Tag: Technology

IRS Labeled Email Could Contain Ransomware

There’s a new strain of the “Rapid Ransomware” making the rounds, and because of how it’s being transmitted, it’s destined to have a higher than average rate of infection.  The new strain was first discovered by Derek Knight. It is disturbing because it claims to come from the IRS, and will feature subject lines like “IRS Urgent Message-164.”

The body of the email then goes on to say that the recipient owes some amount of money in real estate taxes, and “helpfully” includes instructions for how to settle in the attached file.  Inside the zipped file, the user will find a word document.  You’ll need to click on “Enable Editing” to see the file, and unfortunately, the moment you do, you’re doomed.  “Rapid” will scan the target computer for data files and encrypt them, appending each with the “.rapid” extension.

As soon as the malware finishes encrypting your files, it will automatically open “Recovery.txt” which will display details on how much you’ll have to pay the hackers to get your files back.  Unlike most other ransomware strains, this one will configure itself to start every time you login to the computer, so if you pay the ransom to get access to your files again, but fail to completely remove the malware, you’ll be facing the same problem the very next time you use the machine.

Observant users will take note of the fact that the email address is not a .gov and likely not be taken in. Unfortunately, many people will look no further than the subject line and immediately begin following the instructions contained in the email, which is obviously the reaction that the hackers are hoping for.

As ever, protecting yourself from threats like these comes down to two things:  Education and vigilance.

Traditional Hard Drive Technology Is Evolving

Rumors of the death of HDD technology have been greatly exaggerated.  The advancement of solid state technology and its increasing rate of adoption has been largely responsible for this, but don’t count old school HDDs out just yet.  They still have many important advantages, and recent breakthroughs should add further to the longevity of the tech.

Right now, the biggest advantage that HDDs have over their solid-state counterparts is sheer size.  While it would be prohibitively expensive to purchase 20+ Terabytes of solid-state storage, getting that amount (or more) of HDD storage is a trivial undertaking, a fact that it’s impossible to discount.

Even more exciting though, consider the recent breakthrough in 3D nano-magnets.  These were invented at the University of Cambridge, and stand to completely change the game. They allow data to be stored and processed in three-dimensional space, which will not only increase HDD storage space exponentially, but should see similar gains in terms of speed of access.

Another exciting recent breakthrough is a new magnetic system that turns heat into motion, which could be used to power miniaturized IoT sensors and actuators.  Such a system could also be applied to HDD technology by using the heat to power lasers, which would write data using the heat from the system itself, leading to an incredible boost in operating efficiency.

Finally, consider the invention coming out of the Imperial College of London.  Researchers there have figured out a way to write magnetic patterns onto nano-wires, which the research team claims could mimic the function of the human brain.  While this technology is still in its infancy, imagine the possibilities of having a computer, or even parts of a computer (like your HDD) powered by something that mimics the function of the human brain, and the dazzling possibilities that open up.

All that to say, while HDD tech might be a little long in the tooth, it’s not dead yet.  Not by a longshot.

40 Percent Of All Login Attempts Are From Bots

Here’s a statistic that is as disturbing as it is frustrating.  According to the latest “State of the Internet/Security” report for the fourth quarter of 2017, as published by Akamai, bot-traffic accounts for a staggering 43 percent of all login attempts.  As bad as that figure is on its face, it’s far worse for companies in the hospitality industry, where the figure is an almost unbelievable 82 percent.

The reason?  Hackers are increasingly using bots to perform “credential stuffing” attacks.

Although human traffic still dominates the web, bot traffic is rapidly catching up.  According to Akamai’s estimates, not counting streaming video, bot traffic accounts for 30 percent of the total, and that figure increases every year.  In fact, even though bot traffic is still a minority in absolute terms, some industries already see more bot traffic than human traffic.

TicketMaster is a great example of this.  The web’s premier site for purchasing concert tickets online is almost unusable by humans these days, because virtually all of their traffic is bot-driven, with bots often being used to buy every available ticket the moment they become available, so they can be resold later at a hefty premium.

Akamai’s Martin McKeay had this to say about the report: “Increased automation and data mining have caused a massive flood of bot traffic to impact websites and internet services.  Although most of that traffic is useful for internet businesses, cyber-criminals are looking to manipulate the powerful volume of bots for nefarious gains. Enterprises need to watch who is accessing their sites to differentiate actual humans from both legitimate and malicious bots.  Not all web traffic and not all bots are created equal.”

These are wise words, and it bears some consideration.  How much of the traffic coming to your business website on any given day is human?

Known Bug On Macs May Be Causing Lost Data

Do you own a Mac?  Do you use APFS “sparse disk images?”  If so, be aware that under certain conditions, your trusty computer may allow you to copy important data into the void where it will be lost forever, without giving you a heads up first.

This unusual error was recently discovered by Mike Bombich, the creator of Carbon Copy Cloner, which is a popular Mac backup application.  According to Mr. Bombich, the bug is only likely to impact a small percentage of users, but if you’re one of the unlucky few who lose important data, that’s going to be small consolation.

