Tech Thoughts Net News – Wednesday – July 13, 2016

12 steps to safer online banking;  Adobe deploys security update to fix 52 vulnerabilities in Flash;  Every version of Windows hit by “critical” security flaw;  Linux Mint 18: The best desktop – period;  3 hidden Android customization settings you need to try;  OK, Google: 160 valuable voice commands for Android – and much more news you need to know.

Tech Thoughts Daily Tech News 2

Adobe deploys security update to fix 52 vulnerabilities in Flash – On Tuesday, the tech giant issued a security advisory which revealed a total of 52 vulnerabilities in Adobe Flash which “could potentially allow an attacker to take control of the affected system,” according to Adobe. The update includes Flash security fixes across the Microsoft Windows, Apple Mac, Linux and ChromeOS operating systems, as well as the Google Chrome, Microsoft Edge and Internet Explorer 11 browsers. Adobe’s July patch update includes fixes for 33 memory corruption vulnerabilities that could lead to remote code execution in Flash Player, alongside a memory leak vulnerability and heap buffer overflow vulnerability.

Every version of Windows hit by “critical” security flaw – Microsoft has patched a security vulnerability found in every supported version of Windows, which if exploited could allow an attacker to take over a system. The software giant said in a bulletin posted Tuesday as part of its monthly release of security fixes that the the “critical” flaw could let an attacker remotely install malware, which can be used to modify or delete data, or create new accounts with full user rights. The “critical”-rated flaw affects Windows Vista and later — including Windows Server 2008 and later. Those who are logged in as an administrator, such as some home accounts and server users, are at the greatest risk.

12 steps to safer online banking – Gone are the days of balancing check books. The advent of online banking has made budget-keeping and bill-paying a convenient, if not automatic, transaction for adults managing their finances. Which is why it’s a prime target for cybercriminals. According to a recent study by Fiserv, 80 percent of U.S. households now do their banking online. The sheer number of customers is a likely attraction for threat actors. But what makes online bankers irresistible prey is that a breach results in direct access to their money—no need to bother with a ransom. That’s probably why more than 25 percent of malicious activity online is aimed at financial institutions.

Linux Mint 18: The best desktop — period – You could keep worrying about being forced to upgrade to Windows 10, or you could try the best of all Linux desktops: Mint 18.

wps_clip_image-7536

3 hidden Android customization settings you need to try – If you’ve ever been annoyed by the clutter of icons along the top of your Android home screen, good news: There’s something you can do about it. Turns out there’s a trio of secret settings for customizing the Android user interface, and one of them will let you hide or reveal icons in the status bar. You can also rearrange the pull-down Android “quick settings,” as well as make a small but important tweak to the Android battery meter. You won’t find any of these settings by poking around the standard Settings screen. Instead, you’ll need to unlock the hidden “System UI Tuner” first. Here’s how to do it.

15 Apps to Jumpstart Your College Social Life – College is filled with all sorts of confused, eager folks like you. It can be difficult to find your footing, socially. You’ll have the dorm, the quad, and the cafeteria. But surely there is more! Well, lucky for you, there is, college face. Thanks to technology, the entire world is just a few taps away.

Big GIFs welcome: Twitter increases maximum GIF size to 15MB on web – According to Twitter’s Help Center, the company has increased the maximum GIF size to 15MB on the web, a much-needed change from the original 5MB limit. Twitter didn’t mention this change on social media, nor did it make a big announcement about it. Rather, its Help Center page detailing image, video, and GIF-posting regulations reflects the change under the “size and file type requirements” section. “Photos can be up to 5MB; animated GIFs can be up to 5MB on mobile, and up to 15MB on web,” the page states. That means you’ll only be able to take advantage of the higher limit if you’re posting to Twitter from your computer—you’ll still have to live with smaller GIFs if you’re posting from your smartphone.

Yes, Windows 10 subscriptions are coming, at least for enterprise – Microsoft confirms it will offer Windows 10 as a monthly subscription for enterprises, again raising questions of how the model might be applied to consumers, and how Microsoft plans to monetize Windows over the coming years.

Skype for Business will live translate meetings into 40 languages – Microsoft is bringing the dream of the Star Trek universal translator to businesses later this year with the launch of a new beta feature that offers live captioning of Skype for Business meeting broadcasts in 40 languages.

