Tech Thoughts Daily Net News – December 19, 2014

The 12 scams of Christmas;  EASEUS Todo Backup Free Edition 8.0;  Android power! 2014’s top tips, tricks, and buying advice;  Seven tips for securing your Facebook account;  A few good reasons to partition your SSD or hard drive;  Misfortune Cookie crumbles router security;  Google Rips MPAA;  Xbox One To Get Pandora, Vevo, Popcornflix And More Apps This Week;  Plex for PlayStation Arrives;  Sony hit with second employee lawsuit over hack;  Reaction to the Sony Hack Is Beyond the Realm of Stupid.

The 12 scams of Christmas – This year, cybercrime has evolved to new and more sophisticated levels — far beyond the days of phishing emails by “lawyers” who need to transfer millions of dollars to your account on behalf of a long-lost African uncle. So, what do you need to keep an eye out for as Christmas approaches?

4 Things Every Single Person Can Learn From the Sony Hack – Reporting around the Sony hack revealed the company and its employees did little to keep passwords and other sensitive data secure. Here are four things we can all learn about data security from the Sony hack.

The Sony Hack Is Not an Excuse to Pass Bad Cybersecurity Laws – “This will be a case study I can guarantee will be both used and misused in everything from legislation to cybersecurity sales pitches.” Lawmakers on Capitol Hill have been warning of a ” Cyber Pearl Harbor” for years now. The Sony hack isn’t it, but it’ll do, for freaking-out purposes anyway.

Seven tips for securing your Facebook account – Facebook can be a tricky beast when it comes to keeping your account private and secure. Here are seven tips to help you tame it.

Android power! 2014’s top tips, tricks, and buying advice – Whether you’re shopping for a new gadget or ready to make your current device do more, this guide has everything you need to make this holiday season count.

Tech Thoughts Daily Tech News 2

iOS productivity apps discounted in App Santa promotion – Several dozens apps, including many popular productivity applications, have been discounted up to 80% as part of an annual Christmas promotion. Here’s a look at what’s available.

Microsoft to discount Xbox Music by 50 percent in one-day promotion – The discount is part of Microsoft’s 12 Days of Deals. The Xbox Music Pass streaming-music service normally costs $99.90 a year, but it will go for $49.90 on Friday.

Organize and listen to your own music on the cloud – As an avid music fan, I spend ages getting my personal music collection just right, picking and choosing from CDs, vinyl and digital files to make a library that’s uniquely my own. But once all that hard work is done, it’s nice to be able to stream any of those tracks across devices — even when I’m away from my main computer. Here’s a guide on how to organize your music and choose a cloud streaming service to listen to tunes wherever you are.

Tell Antivirus Researchers What Matters To You – The researchers at AV-Comparatives have released a survey to find out just what users consider important. The survey starts with some general demographic questions, including your primary browser and operating system. It asks how you chose your current security solution (I checked “Recommended by a computer magazine.”) And it lists almost three dozen security vendors, asking which you primarily use. With the basics out of the way, now comes your chance to influence next year’s tests. To start, you pick a dozen vendors whose products you’d like to see tested. Don’t see your favorite? There’s a write-in option.

A few good reasons to partition your SSD or hard drive – So why would you want to make additional partitions? It’s not like making folders. Creating and resizing partitions is a hassle. One reason is to have multiple operating systems. If you want to run two versions of Windows, or Windows and Linux, partitions help separate the environments. Another reason, and the reason why I’ve partitioned my drive, is to separate system and data for backup purposes.

Keep encrypted files encrypted when you back them up to the cloud – You keep selected files or folders encrypted on your internal drive. But are they protected when you use an online backup service?

5 Things to Keep in Mind When Buying a Digital Camera – Whether you want a simple camera you can slip into a pocket, one with interchangeable lenses and plenty of controls, or something in between, here’s what you need to know to zoom in on the perfect camera.

Still Not On Inbox By Gmail? They Just Gave All Users 10 Invites Each – While Google has given users a slow trickle of friend-to-friend invites since launch, they just dumped a 10-pack of invites onto the laps of anyone and everyone who has already made their way past the front door. If you’ve got a friend on Inbox who has told you they were out of invites, get to pestering — they’ve got more now.