Here’s how the bug works, and where it can get you into trouble:

Let’s say you’ve created a 100 GB APFS-formatted sparse image whose data is stored on a remote network share.

Time passes, and you copy 90 GB worth of data to the remote network share, which leaves just 10 GB for use by your sparse image, but therein lies the problem.  The sparse image still thinks it’s got the full amount of space to play with.

At this point, if you copy a 20 GB file, the copy function will appear to succeed.  In the short run, you’ll still be able to access and open the file until you reboot your machine.  After restarting, 10 GB of the 20 GB file copy vanishes, and the file becomes corrupt and unusable.

Details of the bug have been forwarded to Apple, and the company is in the process of reviewing them.  At this point, no ETA has been given on when a fix might be made available.  Until it is, be very careful when using sparse images, because the system will let you copy your files right into oblivion.

New Apple Update Available for Character Bug Solution

Recently, another “exotic character” bug was found in iOS.  If someone sends this particular character (a special character that’s part of the Indian language pack) to your phone via any messaging app, it will not only crash your phone, but cause a variety of messaging apps to stop functioning.

When the bug was initially reported, Apple treated it as a somewhat low priority item and announced their plan to fix it with the release of iOS 11.3 later this spring.  The company’s loyal user base, however, had other ideas.  Faced with a growing chorus of demands for a more immediate fix, Apple has incorporated it into the 11.2.6 release which is now available.

If you’re set up to automatically receive OS updates, there’s nothing for you to do, and if you haven’t already encountered this issue, you never will.  If, on the other hand, you are in the habit of manually applying OS updates, this is one you won’t want to miss.  While the chances of someone sending this exotic character to you are quite low, there’s nothing to be gained by exposing yourself to needless risk.

Long time users of Apple’s products will recognize a trend here.  This is hardly the first time an exotic character or other unusual event has caused iOS to crash.  Just last month, there was a similar (though less serious) issue with another special character.  Last year, it was discovered that a properly formatted URL could crash any system running iOS.  Not long after that discovery was made, a five second video went viral that, if watched on a device running iOS, would crash it.

In any case, the user base spoke and Apple listened.  Grab the latest update and you won’t have anything to worry about.  At least until the next unusual crash bug is discovered.

Sim Cards Can Now Be Built Into Processors

SIM cards have long been a source of frustration for equipment manufacturers.  With the relentless drive to produce smaller and smaller devices, the SIM card is a hurdle to be overcome.  It’s relatively large, and when you account for the necessary housing, it becomes quite the design challenge.

That challenge seems to have been met, however.  ARM, a prominent chip design firm, has recently announced the development of the iSIM.  The iSIM is built into the processor, and according to the company, only takes up a fraction of a millimeter squared.  To put that figure into context, today’s SIM cards measure 12.3 x 8.8mm, so ARM’s new design represents significant space savings indeed.

There’s a catch, though.  Although the new design is ready, and is already in the hands of ARM’s business partners for evaluation, there’s no guarantee that cell phone providers will accept the new technology and incorporate them into the next generation of phones.

ARM doesn’t think this will be an issue, although phones weren’t at the forefront of the company’s mind when they developed the iSIM.  Their main goal was to build the integrated SIMs to help power the next generation of tiny IoT devices, but this, ARM contends, is the very reason why phone carriers will welcome the new technology with open arms.  After all, more devices connected to their respective networks means more opportunities to profit.

In any case, time will tell the tale.  ARM is expecting that their business partners will readily embrace the new technology, and we should begin seeing products on the market utilizing the iSIM by the end of this year.  This will be a fascinating innovation to watch. If it succeeds the way ARM hopes,, it will lead to the creation of a whole new generation of even smaller devices.

5G Cellular Service Is Beginning To Roll Out

AT&T has big plans for their future and yours.  If they’re your carrier of choice, and if you live in the cities of Dallas, Atlanta, or Waco, then you stand to be on the cutting edge of the changes the company has in store. Those locations have been selected to be the first to receive AT&T’s 5G network upgrade.

Often, whenever a new technology is touted, you hear the phrase “this changes everything” associated with it. However, after listening to an AT&T spokesman talk at length about the capabilities of the new 5G network, the phrase is much more than just hot air and wishful thinking.  From the sounds of it, it really does change everything.

Here’s what a company official had to say on the matter:

“We are working with our vendors on an aggressive schedule to help ensure customers can enjoy 5G when we launch the network this year.  We will add more 5G-capable mobile devices and smartphones in early 2019 and beyond.

After significantly contributing to the first phase of 5G standards, conducting multi-city trials, and literally transforming our network for the future, we’re planning to be the first carrier to deliver standards-based mobile 5G–and do it much sooner than most people thought possible.

What this means for our customers in these cities is that they will be the very first to access this next generation of wireless services.  The experience we’ve gained by leading the industry transformation to network virtualization and software control will help our customers to get the most out of 5G.  Ultimately, this means new experiences with augmented reality and virtual reality (AR/VR), future autonomous cars and delivery drones.

