Secure the Internet Now - - DTNS WEEKLY TECH UPDATE 05/04/2017
Added 2017-05-04 17:19:19 +0000 UTCThis is the weekly newsletter companion to Daily Tech News Show at http://dailytechnewsshow.com/
You can get this newsletter by backing DTNS for $5 a month or more at http://patreon.com/dtns (THANKS Y'ALL!!)
You may have heard me go on about how the Internet is not ready for most people yet and that's one of it's biggest dangers. Well the Google phishing scam this week revved up my engines again. I've got that for you in a Closer Look and the recap of the news of the week including all the essential earnings news in one place.
CLOSER LOOK - I almost got caught by the Google Docs phishing attack earlier this week. Almost. I got one of the emails with “open doc” link from a listener of the show I had recently corresponded with. For a fraction of a second I thought about opening the doc to see what this person was sharing. And then I didn’t.
It was years of habit that saved me. I’ll explain what stopped me from opening it and why this is a sign to me that security is severely broken on the Internet and we need to fix it. Now.
HOW I STOPPED MYSELF
I’ve been working covering technology for 18 years and an enthusiastic user of technology since I was kid in the 1970s. So I’ve built up some robust habits.
One of those habits is to never click a link in an email unless I’m 100% sure I was expecting this link and that it’s actually from the person I expected it.
The Open in Google Docs link almost subverted this because it’s a button, not a link. But my habit kicked in and said, “Hey Tom, would you click that if it was a Microsoft Word attachment? You weren’t expecting a doc. It doesn’t have a title. Could be a new vector.
So I then went to my secondary procedures, which is to look closely at the email headers. That’s when I saw it was sent to hhhhhhh and cc’ed other addresses I didn’t recognize and I immediately deleted it.
Now that’s the procedure for an email for a person who has done this for decades and takes great care. That is not what the use case should be for the average user.
THE INTERNET ISN’T READY YET
This is another example of why I maintain that the Internet is still in its power user phase of development and yet we have the general public out there using it. The code is functional but man is it broken.
I’m not a car guy. So if I had to check my car’s computer diagnostics every time I turned it on I’d never drive. For people who just want to use tech, but aren’t big fans of it, they shouldn’t have to think so hard about each email they get and be expected to parse headers.
Now Google made a nice move by adding a warning popup to known malicious links in Gmail but that’s a band-aid, and it only works for the known links. And let’s not even get into the pending Internet of Things security nightmare that’s looming as average folks begin to add smart light bulbs and door locks to their homes.
https://9to5google.com/2017/05/03/gmail-for-android-anti-phishing/
https://techcrunch.com/2016/05/09/the-internet-of-things-is-security-nightmare-warns-eff/
There needs to be a worldwide effort to identify and make significant changes to the Internet for positive security. The thing is, that every tech company knows what the issues are. There are even good plans to remedy problems. We need to apply pressure to get them to meet and standardize and put in place the effort to fix the problems in an open and standards-oriented manner.
https://www.theguardian.com/technology/2016/may/24/google-passwords-android
Believe me every tech company knows this. Every standards organization knows this. But with busy schedules, competing agendas, and plain old human personalities involved it will need something big to get everyone motivated to make it happen. This wasn’t it. I hope that when it happens it isn’t too damaging.
NEWS RECAP
Microsoft announced a new 13.5-inch Surface Laptop running its new Windows 10 S operating system, to go on sale June 15 in four colors for $999. It has a 1080p touchscreen, a regular USB port, displayport and SD card slot, with 4GB of RAM and 128 GB SSD storage. Windows 10S is a stripped down version of Windows designed to run on low-cost computers and targeted at the education market. More than seven manufacturers will make Windows 10S laptops starting at $189 with free Office and Minecraft Education Edition, shipping this summer . Microsoft is competing with Google’s Chromebook which has gone from 2% of the education market in 2012 to just more than half in 2017. http://www.bbc.com/news/technology-39779095
- https://techcrunch.com/2017/05/02/windows-10-s-laptops-will-start-at-189-and-ship-this-summer/
Hulu launched its live TV service Wednesday offering more than 50 channels for $40 a month or $44 a month for commercial-free library access. Channels like HGTV, Travel and Food joined from the Scripps Network to add to channels from ABCDisney, CBS, Fox and NBC. A DVR can hold up to 50 hours of programming or you can pay $15 a month for 200 hours. Each account gets two simultaneous streams though $15 can make that unlimited. $20 a month gets you 200 hours and unlimited streams. A redesigned app comes along with the new service for Xbox One, Apple TV, Android and Chromecast. iOS users need to download a new Hulu with Live TV app. Roku, Amazon Fire TV, Amazon Fire TV Sticks and Samsung Smart TVs coming soon but no word on Web access. Hulu also announced a season 2 for The Handmaid’s Tale. https://techcrunch.com/2017/05/03/hulu-with-live-tv/
The New York Times reports the US NSA will stop collecting emails and texts to and from people overseas that mention a foreigner who is under surveillance. The NSA found it too difficult to comply with 2011 privacy rules put in place by the Foreign Intelligence Surveillance Court. https://www.nytimes.com/2017/04/28/us/politics/nsa-surveillance-terrorism-privacy.html