17 Tricks to Master Google Photos – We’re not at a loss for services that automatically back up your photos and give you access to them on any device. Yahoo’s Flickr does it, Dropbox does it, Microsoft OneDrive does it, and Apple iCloud does it for iPhone. They’ve all got their fans, but Google Photos —launched just over a year ago—has already surpassed 200 million active users a month. If you’re not among those millions, it’s worth downloading the mobile app for some extra peace of mind. Google Photos offerings truly unlimited backup of all your photos. Every single one. The caveat is, they have to be less than 16 megapixels to qualify for that unlimited storage.

Google Play family library lets you share with up to 6 people – Google has finally taken the covers off its family library system for its Google Play services. In a nutshell, the system will make it easier for parents, guardians, or maybe even a group of friends, to share content purchased from the Google Play Store. They also share a single payment method, which might prove to be a headache in some cases. Of course, the feature does have the necessary controls to rein in the spending or to keep the wee ones from seeing some things they shouldn’t really be seeing just yet.

OK, Google: 160 valuable voice commands for Android – This diverse collection of voice commands will turn your phone into a powerful personal concierge — no tipping required.

4 essential tools for blocking digital distractions – Improve your productivity with safeguards against attention-grabbing websites and apps, a word processor that keeps you on task, and your own Pomodoro coach.

Amazon’s Prime Day off to another rocky start – It could be another #primedayfail for Amazon. The online retailer has reported some customers are having problems adding items to their shopping carts and missing out on deals that have been heavily advertised on TV.

Five apps for tracking the time spent on projects – Make sure you’re compensated for every minute you put in on a project. The apps on this list will help you account for how, where, and when you spent your time.

Peruse 19th Century NYC With This Street View-Like Tool – If you’ve ever wanted to see what Google’s Street View would’ve been like in the 1800s, now’s your chance. A new site called OldNYC delivers a Street View-like view of what the city looked like in the late 1800s and early 1900s. The site includes a map of New York City and a slew of dots that can be clicked on to see different images of that particular location. According to Business Insider, which earlier reported on the site, it was developed by Dan Vanderkam in collaboration with the New York Public Library, which has a collection of more than 80,000 photographs of New York City shot from the 1870s to the 1970s.

Security:

4 ways to reduce your chances of getting caught by malvertising – Malvertising is malware at its best, even catching security experts in its crosshairs. Learn how to fight back against these malware-infused ads.

MIT’s anonymous online communications protocol Riffle could beat Tor at its own game – Tor has been the go-to for anonymous communication online for years now — and that has made it one of the juiciest targets possible to the likes of the NSA and FBI. A new anonymizing protocol from MIT may prove more resilient against such determined and deep-pocketed attackers. The potential problem with Tor is that if an adversary gets enough nodes on the network, they can work together to track the progress of packets. They might not be able to tell exactly what is being sent, but they can put together a breadcrumb trail tying a user to traffic coming out of an exit node — at least, that’s the theory. A team of researchers led by MIT grad student Albert Kwon (with help from EPFL) aims to leapfrog Tor’s anonymizing technique with a brand new platform called Riffle.

How to safely access and navigate the Dark Web – Is your business data on the Dark Web? Learn how to find out if you’ve been compromised in this step-by-step guide to accessing the underbelly of the internet.

How to manage users’ risky tech habits – IT has a reputation for not always being sympathetic to users’ needs, but managers and CIOs can also find themselves managing users’ risky tech habits. So how can these situations be addressed constructively, without alienating management in other departments? Here are six common scenarios and some best practices for handling them.

Researchers create effective anti-ransomware solution – Are you willing to sacrifice a dozen or so of your files in order to save the rest from the grasping hands of modern crypto-ransomware? I believe that the answer from most victims would be a resounding “Yes!”, and this is just what CryptoDrop does. The anti-ransomware solution, which apparently works seamlessly with anti-virus software, was created by a group of researchers from the University of Florida and Villanova University:

Nation-backed malware that infected energy firm is 1 of 2016’s sneakiest – The malware contains about 280 kilobytes of densely packed code that, like a ninja warrior, cleverly and stealthily evades a large number of security defenses. It looks for and avoids a long list of computer names belonging to sandboxes and honeypots. It painstakingly dismantles antiviruses one process at a time until it’s finally safe to uninstall them. It takes special care when running inside organizations that use facial recognition, fingerprint scanners, and other advanced access control systems. And it locks away key parts of its code in encrypted vaults to prevent it from being discovered and analyzed.

