Info

Craig Peterson's Tech Talk

ClearChannel Radio's Number One Weekend Tech Show in the Boston Market -- More Than 20,000,000 Podcast Downloads! Craig interviews top industry insiders and explains the technology secrets everyone needs to know. www.CraigPeterson.com
RSS Feed
2019
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
April
March
February
January


2015
November
October
September
July
June
May


Categories

All Episodes
Archives
Categories
Now displaying: 2019
Apr 19, 2019

Did you upgrade your Router?  If not you probably have been hacked by hacker groups have been hijacking DNS traffic on D-Link routers for months and I will get into that more today.

Yet again, Facebook is in the news and again it is for their privacy and their cameras so i will discuss the implications of this.

April 15 -- the date that looms over all of us each year. Have you considered the value of your Tax information to a criminal?  Today we will cover more on this and how you can protect yourself.

The person who started this whole Walking Dead series has a brand new series that's coming out and she has some creepy thoughts about technology.  More on this

Updates are important.  Guess who found out the hard way -- Yes that would be NYC IT.  Failure to update their systems brought the New York City wireless network down. So let's get right into it here.

For all this and more tech tips, news, and updates visit - CraigPeterson.com

---

Transcript:

Below is a rush transcript of this segment; it might contain errors.

Airing date: 04/20/2019

Home And Small Business Routers Hacked - NYC Wireless Down Due To Lack Of Updates - Fake Amazon Reviews Critical - Amazon Show The Feed Walking Dead Channing Powell

Craig Peterson 0:00
Hey, everybody. We are getting going here. Of course, Craig Peterson. We're going to talk about some of the major tech stories. This week, we're going to talk about the hacker groups been hijacking DNS traffic on D-Link routers for months. Now, what does that mean to you? What can you do about it? How can you detect it? Facebook, the privacy kings, right? What's happening with Facebook and their really creepy portal? Yeah, it's kind of interesting, that little camera they have. Tax info, of course, April 15, time to file the personal taxes. What is happening? What's the cost? What's the value of your tax information online and why would they steal it? The founder, the person who started this whole Walking Dead series has a brand new series that's coming out. And she's got some creepy things to say about technology. And we've got the New York City wireless network down, I warned you. Don't say I didn't warn you guys about that and what's happening. So let's get right into it here.

Craig 1:12
DNS has, of course, been one of the most important parts of our internet for very, very long time. Time was we had to maintain hosts tables, we had to know where everybody was, we had to do hop routing, we'd send it to somebody that knew more, they had a bigger map of the internet. So you know, we had upstream providers and we would send it to them, we were all connected together. And it was really quite a hodgepodge. So DNS came out. And the idea behind DNS isa dynamic name system was to allow us now to have one massive name database. Now it was designed in the times when the internet was a much more friendly place. We didn't have bad guys out there running around, we didn't have opposition parties who are trying to shut us down, denial of service attacks and and hijacking domains. Well, actually, we kind of did have hijacking domains. Had a couple stolen from me back in the day, but it was a much more genteel place. And DNS was designed for a cooperative system. So if you want to go to Google com, or http://CraigPeterson.com or anywhere online, you could use the name, it would go to this DNS system, who would then look up that name, it would come back with an Internet address, and then that address would be used to route your data. Does that make sense to you? I, you know, I hopefully I explained that right. And simply enough. The idea is that we can using DNS just use names because as humans aren't great at remembering all of these multi multi digit numbers. And it's gotten even worse now with IPV6, but we're not going to get into that right now. So what's been happening with our wonderful little hacker group here, while the modems here from D-Link, ARG, DS-LINK, SECUTECH, and TOTOLINK, and you can see them here on my screen. You'll find them on my website, just go to http://CraigPeterson.com/YouTube. And you can watch along here, but for the last few months, they've really been hacking a lot, I have the list of known routers that have this vulnerability that had been hacked. And this is based on a one of the security companies that went and had up, poke around, Troy Mercer's, the guy's name, Bad Packets, his name of the company. And he's saying there were three major waves, there is a wave, late December, early February, late March as well, in 2019. But these attacks are still going on, these hacks are still out there. And what they're doing is they're taking the DNS information that you would normally have in your router, and they are changing it to some of these malicious DNS servers. Now, I've got it up on my screen, I just pulled it up from this article, which you will also find on ZDNet, which is when we're talking about or right there and http://CraigPeterson.com, that's probably the easiest way to find it. And I send it out today in my show notes as well, my show notes email, but these are the addresses. So if you want to check right now to see if your router has been compromised, have a look for these addresses in your DNS settings. And the idea here is they change the settings on your router, it now provides those DNS addresses to your other equipment in your home or your office. So now when your other equipment tries to go somewhere online, they have the ability to intercept it, because they just say hey, yeah, Google isn't at 123 Main Street in Merrimack. No, no, no, it's at 1745 Lenin street in Moscow, and some how now your traffic in some going to Moscow? Well, in this case, right? This kind of looks like it's some Brazilian people. They're really trying to do this the most. But they've hijacked traffic that's been meant for Netflix, Google, PayPal, and some Brazilian banks. So the idea here is you try and go to one of these sites. And what do they require you to do? They require you to log in. Or maybe there's a cookie set in your browser that they can read and use to login. So they try and get you to login, get the information from you. And then now they've got your information, we already discussed why they want it. And we'll get into in just a couple more minutes too when we're talking about what's happening right now with your tax information. But they are using what are called bulletproof hosting providers, in case you're not familiar with that is these bulletproof hosting providers. And I'm going to stick their ASs here, up on the screen. If you're a total geek, you will find right there. There we go.

Craig 6:01
There's AS's which are autonomous systems, part of the internet backbone. But bulletproof hosting providers will not provide information about their clients to law enforcement. And they try and prevent anybody from figuring out who their customers are. So these two hosting providers of the guys that are doing it, this has all happened before, there's a massive, malvertising operation. Sometimes they'll use these DNS attacks, in order to inject into the stream ads. We've had ISPs, legit ones here in the US who've been doing similar things. If you try and go to a site that doesn't have a DNS entry, guess what they're going to do?

Craig 6:44
Yeah, they're going to send you to their site to their advertising.

Craig 6:49
So that's what's been going on. If you are using any one of these routers button up on the screen, again, which are basically the D-Links, ARG, DS-LINK, SECUTECH, and TOTOLINK, as well as many others. Make sure you update them, upgrading them or replace them. And I went over this in quite a bit of detail in my most recent master course, about what is happening out there and what you need to be aware of. All right.

Craig 7:21
So let's move on to our next article. This is something I warned everybody about last year. And then again, I warned everybody about just about a month ago. And as it turns out our friends at New York City, they kind of knew about it, too, but they didn't really do anything about it. And that is this New York City wireless network. And it is down due to a bug at least it has been down. They've been working on trying to get this thing back up online, which makes sense, right?

Craig 7:58
And this has to do with failure to update. How many times have we talked about that being a real problem out there. And the failure to update in this case is all of our wonderful data that they're using to allow the police, fire departments and others to communicate. Now, the fire department is saying they got off of what's called NYC WIN which is their wide area internet. They got off of it a couple of years ago, they switched over to Verizon mobile data. And they're using that in order to communicate with the hospitals when they're transporting patients and things. But the transit officials can't remotely control 12,000 plus traffic lights, traffic cameras, NYPD license plate readers are down. This is according to the New York Post. It crashed on Saturday, April 6. Do you remember that date?

Craig 8:55
Yeah, I warned everybody, right. Remember that one guy quoted him saying I am not going to be anywhere near an airplane on April 6th? Well, the the Department of it there New York City is paying Northrop Grumman about $40 million a year to run this network that cost them a half a billion to put in place and has been in service in for 10 years. And they never updated some of the core components. Why would you use GPS? Here's what's happening.

Craig 9:28
The GPS, older GPS equipment had what's called a rollover event. They were using Okay, there's a little geeky but 32 bit counters, you remember the old 32 bit computers and you got upgrade you want 64 bit Windows and 32 bit Windows. Remember all that thing, while these older GPS units had 32 bit counters in them. And what that meant is come April 6th, they went from it's 5pm on April 5th to it's zero pm. It rolls back to zero, which goes back to the Epic, which I'm not sure what it wasn't GPS, and the Unix world it was 1970. But everything got messed up. So now all of a sudden, their traffic cameras, security cameras are all saying that they are down for maintenance because they are down and they're down hard. The same thing with license plate readers, not all of them, but the ones that were older, all are failing on them now. But they use GPS for the clocks. Now think about gridlock. Gridlock is a term that was invented in the city of New York. And what it meant was they have this grid laid out, right, it's all beautiful grid straight lines. And gridlocked meant that traffic couldn't move, because the lights weren't properly synchronized. And it was there for decades. And they they came up with that term. So they decided they had to synchronize all of the light so that traffic could flow properly. Well, traffic isn't flowing properly, because now the clocks that are in the light, the traffic lights that were using a clock coming from the satellites via the GPS signal. That GPS receivers not working, the clocks are now falling out of sync. Some of them I suspect pretty quickly falling out of sync. So now New York's in for more gridlock, hopefully, they'll get this fixed pretty quickly. But it's a very, very big deal. Police have been sent to spots with vehicle mounted readers where the readers are failing. And I kind of find that interesting, too, because you're talking about license plate readers really, that's a critical piece of infrastructure. I guess it is if you're trying to find people who owe money on parking tickets, but otherwise, and fire department and you New York with a patient care reports to hospitals, they've got that all fixed. They're saying they're all set and according to New York Post Northrop Grumman declined to comment is, is that a shocker? Is that a shocker to you as well?

Craig 12:09
Yeah, of course, they're not going to comment on that sort of thing. Alright, so next up here, let's go to our fake Amazon reviews stories. This is just crazy here. Have you gone to Amazon? Have you used some of their review stuff? I know I have. And it's, it's you know, it's very handy. And I use it quite a bit, right. And that's kind of the stars that are that are on top of the page, and they put this up on the screen for you.

Craig 12:42
And a five star reviews, can you trust them? Well this particular reporter from the Hustle, went underground and spent two weeks there and found out what was really happening. So gives a, actually, I'm not even sure what the name of the author of this article is. They don't mention their name, and they don't have credit. Okay, maybe it's Zachary Crockett, that might be it.

Craig 13:11
So, here's what he said. He said he went to this private Facebook group, this underground Facebook group, and was chatting with this person named Lien Xi, an Amazon seller from Guangzhou China. And she offered him a deal. If he gave her a five star review. For her iPhone charger. Now he would need to buy the charger from Amazon. So that could be a verified purchase. And then what she would do is she would refund him via PayPal and pay him a $10 commission. So he was asking, Hey, isn't this illegal? And her response was? Well, that she didn't say no. She said what you will love is all she said right? So he looked up or product review. And you can see this on my screen here http://CraigPeterson.com/YouTube. http://CraigPeterson.com/YouTube. 

Craig 14:09
But he found her iPhone charger on Amazon. And it had almost 4000 5-star reviews.

Craig 14:19
Isn't that just amazing?

Craig 14:21
Also got Amazon's Choice Label, which is very, very valuable. I know I use that. So when I'm looking on something on Amazon, I'm looking at the stars. And I'm looking at the Amazon's choice on the little black box that comes up. And then occasionally, depending on the price of the item, I'll scroll down to read the reviews. Well, apparently I'm not alone. And if you do the same thing, you're not alone, either. Because what it's saying here is 65% of us trust online reviews. 82% of American adults check the product reviews before making a purchase. I think that's low frankly, I think it's almost 100%. If you're an Amazon, right, it's probably 100%. But just generally shopping online is probably more like 82 I can see that.

Craig 15:11
So research is showing that we're more swayed by a simple star rating than what the reviewers actually write. And I've got to also go Let me see pop hit head a little bit here. Some of these reviews and you might have seen stuff like this. I know I have. And it really upset me. You see reviews and he's saying this one product is looking at. this is another guy this guy named Tommy Noonan had 580 reviews, and every single one of them was five stars. But he recalls people would write things like I haven't tried this product but and then leave a glowing review. Well, does that smell like it's a setup, or what? It definitely does. Let me show you this here. Okay, on the screen again, http://CraigPeterson.com/YouTube. Facebook reviews are boosting a lot of products. And I've seen stats saying it's 20% all the way up to 60% of these are fake. But look at this, headphones, it saying the fake reviews, the average star rating is 4.89 out of five. And the real reviews are 3.99. So that's a difference for headphones. I'm almost a whole star.

Craig 16:28
Isn't that amazing? So it's showing up as five stars almost when it should be four stars. Then what happened is there's a guy out there who's doing some research. Fakespot is where you'll find it. Fakespot.com. And they came up with some of these stats. And they are absolutely shocking. When you get right down to it here I'm going to bring this up. So it's my absolute full desktop view here. So you can see this whole thing and in more detail. But there it is, right headphones, cell phone accessories, pest control, car control, sexual wellness, pet supplies, all of these things, vitamins and supplements, by the way, kind of the bottom of the list. They they only have a differential between fake and real stars of the quarter star here, bottom line. And then there's another one I want to show you here too. This is the search on unreliable Amazon reviews. This is a chart again, that I've got up on, you'll see it on YouTube. But they are hosting, Amazon's hosting 1.8 million vendors and sellers who are selling nearly 600 million items that are generating about 9.6 million new product reviews every month. So really the the big deal here, the big question is, how can you tell when they are fake? How can Amazon tell? If you're talking about 10 million reviews a month, how can they tell? Well, there's some ways to do it. They're kind of trying to do it. But I've got to say I think they have a negative motivation in trying to do it. I'm not sure it's all it's cracked up to be. Because by having these people shipping products directly from China to Amazon's warehouses in bulk. So they ship 10,000, 100,000 of these things to Amazon warehouses, Amazon, then prepositions them in warehouses close to where they think there will be people that will be buying them. And then those people who are looking to buy them can get them very quickly, right? That's the whole idea behind it.

Craig 18:38
Well, you're cutting out the middleman, instead of having somebody buy it from China, ship it to the US and then ship them in with smaller quantity used to Amazon, the Chinese manufacturers effectively are shipping it right to Amazon, who ships that right to you. So that's saving you a lot of money, which I would prefer recently called a disincentive. Right? I don't think Amazon's purposely trying to be, you know, hiding things from us. But be very careful out there. Because there's been a huge rush in the marketplace, there are dozens of products that are almost indistinguishable from each other. And frankly, that's exactly what what they're taking advantage of right now. With these fake reviews, how do they get their product well known while they just make themselves a fake little review, right? That makes it easy enough.

Craig 19:30
So let me pull up our next little article. And this is fascinating. And I am totally looking forward to seeing this when it comes out. And this is from Yahoo, and right now they just had a film festival over in Cannes over in southern France. And Channing Powell, you might have heard that name before. She's the lady who founded, who started Walking Dead. And she's been thinking about what's happening with technology now and what's happening with technology in the future. And this is an article from Yahoo News that they picked up from AFP Wire. But she says she is terrified of what big tech might be up to. She has a new show called The Feed. And it's premiering in Cannes. And that's the just this week, by the way. And my birthday, by the way this week as well. It's premiering and Cannes this week, and it's all about a dystopian future now who hasn't heard about dystopian futures? Right? That's it's all normal. Well, what she's saying is Elon Musk, and Facebook are both trying to develop technology that can allow you to remotely control things. But The Feed, this new Amazon series goes a step further. Not only can you control things with your mind, but people you can send your feelings, what you're seeing, what you're smelling, everything you can send it to someone else in social media. So someone else can live your life. Well, what happens if someone's in the middle of that, a company, like a Facebook or whomever. And let's say they're malicious, and they modify that, or they they play with your mind and your emotions, because now they can send emotions to you. And the cells, the smells, and the the eyesight, everything to make it seem real well, that's what this is all about. And she says that Elon Musk right now is developing a neural lace computer that covers the entire brain that you would control with thought, okay. She also goes in and talks about what's been happening at MIT, they have something that clips on your ear, and will do some remote control stuff for you. She's saying she's 39 years old, by the way, so she's not quite a millennial. But she's very concerned, you know, we got our iPhones with us all the time, and people just can't leave them behind. They're checking Instagram constantly. So what's going to end up happening here? There's some companies already in Belgium, in Sweden that are implanting chips into people. When here's a direct quote from here to that I totally agree with, when somebody like Elon Musk, who's a radical libertarian, who's inside all of this development and understanding of it. When someone like Elon Musk is telling government that you need to regulate us and stop us from doing what we are doing, that is absolutely terrifying, absolutely terrifying. And frankly, we're at a tipping point now. The Chinese government has already started a social credit score, where they will now we reward you or punish you, based on social credit that starts January 1, 2020.

Craig 23:10
That's the tipping point. I talked last week on my show about what has happened in Venezuela, they have purchased the Chinese social credit system, where now you have a national ID card that you sir, everything from banking through voting, they know how you voted, they know where your money's coming from. And if you're getting any money from the government, they can, will and do control it. So maybe we're already past the tipping point, she doesn't say that she says, you know, we're really close. But maybe we are already passed it. And and frankly, that's scary. That really scares me the bottom line.

Craig 23:49
Alright, so we've got a couple more articles. And we've only got a couple more minutes. So let's get to those pretty quickly here.

Craig 23:57
Let's get that up on my screen. And I'm going to let's see. So let's talk about this really quick. And this has to do with your taxes. You have of course been paying taxes for years, right? Just one of the two things that that is certain than life, death and taxes. So this is an article from Fox Business and I got it up on my screen, YouTube or excuse me http://CraigPeterson.com/YouTube. But we have our taxes out there. IRS is said to have the largest database in the world. And that doesn't surprise me. But here's how much it's worth. We filed W2s and 1040s. There's the business stuff that's out there. They are all available for purchase online. And you've heard these tips before use multi-factor authentication with your bank, right? Use a password manager, don't say passwords in your browser, file your taxes as soon as possible. So that with the bad guys file of false tax reporting your name, it's not going it's going to pop up a flag it's not going to go through. Don't give away personal information as you have to never transfer money based on an email, right? All the basic stuff. Well, here's how much your information is worth. I'm going to pull us up on the screen. Here we go right now. So basically, for $1,000, a hacker can purchase access to a US based bank account, file a fake return, claim the IRS refund and cash out through cryptocurrency exchange. And they will make more not 100% return on their thousand dollar investment. That's the bottom line here. So they're really are trying to do it. IRS is saying that there's 1.4 billion breach attempts every year, many of them are coming from nation states, which frankly, doesn't surprise me in the least. Why not? It's a good way to fund your operations when you get right down to it.

Craig 26:05
And then we got one more article really quickly here. I couldn't believe it when our friends over at Facebook decided that they would go ahead, I just couldn't believe this, that they would go ahead and release a nice little creepy device.

Craig 26:27
This is the Portal Have you heard about their Portal before? This is a device they were selling for 200 bucks and it had in at some pretty darn neat technology. And this technologies designed to be able to recognize faces in the room, follow faces. And you could call out to your family and friends you know really cool stuff that an article by our friends over at Boeing Boeing. Well, the bottom line is who wants to buy a telescreen from Facebook? Nobody trusts them. They were selling it six months ago for 200 bucks. Apparently, it hasn't been selling very well. And as part of Facebook's apology tour they've been doing for the last year, they dropped the price. So if you want Facebook to spy on you in your home, and track you and your face as you walk around the room, which is nice if you're cooking dinner and you're talking with someone and it's creepy if you're not, then go ahead for 99 bucks, you can get it right now as well. So that's it for today. Have a great week. We are putting these up online as well. You can see them at http://CraigPeterson.com/YouTube for all of the YouTube people who want to follow it and we're putting our security tips up there and other things as well. So it should be a good time for all. Keep an eye out and please do subscribe. Follow me over there http://CraigPeterson.com/YouTube. And I will be back next week right here. And I'll be here with Jack Heath on Monday morning and Jim Polito on Tuesday morning and an even more throughout the week. So keep an eye on my podcast and that's at http://CraigPeterson.com/iTunes. Take care everybody. Have a great week ahead. Bye bye. 

--- 

Related articles:

5-Star Phonies: Inside The Fake Amazon Review Complex

Here’s How Much Your Tax Info Is Worth On The Dark Web

NYC Wireless Network Down Due To Y2K-Like Software Bug

Hacker Group Has Been Hijacking DNS Traffic On D-Link Routers For Three Months

‘They’re In Our Heads’: TV Series Tackles Big-Tech Nightmare

Facebook Slashes Price Of Its Creepy Portal Home Surveillance Telescreen
---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 17, 2019

Are we living in a virtual world? Is Amazon spying on us? Is your car watching you? Find out more as Craig discusses these topics with Ken and Matt on the WGAN Morning News this Wednesday morning.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

Amazon Workers Are Listening To What You Tell Alexa

Are We Living In A Simulation? This Mit Scientist Says It’s More Likely Than Not

Your Car Is Watching You. Who Owns The Data?
---

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/17/2019

Our Virtual world - Data Cars Are Collecting - The Truth About Amazon Alexa Monitoring

Craig Peterson  0:00 
Good morning, everybody. I expect I'll be doing a couple of It's a Security Thing podcasts this week. So make sure you check back. Today I was on with Ken and Matt. And we reviewed of course the articles in the news this week we talked about the cars and the amount of data they are collecting on us right now. We spent a little bit of time talking about this whole what's happening with virtual reality thing and, you know, a couple of other topics came up as well. So here we go with Ken and Matt.

Matt Gagnon 0:34
Alright, here we go. It is 7:38 on the WGAN Morning News on Wednesday morning. And Craig Peterson joins us as he typically does on this day to go over what's happening in the world of technology Craig Peterson. Welcome to the program, sir.

Craig 0:46
Hey, he does you know, I remember back in the, must have been 74, 75 driving down the Decarie expressway in Montreal and having the axle in our car come out the side rear axle. And it was hanging out about two and a half three feet almost ready to completely come out. So we didn't just almost lose a tire or lose a tire. We almost lost the whole wheel and the actual want to happen to be actual came out of our car. That would, let me tell you that was quite a quite an event because the Decarie expressway was was a very busy back then in the mid 70s.

Ken Altshuler 1:28
How did the wheel on the other side stay on if your axle came out that far?

Craig 1:34
What is the differential in the rear right, rear wheel drive car. So there's really two axles and so the one on the left side somehow the bearing went and became detached from the differential and slid it out. Man, that'll wake you up.

Ken 1:51
Yes, it will. Speaking of waking up, Craig Peterson. I thought that Alexa, can't listen to what's going on in your house?

Craig 2:02
Yeah, you know, there's been a lot of bad reporting on this. And you know, other than us right here, I think most stations tend to report things incorrectly. Knee jerk. Let me put it that way.

Matt 2:15  
Are you calling people a fake news?

Craig 2:16 
Fake news? Yeah, exactly. It's been all over the place just last week. So I'm not surprised you kind of caught up top this one Ken. But here's what they're saying. They're saying they're complaining that the Alexa is listening to you. And worse than than Amazon's people are listening to you. Here's the bottom line on this. And here's what's really happening. If you develop some software, you have to test it. And one of the things I never worked on was voice recognition software. I worked on signature recognition analysis, but never voice. Always a very difficult thing to do. And frankly, I am shocked and amazed how good voice recognition has become. Well, it's become really good. Not because somehow computers have gotten smarter or faster, that has nothing really to do with it. voice recognition has gotten really good because people are analyzing what the computers are doing. So you, you know, breaks down the speech and tries to understand you. And you have to have a human come in afterwards, make sure that computer did it correctly. Maybe you flag something that you want people to listen to, because the person just kept asking basically the same thing and the computer couldn't recognize it. So what's going on here right now is Amazon has a team, a worldwide team, a global team. And they examine a small portion of the recordings that the Alexa has made of your commands. So Matt, for instance, how would you tell an Amazon device to tune in to the radio station this morning?

Matt 4:02
Alexa, tune in to WGAN.

Craig 4:07 
Exactly. And so now Alexa is going to tune in and you have a great radio announcer voice.

Ken 4:14 
He does.

Matt 4:14
Thank you, I appreciate that.

Ken 4:15
Nobody says that to me clearly.

Craig 4:18
So it would pick it up and it would handle it pretty darn well. But a lot of us kind of mumble and you know, our accents are there from other languages we might speak and things. So the Amazon Alexa, the workers are not sitting there listening to all of your conversations. What's happening is a very small percentage of commands just like Matt gave, are analyzed by humans to make sure it's doing the right things. And then they use that to tune up the Alexa to be able to appropriately answer questions or obey commands. Google does it with their Google Home systems, Siri does it. Apple does it with their systems, and the workers don't have your name, your email address. They don't know who you are. They have nothing personally identifiable about you. All they're trying to do is make the speech recognition better. And they also if they hear something that might be considered suspicious, they do nothing with it, because they have no context. So people have been worried about that, too. And I can tell you, and you know, as an emergency medical professional for 10 years, I was a mandated reporter. And we had to report things that we thought were suspicious. Well, different people have different levels of suspicion. And we saw that in Blue Bloods, I love Blue Bloods on TV here this last week, where you have a woman who is there in a park and doesn't like the way another mother is talking to her and teasing her about this other mother's baby and stuff. So she reports it to the police and everything. So there's different levels of suspicion. And all you're hearing, when you're examining this, when this team is listening to the audio, is a 10 second snippet, a maximum of 30 seconds that you can't really tell what's going on. So don't worry about it. Yeah, they have it. Yeah, they're keeping it Yeah, they're analyzing it. But it bottom line, the best of my knowledge, even though it's been called up as evidence in some court cases, it's never actually been particularly valuable, other than in divorce cases.

Matt 6:32
All right, we're talking to Craig Peterson. He is our tech guru. He joins us on Wednesdays at this time to go over what's happening in the world of technology. And Craig, I rewatched The Matrix the other day. And I remember 1999, when that came out, which is now 20 years ago, my god in heaven, that it sparked a number of conversations between college philosophy majors about whether or not it was something that would show us that we actually did already live inside a simulation and whether or not The Matrix was real, and the movie was kind of showing us that reality, and so on and so forth. But this conversation is rearing its ugly head yet again, because there's an argument being made right now that we are, in fact, living in a simulation. So Craig, I guess my question to you is, am I currently plugged into a computer somewhere living my life as a simulation?

Craig 7:17
Yeah, it's a real interesting question. Oh, my gosh, I got into this in some detail on my podcast, too, because this is something that's fascinated me for at least 25 years before it came out, The Matrix came out. Do you remember the same time? Do you remember two more movies that came out in 98, 99? The 13th Floor and Dark City?

Matt 7:38  
I remember both of those movies.

Craig 7:40
Yeah. All kind of the same thing. Well, here's the bottom line on all this. I'll make this pretty quick. We could go on for hours. But the basic thinking is, we have virtual reality right now. I'm sure Ken uses it every day as he's playing his video games, right. And it's getting better and better as we go forward. At some point, this is going to be better than, well, it's much better than today. But it's going to be as good as the real world you won't be able to distinguish the real world from not it was even in the fifth, The 5th Day, right? Or The 6th Day. What was that Schwarzenegger movie?

Matt 8:22
I think it was the 6th Day wasn't it?

Craig 8:24 
6th Day.

Matt 8:26 
And I remember when we're talking about. Yeah. Not a lot of people remember that Arnold Schwarzenegger movie,

Craig 8:28
Well, the guy had a virtual girlfriend.

Matt 8:30 
Correct.

Craig 8:30 
So it gets to that point. And our computers are fast enough to be able to simulate people just like they did in these movies, then what's to say that some history major doesn't create a program that spins up a society from 500, a thousand years ago, and lets the program run. Lets things happen within the program, to try and see how people might have acted a thousand years ago, or changing things just a little bit here or there. What would happen? Well, if any of that is possible, and it is all possible, there's no question and then it'll be extremely possible in another, certainly within 50 years, some people are saying 20 or 30 years, then what are the odds that what we are experiencing is real? And in other words, if there was one society that went all the way past where we're at to indistinguishable virtual reality, to be able to create virtual reality, civilizations, what are the odds that we are that initial civilization, and not one of millions of likely virtual civilizations in the future? And so this is from an MIT science as he just came out with a book called The simulation hypothesis. There are quite a few books out about the same topic, but I love that, that title. And he is a computer scientist, Video game developer. He leads the Playlabs at MIT. And I'm assuming it's a he. Yeah, it is a he. Rizwan Virk. R-I-Z-W-A-N Virk. So if he's right, what does it mean to us? Does it matter? You know, does it all of a sudden change our lives in any way? They the answer's no. It's very interesting to think about that though, I agree with you Matt.

Ken 10:28
We are talking to our tech guru, Craig Peterson, who joins us every week at this time. 7:30 every Wednesdays. And you can go to http://CraigPeterson.com and get all this news all the time. Before we let you go, are you telling me now that my cars watching what I'm doing? I mean, I have no privacy in my car?

Craig 10:47  
None whatsoever.

Matt 10:49
You don't have any privacy anywhere Ken. 

Unknown 10:51
I guess so.

Matt 10:52
This is America in 2019.

Craig 10:54
Well, you know, when you're really good looking Matt, everyone's watching.

Ken 10:54
Exactly, really?

Craig 10:55 
Yeah. Yeah, I've heard that anyways. Well, I didn't realize this statistic. But cars now are capable, because really, it's just a computer on wheels. In fact, that's not even true. It is 20 to 30, at least computers on wheels in your car. And it can generate about 25 gigabytes of data every hour. Four terabytes a day. And they're saying that in another 10 years, that data from our cars is going to be worth almost a trillion dollars. So the big question out there right now is who owns that data from our cars and and how private is it going to be? Because when we take our cars, and even now, they are plugged into a network and able for instance, with Mercedes, they have engineers in Germany, that examine the data in your car to try and figure out if there's any issues, things you might not be aware of. Acura is doing some of those same things, many high end car brands are doing it and even lower end car brand are set up right now to plug your car into their computers, collect data and do some analysis. So who owns it? How private should it be? Could it be at this point in Europe, they have some laws that that aren't specifically about this, but the GDPR does kind of cover it. California has a lot that goes into effect next year. And that law is going to try and keep this private information private. But as much as 10 years ago, I know speaking of Decarie expressway in Montreal, I know in Montreal on Sherbrooke, they pulled a car over because people had reported it as speeding. The police didn't see it speed, but they pulled it over. They plugged a reader into that port in your car. And it reported that the car had within the last 10 minutes been doing 70 miles an hour on a city street and they issued a  ticket. So things to think about and maybe look forward to hear guys.

Matt 13:06 
All right. Craig Peterson, our tech guru joins us at this time every Wednesday. Appreciate it Craig as always. And we will talk to you again next week, sir.

Craig 13:15
Take care, guys. Bye Bye.

Ken 13:16
Thanks, Craig.

Craig 13:24
And I'll be back tomorrow. Take care guys. Bye bye.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 16, 2019

Are we living in a simulation? Craig is on the Jim Polito show this Tuesday morning as they discuss this possibility.


These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

Are We Living In A Simulation? This MIT Scientist Says It’s More Likely Than Not
--- 

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/16/2019

Living In A Simulation

Craig Peterson 0:00
Hi, everybody, sorry a little late getting it out today. I had a couple of meetings this morning and just tied me up. Anyhow, I think you're going to love this one. I don't know how much you've thought about virtual reality and its impact on us, where it is going. But Jim Polito and I had a good conversation about it this morning. It's something I've been thinking about for going on 25 years now. Are we living in a simulation? Could this happen in the future? So here we go with Jim.