Instagram makes teens and celebrities angry by killing millions of spambots – A crackdown on spam Instagram accounts has triggered a cataclysm in the world of low-grade social media celebrities. The event, which began today after the photo-sharing service made good on its promise to start deleting millions of fake accounts, has been dubbed the “Instagram Rapture” after the follower counts of apparently popular Instagrammers were savaged. Rapper Tyga saw his followers drop from 5.5 million to 2.2 million, while Ma$e committed Instagram’s version of seppuku, deleting his account after freefalling from 1.6 million followers to around 100,000.

Microsoft’s 6000mAh Portable Power phone charger is finally available to buy for $49 – The Microsoft Portable Power DC-21 is a mobile battery pack that allows users to charge their devices on the move. The unit contains a rechargeable 6000mAh battery, and can connect to most smartphones – not just Lumia devices – via the USB-to-microUSB cable. Once it’s been fully charged from the mains, Microsoft says that the Portable Power can retain its full charge for months; even six months later, it will retain 80 percent of its power from a single charge.

wpsEF71.tmp

Skype Translator is the most futuristic thing I’ve ever used – Truly, this is transformational technology. It’s not often that I use something that leaves me excited, something that makes me say “wow” not out of cynical sarcasm but because I’m genuinely impressed. But Skype Translator did it. Whether you call it a Star Trek Universal Translator or Babel fish, Microsoft is building it, and it’s incredible.

wpsEFB1.tmp

In video calls, you can both see the translation and hear it.

Fedora 21: Linux fans will LOVE it – after the install woes – Review As has become par for the course with Fedora, the latest – Fedora 21 – has arrived months behind schedule. To its credit, it’s well worth the wait. This release marks the start of the Fedora.next project. The big change is that Fedora 21 is available in three flavors: cloud, server, and workstation. All three build on the same base, adding packages relevant to the use case. For this review I tested both the server and workstation, primarily the latter since that’s the flavor targeted at desktop users. The cloud flavor is available preconfigured for OpenStack, Amazon AMIs and Atomic images meant for Docker containers.

Microsoft is pushing an update out for Windows 10 to prep for FBL_Awesome – Microsoft has said today that it is pushing out another update for Windows 10 that will prepare your build for the next release of the OS, which will arrive in late January.

Viber calls out ESET for flagging them, ESET responds with a digital uppercut – Whenever a user would try to install Viber, NOD32 would return a pop-up saying that a “potential threat” has been found (with what NOD32 appears to suggest is a toolbar that Viber tries to install into IE) and asks the user whether or not the user would want to proceed. This action appears to have annoyed the Viber team, prompting them to post an image of the pop-up with an overlay of “#EsetSucks” in big red text, alongside a tweet saying that the software is buggy and that users should uninstall it.

wpsEFE1.tmp

What Viber wasn’t expecting, however, was for ESET to respond, and the response was as classy as it can get. ESET tweeted back its own image, this time, however, it was an image of the Viber installer’s source code showing silent downloads and silent statistics being sent back to Viber, and a message from ESET saying that their users’ privacy comes first. Oh, and they also included an “#esetDOESNTsuck” hashtag at the end of their tweet.

wpsF001.tmp

Security:

Misfortune Cookie crumbles router security: ’12 MILLION+’ in hijack risk – Infosec biz Check Point claims it has discovered a critical software vulnerability that allows hackers to hijack home and small business broadband routers across the web. More than 12 million low-end SOHO routers worldwide are affected by the bug, dubbed Misfortune Cookie, we’re told. At least 200 different models of devices from various manufacturers and brands are vulnerable, it’s claimed, including kit from D-Link, Edimax, Huawei, TP-Link, ZTE, and ZyXEL. Anything connected to the network – PCs, phones, tablets, printers, security cameras, refrigerators, or any other networked device – is at risk from attack within that LAN, if a vulnerable router is compromised.