Company News:

Facebook blamed for Palestinian attacks in $1 billion lawsuit filed by victims’ families – Families that lost loved ones from attacks committed by terrorist group Hamas are charging the social network for playing “an essential role” in their ability to operate.

Nokia and Samsung announce expanded patent licensing deal – Nokia and Samsung are cozying up together for the second time this year after the duo announced an expansion of the patent licensing deal that they agreed back in February. Under these new terms, the companies will share “certain additional patent portfolios” together going forward. The pair’s previous deal covered an unspecific set of patents, and this latest announce is equally as vague. But, Nokia — which massively expanded its patent trove with its $16 billion purchase of Alcatel-Lucent — was more specific on the financial outcome of this agreement, which it said will increase revenue from patent and licensing to around EUR 950 million, that’s about $1 billion, per year. Certainly a figure worth writing home about.

Pokemon GO estimated earnings top $14 million in less than a week – Since it seems like you can’t throw a stone without hitting three or four Pokemon GO players, it’s safe to say the game has turned out to be quite popular. Just how popular is it, though? If new estimates from SuperData Research are accurate, the answer to that question is “more popular than air itself.” The research firm estimates that Pokemon GO has already raked in earnings of more than $14 million, which is insane when you consider that the game has been available in just a handful of regions for less than a week.

wps_clip_image-20469

Google granted more time to answer Android antitrust charges in EU – The European Commission has been investigating Google’s business practices around its Android mobile software, and now the search giant has an extra six weeks to respond to the commission’s allegations, according to a report Tuesday by Reuters. In April, the EU formally charged Google with antitrust complaints over Android, which powers four out of every five smartphones on the planet. The crux of the argument has to do with alleged business agreements that require hardware vendors to pre-install Google services, like Search and Maps, on their handsets in order to gain access to Google’s Play app marketplace. Originally, Google had until July 27 to respond to the formal charges, but now will have until September 7.

Warner Brothers fined for paying YouTube celebs to promote game – The FTC this week disclosed that the broadcast giant gave “tens of thousands of dollars” to a number of YouTube celebrities, including the hugely popular PewDiePie (who has a colossal 46 million subscribers and reportedly makes $7 million a year), to promote ‘Middle Earth: Shadow of Mordor’ without making relevant disclosures. Rather than visibility labeling videos as promoted content (advertising), the FTC said that Warner Bros asked the celebs to put disclaimer information in the description box for videos, meaning that it wasn’t immediately obvious that this was a paid-for shill.

Cisco boasts 100 percent security coverage – Partnering with its rivals is one way Cisco is pushing the envelope of its 100 percent security strategy, wherein it aims to provide security to all workers, both on premises and off premises.

Microsoft debuts “Surface as a Service” program aimed at getting devices into the enterprise – Microsoft announced this morning a new program aimed at expanding Surface’s footprint in the enterprise, dubbed “Surface as a Service.” The initiative will allow businesses to lease Surface devices, alongside subscriptions to Office 365 and Windows 10. The company says this will allow customers to benefit from access to the latest hardware as well as faster device refresh cycles. Surface has been a growing business at Microsoft, the company also notes, having grown in the past year from generating $1 billion in revenue per year to $1 billion per quarter.

Games and Entertainment:

Pokémon Go expands to Europe starting with Germany – Pokémon Go isn’t a global phenomenon just yet as the game has only been available in the U.S., Australia and New Zealand. But the game is preparing for its European launch. Pokémon Go is now available in Germany on the iPhone and Android — other European countries should follow soon.

‘Pokémon Go’ Tips and Tricks to Make You the Very Best, Like No One Ever Was – If you haven’t already, you’ll soon start to see people more glued to their phones than usual, perhaps taking bizarre, nonsensical routes down the streets, flicking their screens rapidly in a car park, or gathering around police stations, all the while endlessly muttering “gotta catch ’em all.” Pokémon Go, the new, extremely popular augmented reality game by Niantic Labs, is set for release in more countries in the very near future, right after the company has fixed its exploding servers. Given the game’s immense popularity, competition to become the greatest Pokémon Master of all time—like no one ever was—has never been tougher, and there are some key things you should know before setting off on your journey.