Jim Polito 0:38
Here he is. The man who knows it all. Our tech talk guru and great friend, Craig Peterson. Good morning, sir.

Craig 0:45 
Hey, good morning, Jim.

Jim 0:48
Craig, you're scaring me. You're scaring me because you sent the material for our segment. And one of my favorite science fiction movies is The Matrix. The Revolutions and you know, the Reboot. They were okay. I mean Reloaded. But I gotta say you telling me than an MIT professor says that the concept of The Matrix, which is that we're all in a dream world right now, everything around us is all imaginary. It scares me.

Craig 1:29
I read a book years ago, I have this guy on my radio show, I tried to like the concept so much. And he was talking about something that a lot of our kids are really into now. And that's virtual reality, Have you tried any of this VR stuff?

Jim 1:48 
Just a couple of times, I mean, I like it. I think it's gonna I think it has some great applications for us. Yeah.

Craig 1:56 
Yeah. It does. They're using it now for medical care, remote doctors and things. It's just amazing. But you can still tell you know, it's virtual reality, but it's virtual reality kind of like cartoons were in the, in the 70s compared to what they're like today, you know. Today, you see some of the animated stuff like the new Lion King that's coming out. And it's hard to believe some of it just isn't real. You know, it's, it's, it's just amazing. Well, if we've got virtual reality today, that's like this, with the computers that we have and everything else, think of what virtual reality is going to be like in the next 10, 20, 30 years. Ultimately, you know, they're already working on this Jim, it's going to be indistinguishable from your regular life. So you're going to be able to see stuff and it's going to look real. You're going to be able to touch things and you will feel them you'll be able to smell things that are all around you. It's gonna be kind of cool because you can sit there on a beach in Fiji, in your home, in your living room chair. That's where it's all... think of that.

Jim 3:11
Hey, listen, that's all right. I'm all good for that. As long as I'm in control of this, and I know what's real and what's not. What is this MIT professors saying about this what's not real?

Craig 3:29
This is really kind of interesting. And I end the hypothesis is an interesting one too. And, you know, being a tech guy, I've been very interested this for a long time. You mentioned The Matrix came out in 99. There were two other movies that came out in 99 as well along the same lines. Well, this MIT professor's name is Virk, is saying that as well as many other people now including Elon Musk, if we're going to be able to get to a point where we can have virtual reality that is pretty much indistinguishable from the real world,w hat are the odds that we're not going to have simulations? What are the odds that we're not going to have things like you know, lived through World War Two? We've already got video games like that right? What's that called? Danny probably knows where, where you're in there to shoot them up World War Two game and you're you're going around and you just click on.

Jim 4 :28 
The Call of Duty?

Danny 4:29
Probably Call of Duty. Yeah.

Jim 4:30 
Is it Call of Duty?

Craig 4:32
Yeah, yeah. Call of Duty as an example, right. So when you're when you're in the future here, not the distant future, but the nearby future people are going to be playing games like Call of Duty. They're going to be on the beach are going to be having all of these things, and it will be quite real. Well, if you can have a simulation like that, in the future as computing improves, is that new technology coming up quantum computing, morphogenic computing and other things. In the future, we're going to have much more processing capability. So we could have things like The Game of Life. Now this, this goes way back, The Game of Life. And I don't know if you're quite geeky enough to... Oh, you remember that? Okay.

Jim 5:20 
I remember The Game of Life. Sure. We played it all the time.

Craig 5:23 
Yeah. And you had you had cells and they divided and things went on. The Game of Life where you started civilizations with certain parameters. The parameters can include there's water, does ice float or does it sink? Does this have a Game of Thrones world? Does that really exist and create those and spin them up? How about people who are in the school that at MIT and other places? Are they going to want to be able to use that technology to spin up a whole simulated civilization and have that civilization run out to see what history might have been like. So let's recreate our ancestors a hundred thousand years ago. And and start that simulation and see how they acted. Well, frankly, that's inevitable. That is going to happen. So let's crank that clock further ahead, let's crank crank it ahead 100 years 1000 years into our future we will have the capability to do that and have multiple simulations running on the same computer of entire societies. of entire civilizations crossing thousands of years. So if that's the case, if we can get to that point, ultimately what he's saying and many others have been saying is the odds are excellent that the millions to one, Jim, the odds are excellent that what we're living in is a virtual reality. That none of this is real. Because if there will be thousands or millions of these things spun up in the future, what are the odds that we are living in the very first, very initial society that creates this virtual reality?

Jim 7:34  
Oh my god. My mind got blown.  We're talking with Craig Peterson our tech talk guru. And it's like science fiction spilling over into reality and you know, Jules Verne, remember Jules Verne was writing these novels about man on the moon and all these other concepts that ultimately came to fruition and you know, are the novels of today doing that? And now you've got an MIT scientists saying, hey, how do you know you're not living in a, in right now in a virtual reality? Remember when I was young, the big deal was, hey, we could be, our universe could be inside a molecule in the finger of a giant in another universe, you know, like and that stuff used up blow your mind you'd be sitting there in college talking about that stuff. Just blow your mind. And yet this is really blowing my mind. This stuff.

Craig 8:40
It is something. This is like we're in a marble hanging on a cat's collar in Men in Black right? It is highly likely. It's called a simulation hypothesis. There are some excellent books that have been out there now for 20, 30 years about this. And you look at the Wachowski's movie series, The Matrix and some of these others. I'm trying to remember what the names of them were there a couple more in 99 but this guy's name is Rizwan Virk, I assume it's a guy, a computer scientist, video game developer, and he leads the PlayLabs over at MIT, came out with a book and he took he kind of define the, the whole thing called it the simulation hypothesis. And I've thought about this, thoroughly thought about this Jim for more than 20 years. And I don't see any way that it's not a simulation. Now, that doesn't mean that these people that believe this, don't believe in God or the God exists, or the benefits of religion or anything else, because who's saying what's being used ultimately. But if we can, if anyone can get to the point where you can't tell the difference. Even think of the Fifth Day right? That Arnold Schwarzenegger movie.

Jim 10:08 
Yeah, yeah. I believe that you could download everything in your brain.

Craig 10:11 
Everything in your brain and his buddy was, and his girlfriend was virtual. She wasn't real. And yet, everything seemed real, you know, these types of things and these hypotheses been  around for a long time. So it's fun to play with. I'm not sure it does any good in any direction at all.

Jim 10:35
Yeah, I know. I know other than blowing your mind and being good conversation. Especially younger.

Craig 10:37
It doesn't matter, right. It's kind of the bottom line. 

Jim 10:41
What difference does it make? If it's true, what difference does it make to me right now? I'm a Duracell battery. That's it.

Craig 10:48
I don't think that's the case.

Jim 10:51
If I am a battery, I'm definitely a D cell.

Craig 10:58
Here we go. Rim shot, please.

Jim 11:00
Here we go. Craig Peterson folks. Always blowing our minds so the great stuff. Now Craig Peterson can blow your mind to outside of the show. He the information that he provides to me and there was a lot of other stuff today butt I just picked this little Matrix like story you can get it to and also get updates when there's a big hack or something going wrong in the IT world Craig Peterson provides this for free to my listeners. He doesn't pester you doesn't try to sell you anything. And all you do is text my name to this number.

Craig 11:37
855-385-5553. That's 855-385-5553.

Jim 11:48 
And standard data and text rates apply. But I suggest you do it. And Craig, awesome segment and we'll catch up with you next week.

Craig 11:58
Hey take care. Thanks, Jim.

Jim 12:00
Thanks.

Craig 12:03 
Hey everybody. Thanks for listening. We'll be back tomorrow. Bye bye.

---

Don't miss any episode from Craig. Visit http://CraigPeterson.com/itunes. Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We're really hitting it out of the park. This will be a great year! 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 15, 2019

Craig is on with Mr. Jack Heath discussing China's selling high tech software and hardware to monitor citizens to Latin America. They also talked about Amazon employees listening to what you tell Alexa.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

Amazon Workers Are Listening To What You Tell Alexa

China Selling High-Tech Tyranny To Latin America, Stoking US Concern

3 Technologies That Could Create Trillion-Dollar Markets Over The Next Decade
---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/15/2019

Trillion Dollar Markets - Amazon Workers Listening - China Selling Tyranny

Craig Peterson 0:00
Good morning, everybody. Craig Peterson here this morning I was on with Mr. Jack Heath and Jack and I had a chance to talk about this whole China selling high tech tyranny to Latin America, three technologies that could create trillion dollar markets over the next decade. I didn't get to that on my weekend show like I had wanted to. And we talked a little bit more about Amazon workers listening to what you tell Alexa, is this a problem or is this just another case of the media hyping something up? So here we go with Jack.

Jack Heath 0:35
Craig Peterson, check out Craig Peterson, O-N.com. Good morning, Craig.

Craig 0:39
Hey, good morning, Jack.

Jack 0:41 
How are you?

Craig 0:44 
I'm doing well. We got a few really interesting articles this week. I don't know if you've heard about more concerns about Amazon workers, listening into what you're telling Alexa. I've seen a number of reports that are wrong, just kind of I think misguided here. Yes, they do listen to some of these recordings. In other words, they're not sitting there listening to microphones live in your house or your office. But the recordings that you are making, when you wake up the device, you know, you give the wake word, and then you ask it a question or give it a command. Those recordings are going up to the cloud, they're being processed in order to be able to do what you ask it to do. So in order for Amazon to get better at understanding what people are saying. They have to have people listen to it as well, from time to time. Make sure it's understanding it properly, and then change some of the programming. So for everyone out there, that's been getting kind of worried because of some of these semi fake news reports out there. It's not such a big deal. We've also got an article up on my site about some technologies, three new technologies that Barron's was talking about last week, that could create a trillion dollar market each one of these over the next decade. Now, you know, I'm not a financial advisor here. So this is not an investment advice, right? But you know, you look back to the 1950s. And you remember course all kinds of technology from then washing machines, vacuum cleaners, cars, TVs, and you go back another 50 years, and you really wouldn't recognize America, that's probably going to be the same going forward 50 years Jack. We're talking about things like CRISPR technology that's being used for gene editing, healthcare is on the brink of major changes. We're going to make custom drugs for people. In computing, we're moving from the digital world, Moore's law that's governed us for so long with computers doubling in speed is going away. We're moving to quantum computing, something called neuro morphic computing, which is mimicking the human mind and material science. You know, we've had, of course, Boeing in the news recently about the Max 8, well, they have a new plane coming out called the Boeing 787 Dreamliner. It's a lot like the predecessor, but because they've been using some powerful simulation machine learning, they can develop now, some new materials that they faster, 100 times, literally 100 times faster than they ever could before. So this new Dreamliner, even though it's mostly the same as the last model, it's going to be 20% lighter, and 20% more efficient. So we've got quite a world ahead of us, Jack.

Jack 3:41
Interesting. All right, what else? Any other interesting consumer tidbits or tips?

Craig 3:47
Yeah, yeah, there's been a lot of concern raised about Huawei. And what's been happening with 5G roll out. And I've always been concerned about government and advertisers even monitoring. Well, China has stepped in into this Venezuelan problem where we've got strong men, Nicolas Maduro down there, clinging to power. Remember, China has a software and hardware that's designed to monitor its, I don't want to call them citizens, because they're not it's a communist country, but to monitor the people. So they over in China have social credit, where you get jaywalk, and it dings you, right. Too many dings and you're out of luck. Well, now that they've sold that to Venezuela now, and they're issuing a card down their national ID card. It's a smart card. And it's used for the government to give you money. It's used for your banking, and it's used for your voting. And so now Maduro is allegedly now using this for social credit, where if you don't vote the right way, you will not be able to get money from the government.

Jack 5:00
Makes me want to live in China. Right. I'd be fined if I never go to China for a minute, no offense, but anyway.

Craig 5:06
Yeah. That's the case, and that's unfortunately coming here potentially with 5G. That's been some of the concerns people have been having.

Jack 5:15
Yeah, all right Craig good stuff. on this Monday morning Craig Peterson. http://CraigPeterson.com. His show of course on Saturdays, Tech Talk. Thanks, Craig.

Craig 5:23
Hey, take care Jack. 

Craig 5:28
Hey, if you're not a subscriber to the podcast, and you've been missing my new series that's right here on this same podcast channel. Make sure you subscribe. I would really appreciate it because we end up getting our word out to more people, the more that subscribe, that's what matters. And of course, the 800 pound gorilla in this market is still iTunes. So go to http://CraigPeterson.com/iTunes. If you haven't subscribed, please take a few minutes and subscribe right there. It would really really help I appreciate it. http://CraigPeterson.com/iTunes. Have a great day. We'll be back tomorrow and you know it's a security thing and take care. Bye bye.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 12, 2019

Are we in the Matrix?  Well, An MIT professor says our whole experience could be a simulation thing. So we'll get into that today

Are Amazon workers to your Alexa conversations? Well if they are it is for only max 30 seconds. They don't have context. I get it. It may be an invasion of privacy but could they tell anything about the context. We will delve into this more today

Why are conservatives (or so-called conservatives) saying we've got to start regulating the internet?  I will be covering the reasons why today.

Is China selling high tech tyranny to Latin America? And it's true, and it's scary and we will discuss it.

Then there is Malware that is attacking our Critical Infrastructure sites.  Today. it's on our list to discuss. 

We've talked about autonomous cars, and about insurance and liability for them before? However, the bigger concern is DATA!  Did you know that a car can generate about 25 gigabytes of data every hour, and as much as four terabytes a day? So, who's getting that data?  Listen in for my take on that

For all this and more tech tips, news, and updates visit - CraigPeterson.com

---

Transcript:

Below is a rush transcript of this segment; it might contain errors.

Airing date: 04/13/2019

Government Regs Killing Internet - China Selling Tyranny To Venezuela - Russian Malware Infecting Plants

Craig Peterson 0:00
Hello, everybody Craig Peterson here. We've got a lot of security and technology to talk about today, including one of my favorite topics, you might not be aware of this. But wow, you're going to love this.  It is from an MIT professor. And he agrees with me about this whole simulation thing. So we'll get into that in just a few minutes. I was watching the news this week. In fact, it was yesterday on Friday. And it was kind of crazy because they were talking about oh, my gosh, Amazon workers are listening to what you're telling Alexa and the, you know, invasion of privacy and all this other stuff? Really? Really? I don't think so. Okay, so we'll talk about that. What's really happening there. Your car? We know we've talked about autonomous cars are about insurance before? Where's the liability shifting? Is it something that you really have to worry about? Well, how about all of the data? It's saying right now, this is an article from Roll Call, that a car can generate about 25 gigabytes of data every hour, and as much as four terabytes a day. So who's getting that data? And what does it mean and what's going to happen? We've had more and more calls for government regulations over the internet. Now, we've seen a lot of those in Europe, we're going to talk about what's happening right now in the US. We've even got so-called conservatives, who are saying we've got to start regulating the internet, because, of course, they feel their voices are being squashed. So we'll talk about that. China selling high tech tyranny to Latin America. This is from the Washington Examiner, in kind of an intriguing headline. And it's true, and it's scary. We've got another piece of malware out there. It's called Triton. And now it is infected a second critical infrastructure site. This is a bad, bad thing. And one more that's in my show notes for this week. And we may not get to all of us on the air today, right. So make sure you visit them online, you're going to have to go to http://CraigPeterson.com. And you can subscribe right there to my weekly show notes. You get all of the top articles that I have found during the week, right there in the daily or the weekly newsletter comes out Saturday morning.

Craig 2:43 
But this particular one's interesting because 16 months ago, researchers were reporting and unsettling escalation in hacks, targeting power plants. This is from ArsTechnica.com. And we talked a little bit about that before. And, you know, we know about some of the compromises that happened, for instance, in Iran that was conducted by the US and Israel. But what's unprecedented in this attack is the use of advanced malware that is targeting the site's safety processes. So it's shutting down all kinds of things that are going to help keep the plants safe. And when you think about gas field pressures, reactors, reactor temperatures rising, it gets very, very nasty, you know. Some of this stuff is designed to automatically close valves to really mess you up. And when we say mess you up, we mean to make that whole nuclear power plant go into a meltdown.

Craig 3;48 
So what's happening with this? There's some researchers over at FireEye who are saying that this same security firm, by the way, discovered Triton, and it ties it to Russia, that they've uncovered an additional intrusion use the same malicious software framework against a different critical infrastructure site. So I guess the big question here is, Does this mean that countries like Russia, for instance, are using malware as kind of a first strike opportunity? Right? It's hard to trace, it's hard to prove that it's them that that attacked you. Right? How can you prove it?

Craig 4:30
Well, frankly, you can't in most cases, it just has fingerprints, like the Russian language, or this is attacks we know, that have previously come from Russia. Those are the types of things that we've got to watch out for. And we now know that Russia has been involved in some this hacking. We know China has been involved in some. North Korea has been involved in some to let me tell you, it's a different world. And the next war we have is going to be a much different war, that's for sure.

Craig 5:03 
Let's talk about this China story here, where China is selling some high tech tyranny to Latin America. This is, as I mentioned, the Washington Examiner. And this is very, very concerning. Because what we found now is China has been working with these companies like Huawei, which we know about, it's been a very, very big deal. And Huawei's devices have been banned from US military bases, and from others, but it's also saying this ZTE, is tied into this. And we know about the concerns with 5G and ZTE and all of the stuff that's going on all this stuff they're doing. And we're getting really concerned now because what's happening is that China is taking these tools that they've developed in order to monitor their people within China and really displace the United States. They're putting all of the surveillance equipment all around the US and the Western Hemisphere. Well, not so much in Canada, although, obviously with 5G rollouts, we do have some of that Chinese equipment going up there. But they're supporting right now Venezuelan strong man, Nicolas Maduro, the current president who's really clinging to power, after the western democracies, I think all of them said, Yeah, you got to be out of there. And recognize the opposition lawmakers, the interim president, China has been exporting technology that helps a South American socialist to monitor and strong arm the Venezuelan people, which is what he's been doing for quite a while. So here's an example of politics being really promoted and expanded the power base due to some of this technology. So think about that now. China is really now intertwined in the Western Hemisphere and things that are going on. And they're able to surveil, monitor, surrounding the US, that's all part of the Asia Pacific influence that they've been building here for a while. And it's very concerning very, very concerning. 

Craig 7:24
Maduro, by the way, paid ZTE as part of this, but to build a $70 million database and payment system for what they're calling a homeland card. Now, what's concerning about this is this so-called homeland card, that ZTE sold the technology to Maduro for is designed to be used to control access to food, to cash, bonuses, social services, a social credit system for a political control mechanism. In fact, it's even used to track your voting. So they know how you voted, it's recorded right there with the card, it goes into the database. This is all part of their smart card thing. And if you don't vote the right way, what's going to happen? It's just like in Chicago, right? If you don't pay the local Chicago thugs in the party that's in control in Chicago, you know, all of the criminal activity that's been alleged there for years, much of it's been proven, in fact, you end up with potholes in your street that won't get fixed, because you've been speaking out against the local candidate for the town, for the city, for the county, for the state. It's just it's still so corrupt in Chicago. It's unbelievable, how bad it is there. Well, it is much, much worse in Venezuela using these Chinese technologies that the Chinese have been building. Have you seen the Black Mirror episode, for those that are sci-fi fantasy, it is a series out of UK, it's a really, really good one. And the whole idea, the whole premise behind this particular episode is that every time you do something, you get social credit, or you get credit taken away from you. And this poor lady just ends up in a downward spiral and, and has no credit left, right? It gets to be really, really bad. Well, in China, now, they have facial recognition technology all over the place throughout all of the major cities. If you jaywalk, you get points taken away, because the computers know who you are. And now you don't have the social credit. And if you don't have the social credit, because you've done things that the socialist, communist government doesn't like, you cannot vote, you can't get on an airplane, you can't get on a train even they block you from those if you don't do what you're told to do. And if you're not politically correct. Free speech is just going down the tubes worldwide and very, very scary. So let's talk about friends speech here for a minute.

Craig 10:01
Here's an article from the Daily Mail. And course they are ahead of us in some of this stuff, right? Free speech is outlawed in the United Kingdom. Now, it's legally outlawed in Canada, you cannot say certain things. You can't even ask legitimate questions, legitimate political questions. You cannot have a dialogue about certain things. You know, if you question about somebody's birth sex, and now they say, well, you have to use this gender when addressing me, or you're supposed to go on bended knee to his or her royal highness and request permission to speak to them what's going on? Because in Canada, and in the UK, if you say something they don't like, you can go to jail. And it's that simple. So there is no freedom of speech there. And in the US now, we've got these fascists running around, who are beating people up, threatening people, yelling, screaming, trying to stop free speech rights. And that is the definition of fascism, isn't it? It's a definition of socialism or communism, they all do it. They all try and stop free speech because they don't want the free exchange of ideas because their ideas are right. And the only reason it hasn't worked before is because of what? Well, because the other people weren't smart enough. We're smart, our generation is smarter than all generations that have ever come before us. Right? That is not what they say. So now we're tying technology into this. We're seeing it in China. Big time, big time. And we're now seeing it in Venezuela, as the current president tries to hold on to his socialist powers to control everyone's lives. And of course, people are dying, they're starving, They're digging through trash to try and find food. Right? A socialist utopia, just like the Soviet Union became?

Craig 11:57
Well, now we're looking at government regulations. In the US over free speech in places like the public square. Is Facebook, the public square? Is Twitter the public square? Obviously not. But we passed laws in the US that said, Hey, listen, we're going to consider you as a public square, all you have is a faucet. And all of these ideas are coming out of that faucet. And therefore, we are not going to allow anyone to hold you liable for the things that your users say online. And that's the sort of thing that you expect from free and open fair discussions from a democracy, right? You expect that kind of free speech, and you don't want to have regulations or restrictions on the people that are providing those free speech areas, just like the public square. You could go get a soapbox, you could stand up in the public square, and you could say anything you wanted, no matter how crazy it was. Right? That that was the idea of the public square. That was the idea behind the laws that are protecting Facebook and Twitter and, and others online.

Craig 13:14 
Well, now we found that they are doing various types of censorship, let's put it that way. Google is being sued. And just this week, a big lawsuit was announced, because Google's showing search results that favor them versus their competitors. Now, I gotta say, if you're writing code that's going to give good search results, of course, you have to discriminate against materials that you don't consider to be, you know, up to your standard that people aren't looking at that aren't, aren't popular.

Craig 13:52
But if you're looking for an unpopular opinion online, you know, remember, the majority isn't always right. Right? Slavery. The majority of people endorsed it, but it wasn't right. It was never right. So just because of the majority says something should be done. And just because political correctness would lead me to believe that that's what you should do. That doesn't mean that it is the right thing. Well, China's walled off a lot of Western services on the internet, you've heard about the Great Firewall of China before. The UK now is planning to hold executives personally liable for posts on social media that they consider harmful or illegal because remember, there's no free speech in the UK anymore. And this came out in the government white paper on Monday this week. They say this would put the country at the far end of internet censorship and further fuel, what they're calling now this splinternet. This is a term circulated for, you know, more or less a decade here, this gained some popularity recently. And this comes in the tail end of Mark Zuckerberg saying, you know, Facebook's chief, that he wants a common global frame that a framework of internet rules, which is never going to happen, right. Tim Burners Lee, you might remember him, he started the worldwide web's, software. And he came up with what he called a contract for the web that establishes an ethical sense of principles for the internet. A whole lot here. The New Zealand Christchurch mosques, massacre, you remember, this was very recent as well live streamed online. It's a heightened sense of urgency in New Zealand. They just knee-jerked, passed laws within two weeks that change the face of what's happening there. Huge debates in the US and the EU on curbing what they're calling incitement to violence. Now, obviously, you can tie this into, can I yell fire in a crowded theater? Right? There's a lot of things that you could do here.

Craig 16:10
In free speech, that would step over lines like that. So how about the line for inciting to violence? What is that? What does it mean? Well, in Australia, there's a law now it's a new one that can jail social media executives for failing to take down violent extremist content quickly. A proposal in Britain that makes executives personally liable for harmful common content posted on social platforms. How do you define this? How do you define harmful content? Where is the line? If someone says, Oh, my feelings were hurt? Is that harmful? Well, of course, it is, because their feelings were hurt. So does that mean we can't say anything that might upset anyone again, refer back to that, that Black Mirror episode of the UK proposal, this is from a White House technology advisor, who's now over at MIT says that it's a very bad look for rights-respecting democracy to do what they're doing in the UK would place the UK toward the foreign the internet censorship spectrum.

Craig 17:19
And the UK culture Secretary says, you like that? They got a culture Secretary over there. The Culture Secretary says the proposed laws will not limit press freedom. Okay, so where's the line on the press? Look what's happening right now, the Ecuadorian embassy in Britain. And you have a guy who is now under arrest, who's claiming he is a publisher, right? He published documents that were stolen by two military members, one was a military contractor and one, another military man who was working with secret information. Was he a publisher? Did he help them steal it by providing instructions on how to sneak classified information out? Was he a co-conspirator? There's just so much right now going on. And you know, when we're looking at free speech, I think free speech is almost absolute.

Craig 18:23
If it can be shown that something caused physical harm to someone, you know, that's kind of where the my you're right to swing your fist stops where my nose begins. Now, obviously, at some point, while that fist is being swung, I'm feeling threatened.

Craig 18:42
But where do you draw the line? Well, I think you draw the line at touching me, certainly at hitting my nose. And this is something that the internet pioneer has never really thought about. Remember, I've been on the internet since 83. Of course, it wasn't called that back then. We had different types of networks and things. But since 83, and free speech was always a big deal. We didn't really get free speech until September of 91 online, because it was still heavily controlled by the federal government. Remember it was a federal government research project that funded it, but then they kind of let loose of it in 91. But man, what a world out there. 

Craig 19:22 
Let's get into this Amazon article right now. I was listening to the news. I was watching a morning news program, in fact, this week, and they were talking about how bad it is that Amazon Alexa workers are sitting there listening to you. Okay, so that's one level. And then they said, Oh, and on top of it now, they won't call the police if they hear something that might be bad. Now, I like it. I like that, right. And I understand the first part. And I like the second part. Because you know, the second part, you don't have the full context, you've got a 3o second snippet. You know, somebody wakes up that that Amazon device, or that Google device, or whatever it might be. You wake it up, it records for up to 32nd, sends it up to the cloud, processes it, and then execute your command. So they're listening to max 30 seconds. You don't have context. You don't know what's going on. And you certainly don't want to destroy people's lives over a vague suspicion. Right. So I like that. I really like that. It's just like as when I spent 10 years in emergency medicine, we were all mandated-reporters. But we did not have to report unless we thought there might be something going on that's reportable.

Craig 20:52
So I think that's a pretty straightforward thing. I think that's pretty simple to look at and understand because it didn't think that something was reportable, then I never reported it. And so different people had different bars, right? How high that was. Now, let's go to the first part of this where they were very upset that Amazon employees were listening in.

Craig 21:17
It's very limited when Amazon employees are listening in and they're not listening to all of the audio coming from your house. So listening to at most that 30-second snippet, when you told Alexa, that you had a command for her. That's it. That's that simple. And what they're doing is they're using your audio to better the speech interpretation, better the machine learning, so that it understands how people are asking questions, what sort of accents they might have, how it works. For instance, when I talked to Alexa, I get great responses, because she understands me. She understands me speaking, hopefully, you guys do too. But my wife has issues with it. I have a son that has issues with it. And that has to do with your cadence, your clarity of speech, right, enunciation. And how do you improve your software? You improve it by testing. How do you test software, that design that's intended to be able to process human speech and understand what it's going for? Understand what the goal is of that human that's asking you to do something? Well, this is the only way to do it. Right? They don't have these employees that hear the audio don't have your name. They don't have your account number, they have no idea who you are, they don't have the email address. All they have is a snippet of sound, and how the Alexa voice processor processed it. So they can listen to what they can see was Alexa correct in parsing much you said? And was it correct in understanding your intention behind what you said? So it's pretty simple, it's pretty straightforward. Don't get too freaked out about this. And there have been court cases where Amazon has been asked for and did provide under court order, the audio that has been captured. But remember, it's very limited audio. And unless that device has been hacked, and you know, it hasn't happened in at least a couple of years that I'm aware of. If it's hacked, it is possible to make it so it's recording. But the way the hardware setup in that Alexa, it cannot record you, unless that little light is on. It's a physical hardware limitation that they purposely built into it. So it's not as though they can just turn on the microphone and life is good. It's like on your MacBook Pro, the hardware that when your camera is active, that light comes on. It's all designed in one piece. So unlike many Windows machines, you can't just turn on the camera and not have that green light come on. The same thing with Alexa. Now, if you have physical access to the device, there may be you know, there's always ways right ultimately, to get into that.

Craig 24:22 
Man, we are almost out of time. Three technologies that could create trillion dollar markets over the next decade. I got that from Barons, but it's up there on http://CraigPeterson.com. Very interesting. And they talk about some genetic stuff and quantum computing and material science. You'd find that fascinating, I'm sure and I have it up again along with all of these at my website http://CraigPeterson.com. And if you go to htttp://CraigPeterson.com/radio-show, you'll see my show notes, but you also get those in the email if you signed up. This is the one that I really am interested in.

Craig 25:03
Are we living in an illusion? Did you notice back in 99, there were three movies that came out that were implying, inferring, opening our minds to the possibility that we are living in a simulation. And I had a guest on my show about that time. He's just a regular engineer. But he had done a lot of thought a lot of research and put together a book that was specifically addressing that question. Very thick book, very convincing book. And he did all the math behind it. And basically, what he said is that, eventually, any civilization will get good enough to be able to have a virtual reality that's indistinguishable from the real thing.

Craig 25:52
And the odds are that within 20, 30 years from now, that'll be true here. You'll be able to plug yourself in one way or the other and live in whatever worlds you want to. Have a vacation in Fiji and just enjoy it and not have any jet lag okay. That's coming. So if that happens, basically he said the odds are millions to one that we are living in that timeline that invented this virtual reality.

Craig 26:28
We may be all running this, this whole world, this universe that we perceive around us, is millions to one likely to be a simulation. We are not likely to be that very first time through. And what's interesting is this ties into a lot of religions as well. Because again, God created the heavens in the earth. He did it in six days. Oh, maybe he did. Maybe we're running in a simulation, and on a computer in somebody's basement? Who knows what we're doing? And are we all just artificial intelligence programs? So this is fascinating. When I get this book, Rizwan Virk, I may try and get him on the radio show. He's a computer scientist. Video game developer, he leads PlayLabs at MIT. And his book's called The Simulation Hypothesis. I love it. I love just the mental gyrations you kind of have to go through to think about this and the potential of being a simulation.

Craig 27:33 
Well, I appreciate everybody being with us today. We will be back next week. And course I've been releasing podcast now, six days a week. Most weeks, it's you know, it's between two and six. But most recent six weeks we have you know, It's A Security Thing where we're talking about current recent security problems businesses have had what could have been done to prevent them what you can do, and then also just talking about all these great articles that we send out in our show notes. So have a great day. We'll see you next week and thanks for listening. http://CraigPeterson.com for more. Bye-Bye

 

--- 

Related articles:

Amazon Workers Are Listening To What You Tell Alexa

Mysterious Safety-Tampering Malware Infects A Second Critical Infrastructure Site

Rise Of The 'Splinternet': Experts Warn The World Wide Web Will Break Up And Fragment As Governments Set Their Own Rules To Filter And Restrict Content

China Selling High-Tech Tyranny To Latin America, Stoking US Concern

Are We Living In A Simulation? This MIT Scientist Says It’s More Likely Than Not

3 Technologies That Could Create Trillion-Dollar Markets Over The Next Decade

Your Car Is Watching You. Who Owns The Data?