In order for these new experiences to become reality, you need mobile 5G powered by SDN and edge computing.  We’re making the cloud smarter, faster, and local.”

By all accounts, there are exciting times ahead.  If you’ve been thinking about switching to AT&T, this might be a good reason to do so.

Google Calls Out Microsoft For Security Issue

Depending on who you ask, Google’s Project Zero is either the thing that’s going to singlehandedly save the internet, or the bane of many companies’ existence.  It’s easy to see both sides of the argument.

On one hand, by uncovering previously undiscovered bugs in all manner of software and handing that information over to the authors, Google is undeniably performing a valued public service.  The problem has never been with the “carrot” side of the equation, always with the stick.

The stick is this:  Google gives each company 90 days in which to address the bug.  If they take no action during that time, then Google will announce the existence of the bug to the world, which of course, means that hackers everywhere immediately have access to a new exploit.

This approach often accomplishes what contacting the vendor privately does not.  Once the bug becomes common knowledge, the company in question is essentially forced to fix the problem, thus making the internet safer.

It should be noted that Google does allow exemptions to the 90-day rule.  If a company is hard at work on a fix and needs more time, Google has been known to delay their announcement.  In a similar vein, if a bug is simply catastrophic in scope and scale, the company has been known to make the announcement to help deploy resources of multiple companies toward addressing the issue.

More than 90 days ago, the Project Zero team discovered a pair of security flaws in Microsoft products.  One in their Edge browser, and the other in the Windows 10 OS.  One of the two got fixed.  The other did not, and Google called them out for it.

Needless to say, Microsoft is not pleased, and they have hit Google back for such behavior in the past. They scored a PR victory last year when Microsoft engineers discovered a flaw in Google’s Chrome browser, and contacted the company privately so they could fix the issue and then bragged about their more responsible approach after the fact.

It will be interesting to see what Microsoft does in this instance.

Lego and Alexa Team Up For Storytelling Through Device

In terms of toys, what could possibly be better than LEGOS?  How about LEGOS, combined with Alexa?  That’s the latest idea from Amazon, who has paired the unlikely duo in a newly announced service called “LEGO Duplo Stories.”  The new service (“skill,” in the parlance of Alexa) will be available on any device that offers Alexa support including Echo Dot and Amazon Echo. It provides a selection of stories with audio prompts that guide children in the construction of something with their LEGO Duplos that ties in with the story being told.

The stories are quite inventive, and change based on the responses of the children listening and interacting.  For example, one story involves going on vacation via plane, and based on what the children say they want to pack, the vacation destination will be either to a warm or a cool place, with various build instructions being introduced along the way.

According to the company, the goal is to use these interactive stories as a means of developing color recognition, social, and cognitive skills.

It’s an innovative approach, and an excellent use for a technology that is becoming increasingly common in American homes.  To access the stories, simply say “Alexa, open LEGO Duplo Stories,” then follow the prompts to begin the interactive experience.

Currently, the stories span ten different themes and work in tandem with existing Duplo sets.  It should be noted that you can still interact with the skill even if you don’t own a set of LEGOS, or don’t have all the required pieces (although obviously this will make it even more interactive).

James Poulter, the Head of emerging Platforms and Partnerships at LEGO, had this to say about the new offering: “Voice is such a powerful tool for play as it is one of the most human ways of interacting.  Long before we can type, read or control a device, we listen and speak.”

An exciting development, and it is available right now.

Hulu To Soon Offer Episode Downloading and Offline Streaming

Hulu recently announced that it would join both Netflix and Amazon Prime in allowing its users to download content to watch offline, but in Hulu’s case, it comes with a twist.

If you subscribe to the $7.99 a month tier, in addition to downloading the content you want to watch, you’ll also be downloading the advertising associated with that content.  It’s an important distinction because Hulu is structured quite differently from Netflix and Amazon Prime.

Much of Hulu’s programming is available on regular network television, and often airs the same day it does on the regular networks.  Consequently, ads on Hulu tend to command more of a premium than ads on the other two companies.

Combine that with the fact that Hulu gets most of its revenue from advertising, and you begin to see the appeal and the necessity of such a strategy from Hulu’s perspective.  Netflix and Amazon prime both have a deep bench of their own, unique programming which acts as a draw. However, Hulu is currently dependent on content licensed from others, which is why ad revenue is of utmost importance to them.

It should be noted that if you subscribe to the company’s $11.99/month plan, you can download ad-free content.

Either way, the ability to watch content offline is a big deal. This is especially important to frequent travelers who often find themselves in places with patchy internet service, or no connectivity at all.  In those cases, having access to offline content can be a real godsend that can mean the difference between a tolerable trip and a miserable one.

Kudos to Hulu for joining the ranks of Amazon and Netflix, and although there have been a few grumblings about having to endure ads, it really is a small price to pay for the flexibility and convenience.