZDNet has a great article about all the best reasons to upgrade to Windows 10, and why you probably don’t actually have to pay to upgrade, even though that free upgrade deal supposedly ended in 2016. The top reason I suggest you upgrade? Security. Windows 10 is much more secure than Windows 7. Reddit, the front page of the internet, as it is known, has raised the ire of its users by announcing a new funding round which is being managed by Chinese company Tencent. Reddit itself, is banned in China, so the ire sparked irony and a spate of Winnie the Pooh memes. Why Winnie the Pooh? Apparently, comparisons were made between Chinese President Ping and Winnie the Pooh which offended the ruler causing the Chinese Communist Party to ban the movie Christopher Robin and all Winnie the Pooh related memes, jokes, and GIFs. A new bill in the United Kingdom proposes to make looking at online content which is deemed of a “terrorist” nature a criminal offense. This expands an existing law which requires the material be downloaded to a device. The UK is moving into criminalizing thoughtcrime. George Orwell’s nightmare has come to life. A former U.S. Air Force Officer has been indicted along with four Iranian citizens affiliated with the Iranian Revolutionary Guard. Monica Witt, the former Air Force Officer, provided US secrets to the Iranians to help them craft a spear-phishing campaign targeting users that had access to important US computer infrastructure. Apple’s Enterprise Certificates have been abused again. A couple weeks ago I reported on Apple’s crackdown on Facebook and Google for using these corporate, internal only methods for creating Apple apps that track regular users. Now it appears these certificates have been used to target porn and gambling apps at regular users. Apple has purchased an AI startup named PullString that specializes in building interactive systems. Think Alexa and Google Assistant apps and Mattell’s talking Hello Barbie doll that came out in 2015. It would appear Apple is attempting to strength their Siri voice assistant and Home Pod offerings. A lawyer who formerly worked for Apple has been accused of insider trading by the Securities and Exchange Commission. He reportedly made more than a quarter of a million dollars in profit by trading stocks based on non-public information. The real irony here? He was the lawyer in charge of informing employees not to trade on insider information. News about Google, both good and bad, has been all over this week. Google has been discovered reducing their tax liabilities through shell companies. Their Sidewalk Labs division has inadvertently revealed a plan to skim tax revenue from the development of property in downtown Toronto. The right click menu in Gmail is about to get a big update, making it more useful. Their mobile phone service, Google Fi, is about to start selling SIM cards in Best Buy to expand their reach. And, finally, Google Maps is launching an Alternate Reality component to overlay walking directions, business listings, and other information by combining Google Lens technology with the Google Maps app. In the final story in Other News, Uber has filed a law suit against New York City to remove its cap on cars allowed to operate in the city. Uber argues that a one-year freeze on the number of vehicles allowed to operate as ride-hail cars is anticompetitive, an overreach of the city’s powers, and not the best solution to traffic congestion issues. The city has fired back stating, quote, “No legal challenge changes the fact that Uber made congestion on our roads worse and paid their drivers less than a living wage,” end quote. According to the Wired article linked in the show notes, 106,000 for-hire vehicles are licensed to operate in New York City, which is up 60 percent since 2016. It’s finally time to move onto the Good News. Other News Links Fortnite, Look Out: Apex Legends Tallies 25 Million Players a Week After Launch LinkedIn to Launch its Own Live Video Tool Russian ISPs Plan Internet Disconnection Test for Entire Country | Russia to Disconnect from the Internet as Part of a Planned Test | What Happens if Russia Cuts Itself Off from the Internet Epix is Turning Slate’s Slow Burn Podcast into a Documentary Series | MGM-Owned Epix Jumps into the Streaming Service Arena with EpixNow CBS Reached its Streaming Subscription Target Two Years Early Amazon Pulls Out of NYC Amazon to Acquire eero, Home Mesh Router Maker Trump Signs Executive Order Prioritising AI Development I Like Windows 7: Why Should I Pay to Move to Windows 10? Winnie The Pooh Takes Over Reddit Due to Chinese Investment, Censorship Fears Today in Thoughtcrime: UK Bill Makes Clicking on ‘Terrorism’ Links Worth a Jail Term Former U.S. Air Force Officer Indicted for Aiding Iranian Cyber Attacks Apple Phone Users Targeted with Hardcore Porn and Gambling Apps Apple Buys AI Voice Startup that Helps Companies Build Alexa and Google Assistant Apps Ex-Apple Lawyer in Charge of Stopping Insider Trading Charged with Insider Trading Google Reportedly Scored Tax Breaks Using Secret Shell Companies | Alphabet’s Sidewalk Labs Outlines How it’ll Make Money from