This Little USB Necklace Hacks Your Computer In No Time Flat – Quick! The bad guy/super villain has left the room! Plug in a mysterious device that’ll hack up their computer while an on-screen progress bar ticks forward to convey to the audience that things are working! It’s a classic scene from basically every spy movie in history. In this case, however, that mystery device is real. Samy Kamkar — developer of projects like that massive worm that conquered MySpace back in 2006, or SkyJack, the drone that hijacks other drones — has released a video demonstrating the abilities of a particularly ridiculous “necklace” he sometimes wears around.

wpsF040.tmp

Microsoft begins war against fake phone tech support scams – Microsoft has launched its first US lawsuit against companies offering phoney phone support for its products and says it plans further operations in the UK and India to stamp out the scammers. Fake tech support calls have been around for a few years now. A caller will claim to be calling from Microsoft technical support saying that a virus has shown up on their computer and offering to fix it for a fee. The “support’ usually costs hundreds of dollars and leaves the targtet computer either unchanged or with new malware added. The problem is widespread, and Microsoft says it has received 65,000 calls complaining about the scam since May of this year alone and estimates that such fraud brings in over US$1.5bn in illicit income every year.

Malicious Software Found on Coolpad Android Phones – Dubbed “CoolReaper,” the malicious software was discovered by enterprise security firm Palo Alto Networks, and allows Coolpad to control users’ phones and access data on the devices. As Palo Alto Networks explained, it is not uncommon for device manufacturers to install bloatware on top of Google’s Android OS; some mobile carriers also include apps that gather performance data. CoolReaper, however, appears to be taking that a step further.

Sony Hackers Used Widely Available Malware, Cybersecurity Experts Say – The malware that allowed hackers to break into and steal untold amounts of emails and data from Sony Pictures could have been carried out by almost anyone with financial backing to buy the right malware, cybersecurity experts said Thursday. Hackers carried out the attack using malware that was a “cut and paste” job, said Nimrod Kozlovski, a partner in JVP Labs, one of Israel’s leading venture capital firms with a focus on cybersecurity. Trojan-Destover, the malware used in the Sony attack, reused at least six components of previous malware, including two pieces of “wipers,” or data-erasing malware, used in attacks on Saudi Arabia in 2012 and South Korea in 2013. All the malware had to be only slightly tweaked before it could be used in the Sony attack.

How to train your staff on cyber security (and make it stick) – Getting your employees to take cyber security seriously can be a challenge. Use this hands-on approach to get them invested in securing crucial data.

Company News:

Google tipped in effort to build Android into future cars – According to unnamed sources that spoke to Reuters, Google is preparing to take its Android Auto to the next level, and will introduce a version of its software in the future that is built directly into cars. This embedded version of Android will have several perks over the current iteration, including doing away with the need to plug a smartphone into the infotainment center’s USB. The platform won’t be without its hurdles, however, and its embedded nature could be its undoing.

Google Rips MPAA For Allegedly Leveraging Local Government To Revive SOPA – Corruption in the American Hollywood style is something to behold. Today, Google published a short blog post alleging that the Motion Picture Association of America (MPAA), alongside a number of film studios, funded what was essentially opposition research about the company. The resulting material was later fed to state attorneys general.

Flickr issues Wall Art apology, removes Creative Commons images – Not too long ago, Flickr introduced a new service for printing photos called Wall Art. At first it was a welcomed feature, allowing users to print their own photos using an integrated tool with a couple different printing options. The mood towards the feature turned sour a short while later, however, when Flickr revealed that Wall Art would no longer be limited to only one’s own images, allowing anyone to order prints from a massive library of others’ photos…with no compensation going to the photographer.

wpsF080.tmp

Sony hit with second employee lawsuit over hack – Sony Pictures has been hit by a second lawsuit alleging it didn’t do enough to safeguard the personal information of employees that was lost in a major hack in late November. Central to the lawsuit, which was filed at the U.S. District Court for the Central District of California, is the assertion that “cybercriminals were able to perpetrate a breach of this depth and scope because Sony Pictures Entertainment failed to maintain reasonable and adequate security measures to protect the employees’ information from access and disclosure.” It follows a similar lawsuit on Monday filed in the same court by two former employees.

Boston Uber driver charged with sexual assault – An Uber driver who allegedly attacked a woman in Boston is charged with rape, kidnapping and two counts of assault and battery.

Apple ‘failing to protect Chinese factory workers,’ claims report – Workers in Chinese factories making Apple products are being poorly treated, undercover investigations by the BBC claims.