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 12, 2019

It's another Security Thing Friday. Craig talks about the new bug that lets criminals in on the photos we share and upload in Google Photos.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/12/2019

Google Photos Bug Lets Criminals In

Craig Peterson 0:03
Hi, welcome to the Friday edition of It's a Security Thing. We're going to talk today a little bit about another type of vulnerability that is kind of more potential it is real and it can be done. It's not terribly complex. But you have to be a real target in order for it to really hit you at all. And this particular one has to do with Google Photos. Now, you might use Google Photos. There's a lot of different photo sharing services out there, Flickr was recently purchased. And there is all kinds of data that you have in these different services that you might not realize is there. Now Google Photos is really kind of cool when you get behind the scenes. It knows tons of information about anybody that has uploaded photos to it. And it's automatically tagging the images. Now it takes the metadata from the image. And if you haven't stripped it, that includes things like the date and time it was taken, the actual GPS coordinates, the location that it was taken. And then what Google Photos does, is it has kind of an artificial intelligence engine. And it looks for objects and events that might be occurring in the background of the photo. So might look at the picture and say, wow, this looks like a wedding dress, and the groom is all dressed up. And there's other details that might indicate a wedding. So it says, oh, wow, this is a wedding.

Craig 1:40
Or there's a waterfall in the background, it's at sunset, it figures out just tons of stuff based on the location and time that are in the picture, as well as the picture contents itself. It's a really good, really quite cool. It's also using facial recognition, and using that to tag people who are also present in the photos. So here's what happens with Google Photos search engine. I just love this idea. I'm tempted to upload photos to it because of this. But in the Google Photos search engine, you can do a search like photos of me and Karen from Paris 2017. And Google Photos knows enough information to be able to find it. I could say Google Photos of me in Paris in Google Photos of me in wherever it was I was at or near this or near that. It's very impressive what Google's doing. So a security researcher decided, Hmm, I wonder what I can do here. And he went in, I'm trying to find his name. Its Massas, I think, is it? Yeah, it's Ron Massas. And he went in and he said, I wonder if this data could be hacked? And he found that indeed, it could be but only under some pretty specific circumstances, which people could be tricked into doing. And then it can find out things about, you know, obviously, this would be for very specific type of attack. They're doing spearphishing. And you if you listen to my interviews this week on the radio, you know, a lot about spearphishing, more than you might want to know and sextortions that are going on right now. 

Craig 3:48
So he was able to do a side attack on Google Photos, and was able to figure out what people had done, where they had gone at what they had done when they were there various other things. Again, it's a kind of a complex thing. But it does make me think and probably makes you think about Google and these other sites. All of the stuff we have put out there, and that we've given Google and these other companies access to. Is it legit? Is it something we should be doing? And that's the reason I haven't uploaded my photos to Google Photos. Because I'm not sure I want Google to know about all this stuff. And I most particularly don't want Google to end up selling that information or being hacked, and having that information stolen, because that happens all too often not so much with Google, although it does happen with them. But with information that we upload all the time. Remember, yesterday, we're talking about software as a service. And Apple is very good about not mining data to advertise. Apple makes its money by selling new hardware and some software. Google makes its money by analyze you and trying to figure out everything it can about you so that it can sell your information to advertisers. So up to you what you want to do. But again, here's another risk. And I bet most of us just didn't know, Google was doing all of this with photos we uploaded to Google Photos. I certainly didn't.

Craig 5:20 
Alright, everybody. Have a great weekend. Make sure you tune in on Saturday morning. You should be getting my emails if not go to http://CraigPeterson.com/subscribe. But once you get my emails, you will see all of the articles I talked about during the week. And it's important to keep up on all of that stuff. And also you can listen you can just click and listen right there to this week, Saturday show podcast. All of that stuff right there at http://CraigPeterson.com. So I'll be back Saturday, and then I'll be back to my regular schedule Monday through Friday with podcasts next week. Thanks everybody. Make sure you subscribe. http://CraigPeterson.com/iTunes. You'll find me right there or /TuneIn. I'm on a whole bunch of sites out there, but subscribing really helps. Because that raises us in the chart and lets people know that hey, they might want to listen to the show too. Take care everybody. Bye bye.

 

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 11, 2019

Craig is back with another Security Thing. Today, he talks about the dangers of using Box, Dropbox, and other cloud storage services.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/11/2019

Dangers Of Using Box Dropbox

Craig Peterson 0:05
Hey, good morning, everybody, Craig Peterson here. And of course, it's time for our It's Security Thing. Man, I have been so busy the last few weeks delivering on my cyber security course. I have to apologize because I was looking in the logs and it's been like two or three weeks since I got a security thing podcast out. So sorry about that, everybody. But today, we are going to be talking about a real danger that many businesses are facing when it comes to using software as a service. You know, it has been kind of build as a panacea for everybody that, hey, listen, you don't have to worry about your servers, your file servers, your employees, etc. Just use this cloud service. That's what software as a service is. Instead of buying some software and having to run it yourself, all you have to do is stick it up in the cloud. And once it's up in the cloud, my goodness, then you got professionals who know what they're doing that are going to keep all of your data safe, and hopefully keep your data backed up and keep the software up to date. Right? It's just wonderful. In reality, that's not the case. And there's a great article that I put up on my website this week, that's talking about security professionals, IT professionals saying the biggest threat that they have is, drumroll please, internal users. And the reason they're saying its own user basis and biggest threat is because they just are not educated enough. And you know, they're not IT professionals. Well, even if you are an IT professional, what we're going to talk about right now is a problem that dozens, probably hundreds of companies. But now this researcher found dozens, it's called Adversus is the cybersecurity firm, found dozens of companies that had misconfigured their Box account. Now Box is used by many companies, we use it ourselves, we use it for communicating with clients, we haven't set up for other clients. Now, we've kind of switched from Box to Dropbox because I like the integration better. But still, some of our clients are using Box. And these security researchers found that many people who are part of these corporate accounts on Box, Box calls them their enterprise accounts, have been sharing files. Well, you know, isn't that part of the purpose of using Dropbox or Box to be able to share files with other people within the organization and outside of the organization? That I do it all of the time? And the answer is yes. Obviously, that's one of the purposes of using Box.

Craig 2:58
But by default. What are your settings when you create this link to share? Because once you've created this link, if you use default settings, that link can be used by anyone inside or outside your company to be able to access the information. So what you have to do and this is true in Google Docs, have you noticed this before? If you have a Google document or a file in Google Drive, and you share it, you do have the option to change the default. So by default, it's anyone with the link can view for instance, in Google Docs, and you can change it to they can they can edit it. I think that there's a third option to remember what it is right now. But you can change those settings. But by default, it's view. Well, in the case of Box here, and they may be changing this, but they have found that the default in Box allows anyone to be able to view the data that is shared with the link, which is not terrible, right. But here's your problem. We've got now Singapore Airlines that we found online a link to their Box account, and you're able to get in there change reservations that were booked with Amadeus. Apple, with several folders exposed containing what appeared to be non sensitive internal data such as logs and regional price lists.

Craig 4:33
Oh that's not sensitive right?

Craig 4:35
Reading from the article here that you can find on my website down on TechCrunch where it originated. Discovery Network had more than a dozen folders, Edelman. I've worked with them many times it booked many guests on my radio show hundreds. That's a big public relations firm had an entire project proposal for working with New York City mass transit divisions, including all of their detailed proposal plans more than a dozen resumes, a potential staff for the project, including their names, email address, phone numbers, etc. Herbalife left several folders exposed continuing files and spreadsheets on about 100,000 customers, including names email addresses, phone numbers. Opportunity International, this is a nonprofit, exposed a massive spreadsheet list of donor names, addresses and account information amount given. Schneider Electric Pointe Claire, United Tissue Network, I'm not going to go through all of these will just kind of stop there. But my goodness gracious.

Craig 5:38
So how do you stop this from happening because you do want to be able to share, that's part of the purpose of these things like Box and Dropbox? Well, there is a default setting for your business. When you're in there. Make sure the default setting is to share with internal company users by default. So that someone if they want to share it outside of the company has to purposely change the setting to share that file or that folder with someone outside of your company's account, your Box account or Dropbox account. Now this actually now reveals another potential security problem and that is that you could have someone for instance, I've seen this before. A sales guy, I hate to keep picking on sales guys, but sales guy who shared a whole folder of all of the company's customers, all of their contact information, all of their purchases, payment records, everything, he shared it with his personal email address, and then ended up leaving the company within about I think was a week. Isn't that surprising. Well, isn't that special. And so now he had all of the company's information, of course, he ended up getting sued over this whole thing, that company figured out what it happened. Which means, again, if you're an IT professional, make sure these sharing sites are configured to only share by default internally. Make sure also you audit what's being shared and with whom, because the enterprise additions from Box and Dropbox both give you that option. You might even want to tie it in with an API into an internal database where you record the logs, you save them and you analyze them. And then make sure you educate your internal user base about some of the risks of sharing these files. And for everyone out there, remember that just because it's software as a service, and it's a cloud service, whether it's Microsoft, Google, or in this case Box, remember that they are maybe professionals, but their number one concern and priority is not your data. And if you don't get in high enough level of service with them, you might be completely out of luck. And this is something I see all of the time. You know, we'll put a proposal and say okay, here's what we're going to do for you going to provide you because you want to move to the cloud, we can provide you with Microsoft email and, and the Office 365. So you can run all the Office apps on all your devices and link it together. And they come back and they said no, thanks. We're all set. And then we find out later on, they just went and bought a regular subscription to Office 365. And it wasn't doing backups. And it didn't have data locked down. It didn't have restrictions on it. And it didn't have the right kind of filters and they ended up getting compromised because they didn't know what they were doing. And Microsoft just doesn't care about you, frankly, they just don't. You are a number to them. And you think when they're billing you 20 bucks a month, they're going to pay me much attention to you. The answer is No. Of course not.

Craig 9:04
So anyhow, keep an eye out. Be careful out there. Software as a Service, Cloud Services is not a panacea. And most IT department surveyed in this country say that it is right now their number one concern. So take care, pay attention.

Craig 9:24
You know, It's a Security Thing. And I'll probably be back tomorrow I think I'm going to be able to carve out a little time to do recording for you for Friday, because every day there's another security breach. This is another recent one by the way, eighth of March this came out. So about a month old.

Craig 9:40
Take care everybody. Bye Bye. Thanks for listening.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 10, 2019

Craig is on the WGAN Morning News. This morning they talked about the dangers of spam, spear phishing, and sextortion emails. They also talked about the Supreme Court taxing the online stores.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

The US Has Stepped Up Its Tax Game. You Will Want To Read This If You’re Selling Online

Latest Tactics Used By Cybercriminals To Bypass Traditional Email Security
---

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/10/2019

Internet Sales About To Be Taxed - Dangers Of Spam

Craig Peterson  0:00
Hey, good morning, everybody. Sorry, yesterday, I was not able to record a little intro to my Jim podcast. But anyhow, I am today. And we're planning on doing a security thing this week to on Thursday and Friday. So keep an ear out for that. I got a couple of real interesting cases that we're going to be talking about. Some major companies and some small companies and what happened to them this week with leaking sensitive data. So this morning, I was on with Ken and Matt. And we talked about two different things. We talked about something I did not talk with Jim about yesterday. And that is how the US has stepped up its tax game. And what is happening with the tax jurisdictions, the Supreme Court decision last fall, that really is going to change everything. So I talked to them about that. And then also, of course course about email, and the email problems we're having right now, the switch, frankly, that's been occurring in spearphishing that I saw starting in about six weeks ago, but now it's starting to reach epidemic levels a lot higher than the measles right now. Anyhow, take care. And here we go. be back tomorrow

Matt Gagnon 1:21
7:38 WGAN Morning News on a Wednesday, which means that it's time to talk to Craig Peterson, our tech guru who joins us now as he always does at this time, except for last week when he didn't join us. So he's back. Ladies and gentlemen, Craig, how are you?

Craig 1:34
I am. I was at a conference last weekend in Phoenix, Arizona.

Matt 1:41
Excuses, excuses.

Ken Altshuler 1:41
So let's see probably the same kind of whether you're experiencing this week here in town.

Craig 1:46
Pretty much the you know, it was about 70 degrees inside the conference room for five days. And then I heard rumors that it was in the 90s outside. Yeah, I was a good little boy and stayed in there. The whole time learned and contributed.

Matt 1:59
Soldiered on.

Ken 2:02
So well. Why don't we start off with email security. This is very safe as I know. We don't have to worry about anything about email security now do we?

Craig 2:12
Yeah. Well there are some changes in this. I don't know if you guys noticed some of the changes in the emails that are coming in, these these spear phishing attacks?

Ken 2:21
Spear phishing attacks.

Matt 2:24 
I don't really like fish.

Ken 2:25
I don't really mind spearfishing, sounds kind of...

Craig 2:27
You can't connect, you know, normally when you're spearfishing, you can't you don't get a whole bunch of fish or better with a big net. And for years, that's what they did, what they would do is send out emails, the exact same emails to as many email addresses as they could get their hands on. And some people would respond. And there's some interesting science behind this, you know, the Nigerian prince scams that are still going on, but not at the rate they used to. They would have spelling mistakes and grammatical, you guys must have noticed that right?

Matt 3:00 
Yeah. A little bit, yeah.

Craig 3:02 
Yeah. And did you realize that the intention of them putting in, the intent behind putting in the grammatical grammatical errors, as well as the spelling mistakes, was to catch people that weren't terribly smart, because they were thinking, well, if they don't notice, if they can get past all of the grammar errors and things, then maybe we can convince them to send us some money, so that we can rescue the Nigerian prince. And that worked and it worked with a quite a few people over a lot of years. And unfortunately, it really hit the senior community because they, this is all new, they weren't paying that type of close attention. Well, now we've gotten smarter. So rather than casting these huge nets out there, what the bad guys have been doing is they're still phishing but now they're phishing individuals. And this is a problem that comes from all of the data breaches over the years, it seems like almost every week now we hear about another massive data breach. So on the dark web, there are databases of hundreds of millions. We just found one this year already that had 2 billion records in it, of people's email addresses their passwords, etc. So the bad guys are get a little smarter. They've been doing business email compromise attack that we kind of talked about before, FBI has been warning about them for quite a while, over $12 billion in cash stolen over the last few years to the business email compromise attacks. But what I want to talk about now is a new type of email attacks that's been happening, because they have so much data. They've been doing spear phishing attacks in the realm of what's called nowadays, sextortion. And they'll send an email out, the emails look like it's just a regular warning email, it'll say, so the subject might be warning, your end, it'll give your email address ken@gmail.com, for instance, account has been compromised. And then you go into the email because it looks like a warning. And it may look like it's from Google. In fact, right now, the majority, the number one source for these emails is Gmail. So you'll get an email is coming from Gmail. So Google, right you have using, so you open it up, look inside it says, Ken, this is a warning that your ken@gmail.com account has been compromised. And they give you some other information like your password. So with the sextortion email, what they're doing is they're saying, Ken we have a video of you on and they'll name some pornographic website, and your password on that site is this. Now remember what we keep warning people about week after week, and that is don't use the same email address on multiple sites, right? People are still using the same email address on multiple sites. And so the problem that's arisen from all of this is that people are getting the email, it says, we caught you, we have you on video at this porn site. Here's your password for that porn site, pay up now, or we are going to release this information. And right now, which of course is a former blackmail, and it's about 10% of all of the spear phishing attacks, it is increasing. If you are, if you have a business email address that's been compromised in a breach, you're twice as likely to be the target of blackmail now, than business email compromise. So this is a very, very big deal. I've had listeners who have reached out to me and said, Oh, I got this email and they tell me what it is. They say Should I get a lawyer involved? And you know, bottom line? It obviously it's up to you. But this is now the fastest growing type of attack. So advice for everybody how to stop this. Change all your email passwords and addresses. Matt, you said you use LastPass right?

Matt 7:26
Yes I do.

Craig 7:28
Yeah, LastPass is great. You know, I prefer 1Password. It's a lot better for businesses group account sharing, you know, accounts that you might have to share inside of business with different vaults and things. But both of them are excellent. And what I'll do is everybody that's on my text list, I'll send out this thing later today. And I'll give out the phone number. So you can text me and I'll send it to this, I'm not selling anything, I'm going to send you my report that compares the password services so you can change your password and get that stuff all straight. I'll send that out after we get off the air here. But this is huge. And it's been successful, because people are still using the same email and the same password on multiple websites I live. There's the biggest tip of the day right there.

Matt 8:22
Were talking to Craig Peterson, our tech guru, he joins us on Wednesdays at this time to go over what's happening in the world of technology, let's say for the sake of argument, Mr. Peterson that I sell stuff online. And and you know what i tax is kind of an open question sometimes. The United States seems to have recently paid a little bit more attention to this and trying to figure out how to actually extract more blood from the stone. So tell us a little bit about what you should be aware of if you're a retailer that sells stuff online.

Craig 8:52
Yeah, if you're selling stuff online, there's a US Supreme Court case last year that was heard. And it's between Wayfair, which is this big online furniture and home goods company. Have you, I've seen it online.

Matt 9:07
Oh yeah sure, absolutely.

Craig 9:08
And Wayfai'r's online and the State of South Dakota, said people in South Dakota who are buying from Wayfair should be paying our state sales tax. Which makes sense, right? I can see that. But the question is Wayfair, who has no presence in South Dakota, no physical presence, know nexus at all, says, Hey, listen, we're not there. And we know that Congress has really protected the internet from sales taxes, and having to pay it because they kind of wanted it to grow. And it's just a nightmare if they had to collect sales tax. So the US Supreme Court overturned the law on not taxing companies that had no state nexus. So now, things are going to get very messy, because companies that are selling online, are going to end up having to collect sales tax for every sales tax jurisdiction in the United States. And it's estimated that there are some 9000 different sales taxes across the United States, because they're not just talking about the state taxes, which range from 4.7 to 13.5%. Right now, but we're including local sir taxes, like, if you live in New York City, you've got New York state tax, you've got the county tax, you've got the city tax, it gets kind of crazy. So they're trying to be kind of reasonable in the ruling. So they're saying there are going to be thresholds. So most, and this is state by state, by the way, which makes it even more of a nightmare. So some states are saying if you sell 100,000 dollars of product in our state, you now have to pay and withhold the sales taxes. And the threshold varies as I said. Now, big companies like our friends over at Amazon, I love this, because they can easily take care of all of us state sales tax and messes and county and the city and everything else. But the little guys can't. And so amazon for quite a while has been saying yeah, yeah, we we are we sure have internet sales tax. If this is going to hurt some companies, obviously $100,000 is quite a few sales. But depending on what you're doing, keep an eye out. Now there are a couple of companies that have popped up in the last little while. Paddle is one of them. But there's others that are able to do this for you. But I think what's going to happen is this is going to help Amazon in another way. And that is if you're selling things online, you're just going to sell them through Amazon, or through eBay, and let them worry about all of the red tape of filing with some 9000 different taxes in, you know hundreds of jurisdictions throughout the country. So you're right about that Matt. And if I could text out the links, I also have something this is a free service that Google has, I'll send you a link to this as well. And what it does is it gives you on your screen, it doesn't send you emails or anything it asks you for your name and email. And it what it does, it doesn't use it other than to try and fool you on the web page. So it'll run you through eight different emails will show them to you on the web page. You can hover over the links and things and it'll help you understand better whether or not you are, you know, educated enough, if you will, about these types of attacks to protect yourself. So we'll give you a little quiz and help you out and answer your questions. So I'll text that out as well. So if you just text either Ken or Matt to me at 855-385-5553. I will send you links to both of those things on the password managers, a big article I wrote on that. And then also a link to Google's really cool little training thing you can use for yourself and people in your company to help your spear phishing. So just Ken or Matt just text either to me 855-385-5553 and I'll send that out to you later on today. I'm not going to spam you. I don't sell these things. I just want to get the information out there because I can't believe these things are working.

Ken 13:53
Craig Peterson our tech guru joins us every Wednesday at 7:38. Get all of his information directly from him. Thank you, Craig we'll talk to you next week.

Craig 14:05
Hey gentlemen, take care. Bye bye. 

Craig 14:10 
Alright guys have a great day. It is going to be a busy one today for me because I had my last coaching call from the Cybersecurity Do It Yourself course this afternoon so I gotta get ready for that. Off I go. Take care everybody. Bye bye. 

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 9, 2019

Craig is on with Jim Polito this morning. They talked about sextortion scams being circulated in the emails and about passwords and password managers you can use.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

Latest Tactics Used By Cybercriminals To Bypass Traditional Email Security

--- 

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/09/2019

Why Hackers Hack - Sextortion On The Rise And What To Do About It 

Jim Polito 0:01
Welcome back. He's here and thank God because the cyber criminals are out there. Still trying to get into your email. Well, how do you protect yourself? Well you start with this man, our Tech Talk guru Craig Peterson. Good morning, sir.

Craig Peterson 0:21
Hey, good morning, Jim.

Jim 0:22
How are you, buddy?

Craig 0:24
I'm doing great. We're just in a conference, in fact, out west and now I'm trying to get used to the time zone again, back and forth, back and forth. There's so much going on.

Jim 0:34
There is and they're relentless, the cyber criminals in wanting to get into your email every time some other patches put up or some other security measure, they figure a way around it. So what's the latest that they're doing? And what can we do about it?

Craig 0:50
Well, if you don't mind you, and let me let me explain something to the audience.

Jim 0:53
Explain, I like that. Explain.

Craig 0:58
Why are they doing it? And you get right down to it, you and I and everybody else around here. We're living here in this first world country. And we enjoy all kinds of things. At the conference, I spent some time with a few ladies from Zimbabwe and South Africa. And they're living there, this one lady is trying to help other women who are in abusive relationships there. Get out of that learn some skills. They make it $100 a month, in Zimbabwe. They do not have running water. Most of the days of the week the pipes are turned off, there's no water at all. They don't have the electricity that we have. It's just amazing. And they were just absolutely livid about what they called entitled, stupid people worried about everything from the type of plastic bag all the way on out.

Jim 2:03
Don't talk about plastic bags. You're going to get people upset.

Craig 2:10 
Total first world problems, okay, I'm helping them by getting some use computers together, cleaning them up, I'm gonna be doing some free training for them on cyber security. So consider that type of person. And then then you can move on to Eastern Europe where it's more than $100 a month that they're making but they're not making very much.

Jim 2:28 
They're not making very much.

Craig 2:31
So if they can somehow get their hands on your data, if they can, you know, these people aren't stupid. They're just in a bad financial circumstance. So if they can get their hands on your data, let's say one, one of my new clients had $100,000 taken out of their operating account, based on the technique we're going to talk about, okay. $100,000, and this was an Eastern European, that means they can not only support themselves for a year or two, but they can support their brothers, their sisters, their parents, their grandparents for a year or two. You know, the getting a $500 from someone is a huge win. Again, these women in Zimbabwe, that's five months worth of food and rent if they have to pay that. That's huge, huge money. So we're sitting here with our first world problems saying, well, why would anybody want to steal my credit card or my identity? Or get into my business bank account?

Craig 3:40
Well that's why. Think think of the motivation of these people and how many people there, they're going to be helping? So I had to say that because.

Jim 3:48
It makes sense. I'm glad I'm glad you gave that perspective, I mean, just about what they're dealing with. And and if they you know, it drives people to some things. Drive people to crime.

Craig 3:59
They absolutely do and we just don't realize it so much of the time zone, we have a very interesting conversation at dinner the night before last, with these ladies talking about what's going on. So when you were talking about here with email is absolutely huge. Because again, these are just bad guys. And they are trying to get some money out of you. And they're using some new strategies to get past these email security gateways. You know, you have some of the lower end ones that you might get from a Barracuda or an online site, and there's ways to get past them. And that's what we're talking about just for a minute here. I've had a lot of listeners, contact me with these sextortion scams. Know, I've got them as well, I don't know if you have. But what will happen with these sextortion scams, which is a type of blackmail, and right now it's making up 10% send of all of the spear phishing attacks and email, and that number is rising. And if your employees are more than twice as likely to be targeted blackmail, then standard business email compromise. And so here's what happened. They send an email that has in the subject line, security alerts type of message. They'll include your email address, or even your password in the subject line. And they'll say something like, Hey, you know, we have video of you on this porn site. And they'll give you a password. Now remember, Jim, we've talked many times about do not put your password out on, you know, the same password on multiple websites? 

Jim 5:52
Yeah. Because once they get one, they get the others. Yeah.

Craig 5:57
They've got them all because it's the same one. So they'll either put your email, your email address, they'll definitely put your password into these things. And now all of a sudden, you say, Oh, my gosh, what happened? And whether or not you were on that site, you're questioning now wait a minute, they've got my password? Well, of course they do. If you use the same password everywhere, of course they do. And we're seeing brand impersonation is huge. One out of three times a impersonate a financial institution.

Jim 6:34
And there is. Yeah.

Craig 6:35
There it is business email compromises and blackmail is on the rebound right now. So one of the most common ones is impersonating Microsoft and my dad fell victim to that one. Thank goodness, my mom called me and said, you know, your dad's  talking to someone on Microsoft technical support? And I'm not sure. You know, one in five is a financial institution, the majority them now are sextortion emails with a security alert, subject lines and more than 70% nowadays, are trying to establish some form of rapport. Hey, we're trying to help you.

Craig 7:17
Yeah, sense of urgency. And we're using name spoofing techniques. And it's getting past most of these lower end filters and gateways out there. So if you're a business person, and this is, you know, they're not all going to business email addresses, that's for sure. And they are not all coming from them either. Right now, the number one source of these sextortion and other emails, is Gmail. It's Google. Google's not even able to stop them from going out okay. Huge. So just stay ahead, you've got to have the right combination of the right technology, which isn't the cheap stuff, I'm afraid to say, you know. Look for something good look for Cisco's email firewalls. Look for the higher end ones. You know, even a Barracuda is better than nothing. Right? So have that, but also have training for your people. You know what, I'm going to dig up, there is a website that Google has put out, I've got the URL somewhere. I'll dig it out. I'll text it out to our listeners here later on today, once I figure it all out. But this is training. It's free, it takes five to 10 minutes, 15 minutes at the most. And what it does is it shows you on this website to type it asks for your name and email address, okay, now, they don't use it in marketing or anything. But the goal behind this is to embed it into these fake emails, they're going to show you they're not going to send them to you, they're just going to show you. And you'll see the email on a web browser, just like it will be showing up in your normal email client. And you can mouse over and over over so they teach you some techniques. And with what's going on right now, Jim, this is going to be a godsend. So I'll make sure I SMS them out. Probably this afternoon.

Jim 9:13
All right. And it will tell you at the end of the segment, how to get to that stuff. But it's very, very important. Craig, you've got I guess the real tip here is you've got to make different passwords for every single account. And you talked before about a password storage system to help people with that.

Craig 9:38
Right, exactly. So go into Jim's archives, and you'll find, here's what it is, okay, there's two password managers, I highly recommend. If you are a business user, absolutely use something called 1Password. So that's the digit one, followed by the word password, 1Password is the way to go. And it's absolutely phenomenal. And I've written this thing up about this, I'll try and send that out later today too. I'll try and send them both out. And then I use it for my family as well. But it does cost money to get the family options and to get the group options. And 1Password has multiple vaults so you can have a vault for your financial people, a vault for your marketing people, etc, etc. So I love that. And then the other one that is free, now 1Password does have free as well. Okay, just let me have all the advanced features which you don't need from normal, just normal use. LastPass is the other one. LastPass as in last password. And both of these tie into your web browsers, they'll create passwords, they will remember them, they work across all of your devices. It's huge. So start today. Change all your passwords and use one of these two password managers.

Jim 10:57
All right Craig big help. Craig Peterson everybody. Now here's how you get all this information. This is how I know this stuff. And you'll be in on it too. Text my name, Jim, to this number.

Craig 11:12
855-385-5553. So just text the word Jim to 855-385-5553 along with any questions you might have.

Jim 11:26
Standard data and text rates apply. Craig will not sell your name to somebody, he won't hack you. This is all free. There's there's nothing, nothing you need to do about it. It's all free and he won't pester you with incessant messages but he will alert you when something big happens and tell you what you need to do. Craig excellent segment. Thank you so much for the time.

---

Don't miss any episode from Craig. Visit http://CraigPeterson.com/itunes. Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We're really hitting it out of the park. This will be a great year! 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 6, 2019

Cloud and Cloud computing is in the news and we'll talk about what is going on and what to expect

Do you sell things online off a website?  If so, you have to listen in to find out what the IRS is doing, right now, it's going to drive you crazy.

It's update time! Microsoft is out with their April update, known as 1903 or 19h1. It has some nice Windows Update policy features.

What are Cybercriminals up to now?  They are using new tactics that bypass traditional email security, So listen in to find out more

It's bad enough that cybercriminals are attacking us and stealing out information but now these Bad guys are stealing money right out of bank accounts.

Do you know what a Denial-of-Service or a Distributed Denial-of-Service attacks are?  Well, the FBI and Secret Service trying to shut down criminal organizations who are using them in a big way, we'll talk about what they are doing today.

Are you a C-level executive? It is time to remove your cybersecurity blinders -- Cybersecurity is no longer an IT problem it is a boardroom level problem and scary one when you get right down to it.  Cybercriminals are using brand impersonation now and it's it costing companies a lot of money 

For all this and more tech tips, news, and updates visit - CraigPeterson.com

---

Transcript:

Below is a rush transcript of this segment; it might contain errors.

Airing date: 04/06/2019

FBI Shuts Down Denial Of Service Attacks - Supreme Court Ruling Will Affect Every Business

Craig Peterson 0:00  
Hey, hello, everybody, Craig Peterson here. And it looks like my math was wrong. You know, last week I said, I thought we were coming up to the 1,000th week of being on the air. Actually, we weren't coming up on it, it was the 1000th week. So this is our One Thousand and One weeks of broadcasting, and this week, we're going to have a few different radio appearances, as I usually do all be on with Jack Heath on Monday, but because I'm going to be busy this week, as well, actually, I guess, this week? No, I'm not going to be on with Jack on Monday. But I am going to be on on other stations Tuesday and Wednesday. Okay. So anyhow, we passed 1000 weeks, you can do the math, that's a lot of years on the air. I don't know if that makes me old. It's certainly kind that makes me feel old. But you guys, man, I appreciate you. I appreciate everyone who listens, and everyone who subscribes to my podcast. And you can do that quite easily by going to http://CraigPeterson.com/iTunes. Leave a comment. Hopefully, I've earned a five star from you guys. And that'll help get the show out so more people are aware of it.

Craig 1:26
So let's get right into the articles this week. as is true every week, I send these things out on Saturday morning. So you should get my show notes-newsletter, and that'll keep you up to date. Let you know about the latest security problems that have arisen this last week and other things in the tech biz and tech world that I think are interesting. So number one this week is from Infosecurity Magazine. And it's talking about cloud and cloud computing, we'll get to that in a few minutes. The U.S, man, if you have a website, if you're selling things online, you got to hear what the IRS is doing right now.

Craig 2:08
And man, the internet tax stuff, it's going to drive you crazy. There is a new update here for Windows coming on. Well, it's the April update. And it's known as version 1903 or 19h1.

