Mar 30, 2016

Mar - 24 2016 | By

Paul announced that a dog has been found on Fri 3-25-16 at the South Yuba Club in Nevada City. The dog is a neutered male about 12 to 15 lbs. He’s an older black & gray Chihuahua mix. He has a microchip but “the numbers that are on it aren’t working” and he has no tags or collar. The person to call about this dog is Bill at 530-414-8711

 

Notifications of new show notes and edits are tweeted at: twitter.com/ddhart.
– They’re tagged with #Zentech.
– When what’s said is unclear to me (or I’m unfamiliar with a topic) I tend to quote (” “) verbatim.
– Editor’s comments are delimited by < >

For a limited time, the podcast of today’s show is here. Recent shows are here.

 

The intro music was by Pentatonix:

 

Paul was in the studio. We didn’t hear from Glenn.

 

Paul talked about microchips used to identify animals. This is a type of RFID chip that beams back its stored information when a scanning beam is aimed at it. A good signal can be obtained up to about 6′. There are a few different types of scanners, which aren’t compatible with each other. Most veterinarians have a complete set of scanners.

Older versions of these pet chips only contained a number that you used to query a database to find out who the animal belongs to. Newer chips contain more info such as a phone number. Paul speculated that the Chihuahua had an older chip and the database containing the number may no longer exist.
< Info on microchips.
An FAQ about pet chips.>

Americans With Disabilities Act (ADA) applies not only to physical access but also to websites. They’re supposed to be designed to make it easy for screen reading software to convey what’s on the screen in an audible form for people with limited eyesight. Many operating systems now come with the ability to read the screen.

Paul took us thru the steps to activate one of the accessibility options on an Android device. Go to settings -> accessibility -> Talkback. When it’s turned on, it provides spoken feedback to help blind and low-vision users. When it’s on, you can touch a function or application on the Android the first time and be told what it does (a good way to learn about your device). A second touch will perform the operation. Doing it on-air, Paul used an example from his appointment calendar — the voice read out that he had a Zen Tech show to do today.

Paul also noted that you can talk to your Android (for the PC a Mac you can install Dragon Naturally Speaking). There are 2 modes of talking to your machine — commands and data. You can tell it what to do (command) or input data, like dictation.

New Macs have built-in dictation but it’s not turned on by default. Paul thought that it’s under system preferences -> dictation -> speech. He said you can get more info at support.apple.com article ht203085.

Next, Paul spent a lot of time talking about trust on the internet. Can you trust a website that claims it belongs to the IRS or your bank? There is no absolute trust, only relative trust, he said — some things are relatively more trust worthy than others.

The example he used was finding out how to file your taxes for free, and he did a search for the words: irs free tax file. You’d expect to be taken to a an IRS website but he got at least 4 ads to places like Turbo Tax. Most looked legit but there’s only one that looked promising. It began with ‘https’ — meaning it’s a secure website. And the domain was .gov (irs.gov), so it’s supposedly a government website. He said he would trust this website more than the others, but still not completely.

Another issue of trust comes up with a site like Wikipedia. Paul read an entry about origin of the title of Paul Simon’s song ‘Mother And Child Reunion’ and wondered how much to trust it. Wikipedia is a collaborative effort with many people contributing to the various entries, any one of whom may skew the info to suit their agenda.

Paul mentioned an activist group called the Yes Men. They would go to press conferences as representatives of a petroleum company and apologize for the environmental damage ‘their’ company had done, illustrating, again, the issue of trust. Are they really who they claim to be?

Paul noted that even secure websites are only relatively secure. The ‘https’ in a URL means the owner of the website submitted an application for an electronic certificate to be issued for use on the website that would only work if the website was “delivering content according to the domain”. If the certificate was used on different website, the internet user will get a warning that though it’s a good certificate, it’s being used on the wrong website, and it will tell you the name of the site it’s supposed to work on. Sometimes this happens because the server is misconfigured — the domain is right but the host isn’t — e.g. it may be registered to secure.kvmr.org but it was being used on www.kvmr.org. The various companies that can issue a certificate, like Verisign, go to the trouble to verify the organization (e.g. KVMR) it’s being issued to.

Paul reminded us that even if we are using a secure session, malware, like keyloggers, can intercept our activity. And there is special equipment that can sense the variation in the electromagnetic radiation coming from a keyboard or the computer itself as you type, revealing the content.

Paul mentioned a great article by Dennis Ritchie “On Trusting Trust”.
<Maybe he meant – Reflections on Trusting Trust by Ken Thompson>

He also said the information leaked by Edward Snowden revealed it’s possible to subvert the security of a certificate so that a website, run by the NSA, can impersonate another website.

Brian called. He assumes that the internet provider hosting his website is secure. And he says his daughter and wife have their own accounts on the same domain. Also, he’s been careful not to open unknown email <to avoid malware, I assume>. Brian wondered if his account is safe if his daughter is not so judicious and opens malware in her account.
– No, not if she uses the same machine, Paul said. If something like a keystroke logger gets on that machine, then it will affect anyone using the machine.

Brian also asked about the FBI attempting to break into the San Bernardino iPhone. <More info in the 2-24-16 show> Paul said the FBI claimed they had succeeded in breaking in, but can you trust what they said? Brian said he’s heard that 12 companies have tried to break in that and one succeeded — Cellebrite.
<FBI Worked With Israel’s Cellebrite to Crack iPhone
The Apple-FBI Whodunit: Who Is Helping The Feds Crack The Locked iPhone?>

Joshua called. He was in Berkeley recently and opened his iPad in preparation for a conference call. He looked for some documents he had prepared and everything before March 1 2016 was gone. He just upgraded to iOS 9.2.1 at the beginning of March. He wondered if it was just the case of the new iOS not being able to read the older documents.
– Paul thought that’s not likely the case. It’s more likely something happened on iCloud — where the documents are stored online in the cloud.
– Visit iCloud at icloud.com. Login with your Apple ID. See if the documents are there.
– It’s possible Joshua never had the synchronization configured correctly on the iPad.

Ross called. He has a 5.1 unibody MacBook Pro with Snow Leopard. What he wanted to know is that if he wiped his hard drive clean and did a fresh install of the operating system from a disk, can he be sure that no malware survived.
– Paul said the level of assurance would be higher than doing it any other way. It’s a matter of how much you trust the CD is not infected — usually pretty high.

Last Updated 11:34 PM 3-30-2016

One thought on “Mar 30, 2016

Comments are closed.