aRTy News Podcast for December 16, 2018

aRTy News Podcast for December 16, 2018
Raymond Tec News

 
 
00:00 / 16:40
 
1X
 

Intro

Hi everyone, welcome to another episode of the aRTy News podcast, brought to you by Raymond Tec. A tech news podcast for non-nerds where we answer the question, “Why does this matter to me?”

Every day we post a brief summary of 3 to 6 articles on our site, and this podcast is a roundup of all the news we’ve covered throughout the week. I do the podcast by order of topic rather than chronologically. It’s the chocolate protein shake after a hard work out. The good stuff helps soothe the ache of the bad stuff.

This week the categories will be a little different. There was a deluge of autonomous automobile news, so that will get its own corner. I’ll also be combining data breaches and exposures with security threats. Let’s get that terribleness out of the way.

Data Breaches, Security Threats, and Privacy Concerns

Save the Children, an international United Kingdom based non-government organization that promotes children’s rights and helps support children in developing nations, has revealed it was scammed out of a million dollars.

I’ll give you a moment if you want to pause the podcast and scream into a pillow.

Scammers took control of a Save the Children employee’s email and sent a forwarded a fake invoice that was supposedly to pay for solar panels on hospitals in Pakistan. Since the email was sent from a trusted source, they paid the money to an account in Japan that was reportedly handling the purchasing for them. By the time the error was discovered, the money was long gone.

Next, we have an article from ZDNet, detailing how extortion scammers are using ransomware to make more money on the unsuspecting. Online extortion scams usually revolve around claiming to have some sort of information about you that you wouldn’t want shared. Whether that’s your browsing history or indecent pictures, you get the idea. Previously they’d pop-up a window telling you to wire money or buy green dot cards to get out of trouble.

Here’s the deal, law enforcement will NEVER accuse you through a pop up, and, to the best of my knowledge, will not directly ask you to pay to get out of trouble. If you think a pop up is a scam, close the window as fast as you can. You do this by pressing ALT-F4 on a Windows computer or Command-W or Command-Q on a Mac.

This is, quite possibly, the most perfect example of a digital trojan horse that I’ve ever seen. A malicious program was found in a battery management app on Android that steals your PayPal credentials and drains your money right from your phone.

If you’re thinking of downloading an app that wasn’t recommended by a reputable source, I’d advise you to do a little research first on the developer. See what their other apps are, what their reviews say, even do a search on the web for the name of the app and the developer to see what comes up.

Beyond doing your research, pay attention to what the app is asking for permission to. This battery app used the accessibility features on Android phones to achieve its nefarious mission. Why would a battery app need to use accessibility features? Don’t just say yes to everything an app asks you for.

That story fits neatly into our next piece, a study from Panda Security. This company makes Antivirus software, and while the study was a little narrow in sample size and simplistic in its scope, its conciseness does a good job exposing a general lack of security awareness.

The most shocking number from the study was 40% of Americans NEVER update their software after they install it. If you’re in that number, I want to make it clear, you need to start updating your software immediately. Most of the time, apps, programs, and operating systems get updated because there’s a security flaw. Don’t be vulnerable to identity theft because you didn’t want to let your phone update.

Next in news to keep you up at night, more than 40,000 government user logins were discovered available for sale on the black market this week. For a change, this isn’t in the US, but it’s still a staggering number of agencies ranging from local to federal agencies across Europe and Asia.

An editorial from Help Net Security dot com illuminates many points that need to be considered as we move into an area of hyper connectivity. When your thermometer is connected to the internet, it’s imperative to know where that data is going and how it’s being stored.

Rather than asking the government to identify security threats and legislate against them, I propose an NGO built by information security professionals with a background in the medical field. This organization could create best practices, offer guidance, and monitor and report on breaches and attacks nationwide providing a unified front to protect our health.

A new report suggests that as it grows smarter and more capable, Artificial Intelligence needs to have limitations placed on its use before it becomes abused. In the interest of brevity for the podcast, I recommend you check the show notes for the link and read through it yourself.

If you’ve traveled internationally in the last decade and had your electronic devices searched by Customs and Border Protection, its likely that your data may have been lost or improperly accessed. Customs and Border Protection, or CBP, has authorization for warrantless searches of any electronic devices coming into the country. BUT that is limited to information stored on the device itself, not on cloud accounts like Microsoft OneDrive or DropBox.

Many CBP officers were unaware they were supposed to be turning off networking abilities when doing the search, so they often over reached into your private data. Worse yet, since 2007, CBP has had authorization to copy your data to upload to a server that does a thorough, automated search. This data is stored on USB drives which have no chain of custody rules after they’re copied and uploaded. The article I’ve linked to in the show notes indicated that many of these drives were just left laying around in the CBP offices.

I wanted to briefly follow up on Australia’s legislative debacle from last week. During my reading this week, I stumbled across a website that was built just to call out how detrimental Australia’s Assistance and Access bill really is. It boils down to this, Australia has passed a law that requires secure communications be given a backdoor for the government to access, even though there is no way to secure these back doors from other entities who might want the data that’s being protected. Link to the domain in the show notes.

Finally, thank goodness, in everyone’s least favorite tech topic, we have the just released US House report on the 2017 Equifax data breach. The report is bleak and indicative of the prevailing reactionary attitude towards data security that many companies have. There’s plenty of information, including in the article from TechCrunch, which I linked to in the show notes, but I wanted to share one odd piece of information: the system that Equifax used to store customer data is five decades old.