Craig 2:26
But it's going to have a new Windows Update policy. And it's going to let you if you are a big organization that is using the group policy editor, basically, you have an Active Directory server and you have group policies for your various accounts.

Craig 2:46
Excuse me, this, the policy is supposed to allow you now to specify deadlines for automatic updates, and restarts. Now if you don't have the Windows 10 professional, you're kind of stuck as it is right now because you can not, I repeat, can not specify when you want updates to be applied and how long you might want to wait. And we've certainly talked about that on the show before. But it's going to give IT admins a lot more control, especially when managing larger fleets really of devices, number of Windows devices, so it should be pretty good. And I have some details on where you'll find it in the menus there on my website at http://CraigPeterson.com. And Softpedia has really quite a nice little thing about the whole thing. But basically, you as an admin can set a deadline for installing updates as high as 30 days. Usually, I recommend about seven days, five to seven days, because that lets you get past the initial problems that often accompany these updates from our friends at Microsoft. And the auto reboot can be anywhere from zero to seven days following that.

Craig 4:08
Now, this feature is something that was available only in the pro
version. And now it's available across the board if you are using group policies, okay? The latest tactics used by cybercriminals will talk about this. And this is bypassing traditional email security.

Craig 4:27
And where do most IT professionals feel vulnerable when it comes to bad guys and attacks and stealing our information, stealing money literally right out of bank accounts. Well, we'll talk about that too. But first, I want to get to an article I love the title of this. This is out of the UK, it's from The Register. It's called Silence of the WANs, which I thought was just very clever. The FBI has been working hard to shut down criminal organizations, so has the Secret Service. I've talked with both of them before about what they're doing and how effective they have been. And one of the problems we talked about in my cybersecurity course, was something called a denial of service attack and distributed denial of service attack. And we talked about how to prevent them, how to stop them, and how to make your life so much easier. And we, of course, concluded that class, it's not open, you can't get into it right now, because I'm not conducting it right now. But denial of service attacks is absolutely huge. And the FBI just busted a massive attack and network about two weeks ago.

Craig 5:45
And this was just amazing. Because the traffic loads plummeted after the FBI took these guys out. And some of them were right here in the US. You think most of the time that there may be in Russia or, you know, some Eastern European country, maybe India, you know, the normal places these things come from. But the December of 2018, the FBI really started pushing trying to figure out who was running the distributed denial of service attacks. Now, here's what how a DOS works, the denial of service attack.

Craig 6:25
Someone, usually it's either a competitor or more often, it's someone that disagrees with your company. So a company that maybe has some sort of a political stance or donated to a charity that somebody doesn't like, they will start sending dozens, hundreds, thousands of requests to a web server, this is just a simple explanation, okay. So they'll send all of these to the web server, the web server becomes overloaded. It may crash or may not crash doesn't really matter. But because it has so many requests coming in, it cannot serve the normal users. So, people who are coming to your website to find out more about you may be to place an order, maybe to get some of the information that you're providing, they cannot get there because of the denial of service attack that's going on. Well, there is a worse type of denial of service attack, and it's called a distributed denial of service attack. Because bottom line, if there's only one machine that's attacking you, it's pretty darn easy to put a filter in place to block that machine from getting to you. That makes sense, right? Well, if you have 100, or thousand machines that are all sending data to you becomes much more difficult to stop. And that's the whole idea behind distributed denial of service attacks.

Craig 7:55
So they FBI worked with a mitigation provider called Nexusguard. And they've been tracking this stuff. And they're saying both the overall number of attacks and the volume of the data fired at the targets to overwhelm them is down and it's measurably down because the FBI wiped out 15 of these denials of service mercenary sites. Some of them are run in America, some of them are run overseas, but they allowed people to purchase the temporary use of the massive button that's of compromised devices. Right? Isn't that what I'm always warning you guys about? That's part of the reason you got to keep his machine safe. Because millions of machines have been compromised. They have remote controllers on them. The owners of the machines just aren't aware of this because they're not paying any attention to security. And then they hire your machine now to use to attack a third party. They use your machine to mine for Bitcoin to make money for them. They use your machine to distribute kiddie porn, pictures and videos of Americans being beheaded. Okay, how many times we have to talk about this everybody? So these massive botnets were in turn commanded to create massive loads of network traffic and targeted websites and different types of services, which ultimately overload them and knock some offline. 

Craig 9:27
Now, it seems according to The Register that these 15 denial-of-service groups were so prolific that simply taking them offline has caused a noticeable drop in global activity for the entire fourth quarter of 2018. We're talking about an estimate from the FBI of more than 300,000 attacks over the last five years from these guys. And Nexusguard is saying the number of attacks fell by 11%. And the size of each attack, which is the low directed at the target took a nosedive with the average rate dropping 85% and the maximum size down 24% from a year previous to that. So that's really good. The huge dip and attacks may not last, because it's so easy to set up a botnet because so many people haven't properly secured their computers, okay. And somebody else is going to come along and take over, fill in that void. There's going to be nude and distributed denial of services for higher services popping up.

Craig 10:33
Many of these Internet of Things (IoT) devices are now being used for botnets. So you're smart light there on the factory floor that isn't properly secured, are not only being used to attack you and get the information from your servers. But they're also being used now too, to a direct these denial-of-service attacks. The number of these IoT devices that are used in the amplification attacks, which is a specific type, but they were up over 3,000% from last year and their accounting for more than half of all the taxing in the last quarter of 2018. So again, you know, we covered this in detail in the DIY cybersecurity, make sure you segment your network, if you have IoT devices, make sure they cannot get out of your network, except to the control nodes, the legitimate ones, right?

Craig 11:34
The ones that are for the manufacturer to make sure they get security upgrades. And make sure you do the security updates, make sure they get the security updates, make sure it's all working. Because it's no longer you buy a light bulb from the local Home Depot store for a buck and plug it in. And you don't ever look at that light bulb again until it burns out.

Craig 11:57
Now with the Internet of Things who the smart bulbs in the smart everything, you know, thermostats, any of this stuff, those smart devices now are your responsibility. It's just like a friend of mine, who we've been providing DNS services to for 20 years, probably 15, 20 years, well, more than 20 years. And he called us up he says, Hey, listen, why aren't you guys providing DNS for us anymore, you know, from my little network. And we were and we dug into it. And we found out guess what?

Craig 12:32
His home address block that was assigned to him by in this case he has Comcast was used to access the dark web. Yeah, pretty big deal.

Craig 12:50
And so now he's running around trying to figure out why now we have automatic systems in place that saw, wait a minute, the side dark web block. So all of our stuff worked perfectly. It was great. And that's how we protect our customer's websites. And that's how we set up the networks for all of our customers. Just automatic. If it's not automatic. It's not going to happen, right? So we had automatically blocked him now he's trying to figure out why what IoT device, what light switch whatever, went out to the dark web, and was being used as a tor exit point, even. It's crazy. It's crazy what's happening. So make sure you know what you're doing, find some good courses, whether they're mine or somebody else's, and understand how to do this. And I have free master classes that we're offering from time to time, make sure you're on my email list, http://CraigPeterson.com/subscribe. That way, you'll get my show notes, you'll also get some of the more urgent alerts that come out. And I'll let you know about the free master classes and other training that I'm doing. Okay. So http://CraigPeterson.com/subscribe, and keep listening to this radio show. Because I do get stuff out here. Although, you know, when you talk about master classes, they can go easily an hour, hour and a half or even longer, you know, the courses can take you six weeks to get through. But you know, stay up to date, do the right thing. 

Craig 14:24
Now, let's talk about the number one problem that IT security professionals are looking at right now. 91%, this is according to Insider Threats, 91% of it and security professionals feel vulnerable to insider threats. And 75% believe the biggest risks lie in cloud applications like popular file storage, email solutions. You know, we talked about them before, they're worried about the Dropbox, Gmail, Google Drive, OneDrive. All of those things, right. So it is very, very concerning to IT professionals. And it's, you know, 91% of them being worried about the insider threats is huge. And that's why again, I have included in the DIY cybersecurity course, a whole set of policies and procedures that can go into the HR manuals as well as things that you should be doing in your business. Now BetterCloud surveyed nearly 500 IT network security professionals, and you can find this online. It's called The State of Insider Threats in the Digital Workspace 2019. So here are the key findings amongst again IT network security professionals, nearly all of them surveyed, 91%, feel vulnerable to insider threats. And that means things like people opening an email clicking on the wrong link, maybe doing something malicious because I got fired they got a bad review. Right. Those are all insider threats. 62% of them believe the biggest security threat comes from the well-meaning but negligent end user. That number fits in with other stats I've seen solids probably pretty legit. 75% believe the biggest risks lie in cloud storage and email solutions, which is really big. And I'm going to talk about an email security article here in a minute and about how the cybercriminals are changing their tactics. 46% of IT leaders which means, you know, the IT managers and above believe that the rise of software-as-a-service applications makes them the most vulnerable. And man, I'm seeing that all of the time, especially in regulated industries. And we're helping out some of these health care providers and legal and public companies. Man, they're using SaaS, software as a service. In other words, caught applications like that going on style, and they're not checking them. We've even done audits on restaurant chains, just small local chains, and found incredible liability that they're facing. 40% of them believe they're most vulnerable to exposure of confidential business information. That's financial information, customer list, personally identifiable information. And only 26% of C level executives say they've invested enough to mitigate the risk of insider threats, versus 44% of IT managers.

Craig 17:31
So in other words, the C level executives are running around with blinders on. Kind of scary isn't it when you get right down to it. So let's get into the latest tactics that are being used by the cybercriminals to bypass email security. And I've got this article up again on http://CraigPeterson.com and this is from Industry News. And they're saying that cybercriminals are using brand impersonation now in 83% of spear phishing attacks. Now, remember, these types of phishing attacks against businesses called business email compromise is kind of a general term to cover most of them. 83% of the time, this is what's used, and it's already accounting for about a little more than $12 billion worth of stolen funds, not wasted time, not cost to recovery, right. $12 billion in stolen funds. In the last couple of years according to the FBI, on the worldwide statistics. It is huge.

Craig 18:37
One in three of the spear phishing attacks is launched from Gmail accounts.

Craig 18:47
20% of them occur on Tuesdays. About 20% on Wednesday, 20% on Thursday, and it drops off to 5% on the weekends, with the slightly lower numbers on Mondays and Fridays. So no big surprise there. I've had people contact me, just texting me, you know, my 855-385-5553 number about these extortion scams. I've gotten one or two of them myself. And I know you guys have gotten them because you've contacted me, you've texted me about it. And and I've gone back and forth to kind of explain what's going on. But still sextortion scams, these are a form of blackmail. And right now it's making up about 10% of all spear phishing attacks. And it's expected to increase even more because it is on an increasing line right now. And employees are also twice as likely to be the target of blackmail, than of a business email compromise. So, that's a change from last year. And this is from a report released by Barracuda and it's called Spearphishing Top Threats and Trends if you want to look it out. And they looked at about 360,000 spear phishing emails.

Craig 20:08
So let's get some closer look here. Impersonating Microsoft is one of the more common techniques used by hackers to try and take over accounts, financial institutions. Impersonating nearly one in five attacks. Finance department employees are heavily targeted in obviously banks and other financial institutions as well. Majority of subject lines on sextortion emails contain some form of security alert attackers often include victims email address or password. Subject lines on more than 70% of the business email compromise attacks are trying to establish rapport, sense of urgency. Scammers are using name spoofing techniques, which they've used for years, changing the display name on Gmail and other employee accounts to make it look like it's coming from a company employee. So here's the top subject lines and number the two top 54% say security alert and 34% say change password. Okay. Very big deal. You'll see this article up on my website. And we'll have to try and do a master class on this one because I think this is important for people. I'm going to set these two aside and I'll let you know any anyone who's on my email list. I'll let you know about it. These are always free, will do a deeper dive into it.

Craig 21:30
Make sure you subscribe http://CraigPeterson.com/subscribe if you haven't already. The US according to Forbes magazine has stepped up its tax collections here. And if you're selling software in the US, you've got a whole new problem coming your way, you know that we've had for a long time now, protection from the federal government saying the local authorities state and local cannot tax internet sales. And it has expanded a bit you've had massive companies like Amazon, who said yeah, we'll pay sales tax, state and local. And if you ask me, the reason they're doing that is to stomp the little guy into the ground. And the reason I say that is Amazon can deal with it. There are estimated to be over 9,000 different tax regulating entities in the United States. 9,000 of them. You have to comply with all of these 9000 across the board. How can you use a small business so that you can't, right? Amazon can. Well, there are going to be companies that are popping up there already are a few of them out there right now that are trying to take care of this problem for you where they'll collect all of the taxes.

Craig 22:56
And what it is resulting in, however, is many businesses is saying listen with all the European Union rules. They've got their GAFA rules are cooking up right now> GAFA, gaffer standing for Google, Apple, Facebook, and Amazon tax.

Craig 23:10
It's a kind of a VAT tax and supply, it's not supply driven. It's crazy. But there is a decision from the Supreme Court last year about a dispute between Wayfair now this is that online furniture company and the State of South Dakota and South Dakota wanted to collect taxes and Wayfair said no don't need to sell the Supreme Court overturned a law on not taxing companies with no physical presence in the taxing state. Because that legally is called legal nexus. So if you had operations in New Hampshire, you had to, well New Hampshire is a bad example, because we have no income tax. And we have no sales tax. Okay. But let's say you're in Massachusetts, which is a terrible state when it comes to taxes. You're in Massachusetts, if you sell something to someone in Mass., you have to click Mass. taxes. And if you sell something to someone in another state, you didn't necessarily have to collect the tax as well. Now you are going to. Any company selling online, this is more than just software companies, it's going to hit businesses across the board. And it's going to hit you hard.

Craig 24:25
Okay. South Dakota, has rules that say if you have more than 200, individual sales, or more than a hundred thousand revenues, there are other states that say more than 100 sales, or 50,000 in revenue, some of them have 4.7%, some of them have as much as 13.5%, and the thresholds for spending in the state span from 100,000 and $500,000. And there might be 100 transactions a year it might be 500 and might be 2000 transactions a year. Whoa, okay. This is going to be a huge burden. 52 new tax codes on the individual states plus sir taxes that are introduced by counties, by cities, not just in the US, but 30 countries in Europe, along with Australia, Japan, South Africa, South Korea, Norway, India, the list just goes on and on. Hundreds of countries. More than a hundred out there. And US states have highlighted software in SaaS products as explicitly liable for sales tax. So remember too that we're talking about different taxes and different tax rates. You look in Massachusetts, they have a different tax rate for different types of IT services, they have different rates for software as a service in different categories, this is going to be a nightmare. So there's companies out there like Avalara and TaxJar that will outsource and take care of a lot of this stuff for you. Many companies are saying "forget about it." I know companies in Canada that are just pulling their hair out just dealing with Canadian tax codes.

Craig 26:10
And many of them are just saying forget it, I'll just wait for the bill to come from the tax collector basically. So rather than charging you the appropriate sales tax, they fill out the state's forms that cross your fingers that they collected enough from you that they had enough in revenue to pay that state sales taxes.

Craig 26:29
This is why the federal government passed a law saying no internet sales taxes because it will be a nightmare. Now, it is going to help local small businesses because now they're going to compete on a more even footing where they have to collect the sales tax. So do the bigger companies, right? And so to the people, even small guys who are selling online, and it's going to help companies like eBay and Amazon, where you just sell your product on one of those sites veil worry about all of the sales tax and collecting that. And they'll take their cut and just pass it back to you. So yeah, well, this is going to be big. It's in. You heard it here first. Thank you, Supreme Court.

Craig 27:18
Anyhow, I hope you enjoyed today's show. You can read all of these articles plus the ones I missed today, including cloud adoption and what IT pros are concerned about. This 2019 state of enterprise cloud container adoption security that was published here recently, all of that in this morning's newsletter. If you didn't get it, make sure you get the future ones. http://CraigPeterson.com/subscribe, and I will keep you up to date and you can find out about this and, of course, a whole lot more. I have now thousands of articles I published up there my website, because we're over a thousand shows right now was this show 1001 weekly.

Craig 28:02
This is week 1001, not show 1001. Man, that's a lot of the time on the air. Anyhow, thanks for listening. Make sure you subscribe, http://CraigPeterson.com/subscribe and have a great week. Talk to you next week. Bye-bye

--- 

Related articles:

Windows 10 April 2019 Update Introduces a New Windows Update Policy

Latest Tactics Used By Cybercriminals To Bypass Traditional Email Security

Cloud Adoption On The Rise, It Pros Unsure Of Risk

The US Has Stepped Up Its Tax Game. You Will Want To Read This If You’re Selling Online

Most IT And Security Professionals Feel Vulnerable To Insider Threats

Silence Of The Wans: FBI DDoS-For-Hire Takedowns Slash Web Flood Attacks ‘By 11%’

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Apr 1, 2019

If there was a proven way to predict at what age you will die, would you like to know it? Craig is on with Jack Heath and Justin talking about the AI predicting the lifespan of patients. 

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

Health Industry Is Using Artificial Intelligence To Predict When Someone Will Die With Unsettling Accuracy

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 04/01/2019

Artificial Intelligence Predicting Lifespan

Craig Peterson 0:00
Hey, good morning, everybody. Craig Peterson here. I had a discussion this morning with Mr. Jack Heath about this new artificial intelligence that they put together and tested over in the UK. And it really is concerning with all of our talk here about socialized medicine, Medicaid, Medicare for all, all of these government sponsored health care programs. What does it mean to you, particularly as you get a little bit older? So here we go with Mr. Jack Heath.

Jack Heath 0:34
Joining us now some Tech Talk on this April Fools. So that means all what Craig Peterson is going to say is serious, including artificial intelligence. Good morning, Craig.

Craig 0:44
Yeah, this is this is definitely not a April 1st kind of type of joke. I was just talking about Justin and I said, you know, I couldn't come up with one this morning. You know, the reality is just so unreal. Why do you need to come up with something fake?

Jack  1:02
Well, that's what some of the posts are this morning is that the news is so surreal at some point. What's going on in parts of the world or this cut, you know, you look at Great Britain, what's going on in Parliament over the Brexit. You look at Venezuela, you look at the migrant crisis, you look at politics of the day, who needs any April Fools, right?

Craig 1:19
Yeah, absolutely. And the article this morning that you're talking about that, of course, is up on my website, as well and NBC has been reporting on is talking about these artificial intelligence programs that are being designed and nowadays to do a number of different things. Now, you mentioned that they are significantly more accurate than predictions delivered by pretty much anyone, including the doctors in predicting how long someone will live. And this is a study that was done over in Britain as well, at the National Institute of Health. And, of course, they have death panels over there. And you know, they will call them that, but it's socialized medicine, they want to know, is it worth spending money on someone? Or should they just not bother spending the money because they're going to die fairly soon. And you know, it's just not worth putting money into old people. That is not an April Fool's joke. That is what they're trying to do. And they found that they could get their programs, these algorithms, identifying 76% of the time when a subject was going to die. It was in. Yeah, Isn't that crazy? But there's good things to they're using AI now, it's better at spotting skin cancer than most doctors are early signs of Alzheimer's disease, onset of autism in six months old, six months old now.

Jack 2:46
I'm not surprised the advances in technology. Amazing. But you know, you've heard of sometimes to know if you've heard of, and Justin, genetic screening, or some families are signing up for this. So say a family has a history, some cancer or heart disease. And you know, you could do this genetic screening, and they can kind of forecast. But I guess I guess it would be good to know, but can I ask you a question? Would you really want to know? 

Justin 3:07
Hell yeah.

Jack 3:07
You would?

Justin 3:08 
Let me know what I can do to avoid it.

Jack 3:10
Well avoid it. But what if it was inevitable? I mean, what if you, I'm being hypothetical, but what if something said, well, chances are 90% chance that by this date and this age, you'll probably be passed away? I don't know if I'd want to know that.

Justin 3:23 
Oh I would. Let me go skydiving. Let me go hit the casino. Let me do all that stuff. Right Craig?

Craig 3:28 
You know you do want to prepare for that though. You know, bottom line. And we've had for a long time, this is not a new problem, a long time people have known Hey, listen, you you have this major history is probably best that you don't have children and many people, many couples have gone without children for that very reason.

Jack 3:45
The other thing is, and I know you tend to rely on the science and, you know, the technology side of things Craig Peterson, check out Craig Peterson with an O-N.com Craig. It's not always a perfect science. Sometimes they get this stuff wrong. So imagine going through one these tests or something and being told, well, you're probably not gonna live much beyond 59 or 60 years old, then all of a sudden you get to be 72. Oops, we were wrong in that one.

Craig 4:11
Oops. Sorry about that. And that's bound to happen, especially with some of the newer technologies. And it really concerns me, jack, when you've got the National Health System in a country using it to predict when the patients are going to die, and using that to ration health care. Because again, it may have been 77% accurate, but when you get right down to it, is it accurate because they've decided to remove care from some of these patients, and so that it's become predictive in a very negative way.

Jack 4:45
Yeah. All right, Craig, good stuff. Check it out. Craig Peterson, of course Tech Talk airs on our Saturday mornings on these iHeart News talk stations. Thank you, Craig. Take care.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 29, 2019

Can Ai predict death? Turns out maybe yes... Welcome to AI Death Panels.  Listen in to find out more.

From Delivery to Herding we have reached a new era in the use of Drones. 

Who will win Apple or The Mouse?  Its Devices over Content in the battle over TV. 

Find out more at Craig's 1000th week of podcasting.

For all this and more tech tips, news, and updates visit - CraigPeterson.com

---

Transcript:

Below is a rush transcript of this segment; it might contain errors.

Airing date: 03/30/2019

Using Two Factor Authentication - Drones Delivering Blood Samples And Barking At Animals

Craig Peterson 0:00  
Hello, everybody, we are getting close. My goodness, I can't believe it has been that long. We're almost at show 1000. I think today is 999. I'll have to check. But man, I guess we should do something soon. I just been so busy for all you guys because that means 1000 weeks of shows. Some weeks I put out as many as 12 podcasts. I've put out. I've been on the air 5, 6, 7 times in a week. So it has been a very busy time. So I'm not talking about 1000 podcasts or I'm talking about 1000 radio shows, and literally tens of thousands of podcasts. Isn't that crazy? Yeah, over 10,000 actually, podcasts. I
added it up, five years ago, and I had interviewed more than 7,500 C-level executives. Yeah, it's just nuts. Of course. Lately, it's been primarily just me right here on the radio, sharing what I've learned over the years online, or the guy that's been kind of out front, getting all the arrows in my back, putting together internet protocols, implementing them helping businesses get online. Man, I've been doing that since 91, when it first came became legal to do business on the internet. And I quickly ended up getting into security within a couple of years because of what happened to me and my business. And so I had to become an expert in security and now i"m known as America's leading security coach, which is really kind of cool when you get right down to it. But has been a long road. Let me tell you.

Craig 2:03 
Well, today we are going to go through a couple of really cool articles. This one's a little disconcerting. This is from NBC News. We're going to talk about AI, artificial intelligence. And they talked about how artificial intelligence when fed the right data, and when programmed the right way. They call it AI, right? But you and I know it's really machine learning. But in the United Kingdom, they were able to use it to predict when someone was going to die. And that's part of the National Health Service, which I guess shouldn't be a surprise to anybody, right? Government running the health care, they want to know when you're going to die so they can, you know, get someone else ready to go into your bed.

Craig 2:51
Is personal data safer when it's stored on your own computer, your company's computer, your company's network or on a private network? Some interesting stats that came out and published in Forbes this week.

Craig 3:04
Apple's finally showed off its plan to conquer TV this week. So we'll talk a little bit about that. I signed up for their News Plus service. And it's not bad, but it's still a little disappointing, frankly. But you know, we'll give it some time. We'll talk about that as well.

Craig 3:25
Now UPS This is one of the first real uses of drones for delivery. You might remember that we had the 711 people working on using drones for delivery. And we've had Amazon working on using drones for delivery. Now, UPS has launched a new service using drones to transport blood and other medical samples between various buildings at WakeMed Raleigh's medical campus, North Carolina. And the speed that the drones can deliver these samples could literally be the difference between life and death. A great article from Futurism, which you'll see in today's show notes that we sent out this morning. But it's kind of cool here. They're using an autonomous drone developer called Matternet. And they've got something called an M2 quadcopter, and it can carry a payload up to five pounds, approximately 12 miles. So the medical professionals, there at WakeMed's nearby facilities are loading the drone's containers get a secure container, so that if it crashes, that, you know, people are going to be able to steal what's in it, or get contaminated because they're putting blood samples and other medical specimens into the drone. And then the drone follows a fixed path over to the healthcare system's main hospital there on the campus. And it goes right to the pathology lab who then unload it. Now Business Insider had a good article about it as well. And they're saying that this trip can take a driver up to 30 minutes. Yeah, that's how big this whole campus is. Plus, you know, some of the buildings aren't getting directly attached. And when you're talking about traffic, it can get terrible, and if you've ever been down there in the triangle, it's absolutely terrible in Raleigh, some of the traffic. But these unmanned drones that are being run and managed by UPS can cut the delivery time down to just three minutes and 15 seconds. So that's why they're saying this could really save some lives. So for now, UPS is expecting the drones to make fewer than 10 deliveries a day on the campus. But that could increase in the future, especially as there's services that are considered to be beneficial. And of course, UPS is expecting that to happen. This is very cool. So there you go. Kudos to UPS for doing that.

Craig 6:01
I've also got a whole thing here on two-factor authentication we'll get to in a second. But barking dogs, this is kind of cool. You know, for years, we've had shepherds using dogs. At my house, you know, I have chickens, right. I have bees and chickens. And we have a dog, we have a Great Dane. And it's a rescue Dane, we've had four of these Danes over the years. And she is about four years old now. We got her when she was three and a half. But she has been kind of a couch potato. And we were really surprised the other day when her instincts kind of kicked in. And we were out taking care of the chickens. And we had the coop door open, actually was one of my daughters, and the coop door was open. And one of the chickens decided to come running out which we let them do, right. We pasture raised them. So they go out into the pastures and they find all of the horsey stuff and everything and they tear it all up and have fun with it, eat all the bugs that are in it. So, it's okay if they get out. But we don't just want one out, we want to be able to kind of keep an eye on them. This time of year, there's a lot of predators. We've seen some hawks going around, we saw an eagle the other day coming by and sitting there, and you can hear them shrieking very loudly as they're right near us. And of course, that just freaks the chickens out who when they're out wandering around, spend most of the time under the bushes. But, and By the way, we have seen one of these birds of prey take one of our chickens before. We've seen a fox took one of our pet cats as well ran off the property with the cat in its mouth. And a little distressing. But I guess it's good for the foxes and the birds of prey this time of year. So we wanted to keep her in. And our Great Dane, Velma. She didn't like that chicken coming out because my daughter, you know, tried to shoo the chicken back in. And so Velma took care of it, and rounded her up and got her right back there into the run. Or actually, I guess she came out of the coop door. So back into the coop. And that surprised me but not terribly, because I know dogs have this instinct to do hurting. And we have dogs specifically bred for herding, right, you know about sheep dogs and things. So in this case, with a Great Dane that was bred to hunt wild boar, I wasn't sure what she'd do.

Craig 8:32 
She also, this was a month or two ago, she also helped with one of these birds. Because we had some the chickens were out. And we have an outdoor roosting section for them. So if it gets raining, they can just go sit in there and enjoy being outside a little bit but at least be covered. And we're trying to get the chickens out of this roosting stuff. And so she saw what we were doing. And she, she grabbed one of them by the wing and carried her back. She was being gentle. The chicken wasn't harmed at all. But it's really kind of cool to see. 

Craig 9:14
Well, farmers have relied on dogs for a long time. And real farmers have multiple animals that all kind of help out each other, you have the cats to keep the field mice down, or heaven forbid the rats down, right, or the squirrels or the chipmunks which we have here as well. And they stay out of the feed and they're not spreading disease amongst your herd. And then you have the chickens too because you have horses or cattle, you have the chickens to break up all of that excrement, right, and then eat all the bugs from it. So you don't get the huge populations of flies or beetles or things. So they keep that population down. And then you have pigs. And they'll eat all of the scraps from the other animals what they don't want to eat, as well as from your table. And then you have goats because they'll eat the stuff that the cows and the horses won't eat, the particularly stuff and the lower nutrition things. So you have all of these animals and it's kind of a roundabout isn't it all the way around. And then you have the dogs out protect all of these animals, you have the sheep as well. So it's really quite an ecosystem if you've ever seen it work and have you ever sat down to think about a farm and how this all works. And course you have kids to help out on the farm, as well. Now we don't have these little farms like that anymore. Really, we don't. We take the manure from the chickens after a couple of years of its sending out and we use it in our own personal garden. And just it's phenomenal. We have some of the best flowers and, and vegetables around. But that's the way it used to be.

Craig 10:52 
Well now here's somebody getting rid of the dogs as part of that whole, a whole environmental loop on the local farm. And this is an article that came out of New Zealand. There is a company in Christchurch, New Zealand, it's called DJI Ferntech. And they have a special set of drones that are specifically designed for agricultural uses. And we've seen stuff kind of like this before will though, they'll survey the land to look for blight or maybe insects, problems that are occurring in your field. So that's what this company is doing down there New Zealand. And it's kind of cool because they have these kinda like county fairs. They call them agricultural field days, down there in New Zealand. And he's saying for the past two years we've seen farmers embrace drone technology to help with those jobs that are dirty, dangerous, or just plain dull he said. So what one of their new drones and this is on a cattle farm is set up with speakers on it where it can bark like a dog.

Craig 12:06
So they've got this 3,500 New Zealand dollar drone and the New Zealand dollars worth about 50 cents give or take. Not sure what it is today. But you know, so it's basically what may be a $2,000 drone at the most. It's called the DJI Mavic Enterprise and you can record sounds and play them over a speaker. So you can put a dogs bark or other noises there and it projects them wherever you want, very loudly across a paddock. And he said this feature helped him move livestock along faster during mustering while stressing the animals a lot less than a dog could because of course the dog is going to kind of nip at their legs, even though it's not going to bite them to get them to move and that's very stressful. And that means some of your cattle aren't going to give the milk that they could, etc, etc. Some cows are going to get very protective of their calves. When you have a dog out there. You might have seen that before, where they lunge at the farm dogs and they get too close. So it's really kind of cool to think about that. A drone instead of a dog. Oh, obviously a drone can't do everything a dog can do. It's not going to be completely autonomous. And someone's going to have to kind of watch it and man it. But over time that it will become more autonomous. But then what are we going to do? We're going to have dogs out of work, right?

Craig 13:30
Well, two-factor authentication.

Craig 13:34
This is a key part of security. This week, I put together a module on website security and one of the things I brought up is because so many business websites are getting hacked. And if you have a business, man, could you get hacked, so there's a lot to be concerned about. But using two-factor authentication on your website, for you, as an administrator to be able to login can save you know, end of grief. And security and on the internet just in general has gotten more important. And we're seeing it with built in security things now into our web browsers. Google has been protecting their stats are showing 1 billion websites that they are providing blockage to every day. Now it's not websites, but it's actually warnings to people who are using Google. And if you get blacklisted by Google, you will lose 95% of your traffic to your business website on average, which is just huge. So I explained that this week in that module on website security, what to do, how to do it and everything. But that number surprised me. 95% of your traffic and it can take you months to get back. And in most cases, the businesses never are able to get that traffic level back up because Google just doesn't trust them anymore.