Cops warn Pokémon Go players: Please don’t trespass to catch ‘em all – Law enforcement agencies around the globe are reminding citizens to obey trespassing laws and follow common sense when playing Pokémon Go. The new crazy-popular mobile game has led to some frightening results in recent days, such as the location of a dead body and robberies of players in Missouri. On Monday, San Francisco Police Department Captain Raj Vaswani warned in one online posting for players to “obey traffic laws, please.” “Do not run into trees, meters, and things that are attached to the sidewalk; they hurt,” he said. “Do not drive or ride your bike / skateboard / hipster techie device while interacting with the app. Know where your kids are going when playing with the app, set limits on where they can go, so they don’t keep going trying to get that Pokemon.”

wps_clip_image-16588

The Best HDTVs We’ve Tested – No matter your budget or the size of screen you want, here’s what to look for when you’re shopping, along with the top-rated televisions we’ve tested.

New Doom update adds Vulkan support, AMD claims substantial performance – A new patch for Doom has added Vulkan support, making the recent Bethesda game the first title to support that API. AMD GPUs pick up significant performance as a result, while Nvidia performance looks mostly flat.

Microsoft won’t force you to use Cortana on Xbox One – Microsoft is planning to bring Cortana to the Xbox One next month, but if you’re happy using the existing Kinect Xbox voice commands then you won’t be forced to enable the digital assistant. While early beta versions of Cortana for Xbox One were designed to disable Xbox commands once Cortana was enabled, Microsoft has pushed out an update that will allow users to disable the assistant and return to the old Xbox commands.

The 10 Most Pirated Movies – Films starring Ice Cube, Jeff Goldblum, and Ryan Gosling appear in this week’s list of the most pirated movies on the Internet.

Off Topic (Sort of):

The GOP’s Platform Draft Claims Porn Is a ‘Public Health Crisis’ – Want another sign that the Republican Party is, shall we say, a bit out of touch with much of America? Look no further than the Republican party’s latest platform draft. Among the provisions? A declaration that porn is a “public health crisis.” As the RNC platform draft indicates, the national Republicans are only too happy to amplify the idea that, even if it’s technically protected as free speech, porn should be derided as something destroying our hearts, minds, and genitals. Except there’s just one problem: whatever issues porn might be to blame for, they’re just one small part of our national crisis of sex education—a crisis the Republicans are largely responsible for.

TOS agreements require giving up first born—and users gladly consent – Here is the front door of a fictitious social networking site that study participants thought was real. All participants, US university students, agreed to terms that included demanding their first born as payment. The privacy policy they all checked off said their data would be shared with the NSA and employers. Most of the 543 university students involved in the analysis didn’t bother to read the terms of service before signing up for a fake social networking site called “NameDrop” that the students believed was real. Those who did glossed over important clauses. The terms of service required them to give up their first born, and if they don’t yet have one, they get until 2050 to do so. The privacy policy said that their data would be given to the NSA and employers. Of the few participants who read those clauses, they signed up for the service anyway.

Nearly Two-Thirds of Americans Can’t Pass a Basic Test of Financial Literacy – Quick: If you take out a $1000 loan that has a 20% rate, how much will you owe a year in interest? Answer: $200. But if you got that wrong, you’re not alone. Nearly two thirds of Americans can’t calculate interest payments correctly, according to a new study. About a third said they didn’t even know how.

Engineering Explained gives a crash course on motor oil – If you’re not sure what all the numbers on the motor oil label mean, check out the Engineering Explained video below for a rundown. You’ll learn about SAE ratings, viscosity and the advantages synthetic oil have over conventional oil. For folks who like to put off oil changes, there’s also an interesting demo at the end of the video to show the different flow characteristics between new and used motor oil. After watching that, you may just want to get your oil changed on time all the time going forward.

6 Things Recruiters Look For in Your LinkedIn Profile – According to an eye-tracking study by The Ladders, recruiters spend six seconds on average looking at a resume. LinkedIn profiles get even less time. According to Heather Whaley, a principal with Hunt Executive Search, these six things stand out when scanning through profiles to fill positions:

Something to think about:

“Laws alone can not secure freedom of expression; in order that every man present his views without penalty there must be spirit of tolerance in the entire population.”