Wednesday a phishing attack spread by email asking people to open a supposed Google Doc. It used Google’s third-party system to impersonate Google Docs and asked for permission to access Gmail and contacts. By afternoon Google had disabled the offending accounts and removed the fake pages and any permissions that had been granted to the app. Google also added a feature to Gmail for Android that will warn users who click on a link that has been identified as a forgery. https://arstechnica.com/security/2017/05/dont-trust-oauth-why-the-google-docs-worm-was-so-convincing/
-- https://9to5google.com/2017/05/03/gmail-for-android-anti-phishing/
Mark Zuckerberg said Wednesday that Facebook will add 3,000 people over the next year to monitor reports of inappropriate material and remove videos of things like murders or suicides. The 3,000 is an addition to the 4,500 people who already review posts now. Facebook has come under criticism recently for taking as much as a day to remove disturbing posts. http://fortune.com/2017/05/03/facebook-live-monitors/
Microsoft announced Q3 earnings of $4.8 billion and 61 cents a share, beating or meeting analyst’s expectations. Productivity and Business, which includes Office and LinkedIn, rose 22 percent. Intelligent cloud rose 11 percent with server and cloud services up 15 percent. And personal computing fell 7 percent, dragged down in part by a 26 percent decline in the Surface product line. http://www.zdnet.com/article/microsofts-q3-strong-as-commercial-cloud-revenue-hits-15-2-billion-run-rate/
Alphabet reported a rise in profit of 29% to $5.43 billion, well beyond analyst expectations. Most of the rise came from Google where paid ad clicks rose 44 percent, and YouTube revenues grew 22 percent. Google’s non-advertising revenue, made up of its hardware and cloud services like the Play store grew 49.5 percent to $3.10 billion. Alphabet reports earnings from all non-Google companies as other bets, where revenue rose from $165 million to $244 million but loses also grew from $774 million to $855 million. https://www.theverge.com/2017/4/27/15457974/alphabet-google-q1-first-quarter-2017-earnings
Apple announced earnings per share of $2.10 on revenue of $52.9 billion, beating expectations on earnings and just missing on revenue. Apple sold 50.76 million iPhones, down from 51.2 million last quarter and missing expectations. iPad sales decreased 13% on the year, the lowest since Q2 2011. Mac sales and revenue were up 4% and 14%, and other products, aka Apple TV, Apple Watch and Beats, rose 3%. Services increased 18% while sales in China fell 12%. Tim Cook claimed Apple Watch sales nearly doubled year over year but did not provide numbers. Cook also claimed its wearables revenue was the size of a fortune 500 company which would put it at least $5.1 billion. http://www.cnbc.com/2017/05/02/apple-earnings-q2-2017.html
Amazon reported a rise in Q1 sales of 23 percent to $35.7 billion, beating analysts expectations. Amazon also earned $1.48 per share, it’s 8th straight quarter of profit. Amazon Web Services led the way growing 43 percent to $3.7 billion. Amazon continues to invest most of its money back into the company and emphasized its Echo products and AI as areas of emphasis. https://www.recode.net/2017/4/27/15451726/amazon-q1-2017-earnings-profits-net-income-cash-flow-chart
Facebook reported earnings per share of $1.04 and revenue climbed 49% to $8.03 billion roundly beating expectations. Facebook’s Monthly active users rose to 1.94 billion and Daily Active Users to 1.28 billion. Facebook did repeat warnings that it expects ad revenue to “come down meaningfully” by the middle of the year as ad load fills up and costs increase by more than 50% as Facebook plans to invest in what it calls “significant initiatives” http://fortune.com/2017/05/03/facebook-results/
Researchers at the University of Science and Technology of China at Hefei in Anhui province describe building a specialized quantum computer to model the movement of photons, called the boson sampling machine. Their research was published in the scientific journal Nature Photonics on Tuesday. The current design can model up to five photons at a rate 24,000 times faster than a conventional computer. While modern supercomputers can model up to 20 photons, the researchers believe the quantum apporach will allow for more effective scale to larger numbers in time. http://www.scmp.com/news/china/policies-politics/article/2092635/chinese-scientists-claim-milestone-developing-quantum
Intel published an advisory Monday afternoon identifying a vulnerability in its remote management feature that could give attackers full control over computers running on vulnerable networks. The bug affects vPro processors using Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability. It does not affect consumer processors. Intel has issued a patch. https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/
In a blog post, Yik Yak announced the shutdown of their social network over the coming weeks. In the post, co-founders Tyler Droll and Brooks Buffington stated Square had agreed to hire several employess, and an SEC filing shows the company also agreed to pay $1 million for a non-exclusive license to some of Yik Yak's IP. http://blog.yikyak.com/blog/thank-you-yakkers
Bloomberg News received photos of Apple’s autonomous Lexus RX450h SUV from a person who saw it on the street. The photo appears to show off-the-shelf sensors, including Velodyne’s 64-channel lidar, at least two radar sensors and a series of cameras. https://www.bloomberg.com/news/articles/2017-04-27/check-out-the-lexus-that-apple-s-using-to-test-self-driving-car-technology