Craig 15:03 
So having two-factor authentication can be a huge win. And that is where you have something you know, along with something you have in order to keep your logins safe. And when we're talking about something, you know, it's your password, right? It's your username and password, which is why I know I gave some tips on what to do there in this module. But basically, don't use admin as the admin user account. But there's some other things too. And then something you have, which is the two-factor authentication.

Craig 15:38
You guys know, I recommend 1Password, LastPass as good as well. But I think one passwords definitely the best, especially for businesses. So you should look at tying that into your website login, as well.

Craig 15:56
And if you do that, if you have the two-factor authentication using an authentication app, and you can get these for free Google Authenticator is a free app available on iOS or Android. And you can tie it into your website to allow you basically exclusive access to the administrative functions, you are and or other people within your organization that have to do the maintenance on the website. SMS messages are just not secure. We know about and I've talked on this show before about people hijacking your phone number, all kinds of nasty things that can help.

Craig 16:39
Apple has two-factor authentication built right into iOS and Mac OS. They do little differently than pretty much everybody else. They're using the Apple ecosystem. So when you try and log in on your Mac, and it doesn't know that you are who you say you are, the Mac will automatically pop something up on your iPhone and say is that you and you get a six-digit Pop-up code.

Craig 17:06
And you know, that happens when you log into iCloud and various other things. But there are a bunch of different ways that you can do it. Apple does make it easy. SMS messages really aren't secure. But I do like Google Authenticator and 1Password. They both, 1Password has the Authenticator built right into it. But it's absolutely fantastic. It's $60 per year for 1Password for the family plan. And you can have a shared vault where you keep the password that everybody in the family needs to access like your bank logins or, or other things that you might need, you know, the website for your kid's homework, all of that stuff for 60 bucks a year. It's just crazy. It also has one time passwords built into the app and everything. It's phenomenal nominal, these two-factor authentications.

Craig 18:03
Authy's. Another one, you might want to look at. A-U-T-H-Y, if you don't use 1Password. It is a very good two-factor authentication app. It's better than Google Authenticator. It's a little broader. But it is easier to use in, In fact, one of the two-factor authentication is all it does. So it's very straightforward, very easy. You can scan a QR code that the site is giving you and use that then to use Authy or Google Authenticator or 1Password in order to be able to get in. Google Authenticator, I should mention, it's basically been the default solution for a lot of two-factor deployments over the last few years. And man, I, I can't remember the first time I used it. It was a lot of years ago. And I think it was Google, it was prompting me to try it out and use it. Microsoft now has theirs as well, Microsoft Authenticator. They've done a good job on this, I've got to say, Microsoft, with the exception of Windows, well, even with Windows, it's really been pulling up its socks lately. Windows is still terrible.

Craig 19:15
But it is much better than it used to be. And if you use Microsoft products heavily, particularly if you're using Office 365, these authenticators are going to work really well for you. And in fact, that's exactly what we use to manage not only our deployment of Office 365 for internal company uses at Mainstream, but we also use it in order to authenticate ourselves to all of our partners, because we manage so many sites, all of their emails, we manage all of their networks, all of their security and everything. So you can bet we use the best of this two-factor authentication stuff.

Craig 20:02
Apple, of course, had their big show this week. And one of the things that they released was information on its plan, where it is trying to take over the TV business. And this is from an article I have up on http://CraigPeterson.com from Business Insider. There's still a whole lot of questions that are answered after the event that happened just this week, it unveiled a new subscription service in the US. It covers TV, gaming and news markets. As I mentioned earlier, I signed up for the news stuff called News Plus, it's like 10 bucks a month and you get the first 30 days for free. And I kind of like it. There's some good magazines and stuff in it. I think they've got to clean their interface up a little bit more. And I wish there were more newspapers in that there's very few newspapers, but it'll you know, it'll get better. And Apple really is trying to get more into services because they're making a ton of money from their services sector already. And they're very good. And have you seen the new ads from Apple, the latest ones, where they're really touting security? They're touting the fact that they're not giving all of your information away, that they're not selling it to the highest bidder like Facebook has been doing. You heard me talk about WhatsApp, I have a great article up on my website about the guy who developed WhatsApp, and then sold it to Facebook. And he's now telling people to delete WhatsApp and never use it again. So if you want to find out more about that, and why that's up on my website, as well. But it's all because our friends and Facebook are really messing with people, which is kind of a shame.

Craig 21:50
That used to be this article from again Business Insider goes through some of the older events and things that they've done. So they're calling it TV Plus, and a number of people are really kind of underwhelmed by it. But it's going to add more stuff in. What's going to make this very interesting is what the mouse has been doing. Disney. Have you seen what they've been doing they just a couple of weeks ago, got final approval, inked the deal with buying all of Fox's content and production. Fox Studios. No, we're not talking about the news network that's separate. But all of the movies and so think about this, basically, Disney now owns all of the top names out there all the Star Wars brand, and completely owns now, of course, all the standard Disney stuff. And now it's got Marvel under its belt. It even has Spider Man now, which used to be exclusively Sony's property. So the mouse, you know, if you can get them in onto your streaming network, you're in big trouble. And Disney, aka the mouse, is in direct competition with Apple for this stuff.

Craig 23:09
So I don't know what that's what's going to happen here. Apple has always made its money off of selling the devices and selling us some services never selling your information. Disney is not the same. And I don't know that the two will be able to come to terms or not, I guess, guess we'll see.

Craig 23:30
Your personal data, according to Forbes, is 99.99% safer on a major cloud service than it is on the average companies private network. Isn't that amazing? This is an article in Forbes and they're taking a quote from the site called Quora. And it's really kind of a cool one. Matthew Lodge wrote this. He's a tech executive. And he's talking about, frankly, the fact that most businesses aren't storing the data properly. They're not backing it up properly. They're not securing it properly. Hence my course, right, that I just finished delivering or actually I'm finishing just this week delivering all of the final components as I go through all of that, right. The integrity of the data of the fact that you get bit rot, that companies don't keep track of it. They don't have proper multigenerational backups. They're not pushing the backups off site. They don't have it on on different types of media. They don't have active defenses that don't have security monitoring, right. So duh. Yeah, it's 99.999% safer if you put it up on Dropbox. And so that's really interesting. They, he goes through and he talks about Google as well. And Amazon and what they're doing, they'll have stored stuff. Dropbox is what I recommend for businesses. And in fact, I put together in my last coaching call a whole thing about Dropbox and which version to get because I got like a million of them. But that's I find that to be just fascinating.

Craig 25:15
And then our last article here this week is all about artificial intelligence, and the National Health Service over in the United Kingdom. If you've been listening for a while, you know that I and my family have suffered under the Canadian healthcare service for years, and the Supreme Court in Canada finally rolled that you can buy private health insurance, you don't have to get stuck with it. Well, much the same has happened in the UK because the healthcare, public health care is just so bad. It's just terrible. You know, everybody gets it.

Craig 25:51
But it's all terrible, right, kind of the bottom line, and I can tell you horror stories from every member of my family that's still in Canada. But in the UK, they've been using some artificial intelligence algorithms. They looked at a half a million people in the UK and then they task this AI with predicting of individuals who were at the risk of dying prematurely. In other words sooner than the average life expectancy from chronic disease and they had three different models that they task the AI with. And this article up on http://CraigPeterson.com that is originally from NBC News, I think you're really gonna like this is they look at different things with each one of the models. They looked at things like well they had the random forest model, which looked mostly a body fat percentage, waist circumference, amount of fruit and vegetables of people ate. They had the deep learning model, top factors there included exposure to job-related hazards, air pollution, alcohol intake, use of certain medications. You had another model called the Cox model that lean heavily on ethnicity and physical activity. So they took those three models, they looked at it, and they found that the best and most accurate predictions that correctly identified 76% of the subjects who died during the study period. Wow, okay. 84% accuracy on predicting Alzheimer's, the onset of autism and six months old babies. So all of this work by the UK National Health Service to figure out you know, basically death panels. Who should we spend money on? And who shouldn't we spend money on? Which is what that's what's happened I Obamacare ended up with death panels. Of course, they don't call them death panels, any of these cases, but you know, the panels that decide whether or not you're worthy to receive medical treatment, I think you can tell which side of the market come down on with that.

Craig 28:03
Alright, so this next week, of course, we're going to have some podcasts, probably only one because I am out of town. Very busy. But I'm releasing some stuff to those of you who signed up for my DIY cybersecurity course. And we will be back next Saturday. http://CraigPeterson.com/iTunes, to sign up for the podcast. Take care, everybody. Bye-bye.

--- 

Related articles:

Health Industry Is Using Artificial Intelligence To Predict When Someone Will Die With Unsettling Accuracy

Is Personal Data Safer When It’s Stored On A Company’s Private Network?

Apple Finally Showed Off Its Plan To Conquer TV — But Analysts Say There’s Too Much Competition And Too Many Questions Apple Won’t Answer

UPS Is Now Using Drones To Deliver Blood To A Hospital

Two-Factor Authentication: Why Do I Need It? What Are The Best Apps?

Barking Drones Used On Farms Instead Of Sheep Dogs
---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 26, 2019

Is Tuesday and Craig is back on the Jim Polito Show. This morning, Craig and Jim talked about Craig's travel to Europe. They also talked about why people should delete WhatsApp now.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

‘Delete Facebook Now’: WhatsApp Co-Founder Accuses Mark Zuckerberg Of Trading Privacy For Revenue After Allowing Ads On The Platform

 

--- 

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/26/2019

Why Delete Whatsapp - Travel In Europe

Craig Peterson: 0:00
Hey, good morning, everybody. Craig Peterson here. This morning I was on with Jim Polito. He just came back from quite the tour of Europe. And oh there's my puppy. Hi, Velma. I got a Great Dane name Velma.

Craig 0:15
She wants to say hi. Yes. Anyhow, he had a great tour of Europe, particularly Italy. And I also had some time going around Europe. We talked a little bit about that. And very quickly, we hit the WhatsApp story for this week. And there's of course, a whole lot more that you'll find online on my website. today. I'm also putting together the last module for this current course a bonus module on website security, how to secure your website, or if you make websites for other people how to secure their websites as well. So all of that man, what a week this week. I'll be back of course every other day this week, except maybe Sunday. But the real there's always news when it comes to tech and security. So here we go with Jim.

Jim Polito 1:06
He's our good friend, and he's been patiently waiting. And that's why we love him. We just can't get enough of them. I'm talking about our Tech Talk guru. Craig Peterson. Good morning, Craig.

Craig 1:19
Hey, good morning, Jim. It sounds like you had a great trip. I've been to Europe before but it was focused on Belgium and France. My wife and I, we rented a car. And we had a data plan for our phones. And all we did is for one month. We drove around. It was random. Where do we want to go today? And we used Hotwire to find good hotels. I was shocked that Hotwire worked over there. We found good hotels based on the ratings right? You have to ignore the stars, right? A five star one star whatever. And but these are rated hotels by people who use Hotwire. We drove around and we went everywhere. The castle that they had from Beauty and the Beast it was based on down in southern France. And of course, he went to Provence and we went down to the Met. And that was the first time I ever saw one of these toilets. That's basically a piece of porcelain in the floor. 

Jim 2:21
Yeah. Lovely. Lovely.

Craig 2:25
That's it. How could you ask for anything better? And there was stalls and you know how stalls here, the you know, the toilets, or the stalls around the toilets. They're like a foot or 18 inches, whatever off the ground. And you can kind of see if someone's in there. Like the airflow. They had the same thing. And they're like 18 inches off the ground. Oh my gosh. But Jim, that was the best time I think my wife and I have had just taking the time. Yeah, I could still feel do work. I called in to your show from France.

Jim 2:55 
Oh wait a minute. Yeah.

Craig 3:04
I don't think I mentioned that.

Jim 3:04
No, no. But I remember when you were away because Danny will give me a heads up. Like when you're traveling for business. And when you're traveling for pleasure, he always gives me a heads up like, you know, like bear in mind. Craig's away. Okay.

Craig 3:12 
On the road, yeah.

Jim 3:13
So careful.

Craig 3:15 
It was it was just so cool. The good news is I can still speak French after 40 years. Because I remember my education was in French schools. Right? My high school.

Jim 3:31
Right. Your High School was French.

Craig 3:34
Yeah, exactly. So I, you know, I stumbled a little bit of man is it come back fast. But what a trip and we went right to Italy, just barely, right there. And then, you know, in the Alps and stuff. But we didn't make it down. But we've got to do this. You have to look into going with you all and in March.

Jim 3:54
We're going on Ireland, Craig, we're going on. it's Gaelic and garlic. Now look, before I run out of time.

Craig 3:53 
Oh sorry.

Jim 4:01
No, no, no, it's not your fault. I could go on for hours, and I did about the toilet. But I want to hear this from you because I use WhatsApp. And you sent me this information. And by the way, folks, this is going to be an abbreviated version with Craig. But you're not going to miss out because if you text him my name, and he'll give you the number at the end of the segment, you'll get all this information plus a whole lot more. And I was getting updates while I was in Europe, which was great. Standard data in text rates apply. So the WhatsApp co founder says Mark Zuckerberg, is trading privacy for revenue. What What is what's going on? Is this just a fight between two Silicon Valley giants? Or is there some truth to this?

Craig 4:57
Yeah, there is truth to this. It's amazing to me now it's two faced, right. And we certainly seen that a lot in the news lately, especially in the political arena. But here's this guy who sold WhatsApp to Facebook. And he made I don't remember what was the sales over a billion dollars, I remember that much. It was not exactly pocket change. And so he sold it to Facebook. And he had always wanted to keep the basically your information private to allow you to enjoy you know, the conversations and stuff you have with friends without having advertising. Yeah, in the middle of it and everything being really obnoxious. Well, he's warning right now, because of some things that have happened at Facebook. And Facebook. Of course, they allowed over 150 companies, including Netflix, Spotify, and Bing in December of last year came out to access this crazy amounts of user data, private messages, even all of this right. So if you think your messages on WhatsApp are private, it allowed Bing for Microsoft search engine to see the name of all the Facebook users friends without their consent. Amazon, Facebook, allow them to obtain users names, contact information, their friends, their posts. Yahoo could view streams of friends post. And as of last year, Sony, Microsoft, Amazon could all get user's email addresses through the frenzy, you know, and it goes back and back right things that happened in September, etc. So now he's coming out after he made his billion dollars. And he's saying, Hey, listen, guys, I founded WhatsApp with a certain corporate sense that we wanted to keep our users information safe and secure, and not have you nailed with advertising all of the time and not giving your information away. And he's saying Mark Zuckerberg is doing the exact opposite in the values that WhatsApp was founded under.

Jim 6:47 
And WhatsApp you use in Europe, because as long as you have WiFi, you can do you know, talk, if you don't want to go get a data plan or something you can use that to talk to people.

Craig 7:04
Yeah, you can. And nowadays, most carriers, Verizon T-Mobile, etc. They will allow you to make calls over Wi Fi as well. So you can use your regular phone, you can receive calls while in Europe, if you are on a Wi Fi hotspot of some sort. WhatsApp is great about that. iOS just came out with a release yesterday and their Facetime application that group calling fixed and is now working again. So you could use that over there except for the fact that they had disabled it because of a bug. So.

Jim 7:45
Yeah, I saw that I was getting those updates a while while I was over there. But excellent. Craig, I'm sorry, this is short. And we'll make it up to you next week. But we can make it up to everybody right now. Because Because everything else we were going to talk about, including Michael Cohen, all of these different things. He's got some great, great info for you. And all you have to do is text my name to this number.

Craig 8:13
855-385-5553. Just text Jim to 855-385-5553.

Jim 8:22
That's right, standard data and text rates apply and Craig will not annoy you. Not in the least. Craig Thanks so much, buddy. We'll catch up with you next week.

Craig 8:26 
Take care Jim.

Jim 8:27 
Take care. All right, Craig Peterson everybody and final word when we return. You're listening to the Jim Polito Show.

Craig 8:42
Always a fun time. Make sure you subscribe by the way, go to http://CraigPeterson.com/iTunes and subscribe there. Or I think you can go to http://CraigPeterson.com/SoundCloud. I know you can go to http://CraigPeterson.com/TuneIn. There are a lot of options for everybody out there. But do subscribe. It really helps our numbers. And that helps us also to move up in the charts because it's just subscriptions that really matter. Thanks. Take care. Bye bye.

 

---

Don't miss any episode from Craig. Visit http://CraigPeterson.com/itunes. Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We're really hitting it out of the park. This will be a great year! 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 25, 2019

Craig is with Jack Heath on the Auto Fair listener lines. They discussed the importance of STEM education and the current problems on the Boeing 737 Max.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/25/2019

Boeing 737 Max Problems - Importance Of STEM Education For Society

Craig Peterson 0:00
Hey, good morning, everybody. Man we've been busy delivering, I don't think I've been this busy in 20 years. Well, I don't know, maybe five, six years ago, we're doing a big deployment, I was pretty busy back then. But putting this course together and teaching it, it has been energizing for me, even though I've been so busy working so hard. So that last module is coming out this week. That's eight major modules on do it yourself, cyber security. And I am putting together these bonus modules on securing your website. We've got a lot of stuff to release, the last coaching call is this week. It has been quite the little trip here. It's been fun. I appreciate everybody that bought the course that signed up and has participated we had amazing participation too. I'm really quite, quite shocked. I'm very happy about it. It has been good all the way around. And I am going to do it again. Probably in another month or so once I kind of calmed down, take care of a few other things. And I'm going to add a few things, move some things around. And you know how that always goes. But anyhow, it has been great. And thank you. Thank you. Thank you to everybody who has been involved. Also, thanks to our listeners here in the podcast. I've been getting some nice feedback and you know, basically any feedback I think is good feedback. It really helps me to hone things in but some people listening on the weekend, some people listening to and from work. People listening at the gym, it's it's fascinating to think about all of the different people involved here listening and participating. So if you have any comments, suggestions, whatever, just email me@CraigPeterson.com or you can always text me 855-385-5553. Excuse me. 855-385-5553 Well, this morning, I was on with Mr. Jack Heath. And we spend quite a bit of time talking about what's happening with Boeing and my concerns about it as well as what's happening with the army recruiting they were on a little earlier on his radio show and they mentioned stem so of course I got into that little bit as well so here we go.

Jack Heath 2:34
Colonel Anzalone as we go to some Tech Talk we just had Colonel Ron Anzalone with us arm and he was talking about how Craig Peterson as we turn to our Tech Talk guy on the Auto Fair listener lines. Craig and his show airs Saturday later in the morning on our iHeart news talk stations. Craig, the colonel somewhat in effort to recruit young people in the army in Boston, they're going to be taking part in that gamer weekend, you know, these these games and some colleges now are basically coming up with four year courses and what I would call, you know, e-game. You know, I don't know, gaming, you know, video stuff, games and all the technology that goes with it as a way to reach more recruits. But interesting stuff. The other thing I want to get from you, Craig, is Boeing has a real challenge now working on the software adjustment for the 737 max class.

Craig 3:19
Yeah, Hey, good morning, Jack. There. I love the fact that you brought up STEM because I've always felt it's so important. That's the science, technology, engineering and mathematics. It's something that US First has really emphasized over the years. And of course, that's started right here. Something Dean Kamen helped to really spearhead. And that's the first robotics competition. You know, when I had a longer show, in fact, we used to go three, four hours during the finals.

Jack 3:50
I remember that.

Craig 3:51 
Yeah, it was fantastic. But these kids, these are the future. And I've said that for so long, getting your kid involved. Almost every school in New Hampshire has a program. It starts when they're young with Lego. And then moves all the way up to the big robots, where they're doing everything from the business plan, how we're going to raise money, how we're going to do out to outreach, how we're going to have safety when we're building these things? They have different sub teams, the marketing people that are involved, and we're talking about kids in high school, all the way through, how do we accomplish this task were assigned to accomplish with the robot? Well, we are given some very, very limited parts of basically just the controllers. So how do we want to make our robot? What we're gonna make it out of? You see these things made out of PVC, out of wood, out of different types of metals, and then they come to the competition, and we're in competition season now. And it's just fantastic. And that's what the not only the military's looking for, is the kids with these abilities, not only to to play the games, but to design the software, design the hardware, design the systems. And I think this outreach you're doing is fantastic. It's going to be great for the military. And then we get down to the FAA side of things, Jack, and what's happening with Boeing. And, man, this is a really big story. And again, I don't want to say I told you so. So I'm not going to say it.

Craig 5:29
I really was worried about these European airplanes, because the basic design difference between what Boeing was doing at the time, and these European planes, Boeing bowling was designed so that if you wanted to disagree with the plane, you fought against the plane, you pulled harder on that stick or push harder or turn harder or, or with the flaps or whatever you wanted to do. Whereas the European planes are coming out were all based on computers and, and you had to walk through multiple screens. You might remember the first error, but I think it was the very first one crashed right when they were demonstrating it for the very first time to potential purchasers, because it overrode what the pilots wanted to do. And the pilots' natural instincts were completely ignored. Well, this is what I've warned about when we're talking about automation, it really appears that these 737 Max jets with this new anti stall system, and it's technically called the maneuvering characteristics Augmentation System. But this new anti stall system is overriding the pilot's inputs. The pilot should be able to fight with pet stick, if it works. If the pilot one set nose up, it should be able to fight with the plane. And the plane should then be saying, okay, pilot, I'm going to do what you want to do. But you know, I'm going to fight with you a little bit because I disagree. That is a huge design change in Boeing's mind from what it was 20 years ago. And it is scary as heck. Because we are not computer operators. We have our natural instincts, the way we respond, the way we worked all of these gears. You can't all of a sudden put a system in place. not have the instrumentation on on the board, but you can't put a system in place that overrides the pilots input. 

Jack 7:42
Well that's why I'm not a big fan of Teslas, the driverless cars are always the more automation I think the driver always needs to be, you know, ultimately responsible. Anyway. That's good stuff, Craig, we'll see where it all goes and pointing to talk about on the tech side. Thank you.

Craig 7:50 
Absolutely. Thanks Jack.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

 

Mar 23, 2019

That last tweet or facebook picture may raise your insurance rates? We will explore why?

Extortion and the Internet. Now even normal people are the targets of these tactics?  Unpacking the trend in Virtual Kidnapping.

Whose watching us? Why? Yes, it is time to talk more deeply about Surveillance.

For all this and more tech tips, news, and updates visit - CraigPeterson.com

---

Transcript:

Below is a rush transcript of this segment; it might contain errors.

Airing date: 03/23/2019

Using Social Media Posts For Insurance Rates - Virtual Kidnapping - The Surveillance State

Craig Peterson 0:00  
This has kind of become my theme music, hasn't it? Over the last couple of months.

Craig 0:09
I like it. I've been using it all of my training videos and just all over the place.

Craig 0:13
And it's nice because I have the rights to use it, right? I don't have to worry about getting banned on YouTube or some other place because I'm using music I don't own right? Copyrighted stuff. But it's crazy when people do that. And just, I guess just don't know. Well, we have a bunch to talk about today. 

Craig 0:34
Also, I don't know if you caught it this week. But make sure you catch my podcast at http://CraigPeterson.com/iTunes. But I talked about two business problems. This week, we got a huge aluminum manufacturing giant over in Norway. It's not just basic manufacturer, I mean, these guys are huge. It's called Norsk Hydro, they also provide power and other things, had to shut down because they were nailed with ransomware. So I went through what happened there, what the whole thing was about some pros and cons, some things that we as business people can kind of keep an eye out for. 

Craig 1:13
And then I also talked a little bit about this, Michael, in fact, quite a bit about this Michael Cohen investigation and triggerfish, and what that is all about? And yeah, I thought that they had pretty much stopped using triggerfish and some of these other technologies. But as it turns out, no, that is not the case. So, that's what I talked about this week. It's a Security Thing. And right now, of course, we are live on the radio. And we're going to talk about a half a dozen other things that we just never managed to have quite enough time to get to, right. We're going to be talking about HR departments and the problem we have right now, with the huge high employment rate, how some of them are turning to artificial intelligence and how you might too. The guy who founded WhatsApp has a warning for us about Facebook, and I don't know this guy, come on, you made your money you got out and now you're upset. Bizarre malware is disabling some safety systems that industrial plants. And it's an interesting, quote, ethical line, unquote, for hackers, because historically, they have avoided things that would cause problems with public safety. But now they are no longer doing that. I talked a bit about that as well. This week, it's a security thing. On my podcast again, http://CraigPeterson.com/iTunes, a massive database leak. And we know we're seeing these almost every week but this one's more interesting, because it turns out, it's surveillance on Chinese citizens by China. So what are they doing over there in China's digital surveillance state and what's coming here because these companies that are providing them with the tech are based in the US? And life insurers can now use social media posts to determine your premiums. That's an interesting one.

Craig 3:17 
And we will start up with two virtual kidnapping scams that occurred within 24 hours this week over in Laguna Beach. And it's something that I have a bit of a personal tie to, not in Laguna Beach, but these virtual kidnapping scams. One of the ladies that work with me, her friend had one of these happened to her. In fact, I think she got called out, this lady that works with me. And man, Maria, the thing that happened. It was just absolutely amazing. This is an article from the Orange County Register on California, it's up on my website, http://CraigPeterson.com. Two virtual kidnap cases within 24 hours, have led please to alert all local schools. Both these incidents were similar phone calls who were made to potential victims, with the color demanding a large sum of money or threatening to harm a loved one. Quote, we definitely believe these incidents are connected and said Sergeant Jim Kota, who last summer spearheaded assistance for Laguna mother who sought help after receiving a threatening call. They are happening and surrounding cities and all appear to be connected to the same group. All of them want money transferred to an account in Mexico. And they are directing victims outside of the city to withdraw money. It's like they've been there before. They're sending them all to Costa Mesa to make this payment.

Craig 4:53
So they had a report on March 7, and the victim here of this scam had already paid $5,000. And the article goes into some detail. But the here's the bottom line on it.

Craig 5:11
The FBI got involved about a week ago. And of course, they investigate the scams, and they work with local law enforcement agencies. So if something like this happens to you, you can call your local police department. But what it is these virtual kidnapping scams, and what happened to the lady that works with me is that they call you up pretending they have kidnapped a loved one. Now, usually, they found out a little bit about you, they might have gone on to your social media to figure out who you are or what you're doing or where you are, etc. who your friends are. And so many of us have that information out in public on Facebook and elsewhere. So they reach out to you, they say I'm holding so and so hostage. And unless you make this payment, I am not going to release, I'm gonna kill them or whatever it is. So these are virtual kidnapping cases. Now in the case of a lady that works with me, she got a call about a friend she has. And sometimes these are, hey, they're out of the country, they need money to get back in, and I'm with the government, and we're holding them because they did something wrong, etc. There's all kinds of these scams. But she was smart enough to call up that person and found out that yeah, that's not me, I don't know what's going on, I'm fine. There's nothing going on at all. So that's something to keep in mind, too, that you can call, do a little research on your own and follow up because these people are not necessarily really smart or thorough in what they're doing. So keep that in mind as well. But Laguna police department is warning people that it's happening on a wider basis right now.

Craig 6:58
Next up, we have this questionable practice by life insurers; you know that many life insurance companies use your credit rating, to come up to the premium. They do that for all kinds of things now. They do it for health, they do it for employment, looking at your credit rating. And we've also talked before about how in some countries like China, they're using your social credit now to determine whether or not you're worthy for a loan, etc. You know, five years ago, we wouldn't have thought twice about this, who would have thought this is crazy. It's not likely to happen. You guys haven't because we've been talking about this for what 10 or 15 years. But New York's Department of Financial Services has released new guidelines that will allow the life insurance company to use data from customers social media posts to determine their premiums. And experts are saying these rules could potentially extend to other states and you know, some of these federally chartered companies and agencies. So the new guidelines are suggesting that companies can use the data from other nontraditional sources as well, though insurers will have to prove the information doesn't unfairly discriminate against protected groups.

Craig 8:20
There's a bunch of really press release stuff here in the article if you're interested that that's up at http://CraigPeterson.com.

Craig 8:28
The National Association of insurance commissioners released a white paper back in 2012, from what they call their social media working group that address the ways that insurance companies couldn't use social media in their marketing, and also ways to use it to monitor customers. And they're saying that as of 2012, they are already using it. So we've warned everybody for a very long time, do not post things online that you don't want to have shown up later on. Because that's one of the first things that police do when they start investigating someone now, they'll go to your social media; they'll search for you online. Right? Google is their first line of investigation. And it looks like even for this dossier they've been using to go after President Trump and try to show Russian collusion, that even that dossier was put together from online searches on the CNN website of posts people had put up. Man, I heard that this week, I have no idea about the validity of that. But what we say online, reflects us to some degree. And if you do say it online, it can and will be used against you. Now, you know, I like Apple, and I love the way they handled privacy, they don't give all kinds of information out to third parties. They're not trying to mine that information themselves to have some sort of a significant advantage about you or in what you're doing and what you're going etc. So Apple's pretty good about that. But remember that Apple too, if they have a subpoena, that's obviously legitimately issued, they will give up information about you. And they have turned over iCloud accounts and other things. So just because you have things online that you've posted, that are considered private and you shared with your best friend or your family, remember that law enforcement can certainly get at it. Bad guys can get at it, they're always cracking into Facebook accounts, and your friend or family has it and could possibly reshare it at which point now it's no longer private, right? They could repost it; they could save it, they can put it away for a rainy day when they want to play blackmail you. So, be very, very careful about what you say online because much of that can and will be used against you in the court of public or company opinion. And I think New York might have done us a bit of a favor here too. Because it's not just about going on to social media, you know, Facebook, or Twitter or whatever. It really goes to the next level. You know, we've seen deep fakes, we've talked about them here before, one of the big ones is this plane that's kind of flipping around, and it's a big ass jet, that passenger jet. And it was a total fake, and it was shared millions of times online. So you've got that. But you also have legitimate stuff. But I think part of the favor they're doing here is putting something on the record that can be challenged. These life insurance, actuarial tables, the car insurance that you buy, that is based at least partially on your credit rating, how do they work? What are the parameters that go into these? How is the program written? What bugs are there in that program? You don't know they won't tell you. And that's part of the problem I have with what California is doing with getting rid of the bail bondsman. They say well; we can trust this algorithm. No, we can't. How many times have we talked about having computer programs fail on us?

Craig 12:20
So there are are no states right now that have any rules or regulations about how life insurance and the automobile insurers and the bondsman can populate the data for their algorithms for their programs. There's no rules, there's no regulations, you can't challenge them in court. They'll bring in some professional that says some mumbo jumbo that's beyond the judge. It's beyond the jury, and is beyond the truth, right, all in one. But you don't know that. We do know that. They're currently using public records like home ownership data, credit information, education level that you had in college or high school, any civil judgment, any licenses you have anything they can find that's public, and even your internet use in the history of they can get their hands on it. And now this is an extra step and people are freaking out. And I get it; I understand that I would too. And but now we can get the legal system into action. And I hope they do. And I hope that there's a good precedent set and not some lousy precedent. So you know, I just, you see that too much when you have judges, juries, and you know, defense attorneys and prosecution attorneys that really don't understand what's going on. And so then you end up with bad judgments, right? Bad dicta in the cases, from the judges, etc., etc.