Toronto | Google Refreshes Right-Click Menu Options in Gmail | Google Fi begins Retail Push with SIM Cards at Best Buy | Google Maps AR Navigation Coming First to Local Guides as UI Detailed in First Look Uber Sues NYC to Kill Its Ride-Hail Car Cap Good News In good news for safety, an expanded system designed by the University of Michigan, will allow self-driving cars to not only see pedestrians, but predict where they will move. Using posture and other factors, artificial intelligence built into autonomous vehicles will be able to better guess a human’s intended next move. As a measles epidemic unfolds in Washington state, Facebook and Google are being pressured to end anti-vax conspiracy theories. The root of these conspiracy theories seems to be falsified evidence from a doctor whose license was stripped and a campaign by failed model and actress Jenny McCarthy. Representative Adam Schiff sent a letter to Mark Zuckerberg stating, quote, “Repetition of information, even if false, can often be mistaken for accuracy,” end quote. A new tool called Authenticate by start up Amber, has developed a method for reducing video tampering and deepfakes. Deepfakes, or Deep Learning Fakes, are videos that are created by artificial intelligence by combining two videos or images to create a false image. Deepfakes have been used maliciously by individuals wishing to leak fake sex tapes of famous actors and create false narratives for legal cases, such as police interactions gone wrong. The new Amber Authenticate tool runs in the background on video recording equipment and creates a cryptographic hash, which, if the video is altered, will reveal that the video was tampered with. Facebook has rolled out a new messenger feature that I reported on back in December. I’m sure, many of us wish it had been around since the start: Message unsend. Now, drunk texts can be deleted before its recipient reads them. MIT’s Technology Review has reported on a new hybrid plane initiative which will reduce the amount of time it will take for manufacturers to start developing fully electric planes. We’re still a long way from packing the power into batteries that a large airliner needs to keep it aloft, but these new 12-passenger planes from Zunum will be a step towards that future. That’s it for this week in tech news that matters to you. If you’ve enjoyed the podcast, please subscribe, rate, and review on iTunes, Google Play, Spotify, Stitcher Radio, or TuneIn. The more buttons you press on those sites, the easier it is for other people to find me. Also, be sure to follow me on Facebook and Twitter at Raymond Tec IT. Don’t forgot to check the show notes, there are bonus links for further reading, including articles about how monkeys with superpowered eyes could help cure color blindness, how crooks are breaking into iCloud locked iPhones, an AI text generator that’s too dangerous to release to the public, and much more. To get to the show notes, go to Raytec dot co slash listen, that’s r-a-y-t-e-c dot c-o slash listen. There’s links to each of the podcast apps I listed there as well as links to my social media. Thanks for listening and have a great week! Good News Links Vision System for Autonomous Vehicles Watches Not Just Where Pedestrians Walk, But How Pressure Mounts on Facebook and Google to Stop Anti-Vax Conspiracy Theories | Facebook May Take Extra Steps to Remove Anti-Vaccine Misinformation A New Tool Protects Videos from Deepfakes and Tampering You Can Now Unsend Messages in Facebook Messenger Worry Less About Children’s Screen Use, Parents Told Hybrid Planes could Shorten the Leap to All-Electric 737s Additional Reading Monkeys with Superpower Eyes Could Help cure color Blindness Testimony: There’s No Internet of Things Risk in Repair 1 in 3 Americans Suffered Severe Online Harassment in 2018 ThisPersonDoesNotExist.com Uses AI to Generate Endless Fake Faces What’s Behind this 1,000-Character Phishing URL? Security Pros Agree Military Should Conduct Offensive Hacking How Do Crooks Break into iCloud-Locked iPhones? Let’s Take a Look Should You Be Scared of Your Laptop’s Webcam? Explainer: What is a Quantum Computer? The AI Text Generator That’s Too Dangerous to Make Public A Pristine ‘Super Mario Bros.’ Cartridge Sold for Over $100,000 How to Decarbonize America – and the World 25 Fun Games You Can Play with Alexa 3 WhatsApp, Facebook Messenger Alternatives What Happens When Techno-Utopians Actually Run a Country AR Will Spark the Next Big Tech Platform – Call It Mirrorworld Experian: US Suffers the Most Online Fraud IP Australia’s Alex is More Than Just a Chatbot Don’t Get Your Valentine an Internet-Connected Sex Toy Credits The theme song for the Raymond Tec news podcast was created by me, with samples of modems from the following generous individuals: guitarguy1985, tt_runscript, and 1tmsounds. Other sounds or music may have been provided by: RossBell (Shuffling Papers), InspectorJ (Segment Swoosh), Klaudux, levelclearer, Teacoma, Julian Matthey, Doctor_Dreamchip, Greek555, and eardeer. All samples, sounds, and music are from FreeSound.org.
Terms of Service
Do Not Sell My Personal Information
© Stitcher 2021