Games and Entertainment:

Xbox One To Get Pandora, Vevo, Popcornflix And More Apps This Week – Microsoft might have said that they’re done shipping their big Xbox One software updates for the year — but that doesn’t mean they can’t release a few new toys in the form of apps. The company has just announced five new apps that should be available to Xbox One owners just in time for Christmas.

wpsF0A0.tmp

Steam’s holiday sale includes deals on Civilization, Dark Souls, and more – Valve has just kicked off its annual holiday game sale for Steam, which lasts from now until January 2nd, and it’s pretty big — Valve says that there will be more than 100 games featured throughout the next two weeks. Right now you can grab several blockbuster games for cheap, including Civilization: Beyond Earth for $29.99, Dark Souls II for $16.27, and Metal Gear Solid V: Ground Zeroes for $13.39, just to name a few. As always, you’ll want to check back regularly for new deals: there are new deals every 12 hours, and the featured sales will be changing every day.

Zynga’s Looney Tunes Dash Updates a Classic – Zynga’s latest mobile title, Looney Tunes Dash, drops some of the most beloved cartoon characters into a Temple Run scenario—then adds a twist. By combining the massively popular runner gaming category with one of the most recognizable cartoon brands, Zynga and partner Warner Bros. Interactive Entertainment hope to reach a new generation of fans.

wpsF0C0.tmp

GTA: Chinatown Wars released for Android, Online gets a Snow Day – The Grand Theft Auto universe is getting a couple of big additions this week, one in the form of a Holiday Fun update to Grand Theft Auto V, the other a platform-first. The platform-first is Grand Theft Auto Chinatown Wars, which will be coming to Android devices of all kinds. This game was previously released for Xbox and PlayStation consoles as well as iOS for iPhone and iPad. Now it comes to Android smartphones, tablets, Amazon Fire TV, and Google Nexus Player.

wpsF0F0.tmp

Plex for PlayStation Arrives – Plex is bringing its new console-friendly app for accessing locally stored movies to Sony’s PlayStation 3 and PS4, just a few months after doing the same for Xbox 360 and Xbox One owners. The app is now available in Europe and Asia, with a launch in United States and elsewhere set to “happen in the near future,” according to Plex.

wpsF100.tmp

D’oh! ‘MythBusters’ to take on ‘The Simpsons’ best stunts – Exploding toilets! Runaway wrecking balls! Adam Savage and Jamie Hyneman will bust or prove “Simpsons”-inspired moments in their new season premiere in January.

wpsF121.tmp

Only “MythBusters” would dare to re-create a wrecking ball stunt with Homer Simpson.

Duck Hunt Will Land On Nintendo’s Wii U on Christmas Day – Duck Hunt, the legendary fowl-hunting, gun-slinging game originally released for the Nintendo Entertainment System in 1985, is coming to Nintendo’s newest console on Dec. 25. The game will be downloadable on the Wii U’s virtual console, which brings classic Nintendo titles to the system.

wpsF141.tmp

Duck Hunt – Nintendo

Off Topic (Sort of):

Tech decisions: Putting the experts in perspective – Summary:In the spirit of Hanukkah, I thought I would deep-fry my fellow technology writers in the very industry from which I feed.

Pointing up   I’m rather biased – but, this article sums up my personal perspective on mainstream tech writers. That is – too many have absolutely no idea, in a larger sense, what they’re talking about. By extension, the worst of these are the “talking head” security experts, often seen on cable news channels following a newsworthy internet security event. 

Reaction to the Sony Hack Is ‘Beyond the Realm of Stupid’ – It’s been a big day for news surrounding the massive, ongoing Sony hack saga. First, major movie chains announced that they would not be screening The Interview after a nonspecific threat of violence from the​ Guardians of Peace, the hacking collective that attacked Sony. Then, the company announced it was canceling the release of the movie altogether. Now, the government is suggesting that it really is North Korea behind the attack. To help make sense of it all, I called up Peter W. Singer, one of the nation’s foremost experts on cybersecurity and cyber war, to get his take. Singer is the author of  Cybersecurity and Cyberwar: What Everyone Needs to Know and Wired for War and is a strategist at the New America Foundation.