Craig 13:59
We got this massive database leak, and I found out about it over the Electronic Frontier Foundation, I put their article up on my site at http://CraigPeterson.com. Earlier this month or security researcher found and disclosed and exposed an unexposed database.

Craig 14:19
And this database was online that these things happen all of the time, people are building software, they don't understand the implications of what they're doing. And I talked about it in my It's a Security Thing, podcast this week.

Craig 14:35
They just don't understand. And because they don't understand, they're just messing everybody up. And I see this almost everywhere. You know businesses, when you have a new product or designing when you have a product you're using, even when you're using a third party software as a service that you might trust, have a true security professional look it over. And there are security professionals available. I know there are almost 3 million job openings in our security world out there. But they are available, pay them you can't pay them enough to come and have a serious look at this.

Craig 15:18
You'll pay to have an attorney come in at hundreds of dollars an hour, some of these attorneys are over $1,000 an hour to look at something to look at the legality because well, you might save tens of thousands or even a million dollars in a lawsuit.

Craig 15:35
Well, the same thing is true with security.

Craig 15:40
If your data is breached, you could easily face it more than a million dollars and find and no judge or jury is going to protect you from that. These are fines that are levied by the regulating agencies. And there's basically nowhere to turn; then on top of it, you could have your customers suing you, you could have consumers, so we knew because their information got out. And you could end up with hundreds of millions of dollars and judgment against you. But no, what are you going to do? Oh, you're just going to trust your IT guy who was a programmer who has his bachelor's or even masters or doctorate in computer programming from some University.

Craig 16:25
No. You need a specialist just like you go to a specialist law firm. You need a true specialist. And the people just aren't doing it. So here's an example of this security researcher. And yeah, we're talking about China here. But China has hired some American companies to build this. So in this case, this database owned by a company called SenseNets. It's a private artificial intelligence company that advertises facial recognition, crowd analysis technologies. So you'd think that they would have some modicum of understanding about security, but they didn't. And they didn't hire a security expert to come in.

Craig 17:20
And what's that going to cost you? 100,000? 200,000? Half a million maybe? And instead of that, they'd rather just lose the whole business because they don't see that as a real risk. Well, let's talk about this risk because we'll get to this Chinese company here in just a second. But let's talk about the risk.

Craig 17:42
There was a cyber security firm that just released a little report saying that they found at least 468 Mongo DB servers exposed to the public internet. Almost 500. Well, what's a Mongo DB server? These are database servers, the main technology group is called No Sequel, but typically used for huge databases. So what is this database that this company SenseNet have in them? SenseNets, excuse me, having it?

Craig 18:21
Well, it turned out all it had was DNA samples, voice samples, fingerprints, iris scans, and much, much more. These were all residents between the ages of 12 and 65 that were from Xinjiang. And they had been questioned about their use of mobile and internet tools. Over there, just having WhatsApp or Skype installed in your phone is classified as subversive behavior. Remember that China is a socialist country, I don't know. But most people I get it, most people don't want to mention the fact that they're Communist or socialist, or they are just incredibly under the thumb of the government. Heaven forbid, you know, we want that here, right in the United States. Right? Yeah. Okay. And since 2017, the authorities and China have told all of the Xinjiang mobile phone users, they have to install the spyware app, to prevent them from accessing terrorist information. That's a quote. Okay. 

Craig 19:37
So we've got evidence now of mass detention centers, newly erected surveillance systems, that China has been bulldozing whole towns because of subversive behavior. All the systems in China that are has been pouring billions of dollars into physical and digital means of, of substantial surveillance in Xinjiang and other regions over there in China. So it's been unclear to a lot of researchers and human rights activists, just what extent these projects as they're operating, you know, heaven forbid, that happened in our country. Oh, wait a minute. It did. Right. We did have surveillance going on. The NSA is scrapping some of those programs; maybe it wasn't the same. Perhaps we haven't been putting people into detention centers. But come on, guys. We're already at a place where five years ago, we didn't think we would be, right? We just discussed that ten years ago, where are we going to be in five or 10 years from now? Hopefully, civil libertarians are out there. Indeed, the major parties have been stepping up; the Democrat Party really hasn't been looking at what Obama did with significant increases in surveillance. I kind of get it after 911 that maybe we want to have a look or look see and figure out what's going on because it kind of hit us from the middle of nowhere in some ways. But that has to go away; it looks like it is going to go away this year under President Trump. And hopefully, the democratic house is going to go along with it as well.

Craig 21:05
But now we have found out we found out more because of this data leak that happened with this security company, I'd laugh and laugh about that, over in the US helping China.

Craig 21:21
So in addition to some of the biometric and other information, this database of 2.6 million people includes their national ID number think social security number, which our government obviously has on us as well. Ethnicity. Well, you know, we've been giving that to our government for years and forms that we fill out. Our nationality, our government has that. Phone number, our government has that. Date of birth, our government has that. Home addresses, our government has that. Employer, our government has that. And photos, our government has that.

Craig 21:57
So all of these same things, types of records that our government has, were found on this database online, from a company that's selling technology to track citizens to the Chinese government. Now over 24 hours, this database collected, just one day, 6.2 million individual GPS coordinates linking these citizens of this province over in China, of this area in China, connecting them to various public camera streams all automatically where they're tracking them in the streets, and identification checkpoints. You love that idea of inspections right? Like Checkpoint Charlie, for those of us that are old enough to remember that.

Craig 22:51
Checkpoints associated with location tags such as hotels, mosques, police stations, the GPS coordinates, all located within Xinjiang where they're doing this service.

Craig 23:05
My gosh, so Givers of he reported a second open database tracking the movements of millions of cars and pedestrians violations, like jaywalking speeding, going through a red light are detected. They trigger the camera to take a photo and ping a WeChat app, presumably to try and tie the event to an identity.

Craig 23:28
It goes on and on. So this database exposed to anyone with an internet connection for the last six months. Oh, by the way, some of these other 468 database servers that were found on the open Internet that were open, contain detailed information about remote access consoles owned by China General Nuclear Power Group, and through GPS coordinates of bike rentals. So there you go with the surveillance state, they're in China.

Craig 24:01
They're tolerating poor engineering, that is getting crackdown on by the way, in western countries, Europe, the United States, companies are getting sued over this. We were helping out a company that, small practice, this is a doctor's office, they're trying to upgrade. Trying to secure things trying to do the right thing. And it was just shocking when we looked into all of these medical apps that are supposedly HIPAA compliant. We did not find a single app; they claimed it was HIPAA compliant, that was HIPAA compliant. Nothing being done about data at rest, and just on and on from there. It's nuts. How bad most of the programming, most of the software is out there. So I feel sorry for a lot of companies because you're stuck. You are stuck. But you've got to find and hire security experts to review what you have in place if they're willing to do it because you know, good guys, I don't run out willy nilly and, and look at networks and look at security setups and everything else. There's just too much for me to do. There's too much business out there. But you still got to do it. And you've got to investigate the people that are working for you that say they have a security background because they may or may not. That leads us to our last story we're able to get to today. Well, I'll get I'll just do this really briefly because I want to hit one other topic, but HR department, now, according to The Wall Street Journal are turning to artificial intelligence to try and find talent because good people are disappearing off the market almost instantly. They're using AI by getting into Microsoft's databases. Remember, they bought LinkedIn, so they've got all kinds of information about people. It's combing through the profiles of more than 610 million members tens of thousands of skills and titles and the looking at behavioral data. And going on and on what jobs candidates are applying for. Citizens Bank launches an AI-powered career coach named Myca, which is short for my career. IBM has a chat box that has AI built into it. And you may have to do that yourself. If you're looking to hire. It's getting more and more difficult to get excellent talent, especially in the IT space and more specifically in the computer security space. And WhatsApp, you probably heard about that if you're not using it. But what tap is a company that was purchased and became part of the Facebook group? And man, the guy that sold it made some clear money. I can't remember what it is offhand. But I think it was in the billion plus range. Well, the founder of WhatsApp is warning people. He's saying you need to delete Facebook immediately. And this article from the Daily Mail over in the UK talks about why all of the reasons why you should and how the disclosure of your information is just it's rampant over at Facebook anyhow.

Craig 27:36
Have a great week we are finishing up our DIY cybersecurity course. This week will be our last week of coaching calls. So shout out to everybody and a big thanks to everybody that's been involved in asking questions. And we've been answering all kinds of questions from everybody. This week. It's getting busier. You can text me 855-385-5553 anytime or just email me@CraigPeterson.com. Hey, have a great week. Bye-bye.

--- 

Related articles:

What’s a Good Alternative to Windows PCs?

‘Delete Facebook Now’: WhatsApp Co-Founder Accuses Mark Zuckerberg Of Trading Privacy For Revenue After Allowing Ads On The Platform

Michael Cohen Investigation Involved Secretive “Triggerfish” Tracking Device

2 ‘Virtual Kidnap’ Scams Within 24 Hours Have Laguna Beach Police On Alert

Life Insurers Can Use Social Media Posts To Determine Premiums, As Long As They Don’t Discriminate

Bizarre Malware Is Disabling Safety Systems At Industrial Plants

Massive Database Leak Gives Us A Window Into China’s Digital Surveillance State

Ransomware Forces Aluminum Manufacturing Giant To Shut Down Network Worldwide

HR Departments Turn To AI-Enabled Recruiting In Race For Talent
---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 22, 2019

It's Friday. Time for It's a Security Thing with Craig Peterson. Today, Craig discusses triggerfish, stngrays, and the Michael Cohen investigation.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/22/2019

Michael Cohen Investigation - Triggerfish - Stingrays - Were You Caught Up In The Net

Craig Peterson 0:04
Hello, everybody, Craig Peterson here. And we're going to talk about a technology and security problem from a little bit of a different angle today. You know that we've had police surveillance for years. When they get a warrant, they can start to investigate a little bit further delve in, get some of our records, maybe our cell phone records, maybe even travel records and other things. And of course, they've been casting a pretty wide net with the whole NSA investigations and what they've been allegedly doing for many years. And of course as you know, the good news is it looks like those are coming rapidly to an end. Well, let's look at this Michael Cohen story that came out this week. And you'll see it up. This is on my website at http://CraigPeterson.com and this is from CBS News. The FBI and this is by Graham Kate's, the FBI wanted Michael Cohen cell phones, but they knew they couldn't be found at his home. The problem was Cohen and his family moved into hotel while renovating their apartment. So on April 8, 2018, they decided that they would use something called triggerfish. And they wanted to find his exact location which was a room on the 17th floor at Lowes Regency Hotel. The FBI Special Agent wrote in an affidavit that was unsealed last Tuesday, that federal agents quote sought and obtained authority to employ electronic technique commonly known as trigger fish. To determine the locations of Cohen's two iPhones. The other federal agents ended up obtaining a warrant to retrieve the phones from the room. And there was a court ordered special master that later determined that the federal agents could review the vast majority of nearly 300,000 files on the two phones as well as an iPad, obtained in the search. Now, a special master's someone who can look at the evidence and determine if it might be client confidential, in the case of an attorney like Michael Cohen was, and that the FBI really shouldn't have access to it, or that the information is maybe something that might be pursuant to the case, and legit for them to look at. Now, you might have heard these triggerfishes called stingrays before. And what stingrays do is mimics cell phone towers. So they can pinpoint a phone's location, sometimes even before it makes a call or a text just because of the unique identifier that the phone has.

Craig 2:50
And we're not sure what law enforcement was hoping to get from its use of the stingrays that we're targeting Cohen, because these devices can also collect them calls a text messages and even emails that are sent to and from phones, because they're sitting in the middle and you can do what's known as a man in the middle attack. Now, because they're acting the cell towers, they not they don't just get the data and information from one phone. But any other cell phones a deer in the area are going to see it and try and connect to it. So they can take in information from entire neighborhoods, which is why civil liberties groups for years have objected to the use of these things. They are absolutely crazy. Now they're made by defense contractor Harris Corporation, and the patents that it's filed indicate that they've been used for about two decades, although law enforcement rarely even admits that they have them. So now we found that they are using them, they have been using them for a long time, and they were using them specifically in the Michael Cohen investigation.

Craig 4:01
Now that really is a very big deal because Michael Cohen of course with is the attorney who was involved with President Trump, in this whole Russian collusion investigation.

Craig 4:16
I don't want to go into a whole lot of detail here. But the Congress did authorize what's called a pen register, which is a process that records or decodes the dialing routing address, and you're signaling information so they can figure out who's someone called when they called it from. And a pen register is basically referring referring to back in the day where someone would have a pen and paper in the phone offices, right, the switching office and track the switches and where call was being routed and would write it all down. But there's some serious Fourth Amendment concerns. The rights of citizens against unreasonable searches and seizures. In this case, obviously, for Michael Cohen, they did have a warrant. But how about for everybody else that was caught up in this thing? Yeah, it's a really good question, frankly. But these are cell site simulators. You can make them. I've got the plans to make something kind of similar to use cell phones on the ham radio bands and basically it pretends it's a cell site is not intended to do grab all of this data from all these people. But they are the most interesting know they are out there. There's passive and active ones. I am SI catchers, which are the passer ones as well as the cell site simulators. There is a ton of information out there you can find on it. Check out eff.org. To find out more the Electronic Frontier Foundation. They've got a lot of really good stuff on it. But it looks like the FBI was using some of this latest technology to investigate Cohen and by doing so probably ended up catching a lot of other data that they may or may not have had legal access to as well. So keep that in mind next time you are online. You know it's a Security Thing. And that's what we talked about are right here on my podcast. And visit me online. http://CraigPeterson.com. Make sure you subscribe so you get all of these. http://CraigPeterson.com/iTunes and hit the subscribe button.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 21, 2019

It's A Security Thing Thursday. Today, Craig discusses the bizarre malware that is disabling the safety systems in our industrial plants.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/21/2019

Bizarre Malware Disabling Safety Systems

Craig Peterson 0:06
Hey, welcome all you podcast listeners, it's time for another Security Thing. I want to talk about this bizarre malware that MIT wrote a really interesting article on a report over at MIT Technology Review. Futurism.com picked it up and it's really been kind of making the rounds and mold in certain circles within the security community. And it's different in its attack, because we're talking about malware here that is designed to disable the safety systems at industrial plants. We know that the US and Israel were involved with Stuxnet. And we know about the whole thing that happened over in Iran at the nuclear facility. And that was engineered by two countries. And they were trying to shut down the processing of uranium and those centrifuges. And if you've never seen the centrifuges, you got to have a look at it, because I had in mind something to look like my high school chemistry centrifuges, or the things they use for spinning down blood. These things much, much, much different and more complex, really, they don't even look like a centrifuge frankly, you know, at least from the, you know, the outside point of view. But the US and the Israel apparently designed this malware, and it was very, very well designed. It did two things. One, it caused the centrifuges to spin out of control and destroy themselves, because they were spinning so fast way beyond their normal tolerances. And you'd think, of course, that the centrifuges, which were not made in Iran, by the way, that the centrifuges and their control systems which are not made in Iran would be able to handle this. And in fact, that's what the malware went against was these controllers not made in Iran, that the bad guys in this case, Israel and the US, apparently,that they had the ability to examine and play with and and then come up with this whole attack vector.

Craig 2:25
So they went ahead, they made malware the attacked the controllers for the centrifuges, and apparently ruined a more than 1000 of them. And they also had the malware go after the control systems that were being monitored. So really the monitor systems so that everyone who was in the control portion of the plant would be seeing everything being normal. No alarms going off, no klaxon sounding and lights flashing. All of the charts would look pretty darn normal, that they were all spinning about the right speed. It was just done very, very well, very professional. But it was also done in such a way that no one would lose life over it, these things would spin themselves to the point where they would just destroy themselves. But you know, they were trying not to kill anyone, but it wasn't their primary goal, obviously. Well, now we've got this new hacker tool that's been found. And it's been out there for quite a while. It's called Triton. And it's been out there apparently since 2014. But researchers didn't really become aware of it until around 2017. That's a little worrisome, isn't it? The malware also crosses a new ethical line. Now I know you say malware and ethics, look at what ransomware has done and shut down hospitals, police department. Ransomware is going all the way through taking all of your family pictures away from you. malware is bad. And there is a really there's no ethics involved for these hackers that are spreading it. But they have always in the past, been careful about what they targeted. And they never have seemed in the past to target the safety systems that are in our industrial plants. But that's exactly what's happened right now. There is a gentleman by the name of Joe Slowik, he's a former information warfare officer warfare officer in the US Navy. He's now working at Dragos which is an industrial cyber security firm, according to Futurism. And that firm Dragos has been tracking the spread of Triton.

Craig 4:53
And Joe says that targeting safety systems just seemed to be off limits morally, really hard to do technically. So now we've got to really question things. We've got Dan Coats. He's a former US Director of National Intelligence, who has been warning that things are changing. And here's a quote from him. Here we are nearly two decades later, this was a speech last year. And I'm here to say the warning lights are blinking red again. Today, the digital infrastructure that serves this country is literally under attack. So they are attacking it, they're attacking it in different ways. Triton has been used as a core for attacking a lot of different business systems over the years. But now we're talking about safety systems, the systems that protect nuclear power stations all the way through water treatment facilities, the same types of controllers that were attacked by our government and Israel in that Iranian plant, those same time types of control systems are all over the place in our businesses. They control everything from the heating and air conditioning, through manufacturing systems, through cooling systems, nuclear power plants, and they are dead under attack. So I have a friend that's been in this business for years, I haven't talked to him in probably 20 or 30 years, but he has been trying to really sound the alarm and hasn't been terribly successful. We've got to be careful, we've got to be more careful about our industrial plants and our security. And that means at the very least, we've got to separate our networks. I've got a great module and one of my courses on this, but how to split it up? You know, we're, we're bringing internet of things into our industrial plants. We're bringing in these lights that are controlled by computer to save us money. We're bringing in control systems that heat up the plastics, that will heat up the copper to make wires and, and pull them all out and they're all being automated. And in many places, far too many places, they're on a flat network, you know, the same network, they can all address each other. Even if you separate out the networks, if they can get from one to another, you've got problems. And if you can get to any of these systems via the internet, you've got problems. And just because I've got a firewall doesn't mean it's working for you. Believe me, I have yet to go into one of these companies, you know, 10 million all the way up through half a billion dollars, and have and audited their systems and find that there aren't major problems, where they could have they religious lucky, they haven't been hacked. And of course, you already know, I've been in many businesses where they've already been hacked, where they've already had a failure of the lack of security systems, but a failure of their security systems to the point where they got sued, they went out of business, they lost hundreds of thousands, millions of dollars. In one case, it was tens of millions of dollars. So keep this in mind, they are coming after us. If you are an industrial plant, they want you, they want your equipment, they want to control it. And remember that our enemies have a first line of attack against us being cyber. So many of these attacks are coming from Iran, they are coming from China, they are coming from Russia, they are government sponsored. And their idea is to flip a switch just all of a sudden flip that switch and it's done and over with and we're in deep trouble. Okay?

Craig 8:53
So do the right thing. split your networks, make sure there's no routing between them that you minimize any access to any data, and that there's no external access, and that any access from the inside is tightly controlled. So there you go. All in a nutshell. It sounds like what a weekend's work for you.

Craig 9:10
All right. Take care, but hey, it's a Security Thing. And we'll be back with another one tomorrow, of course, Craig Peterson and that's where you'll find me online. http://CraigPeterson.com

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 20, 2019

Craig is on the WGAN Morning News with Ken and Matt. They talked about the Y2K-like bug that would strike GPS systems on April 6th, the hackable smart alarms, and Craig's stern warning to ditch Windows 7 and upgrade to Windows 10.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

'Gps Systems Will Be Struck By Y2k-Like Bug On April 6': Security Expert Says He Will Not Fly On 'Day Zero' After Governments Warn Global Devices Will Reset Due To Calendar Glitch

Google Recommends Windows 7 Users To Upgrade To Windows 10 If Possible, As A Kernel Vulnerability Allows For Local Privilege Escalation On The Operating System.

No Guns Or Lockpicks Needed To Steal Modern Cars If They're Fitted With Hackable 'Smart' Alarms
---

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/20/2019

Dangers Of Smart Remotes - GPS Y2K

Craig Peterson  0:00
Hey, good morning, everybody. Craig Peterson here again. And I was on this morning being Wednesday with three stations up in Maine, up in Maine's capital city, as well, and I was on with Ken and Matt. We chatted about a few different things. I ask them some questions about demonetizing deplatforming. What are the legal requirements there? And it was kind of interesting because of course Ken is an attorney to find out what's going on. The mom in Arizona with the kids on YouTube. Boy, what a mess that is. We've got representative Nunez who is threatening suit due to something very similar and we've seen this happen a lot so where is this line supposed to be drawn? Kind of interesting we also of course talked a little bit about technology and Matt's problem where Matt had his fob reprogrammed for his car and tied right in to a story this week about the smart alarms and how imminently hackable they are. So here we go.

Matt Gagnon1:09
Alright, we are back again on 7:37 on the WGAN Morning News. Wednesday morning and get a matter here. And so is Craig Peterson, our tech guru. He joins us now. Craig, how are you?

Craig 1:22
Hello. I'm doing well. I am I'm really interested in what's happened here. You guys have been reporting on this case of the Arizona mother who was abusing their children. And we also have I'm trying to remember who this was, someone in Congress just threatened suit or bringing suit against I think it's Twitter.

Matt 1:48
Yeah. You were thinking about Mr. Nunez.

Craig 1:48
Yeah, yeah. Exactly.

Ken Altshuler  1:51
That's what you call a publicity stunt.

Matt  1:52
Yes. He's gonna fail miserably.

Craig 1:53
You think so? You think that's what it is?

Ken 1:54
Of course. Of course.

Matt 1:55
Because he knows he's gonna lose. So what else would it be?

Ken  1:51
Public figure.

Craig 1:56
Yeah. Well that's a really good point. How about we've got the Hallmark Channel cutting ties with Laurie we know this whole college admissions scandal and stuff. How far can that go ultimately? Because, again, they've got clauses in their contracts on saying that they have to be a good character,

Ken 2:21
By the way, I pay nearly half a million dollars for my children to go to college, I don't see what the big deal is.

Craig 2:28
In Arizona again, obviously, this woman what she's charged with is just absolutely crazy. But can we have all of these social media platforms and other ways that people are making money and trying to get messages out? Can people be deplatformed at the drop of a hat? And should they be? It's an interesting question. I don't know how far this goes. I've heard Nunez and and his complaints. And I've heard other people, particularly conservatives saying that their messages are being stopped or they've been deplatformed. And we've certainly seen that with Alex Jones and some others who Alex isn't accused of anything illegal. It just being a real jerk, I think is is kind of the bottom line for him. But is it again, interesting territory? I don't know. Ken, had the courts really settled any of this stuff yet?

Ken 3:20
I think it's basic libel and slander law. I think if you're a public figure it's virtually impossible to be...

Matt 3:22
But as it relates to like deplatforming and stuff like that, that's
their company, they can do whatever they want with it. I mean, it's if they want to, they want to ban me for having brown hair or blue eyes. I mean, they could do that. Whenever. And perhaps it's not the wisest thing for them to do. And I think it opens a gigantic door for a competitor that isn't such a, you know, terrible company to actually operate. But you know, they want to do that they could do that.

Craig 3:51
Yeah, yeah, I agree on that part. That's certainly the libertarian to me coming out for that. Anyhow, it was interesting, I thought I would ask the experts this morning.

Ken 4:00
Well, talking about experts, since you're the expert guru in computers, are we going to have another Y2K thingamajiggy?

Craig 4:09
Oh, this this is really weird. This one that hit me a few weeks ago and hit my inbox as it were. And Y2K of course, we have a problem with the rollover from a computer is able to use just a two digit year to figure out the time and elapsed time, you know, where they were just use, like 74, I wrote code that just choose the last two digits of the year back in the you know, in the 70s and and it's been going on for a long time. So everyone was worried what's going to happen when it turns from being able to issues 99 to zero, because they're always lower than 99. But it turns out most businesses had fixed the problems and none of these problems were were anything that would have been really earth shattering if they had to get at least not in most cases. Now we've got a security expert who about two weeks ago out at a security conference in San Francisco said that he's not going to fly on April 6 and the reason for that is that older GPS systems don't have the ability to handle dates past April 6 it's actually a specific time on April 6. But here's the problem the counters in the old GPS systems don't have enough digit so they are going to roll back to zero. And we look at what's happening right now with Boeing's jet, the 737 Max 8 right and that jet airliner. How long ago was that designed? Do you guys know?

Matt  5:57
The 737?

Craig 6:00
What is it? Is that it? Yeah, the Max 8.

Matt 6:01
Yes, Max. Yeah, the 737 Max. I have no idea what it is. No, I can't even begin to claim that I have any idea

Craig 6:07
Such a 50 year old design and what's been happening over the years is they've been making a minor changes kind of, you know, few changes of the time. So the whole jet airliner has not had to be retested. So for instance, right now they added this system that people are saying like be the problem could be the problem. Boeing saying it's more along the lines of the pilots weren't trained enough, they only had a few hundred hours of flight time. But inside these airplanes are systems that were designed 50 years ago. And so this expert is saying, Hey, listen, this could be a real problem because the GPSs from 20 years ago, cannot handle the rollover the guy's name is Bill Malik. He's a VP over Trend Micro which is a basically a security company and he's concerned because these GPS systems aren't just to use in things like airports and airplanes although I'm sure in pretty much every case the airplane have been updated, right? I'm I don't have a problem with flying on April 6 personally. But we also have these embedded systems that are used for their clock source for that signal. And they're using everything from traffic control systems through a computer systems. Some of the older ones, the bridges, some of the automatic bridges that we have in Maine, like one going down to New Hampshire that that goes up and down based on what the traffic is on the on the water below. A lot of these systems are based on using clocks from GPSs. So Ken we could have a Y2K type problem with anything with an older embedded GPS in them on April 6. And it does bring up the problem of, again, updating our software, our firmware, our hardware, you know, when was the last time you updated the software in your firewall in the router in your home. This statistics on the more or horrific. People just aren't updating them. So it brings it to light. And yeah, GPS could be a problem. And you might even have it with your car GPS, if you have an old GPS for your car. It might just plain old completely stopped working on April 6.

Matt 8:38
And we're talking to Craig Peterson, our tech guru joins who us on Wednesdays at this time to go over what's happening in the world of technology. Craig, I had a little bit of a car issue a while back a couple weeks ago had to get somebody to basically break into my car and reprogram a fob which he was able to do by basically plugging in a little computer to my car. And about 30 seconds later, he had now taken over the entire security system and it was able to start it remotely and basically we had complete and total control over the car by plugging something in. Is my car a little vulnerable to being taken over by surreptitious evil people trying to steal it in some fashion, or maybe perhaps taking it over for other nefarious purposes?

Craig 9:25
You know what kind of car I drive, right?

Matt 9:29
Yeah, like an old one. Yeah.

Craig 9:30
1980 Mercedes diesel okay. There is missing electronics on it. Yeah, actually, you are. And it's yet another reason to lock your car. Because if they get can gain access to that little computer port inside, many of the cars can be totally hacked. Now, the manufacturers are trying to keep that technology kind of secret. But man is it gotten out and it's in the hands of even people that change locks, you know, the fob you talked about. But we've got this week as a British firm. They're called Pentest Partners. And they had heard about some vulnerabilities with some of the smart alarms that people have been putting in their cars. So they did some testing. And they've come out with a warning and they're warning is that they found that the Viper Smart Start alarm Viper Smart Start alarm, which I'm sure many people here have in their cars get is great to start your car get warmed up in the wintertime and get into a nice warm car. But the Viper Smart Alarms as well as product from Pandora where they're making, not Pandora, the radio app that you might be using, but Pandora, the guys that make the smart alarms. Both of them are riddled with flaws. According to the report. That's a direct quote from them. And it turns out that the manufacturers had inadvertently exposed around 3 million cars to theft and users to hijack. Because what they can do is without even having access to that computer port in the car, they're able to get on remotely and do anything that that smart alarm could do and do it to your car. And it turns out even more than you think the smart alarm might be able to do just like with your car Matt where he could get in and do a whole bunch of different things inside your car. These can too and they found they could remotely hack the car that they could then from that car not only unlock it or start the engine but if you're driving down the highway in that car, they could control the accelerator so they could take you for ransom, floor the car have that car going full speed down the turnpike as fast as it could possibly go with you sitting behind the wheel unable to do anything about it you know. Burn outs, your brakes, etc. So there they did a live proof of concept demo, they could do geo-locate the target car using the Viper Smart Start account. Built in functionality. They set off the alarm so that the driver went out to investigate and stopped, activated the cars and mobilizer once it was stationary, remotely unlock the cars doors. They clone the key fob. They issued RS commands from a user's mobile phone. And even worse, they discovered this function in the Viper API that remotely turned off the cars engine. There, these devices can do a whole lot. So check your smart alarm, your smart remote start, see if it's vulnerable, what the vulnerabilities are not all of the vulnerabilities I mentioned are true for both of these alarms. But they have been shown in the past. We've seen Chrysler's be able to be taken over. Remotely driven off the road. But the hacker had to have access to the car first. Now we're seeing that some of these smart alarms have way more access than we thought they did. And could turn out to be very, very dangerous.

Ken 13:15
We are talking to Craig Peterson, our tech guru. By the way you can go to https://CraigPeterson.com anytime you want to know anything about technology. Thank you, Mr. Peterson. We'll talk to you on next Wednesday at 7:38.

Craig 13:27
Hey, take care. Gentlemen, I want to make one quick warning. Before I go. Google has now issued a warning to everyone to abandon Windows 7 right now. They say there's a major security problem with Windows 7 there. Google is advising you to upgrade to Windows 10. And this is a kernel vulnerability problem. Local privilege escalation something.

Ken 13:55
I think I have Windows 7.

Matt 13:57
I think I have Mac.

Ken 13:58
But I have Windows on my Mac.

Matt 14:00
That's old.

Craig 14:00
Well, it's true for that too. So if you're still running Windows 7, if this isn't the siren call to upgrade, quote unquote, to Windows 10 do it now. But you might be better off and upgrade to a Mac. That's what I did.

Ken 14:14 
Yeah. But I have a Mac but have Windows on it.

Craig 14:16
Yeah, but you're still gonna have to do it. You're gonna have to upgrade your Windows on your Mac that's living in the VM or the dual boot loader

Ken 14:23
That's living in VM. That's where it's living.

Craig 14:26
Yeah. Which is good that helps keep it separate but you're gonna have to upgrade it. This is bad, this is really bad.

Ken 14:33
Okay, thanks for the warning. 

Matt 14:35
Craig Peterson. Thanks a lot. Alright, we are going to take a quick break here are we not?

Craig 14:41
Hey everybody. Plan is to be here  tomorrow and Friday as well with my security thing, you know, it's just a security thing. Well, how does it matter, right? So hopefully I'll be able to get those done today and we'll get those out. But it's stories of individuals and companies who have been hacked or who averted a hack, what happened? What they did? And what could have been done better about it?. So if you're enjoying those let me know. me@CraigPeterson.com.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 19, 2019

Craig is on with Danny Farrantino once more on the Jim Polito show. They talked about the GPS security flaw that is worse than the Y2K bug which could cause havoc in a lot of computer systems on April 6th. 

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

'Gps Systems Will Be Struck By Y2k-Like Bug On April 6': Security Expert Says He Will Not Fly On 'Day Zero' After Governments Warn Global Devices Will Reset Due To Calendar Glitch

Google Recommends Windows 7 Users To Upgrade To Windows 10 If Possible, As A Kernel Vulnerability Allows For Local Privilege Escalation On The Operating System.