How is that even possible?

Automotive

Moving on to Car Corner. First up, we have Google’s Waymo rolling out their first Robo-Taxis in Chandler, Arizona this week. Kind of. They didn’t want to miss their launch date, so they made some compromises. Service is limited to 400 pre-selected members of Waymo. And the cars will have human drivers just in case something goes wrong. I appreciate Waymo’s commitment to safety, but I’d rather they pushed the date rather than compromising on the service.

I expect human drivers should delay what some call the inevitable outcome of autonomous vehicles: the mobile brothel. That’s a link you’ll definitely want to check out in the show notes.

Toyota seems to be on the cutting edge of the vehicular cyber security trend. They’ve developed an open-source test bed to allow researchers and arm-chair car hackers alike a means to find vulnerabilities in car software. What does this mean to you? More eyes on what could be fatal flaws in car control software.

Seemingly as a direct response to last week’s article about the guy who drunk slept his way to jail in his Tesla, a company called Guardian Optical Technologies has developed a system to wake you up if it detects you getting drowsy or dozing off. There’s a link to the ZDNet article in the show notes.

Finally, in car corner, we have surprisingly interesting news about watching paint dry. First, a little background is required: Autonomous vehicles, or AVs, rely on Lidar, or a laser emitting radar system, to create a 3D view of the world around it. Lasers use near-infrared light which, like most types of light, is absorbed by dark paint colors. This means, it’s tougher for dark colored cars to be seen by AVs. Chemical giant BASF has developed paint that will now better reflect Lidar beams, even on dark colors.

It seems like advances are coming fast and furious for autonomous vehicles. Some pun intended.

‘Other’ News

Google has announced it will accelerate the shutdown of its Google Plus social service due to another discovered data leak. This data leak was uncovered by internal sources, so no user data has reportedly been exposed. Facebook has launched voice chat for Instagram. So, now you can leave voice messages for your Instagram followers and followees. A cat laden video has been linked in the show notes.

Microsoft’s Patch Tuesday was this week, meaning it’s time to update your Windows Operating System again. One of the patches included in this month’s rollout was due to a Bug Bounty paid out by Microsoft. If you’re unfamiliar with the term Bug Bounty, it’s a great incentive many companies use to help find errors and issues in their code and monetarily reward the independent people who discover those errors.

It would appear we users in the US have hit a broadband plateau. A new FCC study released this week indicates that expansion of faster computer networks has slowed, and this has been caused by the existing monopolies by companies like Comcast and Verizon. The US has one of the worst cost to speed ratios in the developed world, thanks in part to the regulation and legislation that governs the telecommunications industry.

Finally, in other news, I wanted to share a highlight from Sundar Pichai’s appearance in Congress this week. Specifically, Representative Ted Lieu’s commentary on the calls of bias against conservatives by the search giant. Representative Lieu gave several examples of good coverage and bad coverage of conservative US politicians in Google search results and boiled it down to one simple phrase, if you want positive search results, do good things.

The Good News

Finally, let’s move on to the good news, so you can get back to enjoying your Sunday.

My first piece of good news is a personal triumph for the aRTy News crew. Our podcast has been listed on the big five podcast directories. You can now listen to us, rate, and review us on Google Play, iTunes, Spotify, Stitcher, and TuneIn radio. That last one allows you to listen to us through your Amazon Alexa device by saying “Alexa, play aRTy News Podcast.” Can you hear my smile through your speaker?

Since we’re approaching the awards season, I wanted to nominate NASA as the coolest federal agency. Last weekend’s reveal of the new Marvel Avenger trailer, where Tony Stark was stuck in space, prompted fans of the series to tweet NASA for help in bringing him back to Earth.

NASA responded with decades of expertise, advice, and an Easter egg. Check out the show notes for the picture attached to that tweet.

How many times have you put your phone down and forgotten it somewhere? Well, Google and Levi’s have collaborated to make an ingenious piece of wearable tech. It’s a bit pricey, but the new jacket has a Bluetooth connection in it that will notify you via vibration if you walk away from your phone.

Next in wearable tech good news is Apple’s recent approval from the Food and Drug Administration for their watch’s electrocardiogram feature. The connected watch can now monitor your heartbeat for irregularities, and in a ‘you can’t make this stuff up’ moment, identified a user’s Atrial Fibrillation condition on the first day. A condition which was confirmed within 24-hours by the user’s doctor.

For those who don’t know me, personally, I have a family history obsession and this last article is the exact reason why. I’d never heard of this man before, but he did something amazing and contributed to technological advancement in ways I didn’t know were possible for just one man.

December 9, 1968 a man named Doug Engelbart gave a demonstration of what he called NLS or oN-Line System to about 2000 people. This demonstration debuted technologies that wouldn’t become common place for anywhere from 20 to 40 years. He and his team invented the mouse as an input device. They debuted screen sharing and PowerPoint style presentations before there was an internet to share screens across.

But, what Engelbart really did was imagine a world where computers were used by people to help improve their everyday lives; to automate tasks and simplify routines. He created the standard which all these startups from around the world strive to meet.

I’m going to give you the rest of your day back, and hope I’ve ignited a curiosity to find out more about an influential man I knew nothing about a week ago.

Thank you for listening. If you’ve enjoyed this podcast, please subscribe, rate, and review us on iTunes, Google Play, or wherever you get your podcasts. And don’t forget to follow us on Facebook and Twitter for our de-nerdified daily briefings.

Have a great week!