Should you trust ‘The Dr. Oz Show’ and ‘The Doctors’? Study says be wary – A new study looked into medical claims made by popular shows “The Dr. Oz Show” and “The Doctors,” and concluded that viewers would be wise to take their advice with a grain of salt.

wpsF151.tmp

Though they obviously mean well, you can’t always trust the advice you get from doctors on TV, a new study says.

Want to stay healthy and fight off the common cold? So how did Carnegie Mellon test the effectiveness of hugs? They intentionally exposed 404 individuals to the common cold virus, put them in quarantine, and watched what happened. Beforehand they’d interviewed all participants and documented the regularity of hugging in their lives as well as any “interpersonal conflicts.”  What they found was that regular hugging did form some kind of protective barrier against infection and then ongoing symptoms if infection did occur. So not only may it stop you getting sick in the first place, hugging can make the illness much less severe. And that’s true regardless of how much stress there is in your life.

Colbert Report set added to Google Business View – Most people are familiar with Google’s Street View, which allows users to take virtual tours of just about anywhere. Lesser known is the company’s Business View, which is exactly what it sounds like: a virtual look inside of businesses, allowing you to take a peek at a place you haven’t visited before you make the trip. This comes in handy for glimpsing a place ahead of visiting it in person, but is also an excellent way to explore places you’ll likely otherwise never experience.

wpsF181.tmp

Something to think about:

“The public does not like you to mislead or represent yourself to be something you’re not. And the other thing that the public really does like is the self-examination to say, you know, I’m not perfect. I’m just like you. They don’t ask their public officials to be perfect. They just ask them to be smart, truthful, honest, and show a modicum of good sense.”

–       Ann Richards

Today’s Free Downloads:

Exact Audio Copy 1.0 Beta 4 – Exact Audio Copy is a so called audio grabber for audio CDs using standard CD and DVD-ROM drives. It works with a technology which reads audio CDs almost perfectly. If there are any errors that can’t be corrected, it will tell you on which time position the (possible) distortion occurred, so you could easily control it with e.g. the media player.

With other audio grabbers you usually need to listen to every grabbed wave because they only do jitter correction. Scratched CDs read on CD-ROM drives often produce distortions. But listening to every extracted audio track is a waste of time. Exact Audio Copy conquer these problems by making use of several technologies like multi-reading with verify and AccurateRip.

EAC now supports the AccurateRip plugin, which is included in the setup of the versions which support AccurateRip. The plugin called AccurateRip.dll is installed within the EAC directory and EAC should then recognize the plugin automatically.

wpsF192.tmp

EASEUS Todo Backup Free Edition 8.0 – EASEUS Todo Backup Free provides several of the key features from EASEUS Todo Backup Workstation to protect your PC.

Users are faced with the essential challenge: the need to secure their PC and important files, such as system, family photos, music, applications, personal data and financial documents. If you lose any files you like or need to go back to an earlier version, don’t worry, you can recover them in time. It is a complete free backup and recovery solution for home users.

Features:

System Backup and Recovery

Backup Schedule

File and Folder Backup

Incremental disk/partition backup

Backup Management to manage the backup tasks and plans

Disk Tools like clone disk, wipe disk

Backup to external hard drive, CD/DVD, NAS for double protection

Schedule backup ongoing indicator to timely notify whether your schedule is ongoing or not.

Backup network shared files

One-click system backup & recovery.

Support dynamic disk – back up and clone dynamic volume.

wpsF1B2.tmp

In Pursuit of Freedom – The Pushback Continues:

Google Claims 2015 Will Be A “Moment” For Surveillance Reform – Google thinks that next year will be a big moment for surveillance reform. So much so that the company set up a special page on its Take Action hub asking individuals to sign something akin to a petition of sorts to “help make the Internet more secure for everyone.”

Why does Google think that 2015 will be big? The company notes that “[i]n June of 2015, we have a huge chance to protect Americans from mass surveillance when a key part of the USA PATRIOT Act is set to expire.” That’s correct. Google goes on to state that “we need to be ready to take action this coming year.”

The potential sunsetting of some portions of the USA PATRIOT Act, a key piece of law that supports parts of current American government surveillance, will be a political scrap. Google and other large technology companies will have some sway through both community organizing and purchased political clout.