No Guns Or Lockpicks Needed To Steal Modern Cars If They're Fitted With Hackable 'Smart' Alarms

--- 

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/19/2019

Major Problems With GPS - Car Security Systems Hackable

Craig Peterson: 0:00
Good morning. Craig Peterson here. I was on this morning with the Jim Polito show. It was actually Danny because Jim is on a tour. He is over touring in Italy. He was in Venice yesterday. And he's going on to Ireland. He sounds like he's just having a great time. So Danny and I chatted this morning, and I did some explanations here of GPS, what it is, how it works and how it's going to affect you. I think this is much better explanation than I did last time on the radio. Oh, well. Anyways, here we go with Mr. Danny Farrantino.

Danny Farrantino 0:35
Yes, by now. You know what that music means? Time for Tech Talk expert, Craig Peterson. And Craig. GPS systems are going to be struck by a Y2K bug. Come on, this can't be real.

Craig 0:48
Hey, good morning, Danny. Yeah, this is a real problem. And most people don't understand what's going on. And this is something I wasn't even aware of just a week and a half, two weeks ago, before I came across this. You know, we've been having these issues with the airplanes, right? And, and the Boeing jet that has been grounded pretty much worldwide. And the reason for that seems to be new software, some new systems and things on board. But you know, how long ago that base airplane was designed, Danny?

Danny 1:23
I do not, Craig, know. But I'm sure you do.

Craig 1:27
About 60 years old. 6 zero years old. Yeah. And what's been happening. And this is common for airplane manufacturers. But what's been happening is they make small changes to the airplane and they get it approved. So the whole plane doesn't have to be rechecked. And they eventually end up with a situation like today, where it's no longer the pharaohs boat, for those of you from law school, remember that story. But we will get into that right now. But the here's the problem we're looking at today. GPS has been around for many, many decades now. And of course, it works by having satellites up in the air above us and and in in space, and they send a signal down and our GPS units pick it up. Well, that signal is actually a primarily a clock signal.

Craig 2:25
Have you ever been ever heard something loud in the distance, like lightning? For instance, right?

Danny 2:31 
Yep.

Craig 2:31
And you see it before you hear it usually, right? What happens with lightning? If you see it and hear it at the same time? How far away is it?

Danny 2:42
Pretty, pretty damn close.

Craig 2:45
Exactly, you know, the closer it is between seeing it and hearing it, the closer that lightning is. So that's the same basic way that GPS works. All of these satellites are in orbit, they're all in a fixed spot. The software knows exactly where they are. So the satellite identifies itself, and then sends a high precision time code. So satellites that are further away the time code is going to be older than satellites that are closer to you, they're going to have a newer time code. So that's how GPS works. And sitting there listening to those times code and deciding, oh, that satellite is further away than that satellite. And it's so much further based on this real high precision time code. So there you go. There's a geek moment of the morning. But the problem that we're looking at right now is these older devices, including older airplanes, bridge control systems, systems that change traffic from one direction to another direction at a certain time of day, many of those relies heavily on GPS, not to position themselves necessarily, but to get an accurate time. So they will they want to know when 3pm is why not listen to those high precision atomic clock that are being broadcasted all over the world?

Danny 4:14  
We have one here.

Craig 4:16 
And you do exactly. Now I have one at my house, do we use them to synchronize all of our computers' clocks. Well, older GPS systems have an overflow problem. I know you mentioned earlier this morning Y2K. And we were very worried about Y2K, because many programmers like myself programming in the 70's and the 60's, we were too worried about whether or not 70 meant 2070 or 1970. We knew that 70 meant that our clock or our timestamp was really 1970. And so we had that two digit year, here comes 2000 that rolls over, there were some problems but it wasn't catastrophic. Well, how about all of these embedded systems, when was the last time you upgraded the firmware in your car?

Craig 5:09
When was the last time you updated the firmware in your firewall or your router. And hopefully, you do that pretty frequently. But I can tell you 99% of people never ever touched them. So about two weeks ago, in San Francisco, there was a conference, a security conference, and there was an expert out there saying that he will not fly, he will not get in an airplane on April 6. And the reason for that. And this by the ways of VP over at Trend Micro and Bill Malik is his name. And the reason is because the counters in the older GPS systems are going to overflow on April 6. It is going to reach the end of their counters are going to ramp back to zero.

Danny 5:57
So in theory the GPSs might not be set up properly. And you,yeah, I know, it makes sense why you might not want to fly that day.

Craig 6:03
Exactly. So there's more than him that just isn't going to fly that day. But this is a warning that was initially issued in April 2018. We have all of these older systems, and then some of them are guaranteed to have problems on April 6th. Hopefully, none of our airplanes do. But this could this could be real catastrophe. He's saying, now Trend Micro, they deal a lot with computer security systems. And, and, you know, maybe, maybe he's trying to get a little bit of news. But I know personally that the GPS systems that were made 20 years ago were very primitive. They're embedded in all kinds of devices. And the risk here is substantially greater than the risk we had with Y2K because the Y2K bug, there were very few systems that could, if they failed, cause people to die. These GPS systems that are embedded could cause people to die. And April 6 is the day. So fingers crossed, the manufacturers and owners of all these systems have taken care of it.

Danny 7:10
So that was my next question then. So here's the big question is what's being done to either prevent this, or we just waiting till April 6 and saying waiting to see what happens?

Craig 7:20
Well, there are a lot of companies that waited until January 1, 2000, to figure out if anything was going to happen. This time around. I think there's a lot of companies that aren't even aware, including government agencies that aren't even aware that there could be a problem. So there's certainly a lot of companies that have taken care of this already, some government agencies that have but if there is 20 year old hardware out there somewhere and think about military systems. And again, think about airplanes, 20 year old hardware, is it going to have this problem. Commercial airlines, I would expect to all of them have taken care of this problem. They've looked into it, these aren't idiots out there. But when it comes to some of these systems that are sitting in the back corner, just plugging away every day. That's where I'm getting really worried.

Craig 8:09
Well, that's it. You have that from Craig. Moving on though, I do want to hit a couple more topics before we have to let you go. The hackable smart alarms turns out, thieves may not even need a key or tools to steal your car from that one.

Craig 8:22
Yeah, this goes back again to so many businesses, just not being aware of the security implications of what they're doing. Car security alarm companies for years and decades. I remember buying these things in the 80's right and earlier, they were very simple. And if a switch was thrown, the alarm went off. Nowadays, they're putting APIs, application programming interfaces into their software, and just all kinds of smart technology. And we now have some penetration testing companies, including one over in the UK called Pentest Partners. They've been looking at these smart alarms after they heard about a problem. So they found that the Viper smart alarm and products from Pandora who makes alarms were riddled with all kinds of security flaws. And they found that they could steal a car fitted with any of these affected devices. They could steal them, they could shut off the engine and talking about wrecking havoc, they could cause the cars to go into full throttle mode while they're out on the road. Which means if you want to kill a lot of people and create a lot of havoc, sounds like it's simpler than we would hope.

Danny 9:42
There's a lot more than just stealing a car. It's taking complete control of that cars there, Craig.

Craig 9:48
Exactly. without doing anything, you know, we had the Chrysler problem where you could hack their entertainment system and take over the whole car, but you had to have physical access to that Chrysler car in order to do it. This doesn't require any physical access to the car. It can all be done remotely. 

Danny 10:09
It's certainly scary stuff Craig. Thank God, we have people like you keeping us safe. As always, we have so much stuff here. We never didn't get to somebody wants to hear more. What can they do?

Craig 10:18
Well, they can text me and I want to put one more quick warning in. Google's warning, everyone that's using Windows 7 to abandon it immediately. Windows 7. This is a warning out of Google and their security department. They say you need to upgrade to Windows 10 immediately. There is a huge security flaw with Windows 7. But you can text me 855-385-5553. That's 855-385-5553.

Danny 10:50
Standard data and messaging rates do apply. Craig, appreciate the time and we'll talk again next week.

Craig 10:55
Hey, thanks Danny. Take care.

Danny 10:56
As always. Craig Peterson there with some great stuff for us here on a Tuesday morning.

Craig 11:03
Hey, everybody. If you enjoy my podcast, make sure you let me know and subscribe. subscriptions is how we move up in the charts. That's how other people find us. So go to  http://CraigPeterson.com/iTunes. That'll take you directly to the 800 pound gorilla, which of course is Apple and you can subscribe right there. You can subscribe on almost anything frankly, I'm out there all over the place. And then once you subscribe. If you think I'm worth five stars, by all means, please put in a five star rating. I'd appreciate it. All right, everybody take care of we'll be back tomorrow from Maine.

---

Don't miss any episode from Craig. Visit http://CraigPeterson.com/itunes. Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We're really hitting it out of the park. This will be a great year! 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 18, 2019

Craig is with Jack Heath this morning talking about the tech side of Beta O'Rourke's campaign.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/18/2019

Technology Behind Beta O'Rourke Campaign

Craig Peterson 0:00
Good morning, everybody. Craig Peterson here this morning I was on with Jack Heath. And of course he is on dozens of stations here in the northeast. And I wanted to talk with him about politics because that's what his big thing is. Right? New Hampshire. Our state sport is politics. There's no question about it. Well, I found some really interesting things about what Beta O'Rourke is doing. And about the future of campaigning. It was fascinating to me to find out some just records that Beta had said.

Jack Heath 0:36 
Joining us now on the Auto Fair listener lines, Craig Peterson, our Tech Talk guy. And Craig, good Monday morning to you. How are you?

Craig 0:44 
Hey, good morning, Jack. I've been watching this of Beta O'Rourke campaign from a technology side and I found a bunch of interesting things about him. You were just talking about as money bomb, right?

Jack 0:56 
Yeah, I guess he's done well on the fundraising, right.

Craig 1:00
He has and I look back to what he had been doing during his race against the, you know, Texas Senator Ted Cruz and how did he raises money and I found an article online talking about what he had done. And it was one of the campaign workers. In fact, that was kind of giving this information out. But apparently what he ended up doing is beta took the same fundraising company that Bernie Sanders had been using in his run for the presidency last time against Hillary Clinton. And some of the people ended up leaving that particular agency. He followed them to a new agency. And then what he's doing is entirely a modern campaign. You know, back in the day, we used to send mailings out and get them in our mailbox every day, looking for money, trying to get people to, you know, get on board. And what O'Rourke's been doing is completely different? He does. He didn't have campaign field offices only had 10 of them across the entire state of Texas. He used social media and he got volunteers to put together what he was calling pop up campaign offices. He had almost 900 of them across the state of Texas. He was using advertising and is right now as well. Looking at his run up here before he announced. He had more than 330 different ads running just on Facebook to try and hone his message. See which adds brought in money which ads brought in people to sign up for his email list. Let me tell you, Jack this Beta O'Rourke is somebody who's really using modern technology in order to to build his base and bring in record amounts of money. The 38 million dollars he raised to go against Ted Cruz was just phenomenal.

Justin 3:00
And Craig you probably know this. But yeah, Beta O'Rourke is part of a hacker group in the 80s known as the Cult of the Dead Cow went back when hacker groups were less nefarious than they are now so yeah he's he's been involved in tech for a while here.

Craig 3:20
Well I remember that. In fact I hadn't heard about it for years Justin. The whole Cult of the Dead Cow and everything else that was going on and the time was when a hacker wasn't a bad guy. You know, hackers used to be people who were just hacking at code. They weren't professionals. They didn't really know programming that well but they like to do it. Nowadays. We call hackers you know that from back in the 80s we call people hackers who are people who just learned programming in 30 days by reading a book and go into a Microsoft site you know that that type of person but yeah, you're right. Justin. He was hacking back then. But back then we used to call bad guys crackers. And we used to call non professionals, hackers. Today we don't use the term cracker anymore. And hacker has nefarious overtones to it. I don't know if I explained that well or not.

Jack 4:19 
Well, one of the things I guess he's taken some heat on is something he had written as a hacker about hitting some kids while driving. And, you know, obviously, you know, all these candidates, speaking of social media, they're all gonna have to be very careful right, on what they say. or post or because everything will be sanitized for sensitivity.  Correct. You know, I just everything's scrutinized, but certainly he and others will more and more the way the electronics are changing will convert that to their campaign no doubt is because so much is now social media and technology.

Craig 4:50 
But look at Chelsea Clinton this past week where she was confronted by some of the some students and they were just jumping down her throat because of things that she said, and they were blaming her for the massacre somehow in New Zealand. And her words were extremely carefully chosen because Jack, you're so spot on things that we say even things we don't put up on social media, people are going to keep them. Just just last week we had two weeks ago now we had a leak of some audio from years ago that's causing a politician nothing but headaches. So yeah, I think everybody has to be careful because even if you're going to be a CEO of a company or some high level manager, things you said today even things you didn't post but someone else recorded you saying it, are going to pop up. Now in New Hampshire, we are not a two party state so it is illegal unless they change that law. Recently, it is illegal in New Hampshire for you to record someone without their knowledge and permission. But believe me, people are filming everything, recording everything. And stuff you say it's going to come back to haunt you.

Jack 6:00
All right Craig Peterson, good stuff good stuff this morning. Http://CraigPeterson.com, our Tech Talk. Thank you Craig.

Craig 6:08 
Hey thanks Jack.

Hey, I have a quick question for all you guys and gals listening on the podcast. I've been doing my security thing podcast just you know, couple of week and I've been including them in this podcast stream and I'm thinking about continuing that and then maybe even expanding it and putting it up on YouTube as well as video What do you guys think? Do you think that that's something be worthwhile letting you know about security incidents really kinda like a little bit of a deeper dive into the news. Let me know. me@CraigPeterson.com. I'd be really interested to know if you think that would be useful. I think it'd be useful for you but you know, you have to put a lot of work into it. So at least I'd like some validation, right. Just Me@CraigPeterson.com. Do you think I should go ahead and put together a little YouTube channel? You know, it's a security thing. Take care guys. Bye bye.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

s 737 Crash - NSA Surveillance Program

Craig Peterson 0:00

Mar 16, 2019

Have you heard about sextortion?  We will talk about this type of blackmail scam and why it is so dangerous.  

Android vs. iPhone, what is your choice? Today, we're going to talk about it from the resale value side

What's up with GPS systems? Why are some experts not flying on  April 6?  I got some news and explanations for you.

And we have a report out of the UK, The Guardian about how easy it is to steal modern cars.  We will discuss why that is. 

Did you hear about the warning from Google this week? We will get to that and some other unexpected actions from Google

 

For more tech tips, news, and updates visit - CraigPeterson.com

---

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/16/2019

Duckduckgo For Search - Google Advisory On Windows 7 - Cars Hacked Via Their Security Systems

Craig 0:00 
Hi, everybody, we're up to show number 998.

Craig 0:12

Does that mean we have to do something special, coming up here in a couple more shows? I can't believe 1000 weeks worth of shows. I don't number my shows based on the,

Craig 0:21

you know how many times I've appeared or how many times I've put podcasts up. Because I do, sometimes five. I've done as many as a dozen different podcasts in a week before. So I don't add them up like that. I'm talking about 1000 weeks on the air, on the radio. That is absolutely fantastic. It's frankly, it's just so exciting. I'm glad that it's happening. Well, today, we are going to be talking about sextortion. You might have seen this, I had one of the listeners reach out to me about this just a couple of weeks ago. And in fact, it happened to me, as well. We'll talk about Android vs. iPhone. This time, we're going to talk about it from the resale value side. GPS systems, April 6, I got some news for you. Some experts have decided they're not going to fly on April 6th, explain why. And we have a report out of the UK, The Guardian about modern cars much easier to steal than the old ones, and why? Google has a very big warning out this week that will get to. And Google did something else that was not expected by a lot of people. Google has quietly added Duck Duck Go as a search engine option for Chrome users. This is about 60 different markets globally in this is really big news. Because the chromium engine, of course, is made by Google. And you know, already the Google is very big in the search engine space. So, having them promote, which is what this effectively is doing. Having them promote competitors is a little bit of surprise to everybody out there. Now, chromium, I mentioned this a few weeks ago, which is the underlying technology for Google's Chrome browser is being adopted by Microsoft, they are completely shooting their own browser projects in the head. And they're building it all on top of chromium now, which I think makes a whole lot of sense. So does that mean Microsoft now is going to be using Duck Duck go, let me explain what this is? For those who are wondering, Duck Duck Go isn't just a kids game from 50 years ago, or probably longer than that, actually duck Duck go is a search engine. And it is designed with privacy in mind. I've had the founder of Duck Duck Go on my radio show before we talked a little bit about what he was doing. This was some years back when he was first getting started. And I'm actively promoted since then. And since using it, frankly. But people are saying, well, Duck Duck Go is the search engine to use because it is not tracking what you're searching for. It's just giving you kind of general advertisements, just like Google used to 10 years ago. And other people are saying, Well, why would I use Duck Duck go when Google has, frankly, better search engine technology, which it does, in many ways. Google has been able to invest a lot of money into its search engine technology and Duck Duck go just really can can't, at least not to the level that Google can. Now some people who are kind of skeptical, myself included are thinking that maybe Google did this with chromium in order to avoid some of the antitrust scrutiny. The anti-combines laws that are in Canada, UK much throughout the Commonwealth, but it is good news for people

Craig 3:59

I use Duck Duck Go as my first go to choice when I'm searching online, it doesn't track you it, I kind of like it, it doesn't always give me the results that I really need or really want. So for those types of results, sometimes I'll end up going to Google and check there. And I use Bing for some types of searches to. I find bings image search to be a little bit better, in some ways than Google Search. Bing doesn't have the reverse image search that Google has. But you know, all in all, I think it's pretty good. There's another pro-privacy search engine out there called quant I've used that before q, w, a, n t and chromium Google now offers that is another default. So you might want to look at that Duck Duck Go and QUANT and QUANT, by the way, is only available as a default over in France, which is where QUANT is from. But you can always just go to Q U A N T dot com or Duck Duck Go dot com. And you can use it in almost any browser out there as a default, and it's been added in I'm looking through the list Canada, basically all of our neighbors, I don't see Mexico on here. That's kind of interesting. See the UK, US Venezuela is, you know, if they get power back down there, they'll be able to use it. Good old socialist countries, right. So anyways,

 

Craig 5:30
it's been growing for years, it's really quite good. And this Chromium instance, available on GitHub, if in case you're a developer is worth looking at. I also when we're talking about Chromium, I got to make sure I mentioned my other browser, my favorite browser for privacy. And that's the Epic browser. E-P-I-C. And I think on today's coaching call, we're going to end up talking a little bit about that Epic browser. Because a lot of people are kind of concerned and confused. And the Epic browser also uses Chromium as a code base, which I think is good, because Chromium is kind of those standard but it also just dropped a note down for myself. But it also has the types of security the DuckDuckGo has, in fact, it's kind of tied in hand in hand, it has VPN routes through it used to just be Indiana out routes through a whole bunch of different places. So check it out. E-P-I-C, browser.com. Epic browser.com online and use DuckDuckGo whenever you can, for your searches. If you want to try and keep things a little bit on the private side. And if you're very paranoid, your best bet mom depends on how paranoid right if you're like crazy paranoid, we're you know, we're not going to talk about that right now. I could help you out. But if you're more paranoid do the other thing I do, which just switches it up, use different search engines use different browsers use different machines when it comes to banking because I don't want many my banking information to be stolen. And I got to get back to some of what I'm doing some of it. Some of it I'm not if you're interested, let me know might be worth doing a masterclass about you know how to do this, how to do it for free even and keep your banking information safe. So I should write a little note about that. Well, we have a warning from Google, we're going to get into that right now.

Craig 7:33
Well, our friends at Google have been paying attention to security for a while, if you have the latest versions of the Google Chrome browser, you're getting automatic updates. It's a technology that Firefox Mozilla people have been using for a long time.

Craig 7:48
And these auto updates are absolutely fantastic. It can just save you a ton, not only of time but not having to apply the updates. But you know, security people can break in and drive-by download, you know, all the crap that happens when you're online. So Google has been very good about updating their Google Chrome browser, the Chromium underpinnings and you know, they get updated as well. But then the browser is really where they're most interested. Well, now, Google is warning people about Windows 7, you know, if you're listening for a while, that a month or so ago, Microsoft told you to ditch to drag Internet Explorer into that trash can and never use it again. You know that right? Number two now with Google out here is Google's recommending Windows 7 users to stop using Windows 7 upgrade immediately to Windows 10, if at all possible. And this is because of something called a kernel vulnerability. The kernel is the core part of the operating system. The kernel is where everything happens, really the kernel is how all of the processes talk to each other, how they can access hardware resources, like the disk, or the camera, the microphone, the speakers, everything on your computer ultimately goes through what's called the kernel.

Craig 9:18
Wow. Well, the third analysis group is explained that Google's discovered two different security vulnerabilities, one in the Google Chrome browser. And the other one in Windows. The Chrome bug was already patched. But Windows 7 not yet fixed. Now this month, the Patch Tuesday from Microsoft has a doozy set of patches, a whole bunch of them, Microsoft is fixing all kinds of major flaws and vulnerabilities in their software. I don't think this particular fixes in that patch set. But it'll be out sometime, I'm sure Microsoft saying the vulnerability is in the Win32k.sis kernel driver. And it can be used as a security sandbox escape. Now, this is getting all rather technical, but sandboxes are where you set up a basically a way to execute software that nothing else can get access to. And it can't get access to anything else as well. So you use sandboxes for security. And having a major security problem with the security sandbox obviously is very big. So here's the statement we strongly believe this vulnerability may only be exploitable on Windows 7, due to recent exploit mitigation to added newer versions of Windows, Windows 10, and eight, all the Windows 10 has the most fixes. They've done a lot there.

Craig 10:53
They're trying to make it as good as Mac OS. It'll be a while before they get there. But they're almost to the point that Unix was at 20 years ago. So you know, kudos to Microsoft. To date. Back to the quote to date, we have only observed active exploitation against Windows 7 32 bit systems. So the note from our friends at Google and their security research team is get rid of Windows 7 upgrade to Windows 10 as soon as you can. Microsoft says it is working on a fix. They are publicly disclosing the existence they're saying it is a serious vulnerability. So they're admitting it no big deal. There will see, By the way, Windows 7 is reaching the end of support the end of 2019, it's actually January 2020, read it however you want. But you've only got months left before Windows 7 will no longer get patches unless you pay Microsoft a king's ransom. In other words, our federal government will be spending a lot of software with Microsoft. I'm sure in the years ahead. It's still paying Microsoft to support Windows XP. Isn't that crazy? Let's talk about our new cars for a second

Craig 12:19
We talked last week a little bit about our cars and insurance with autonomous vehicles. What does it mean? When are things going to get better? When are they going to get worse? Well, we have more smart in cars today. They have something called CAN bus which links up all of these computers throughout the machine throughout your car. You know, most cars nowadays and more modern ones, they don't even have a connection from your stereo to the speakers directly. There's no amplifier in there. It's all going over this network in your car, little land in the car. Well, that means that computers are there and they can be exploited. We have already seen that we saw a hack that went through the radio in some of the Chrysler products and allowed people to remote control Chrysler cars if they use this hack on their radios. So it is a concern. I'm not sure they've addressed it all well enough and not just talking about Chrysler here I'm talking about everybody gets me very concerned. There's been issues with BMW and others in the past as well. Well, there's a British infosec company called Pen Test Partners and they found that the Vipers Smart Start alarm and products from Pandora were riddled with flaws. And these flaws allowed them to have an attacker steal a car fitted with one of these devices. So if you have a Viper Smart alarm, the Smart Start alarm, which I do know people who have this. I'm gonna have to reach out, let them know individually case they're not listening today. But the Viper Smart Start alarm and products from Pandora allow cars to be hijacked. And now here's from a blog post about they're finding from Pen Test Partners. Before we contacted them, the manufacturers had inadvertently exposed about 3 million cars to theft and their users to hijack.

Craig 14:28
This is a very, very big deal. This was really started because of Pandora's alarms. The company noticed that their security was advertised as being on hackable, which is a bad thing to say right? What's on the hackable. So I guess Pen Test Partners took that as a challenge. And they found an API, which is this application programming interface and some simple parameter manipulation that allowed them to be able to change the Viper Smart Start user's account password, registered email addresses, giving them full control over the app. And the car that the alarm system was installed on. All they had to do was send a regular web post request to the API with a parameter email redefined to one of their own choices, and that overrode the legitimate owner's email address, and now they had control over the account. So there you go. Okay, major issues using the apps ability to clone the key fob issue RF commands from a user mobile phone. And they dug into this little bit more, by the way, and they discovered a function in the Viper interface that remotely turned off the car's engine. So the pen or a big also allowed researchers to remotely enable the car's microphone so they could listen to eavesdrop the conversation on the occupants. And they also said the Mazda 6, the Range Rover Sport, the Kia, what is this, Course I guess. The Toyota Forerunner, Mitsubishi Pajero, Toyota Prius 50, and the Rav4 all appear to have undocumented functionality present in the alarm API to remotely adjust the cruise control speed. So it goes on and on car, security remains poor, and you don't need guns, you don't need lock picks, to steal modern cars, or to even to cause them to crash. I wonder if, if any of the crash investigators might look into this, if they realize, wait a minute, there's a remote controllable API in this car, maybe we should subpoena the court records from the manufacturer of the device and poke around a little bit and see if maybe someone manipulated it and told the car to floor it down a back road Street, we're going to have to get a little smarter about some of this stuff, right? Even though the criminal investigations. Well, let's talk about April 6 here. Wow, this is something I wasn't even aware of this until just this week.

Craig 17:21
Of course, I was aware April 6 was coming people, okay. Don't give me a hard time about that. Because, you know, I gotta remember April 8, which is my anniversary, right? So I don't want to mess this up. April 6. Anyhow, I knew the 6th was coming. And it's certainly getting close. But this has to do with GPS systems. If you remember, 1999, if you were doing programming, if you were involved with computers back then, it was a scary time, many people kind of predicted the end of Western civilization. And they weren't totally wrong about that either. Western civilization could really have come to an end because of what was called the Y2K bug. And it was because of programmers like me, in the 70s and 60s that wrote software that said, Well, if I want to figure out the time between this date, and that date, all I have to do is use it two digit year, and those two-digit years, going to take up less space in the storage. And if you have a million records, times two more digits, which typically would be 2 bytes, then well, that's, you know, 2 million more bytes of data, which at the time was a whole lot of data. So we took shortcuts, and one of the shortcuts was storing the year as just the last two digits. So we didn't worry about the 19 part, we only worried about the 79 part or the 99 part. So there were a lot of predictions about software. And I knew a guy who started the company that was designing software to specifically look for this Y2K flaw and fix it. Of course, as it turned out, there were some problems, they were relatively minor. But most of the companies out there are certainly the ones that were in business realized that Y2K was coming and made some basic adjustments so that there wouldn't be a big problem. Many people expected, they're not to be another problem until maybe the year 10,000, right. So instead of Y2K, in the future, we're probably not going to be around. But in another 8000 years, we got another rollover. Well, that's not the case.

Craig 19:43
I have been aware of what's called the 2038 problem. Because in the Unix world, there's a timestamp the Network Time Protocol uses and many machines user, which means by the way, Windows uses us to synchronize times, well, that particular clock is going to roll over in the year 2038. And that's most likely to affect embedded systems. Now, there are fixes already in place, and many versions of Unix that are out there Linux and some of these other derivatives that are have already taken this into account. And then, of course, there's bad programmers that really don't realize all of the implications of what they do.

Craig 20:27
They've always existed and they'll always exist. In fact, I think in many ways, it's getting worse than it was before, you know, the bad programmers that is.

Craig 20:34
But maybe that's because I'm just getting to be an old man, right? been doing this for too long. So we know that the Y2K problem was real. And in most cases, it was fixed, that 2038 problem is real. Most cases it will be fixed, although again, we're going to be affecting embedded systems and most, In other words, those that don't get the software update one was alive last time you upgraded the software in your car, or some other physical device to clock on your disk. Hopefully, none of it's going to be life-threatening, because some systems are using Unix that is embedded systems. Well, there's another one, this is the April 6

Craig 21:18
bug. And this has to do with the GPS and there are some security experts, including one guy over at RSA. And RSA does a whole ton of security work. They provide some of the algorithms that run public key systems. They have little key fobs, little devices that have a timer on them, you've seen them before. It's a little number that rolls over every minute or so. And you might use them with your banks, etc. Well, those guys are the guys that are now warning about this April 6 problem. They talked about it at a security conference just last week out in San Francisco. And he says that some of the older GPS systems are going to be in serious trouble. Because the computers in these GPS systems are going to have counters that flip back to zero. So they are going to literally run out of time reaching the end of their counters. And that really could cause some major major effect. This guy here. Bill Maliki's there's another guy he's a VP over Trend Micro, they do a lot of computer security, cybersecurity. We've used some of their stuff in the past, he told the media that he would not be flying on April 6 and suggests that it could be bad, it could be a lot worse than Y2K was because the effects are going to be more widespread, widespread because many more systems have integrated GPS into their operations. And many of these are embedded systems ports. He's talking about here, loading unloading containers automatically, using GPS to guide the cranes. Some of those systems could be affected in the cranes are going to shut down. Hopefully, public safety systems use GPS traffic monitoring systems for bridges, the bridges that raise and lower automatically the ones that change the lanes ever been on one of those roads were part of the day. This lane is northbound. The other part it's southbound, you know, 20 years ago, these GPS systems were really important primitive shape, and they were embedded. So the impact on this could be even greater governments have issued warnings to state and private sectors to update their technology. But some of these systems we not, we're not even aware of how some of these work that companies have gone out of business, there's no way to get an update. Nobody really realizes their GPS in there. Because you remember, GPS isn't just used to locate you. GPS is used to locate because it uses very fancy high-resolution timers. And the way it works to locate you is it listens for the satellites to send a clock signal.

Craig 24:24
So each of the clocks will announce what time it is. And because the satellites are different distances from you, you will hear the time at different times. Right? You know, that if someone's yelling at you from across the room, have you here or you see a gunshot and range you will see the gunshot before you hear it. Right. Well, if someone fires that gun, right next to you, you're going to hear it instantly correct. So you know, that the the guy that fired the gun, and it took a second for that Soundwave to reach you, you know, that guy's further away than the guy who fired the gun. And immediately you heard it. Well, that's how GPS works using extremely high precision timers. So another thing people do with GPS signals is they use it to get a clock source. So many computers are using GPS receivers to figure out what time it is. So the systems are reverse traffic that controls bridges, etc, etc. Many of them are sinking their clocks and their timers up to GPS. And when it's an embedded system that hasn't been updated, we could have some serious serious problem couple of real quick things here before we go today. And of course, you'll find these articles and many more up on my website. http://CraigPeterson.com. I have also been doing a special podcast called It's A Security Thing, you're not going to find it unless you look for me because I haven't split it out yet. But in it, I'm talking about these types of security issues, things in the real world. This week. I was talking about a CPA firm what they did to respond to a cybersecurity event two weeks ago this happened, what they did right what they did wrong and you will find all kinds of these things are posting them almost daily. Now at my website, there's a special section, http://CraigPeterson.com. So make sure you have a look at it. We are writing all of these articles ourselves. These are not references to other articles. There might be links to other articles, but these are really great. If you're interested in cybersecurity and finding out more you'll find them on my home page again, http://CraigPeterson.com and it's all small businesses. It's all things that did right things that did wrong and what happened and they're all very, very current. So check it out. You really really should and wearing sending include some of those also in my weekly email. If you're not a subscriber /http://CraigPeterson.com/subscribe. Apple is crushing it on resale value in their laptops. But also the iPhones they destroy the Android iPhone X versus a Samsung Galaxy S9 Wow, iPhone X was 1000 bucks when it debuted, it's still worth 700 9 months later. So that's a drop of 30% the Samsung Galaxy S9 costs 720 but it was worth just $290 and drop 60%. So consider that too. When you're looking at the prices of devices what you should be mine and by the way, you should be buying the iPhone. Hey, have a great week. Make sure you check us out online. http://CraigPeterson.com. Take care everybody and we'll be chatting again next week. Bye-bye.