–    Albert Einstein 

In Pursuit of Freedom – The Pushback Continues:

For the first time, federal judge tosses evidence obtained via stingray – On Thursday, a US federal judge in New York delivered a crucial rebuke to the government’s warrantless use of stingrays.

In a 14-page opinion, the judge ruled that the government could not use its stingray to locate a drug suspect, asleep in his apartment. As a result of the ruling, the judge suppressed the evidence found in the man’s bedroom—a kilogram of cocaine—likely effectively ending the case.

In March 2016, a state appeals court in Maryland reached a similar finding, but this is believed to be the first federal ruling of its kind.

“This is the first federal ruling I know of in which a judge squarely ruled that the Fourth Amendment requires police to get a warrant to use a stingray, and suppressed evidence derived from warrantless use of the technology,” Nathan Wessler, an attorney with the American Civil Liberties Union, told Ars.

As Ars has long reported, cell-site simulators—known colloquially as stingrays—can be used to determine a mobile phone’s location by spoofing a cell tower. In some cases, stingrays can intercept calls and text messages. Once deployed, the devices intercept data from a target phone along with information from other phones within the vicinity. At times, police have falsely claimed the use of a confidential informant when they have actually deployed these particularly sweeping and intrusive surveillance tools.

EU-US Privacy Shield now officially adopted but criticisms linger – The European Commission has formally adopted a new framework for governing personal data transfers between the EU and the U.S., replacing the prior Safe Harbor agreement which was invalidated last fall, and aiming to end nine months of uncertainty.

The EU-US Privacy Shield agreement is another attempt to bridge two distinct legal regimes, aiming to achieve ‘essential equivalence’ of European data protection laws in the US where EU law does not have jurisdiction, while also providing legal certainty for businesses operating in the two regions.

It’s a balancing act that some expert commentators suggest is impossible without substantial reform of US laws.

But in a press conference today the lead negotiators from the two regions spoke from a joint podium to assert that after some two and half years of talks they have delivered “a framework that protects privacy and creates certainty”, as US secretary of commerce Penny Pritzker couched it. She also dubbed it a “milestone for privacy”.

4,000 cyber attacks on users per month: Alphabet – Google parent company Alphabet has said it is notifying customers of the 4,000 state-sponsored cyber attacks that occur on users per month.

SVP of Alphabet’s Google unit and Alphabet board member Diane Greene mentioned the figure at a tech conference in Aspen, Colorado, on Monday while highlighting Google’s security prowess.

The internet search provider has led the way in notifying users of government spying, and previously said that it issues tens of thousands of warnings every few months, with customers upgrading their security in response.

Google’s privacy removal requests went from 30 million to 65 million in the space of 14 months between 2014 and 2015. The company continues to disclose government requests for data in six-monthly transparency reports, which now include a page on its HTTPS encryption efforts.

Sharing Your Netflix Password Is Now a Federal Crime: The decision says millions of people could be “unwitting federal criminals” – On July 5th , the U.S. Ninth Circuit Court of Appeals issued an opinion which found, in part, that sharing passwords is a crime prosecutable under the Computer Fraud and Abuse Act (CFAA). The decision, according to a dissenting opinion on the case, makes millions of people who share passwords for services like Netflix and HBOGo into “unwitting federal criminals.”

Advertisements

2 Comments

Filed under Latest Tech News

2 responses to “Tech Thoughts Net News – Wednesday – July 13, 2016

  1. Mal

    Hey Bill,

    Re: 12 steps to safer online banking

    We have discussed this all before,but I’ll put it out there again for anybody new to the blog – an Antikeylogger is essential if someone is doing banking online in Windows. I know you love Zemana, but my preference is Spyshelter, been using it for years and it is very powerful. I use the paid version (I got a free licence) but the free version rocks too.

    Cheers
    Mal

    • Hey Mal,

      Glad you brought this up – keyloggers have not suddenly disappeared – they are still out there working their dirty magic. We tend to focus on the “latest and greatest” malware threats and as a consequence, the “old tried and true” methods seem to get lost in the shuffle.

      Good to get your strong endorsement of Spyshelter.

      Best,

      Bill