Google’s political expenditures have skyrocketed in recent years to become among the highest in the country on a per-corporation basis. That spending growth, of course, fits under the larger rubric of tech going politics and politics going tech.

The Limits of Police Subterfuge – “The next time you call for assistance because the Internet service in your home is not working, the ‘technician’ who comes to your door may actually be an undercover government agent. He will have secretly disconnected the service, knowing that you will naturally call for help and — ­when he shows up at your door, impersonating a technician­ — let him in. He will walk through each room of your house, claiming to diagnose the problem. Actually, he will be videotaping everything (and everyone) inside. He will have no reason to suspect you have broken the law, much less probable cause to obtain a search warrant. But that makes no difference, because by letting him in, you will have ‘consented’ to an intrusive search of your home.”

This chilling scenario is the first paragraph of a motion to suppress evidence gathered by the police in exactly this manner, from a hotel room. Unbelievably, this isn’t a story from some totalitarian government on the other side of an ocean. This happened in the United States, and by the FBI. Eventually — I’m sure there will be appeals — higher U.S. courts will decide whether this sort of practice is legal. If it is, the country will slide even further into a society where the police have even more unchecked power than they already possess.

Activist group sues San Diego Police Department over “stingray” records – A legal advocacy group has sued the San Diego Police Department (SDPD) and the city of San Diego in an attempt to force the release of public records relating to stingrays, also known as cell-site simulators.

Stingrays are often used covertly by local and federal law enforcement to locate target cellphones and their respective owners. However, stingrays also sweep up cell data of innocent people nearby who have no idea that such collection is taking place. Stingrays can be used to intercept voice calls and text messages as well.

Earlier this week, a local judge in Arizona ruled that a local reporter could not receive similar stingray documents from the Tucson Police Department because disclosure “would give criminals a road map for how to defeat the device, which is used not only by Tucson but other local and national police agencies.”

Australia: Note to data-retention law makers: The internet is not a telephone – Wednesday’s public hearing by the Joint Parliamentary Committee on Intelligence and Security (JPCIS) highlighted serious problems with the Australian government’s proposed laws for setting up a mandatory data-retention scheme — problems that should have been fixed long before things reached the committee stage.

I’m not talking about the problems we’ve discussed before. Problems like key definitions still missing, meaning that the law is “little more than a shell for such a scheme”, as the Gilbert + Tobin Centre of Public Law at the University of New South Wales wrote in its submission (PDF). Or problems like the proposed two-year retention period being longer than almost anywhere else in the world.

Kerri Hartland, deputy director-general of the Australian Security and Intelligence Organisation (ASIO), actually addressed that last issue, telling the committee that around 10 percent of ASIO’s requests for communications data are for periods of 12 months or more, and sometimes up to two years and beyond.

“Those cases relate to — 10 percent may seem [like a] small number — our most serious and complex cases. Typically, these relate to activities of hostile foreign nationals or nations engaged in spying and influence operations against Australia. It absolutely needs to be two years from our perspective,” she said, indicating that ASIO’s confidential submission had more detail.

Alas, without that confidential submission in front of us, who can say?

No, I’m talking about the fact that almost everyone involved still seems to think that the internet is a telephone.

Advertisements

2 Comments

Filed under Free Software Downloads, Internet Security Alerts, Latest Tech News

2 responses to “Tech Thoughts Daily Net News – December 19, 2014

  1. Some simple lessons to learn from the recent Sony hack:
    The movie Sony made (condoned) never should have been made. Condoning the assassination of a leader of a country is not acceptable. (Even if he deserves it and even if we don’t like him.)
    I’m sure if the subject matter of this film was our president, there would have been an uproar.
    3 Hacking is just as wrong. Punishing the populous for a decision made by the Company Bosses responsible for authorizing this bad movie isn’t acceptable.
    This is supposed to be a time of peace and joy.
    Two wrongs never make a right..

    • Hi Bob,

      Thank you – I am in complete agreement. It’s time that a sense of maturity and logic should be brought to bear on a very substantive issue. Frankly, I’m tired of the mindless ideology that seems to push virtually every political decision these days.

      Best,

      Bill