--- 

Related articles:

'Gps Systems Will Be Struck By Y2K-Like Bug On April 6': Security Expert Says He Will Not Fly On 'Day Zero' After Governments Warn Global Devices Will Reset Due To Calendar Glitch

Google Recommends Windows 7 Users To Upgrade To Windows 10 If Possible, As A Kernel Vulnerability Allows For Local Privilege Escalation On The Operating System.


No Guns Or Lockpicks Needed To Steal Modern Cars If They're Fitted With Hackable 'Smart' Alarms

Sextortion Scammers Target Employees

Google Has Quietly Added Duckduckgo As A Search Engine Option For Chrome Users - Privacy

iPhone Crushes Androids On Resale Value

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 15, 2019

It's Friday. Time for another Security thing. Today, Craig discusses sim hijacking, how to protect yourself from it by hardening your cell phone against these sim hijackers.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/15/2019

Sim Swaps - Hardening Your Cell Phone Against Sim Hijacks

Craig Peterson 0:00
Hey, good morning, everybody. Craig Peterson here with another Security Thing.

Craig 0:13
And this morning, we are going to be talking about a guy out again, this is also I think it's in California. Yes, it is California. And this happened just last month, in fact, sentencing March 14, 2019, and this is what's called sim jacking. And it's being used more and more. You know, we are conscious, many of us that our personal information is out there that we really should be keeping an eye on it. We really should be making sure that our personal information is protected. So what do we do? Well, we put new passwords up, user accounts. We're using 1Password, we're using Lastpass. But there is a big vulnerability for many people.

Craig 1:05
Some websites support two factor authentication, also known as 2FA, and that's a wonderful thing. But the problem is, many of them only support a type of two factor authentication that uses your cell phone to identify you. They send a text message and SMS message to identify you and who you are. So you will go on to the website and you'll enter your username, your password, and then it'll say, okay, we just sent a code to your cell phone. What's that code.

Craig 1:41
Now, there are much better ways of doing this with two factor authentication. We use USB keys, we use something called Duo on our phones.

Craig 1:51
So a special message comes through to our phone to an application on her phone that pops up, we have to authorize it. We have biometrics turned on as well, so that it's a lot safer. But we're handling other people's data, right, our customers data, then if you're handling customer data, or employee data, you should be doing something similar.

Craig 2:12
Well, in this case, Joel Ortiz was doing something known as a sim swap. And he was able to use to steal $5 million from people there at the school and elsewhere.

Craig 2:28
What he did is he stole the phone numbers of people that had cryptocurrency accounts.

Craig 2:39
How do you do that? Well, it's actually pretty simple. If people's accounts aren't set up properly, all you have to do is call the carrier, you know, AT&T, Verizon, T Mobile, whoever might be, called the carrier, pretend to be the person and do what's known as a port out, you know, how you can change your mobile phone company and still have the same phone number that is called porting your number and a port out is where you call your current provider and say, I'm moving my number out of your service and into another service that's a port out. So what he did is he had 40 victims.

Craig 3:24
He called up their phone companies and said, Hey, I'm moving to a new carrier, he provided the sim number for the new phone he wanted to port it to, and they, of course, just went ahead and move the phone number over for him. And you can do it quite simply, you don't have to change carriers, you can just say I have a new phone, I have a new SIM card and they will port your phone number to that new SIM card.

Craig 3:50
Then what the guy did is he went online to the crypto repository, if you will, where this Bitcoin is cryptocurrency was stored and he tried to log in, recover my password, they sent the reset to the phone number, which he had control over. And he used that to steal about $5 million in cryptocurrency.

Craig 4:15
So he's getting 10 years in prison, but it doesn't have to be cryptocurrency. This sim hijacking is being used for all kinds of fraud.

Craig 4:27
So here's what you need to do. To prevent this. First off, you need to harden your account with your mobile phone provider. Make sure you turn on something like a pin and that you have on your  account. AT&T lets you add a pass code to your account at AT&T. Verizon is now requiring every customer to have a pin or password as a primary authentication method. Because remember, they can call using your caller ID even before they do the port out. The SIM hijacking T Mobile has what they call a port validation feature. It's a pass code separate from the usual pass code. Sprint offers a separate pin you can use. So take a minute, do it right now call your cell phone provider directly.

Craig 5:20
Explain that you're worried about criminals taking over your phone number and ask about whatever kind of increased security they might have to protect your account. And then the second thing to do is never link your cell number to your online accounts. Now, I know in many cases, it's impossible not to. They require your cell number. I'm thinking about PayPal here right off the top of my head. And that's always bothered me. They don't have good two factor authentication. All these not that I could find going online. If you know about it, let me know. Send me a note in text me 855-385-5553 and let me know.

Craig 6:01
But take a minute remove your phone number from any account that could interest hackers. And you know, PayPal is one of those isn't it.

Craig 6:09
Use something like Google Voice which is a voice number that is sim hijack proof because there is no sim associated with it.

Craig 6:21
That's what I've gone to. I'm using a voip number for the verification number. So you obviously have to protect a number using unique password two factor authentication. Making sure doesn't expire if you don't use it regularly. But there are a lot of steps that you can take a look at your Gmail, Microsoft, Apple, Twitter, Instagram, Facebook and Amazon account. Anything else that you have, go into your security settings, and try and use something like Google Authenticator or do oh as I mentioned do Oh, do you Oh, is something that we use here for my business to protect our information and our customers in formation and if you'd like to know more, let me know maybe we'll put together a master class for you guys little free class but you gotta let me know if this is something you think I should do 855-385-5553

Craig 7:14
Just text me right there and let me know or just email me@CraigPeterson.com. Let me know that you'd be interested in learning more maybe some step by step to stop sim hijacking on your accounts. All right. Take care of the body. We will be back tomorrow with a full radio show my half hour show the turd on terrestrial radio in New Hampshire, Maine, Vermont, and also Massachusetts.

Craig 7:44
So take care and of course it's here on podcasts as well. Bye bye.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 14, 2019

It's time for another It's a Security Thing. Today, Craig talks about the malware attack on the office of CPAs Martin Hutchison and Hohman.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles 

---

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/14/2019

Martin Hutchison And Hohman CPA - Missed The Signs And Got Hacked

Craig Peterson 0:00
Hey everybody. Craig Peterson here. We got another little security thing. It's a security thing for you and man alive. This is something I've seen happening more and more. We've got warnings out from the federal government about this scam. This is a scam. I know personally, a lot of people have gotten nailed for. I have a letter sitting in front of me from some Certified Public Accountants. It's Martin Hutchinson and Hohman and it is a firm out of Eureka, California. Yeah, a they released, I'm glad they did this in California, it is required by law. And that's true in many states. In fact, the module and I'm just finishing up right now in my security course that I've been writing and delivering. We talk specifically about all of these different rules and regulations. There's 47 different sets of them on the state level in the US. But this is from their notice of data breach, and it goes on this letter goes on for about two page I am pages. I am not going to read this whole thing to you. But I'd be glad to send it to you if you're interested. But here's what happened to them.

Craig 1:27
February 15, 2019, while trying to resolve an email failure. With our email host Suddenlink I was directed to a website that gave a phone number to call for immediate assistance. When I call this number, the technician stated, he could certainly help he requested access to my computer to understand the issue with the email. So so far, we're talking about having an email problem. How many times have we seen this people, email problems happen all the time. But I pick up more hands because they're having an email problem. So he had email this company sudden link and then he was directed to this website. So he calls them up. So next up here, he requested access to my computer to understand the issue with the email after I installed the software necessary to give him remote access to my computer, he pulled up some IP addresses on my computer screen and stated that this was the reason for the email failure. I should point out, this is a very, very common tactic, they'll usually drop down into a shell, they'll get a net stat, they'll show the interfaces on your computer. And this is far beyond even that little thing far beyond what most people understand. But it's enough to really give them a little bit of a leg up. So this guy pulled up some IP addresses. He then insisted that in order to fix the problem and prevent viruses from attacking, I would need to allow him to install a program on our office's network server, I told him no, and at that our local computer technician would be contacted to deal with this. Now, again, we see this all of the time, most of these local computer guys are not able to handle some of these bigger problems. But I gotta tell you, I was impressed with what happened and what his local computer guy did. At this point. He stated that back to the letter that only a Microsoft tech such as himself would be able to do this, this was a red flag is I thought I was dealing with this Suddenlink technician. At that point, I quickly disconnected my computer from the internet. And from our office network. I then uninstalled the remote access software, I had allowed him to install and turn the computer off. This entire interaction lasted less than eight minutes. So here we go. Martin Hutchinson and Hohman, certified public accountants, Eureka, California, and they are admitting to what happened. Now, he did do the right things here, things were a little suspicious, he thought it was sudden link. So his first mistake was calling the phone number that was listed on the website that the email directed him to what he should have done is he knows he's getting his email through Suddenlink, he should have called them up directly, look up their website, call that number and make sure he talked to somebody he knows a name, he recognizes over there in Suddenlink Okay, that makes sense. So that was his very first mistake. So now he's on with this guy. And this guy asked him to install some remote access software. If you're dealing with us as a managed security services provider, we already have software installed on your machines that allow us to monitor the security to look into problems. So if you're on the phone with them, and they say, Hey, we need to install some software, there's your next alarm, don't allow them to install software. They should have whatever's needed on your machine already. Now, you might need to enable it, it should be, you know, a little pop up and say, Hey, so and so's requesting access our software when we request access pops up and says that so and so from mainstream is taking control of the computer. So it comes up on the screen, it stays on the screen. We can't get rid of that message. You can't get rid of that message. You know, we're on with you at that point. Okay, so there, there was his next little alarm bells should have gotten off. Now he did have one go off because he did realize that Microsoft technician such as himself, this was Suddenlink but you know, Microsoft does do some certain certifications. And maybe that's what the guys referring to but shutting it all off made a whole lot of sense. So he unplugged the network cables in his computer. Nowadays, a lot of these computers are hooked up to Wi Fi, which is a bad idea, by the way for businesses. But he pulled those computers out there absolute right thing to do. He tried to install the software. My last module that I put together and teaching talks about security breaches, he should not have done that he should have immediately hit the power button and then disconnect the cables and set the machine aside for a professional cyber forensics person to have a look at this because there who knows what happened, right? There could be a lot of things that happen that could have had data exfiltration, this might be something that the FBI or local law enforcement is interested in, you need to preserve the state of the machines, that was another mistake that he made. And then the technician came out and the technician told them, Hey, this is a known scam. And the technician ended up replacing the hard disk in the machine because he said, this was a very sophisticated piece of malware that had been installed on the machine.

So there you go. It's a security thing, a lot of stuff you should know and do. And again, these CPA guys, they did a decent job. They missed a whole bunch of red flags. they handled the post hack if you will post attack incorrectly. His computer guy handled it incorrectly. But now you know better don't you you know a little bit more about what to do. So that's today's security thing. I'm Craig Peterson. You can find me online. http://CraigPeterson.com. And make sure you subscribe to the newsletter to stay on top of this stuff. And this podcast. And you can get the podcast by going to http://CraigPeterson.com/iTunes. Hey, have a great day. We'll be back with another security thing.

Craig 8:03
There's always something to talk about. I just don't always have the time take care. Bye bye.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Message Input:

Message #techtalk

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 13, 2019

Craig is on the WGAN Morning News with Ken and Matt. Joe Reagan sitting in for Ken this morning. They talked about the new cameras that can spot a shoplifter even before the steal something. They also discussed autonomous cars and their impact and risks.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

These Cameras Can Spot Shoplifters Even Before They Steal

Automakers Could Give Police Control Over Your Self-Driving Car

Self-Driving Cars Might Kill Auto Insurance As We Know It
---

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/13/2019

Artificial Intelligence Our Safety And Privacy

Craig Peterson 0:00
Hey, good morning everybody. Craig Peterson here on this morning with WGAN. Ken was out. So we had Joe Reagan in this morning along with Matt and we had a little bit of chat about a couple of things. The new AI stuff, Joe had some interesting points today. I enjoyed having him on. But AI and what does it mean to us when from soup to nuts here shopping, police, our cars, etc. so here we go with the guys over at Maine's number one morning show.

Matt Gagnon 0:36
And we're back again. 7:37 on the WGAN Morning News with Ken and Matt. Joe Reagan is in for Ken today and Craig Peterson is on the line with us as he would be typically on 7:38 on a Wednesday. So Craig, are you this morning?

Craig 0:50
Hey, I'm doing good, Matt. What? 737 once you just leave it alone. Come on, guys.

Matt 0:55
Sorry. I know. A little early this time. So anyway, let's start with our technology topics. Of course. As always, sir, I think the first one I'd like to deal with frankly, is is cameras, right. Spotting shoplifters before they even steal. So basically, we're talking about what Minority Report here they get, like future future crimes, pre cognition. The cameras are basically I assumed, you know, keeping tabs on people and can predict when they're gonna steal what's happening here?

Craig 1:26
Yeah, this is part of an overall trend that we've been seeing over the last year or two. We have had in London, of course, we know right, it's the most surveilled city in the world. They are tracking you everywhere you go. They're using facial recognition. And they are using it also to listen listen for bullets been fired, we have that New York City as well. They know instantly when a gun is fired, where was fired, we have now software that's being used by many every major city in the Western world now, that is predicting where crimes are going to be taking place. And in all of these cases, it's kind of ok, still, right? Because basically, if there's an area of the tide crime, you want the police there, right. And it's kind of a normal thing. Now, we also have California doing yet another wacky thing, which is instead of having to go in front of a some form of a magistrate or judge to get bail, and then you post bail, and you can get out assuming you're not a big risk to the community or flight risk. California has decided that they want to get rid of bail bondsmen entirely. And they just want a computer program to decide who gets to get out on on basically on bail. And it's it's really concerning now, as we give more and more power to computer systems which just aren't fallible, if he wants to any Wi Fi show, right. You know, that's true.

Matt 3:07
Bad idea.

Joe Reagan 3:07
And then great. You know, one thing that's come up a couple times is that when you talk about how these computer algorithms are doing this, so we talked about predictive analysis for shoplifters. A lot of that is based on correlation. And so therefore, one of the critiques of the systems is that it will it actually is discriminatory against usually racial minorities that might be at a statistically more, you know, our might be punished by criminal by crime more often. And so, it's, it's, it seems like it almost turns itself into a, I guess, a self licking ice cream cone, where it's just, you're just making it worse for people. And it's not actually doing predictive analysis in terms of someone's intentions, but actually trying to make judgments based off of past events. 

Matt 3:51
I would like to see a self licking ice cream cone. I would be quite...

Craig 3:56
Joe, you brought up a really good point. Do you remember Microsoft came out with this little Twitter bot that they had designed to use machine learning

Joe 4:09
How can I forget? Like yesterday. Yeah.

Craig 4:11 
Yeah, you remember this thing? And what it did was.

Matt 4:13
Yeah. Turned into Skynet in like 10 minutes. 

Craig 4:18
Exactly. They had it monitor all these Twitter feeds. And what did it come back as it came back to as a nasty racist, and it was it was just crazy. Well, and your point about, you know, predictive correlation, etc. is a good one, too, because when you start looking at this in what Matt brought up here was this Japanese startup called Vaak that takes security camera footage and does predictions. So you take this and say, well, is this computer system going to turn into a racist like Microsoft computer system did because it notices that most of these crimes are committed by people who have black hoodies on that are covering the faces of black hoodies. And from a cultural standpoint, that particular type of dress is, is a minority is, is wearing that type of a dress. So now all of a sudden, the system that's supposed to be looking for general body language, general trends is now looking at someone that walks in that's dressed a certain way and automatically, bam, it's accusing them of being potential shoplifters. Now, today, what Bloomberg is reporting is this system is being designed. So that is alert security and security goes over and asks the shopper, hey, do you need some help? And that alone is enough for most cases for them to stop the potential shoplifting that might happen, which is a big deal guys. We're talking about $34 billion in retail shrinkage. It's a biggest source, in fact, to shrink. And so it's a very big deal. But my gosh, where's this all going? We get more and more of this. And we're not anywhere near artificial intelligence yet everybody. And what's going to happen everything so far as Matt pointed out is basically turned into Skynet.

Matt 6:20
Yeah, absolutely. We're talking to Craig Peterson, our tech guru who joins us at this time to go over what's happening in the world of technology Okay, so another one that attracted my attention on our news list here today is the potential future in which cops can take over my self driving car obviously self driving cars are inevitable you can be terrified of it if you want to listener who's listening to this right now, but it's coming and you're gonna have to get ready for it. So when you finally are forced to drive your self-driving car when you get pulled over the cops can just like take over your car man. What's what's what's happening here. The is this like, be going to be like some sort of stealthy thing bill into all new cars. You think?

Craig 7:02
Well, that's kind of where we're going right now. And you look at what happened a couple of weeks ago, in Hawaii, there was a big conference out there. And they were talking about ethics and the ethics of artificial intelligence. And one of the things they brought up was our, you know, home devices like our Alexas, our Google Home devices, etc. Should have built into them some artificial intelligence that automatically calls the police if it detects something that that just might not be a great home environment, right. As always can figure that out. We already have these really cool things that reminds me of the Fast and the Furious, these remote control little little cars that the police can use. And they drive them underneath the car of a flame suspect. And they set off a small electromagnetic pulse which disabled the engine because of course, all these new engines have computers in them. Have you seen these things?

Matt and Joe 8:09 
Yeah, yep.

Craig 8:10
Yeah, little RC cars, and they'll do 80 miles an hour. So in that case, obviously they're damaging the cars. They just burned out the computers. And now we have people who are driving a semi autonomous cars, for instance, the Teslas and there's a lot of Teslas on the road here in Maine. And they have this kind of semi-auto pilot thing. And the idea is you can have it kind of take over the steering wheel. And while you're on the highway, it'll stay in the lanes. It'll drive down the road. And if the cars in front of you slow down, it'll slow down. It really kind of makes you a really good patron of the roads is the idea and Elon Musk has announced that come next year, he's going to have a software upgrade for the Teslas that makes them 100% autonomous. But in case now we have a couple that we know of, we have drivers that have fallen asleep. And this one case the driver as reported by Bloomberg in December last year was drunk. Fell sound asleep behind the wheel of his Tesla. His auto pilot was engaged and the police were chasing them down the freeway. I'm not sure exactly what they noticed, probably a sleeping driver. Might be something that's worth noting. And they will try to get this car to stop it couldn't wake up the the so called driver, the occupants of the vehicle and so they ended up having to box the car in. They had, you know, you get four police officers, the car has to slow down because the cars around it or slowing down came to a stop. So what do you do. The police are suggesting and Bloomberg's suggesting that maybe what should happen here is the the cops should be able to not only have the car pull over to the side of the road and stop, but they're talking about rerouting cars, as well as been able to force them to pull over. So I don't know, Matt, maybe when you're driving that car down the road, the police will just do that. Let's say Hey, take you right to the local police station. And because you're under arrest and all the doors locked.

Matt 10:24
So you're suggesting to me that is that the whole OJ chase thing in 1991 or whatever is the thing of the past. We'll never see that again.

Craig 10:31
Yeah, exactly. When was the last night you fell drunk on the road?

Joe  10:36
Well, you know that reason is your question because whether you're talking about a vehicle that is fully autonomous or partially autonomous, it raises questions, and this is one of the insurance industry has dealt with for some time is how do you deal with damage that's incurred from mechanical issues, whether that be a computer glitch, or some sort of actual mechanical glitch where the operator may or may not be 100% responsible for something that's happens, I get it soon. This is really changing the dynamic of of how the insurance companies using auto insurance,

Craig 11:06
it will in this case, when you're talking about that, Joe, you were talking about 90% of the risk, because right now, 90% of the accidents when they've been been investigated afterwards were attributed to some form of human error. So if you get rid of that 90%, if it's no longer the human who's driving who is causing the accident, or at least a large contributor to the accident, where does that liability go? Because, again, human or you know, involvement here, right? Human risk from the driver? Well, there are humans and I'm assuming I, you know, I got a little implication for what you're saying. I'm assuming that you're also including the humans that wrote to the software. You know, they don't go after the guy that designed the switch that failed on the car. And that caused, you know, I just contributing to an accident. They don't do that nowadays, right? They might go after the manufacturer, they might try and get a recall on the car, get that switch replaced, get that switch repaired. But that guy that misdesigned the switch doesn't go to jail doesn't face criminal charges. What's the future going to hold when now we don't even have most of these car companies making their own software, Apple got rid of their autonomous vehicle division, at least the guys that were going to make the cars and they've decided they're going to make the software so they're not going to make all of the software there's already dozens of computers in modern cars. There's a lot of different software, a lot of different companies. Joe, my gosh, your head's going to explode when you get right down to it and think about where does a liability go? Who has to get insured? How long is this stuff going to get tied up in the courts and you know, Washington DC in state courts and and legislatures. This is this is the hugest part of this huge new problem we're going to be facing with autonomous vehicles. All right.

Matt 13:16
Craig Peterson, our tech guru joins us at this time to go over the world of technology every Wednesday and today is no exception. Craig appreciate it as always, and we will talk to you again next week.

Craig 13:26
Hey gentlemen, take care.

---

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

Mar 12, 2019

Craig is on the Jim Polito show with Danny Farrantino filling in for Jim. They talked about the AI, artificial intelligence, that the government is using to track and determine would be criminals, the risks of it, and President Trump not renewing the NSA surveillance program.

These and more tech tips, news, and updates visit - CraigPeterson.com

---

Related Articles:

National Security Agency Halts Surveillance Program Because Trump Won’t Renew It

These Cameras Can Spot Shoplifters Even Before They Steal
--- 

Transcript:

Below is a rush transcript of this segment, it might contain errors.

Airing date: 03/12/2019

Risks Of Government Controlled Artificial Intelligence

Craig Peterson: 0:00
Hey guys, Craig Peterson here. Hope you're having a great morning. This morning, I got to talk on the Jim Poliito show with Danny, the producer, because Jim is overseas. He's touring around Italy and France and a few other places, send it in little daily reports. But we talked this morning about the dangers of these new artificial intelligence systems being used by government and now being used by police department in California by the guys that used to be able to set bail and whether you get out on bail. And retailers to kind of save them a few bucks, in fact, billions of dollars by stopping shoplifting. So here we go with Danny.

Danny Farrantino 0:49
Who knows what that music means? It means it's time to get a little techie. And National Security Agency, the NSA, it appears Craig may be stopping some of these surveillance programs they've been doing over the past few years.

Craig 1:05
Yeah, this is a really interesting thing. And by the way, you know, Jim's over there. And obviously he's looking to see what are the people thinking in Italy and France? And what did they think of Americans, as you just mentioned, and I'm not sure that anyone's really thought this through. Because if somehow we're thinking that Jim is a good representation of your average American, there might be an issue there, Danny.

Danny 1:36
Well, unfortunately, my producer Steve out in Western Mass, told them all he needed to know was Prego, so he texted us this morning. And everyone in Rome thinks he's pregnant. He doesn't know what's going on.

Craig 1:51
Anthony. Alright sounds good. Well let's about the NSA program because this is astounding. It is not being covered in the general news out there. But it is a very, very big deal because the National Security Agency has been tracking Americans for years and years. That program was substantially increased during the Obama administration. And there were spying on every communication we had. They were collecting metadata, and they could use that to figure out where you were, basically figure out who you were, who you were talking to, they were recording calls, etc, etc. So President Trump comes into office, and all of a sudden the NSA decides what they've been doing might have been illegal. And so illegal in fact that some of these records that they knew they had collected that were way outside what the law allowed for. They deleted so they deleted like three years worth of data collection. Well, now, here we are, in 2019, this program, which was authorized under the so called USA Freedom Act, I love it, how they name some of these terrible acts like they're they're just wonderful patriotic things. But anyways.

Danny 3:12 
It's for the people, Craig.

Craig 3:14 
It is for the people. It requires reauthorization of the end of this year. And apparently what's happened is the NSA has decided that since President Trump doesn't like this program, and he doesn't like Americans being spied on illegally, that he is not going to renew this program. Now, this is this whole program that we found out because of the so called whistleblower and all of the data that he had released and very scary thing. But we found out about this and that the NSA is apparently going to dish this whole program, which they apparently have not had a single conviction because of this program. And we're talking hundreds of millions of dollars and actually, they were collecting so much data. Danny that in drove up the price of hard disks.

Danny 4:12 
Because they were taking them all. Wow.

Craig 4:13
Yeah, because they were taking them absolutely. So we found out about this from a guy named Luke Murray. He's a national security adviser to the House Minority Leader Kevin McCarthy. So in other words, we found out about this program going away. We found out that President Trump didn't like it that it probably wasn't going to be reauthorized from an assistant here to the House Minority Leader it's it's fascinating all the way around. Obviously the democrats have something to do with this as well because they may not pass it through the house President Trump doesn't like it he's already had a lot of this stuff shut down. Thank goodness they are finally starting to pay attention to what we the people want which has to be free in our communications in our papers to have privacy. You know we can give it up all we want to go to Amazon and Google and Facebook but that's us given it up it isn't our government spying on us?

Danny 5:15
Yeah, you know, some people making the argument well, if you're not doing anything wrong, who cares? But it's just kind of the general principle and then not only that, Craig but as you say, if they've had zero convictions with all of this data they've collected what what good has it done?

Craig 5:28
Yeah, it really hasn't done any good and when it gets down to that argument of well if you have nothing to hide but take a look at what's happened with the Mueller investigation where Muller excuse me investigation was thinking Bueller right Ferris Bueller. But with a smaller investigation where they were not investigating a crime they were investigating people and that's the sort of thing that happens in socialist governments if we know fascist, communist all versions of socialist I'm where you are investigated. And as has been said, show me the person I'll show you the crime. So if they if the government has all of this information, and with the hundreds of thousands of pages of rules, regulations, laws on the federal level, my goodness, the last half of the last year of the Obama administration we're talking about 50,000 new pages of regulations. We you know, my wife was a police officer and she said in the academy, she was a state trooper, in the academy they were told before you leave your home in the morning the on average you violated two to three laws having all of this just makes it so they can strong arm anyone and convict anyone of anything and that to me, that's just very scary.

Danny 6:50
Well, it brings up a point of you saying the government watching and me trying to find crimes or whatever else moving over to Japan. Now Japan trying to solve crimes before they even take place.

Craig 7:01
Yeah, this is a you know, something that we were warned about. Right. It's been a theme of, of our science fiction movies for many many years, you know, pre-crime with a Tom Cruise movie and many others that are out there but this is a whole new type of technology. We know that in in socialist China that they're monitoring everybody they've got cameras everywhere. They've now got this whole social credit thing. And if you say something negative against the government if you jaywalk, they're monitoring you. They know who you are, and they're taking away your right to travel because of what you say, if you're not politically correct. In China, you can even get on an airplane over there. It's really gotten bad. We're now looking at pre-crime in the US where we have  computer programs that have been analyzing all of our violent crime patterns. And the police are are sending police officers excuse me and investigatory teams into areas where the computers are saying, there's likely to be a crime here. I have real problems with that because, again, it's a computer. But I have even more problems, Danny, when in California, they're trying to get rid of bail bondsmen and in fact, they're trying to get rid of bail entirely. And what they're doing in California is they said, well, we've got a computer program and we'll just feed in all of the data about you. We'll feed in your social network comments. We'll feed in your travel history. We'll feed in your criminal history, and then the computer is going to come up and decide whether or not we should release you.

Danny 8:58
Oh, that sounds like a smart idea.

Craig 9:00
Isn't that brilliant? Now, how can you challenge that? You know, the computer program was written by programmers, are you going to be able to hold them into court? Are you going to be below examine every line of code? In fact, the people that wrote the programs are saying no, you can't have access to our source code, its proprietary. So now you're going to be judged by a piece of computer software that you cannot bring into court. You know, you can challenge a traffic ticket, but you can't challenge this in California. And now what you're talking about, I think in in Japan is this cameras being tied into yet another computer program. And these cameras are deciding whether or not they think to look shifty. Whether they think that you might be a shoplifter. So there they can tie into pretty much any computer or excuse me, any security system that's out there, and this software, it's a kind of a machine learning, AI and it's, again, out of Minority Report. And what they're saying is that retailers in the US and UK are, are are losing money, right, though they're losing about $34 billion a year in lost sales because of shoplifting. It accounts for about 2% of revenue. So in an industry where the margins are quite thin, it could save them a whole bunch of money. And so they're turning to this computer program that's going to watch you and decide whether or not it thinks you might be a shoplifter. Now, right now, they're saying the right way to do it is if it's if it's identifying someone that's looking around that that seems to have some body language that might indicate that they're shoplifter, they're saying, well, just send security over and ask that person if they need any help. And almost all always just having that person realize that they're being watched is enough for them not to shoplift. But what's the next step? You know, Danny, it's one thing to have socialist countries monitoring us. As President Trump pointed out, we're not a socialist country, well, at least he has, right? And having these technologies in place just makes it easy, that easy for the government to do things that take it to the next level of private business. Again, it's one thing for them to monitor you to warn you, but this is really getting me more and more concerned. When should computers be monitoring us? And what should they be doing? I don't mind them monitoring me for symptoms of a heart attack, because I'm wearing an Apple Watch and it might save my life. But the rest of this I'm I just don't like.

Danny 1:55
Especially when a lot of it is I guess, per se, at least an Apple Watch that's giving you a hard target data where something like this machine in Japan is we think maybe might be you might be guilty.

Craig 12:08
Yeah, or the software they're using a New York City to pre-place the police officers are in California to decide whether or not you might be a flight risk. It's we're going that way, Danny, it's going to be happening more and more. You got to bet that the legislature right here in the Commonwealth is looking at something like this pretty seriously as a way to save money and and track people maybe stop crime. I don't know where do we draw that line?

Danny 12:37
Unfortunately, you know, you want to keep people safe. But you also want to give people their own personal personal space as well. So and unfortunately, that line is very thin as you say Craig. Craig as always great stuff. Of course, we only got to about half of it. People want to hear more. What do they do?

Craig 12:52
All right, everybody. I am back to working on content here delivering on this huge course on cyber security, DIY cyber security. Anyways, take care. Have a great day. Bye bye.

---

Don't miss any episode from Craig. Visit http://CraigPeterson.com/itunes. Subscribe and give us a rating!

Thanks, everyone, for listening and sharing our podcasts. We're really hitting it out of the park. This will be a great year! 

More stories and tech updates at:

www.craigpeterson.com

Don't miss an episode from Craig. Subscribe and give us a rating:

www.craigpeterson.com/itunes

Follow me on Twitter for the latest in tech at:

www.twitter.com/craigpeterson

For questions, call or text:

855-385-5553

1 2 3 Next »