Last Show Mar 14, 2018

Mar - 14 2018 | By

Steven Hawking no longer with us : (

How good is “Captcha” at stopping Rogue log-ins to any site(s)?!
V1 Captcha Shut Down…(reading road-signs and street names)
V2 Long Live That! Solve some Puzzles and Google will Remember you are NOT a Robot!
(Thanks for your patience, Alex!)

Air Gapped Security? Wazzat?
EternalBlue- the Exploit. Wazzat?!
WannaCry Ransomeware- SMB Defect & WinXP
CryptoMining Viruses and JavaScript, Etc.

Old IMac Linux– Whooppeee!
CALIBRE– Ebook Read/Convert:

WordPress: a Stable set of Plugins..
Google ReCaptha by BestWebSoft.. etc.
Yoast..

 


 

Notifications of new show notes and edits are tweeted at: twitter.com/ddhart.
– They’re tagged with #Zentech.
– When what’s said is unclear to me (or I’m unfamiliar with a topic) I tend to quote (” “) verbatim.
– Editor’s comments are delimited by < >

For a couple of months, the audio of today’s show is here. Recent shows are here.

 

Both Glenn and Paul were in the studio today.

 

It was a rainy day in Nevada City and Glenn reminded those who were driving to turn on their headlights. If the windshield wipers are on, a California State law requires the headlights be on too. Daytime running lights don’t count.

Students were in the studio today. 24 of them from a combined 5th & 6th grade class were there to see how a radio station worked. Katie came to the mic to read the station ID and others were briefly interviewed. Hudson was impressed by the CD collection. Glenn said that the CDs were being digitized for easier access to the music, eliminating the need to handle the discs.

Glenn said there are KVMR apps for both Android & iPhone. You should be able to find the links to them on the front page at kvmr.org.
<The link to the Android app makes it a bit difficult to find. I found it more directly by going here>

Next it was Aden who came to the mic. He noticed the abundance of rooms at the station. Glenn said the studio doors are usually open during the Zen Tech broadcast to make it seem more inviting and to capture the ambient sounds (as long as they’re not too loud).

Lastly, it was Persephone who took a turn at the mic. Her interest in radio stations centered on listening to county music

Glenn reminded listeners that they can listen to this show again at archives.kvmr.org.

There have been changes to the Zen Tech website as well as the KVMR site. The Zen Tech website and KVMR now use secure certificates to keep the traffic between your computer and the website from being intercepted.

Also, when you login to the Zen Tech site, you have to prove you’re not a robot by completing the captcha challenge. This feature is provided by Google and has changed recently, version 1 is no longer available. You now have to use version 2, which involves identifying objects in photographs. You have to click on all photos that have cars in them, for instance. With this version of the captcha it’s hard to know if you’ve clicked the right photos and it keeps sending you more photos to identify. <I hate it, and it’s the reason I was so late in posting the last show notes. It may not be the last time that happens.>

Paul went on to say that once you pass the captcha test, a cookie is set on your computer, which is then valid on other websites that use version 2 to let you pass thru without the hassle of the captcha. He said that’s the reason they made it so hard. If you think you’re solving the captcha wrong, chances are it’s ok and that the system is just putting you thru the paces.

The captcha system Paul uses for the Zen Tech site is a plugin for WordPress, which runs the site. The plugin is called Google Recaptcha by BestWebSoft. There are several captcha systems he could have chosen and one of the things that helps him decide is how many time has it been downloaded. He’ll favor the plugin that’s been downloaded most often. Obviously, he also checks for compatibility for the version of WordPress he’s using — there were several in the last few months.

Paul started to talk about compiling site maps “so that Google will know where our site was”. The popular pluging for that is ‘Yoast’. It’s free and it analyzes the site to see how palatable it is for search engines like Google. It sounded like he didn’t say all that he wanted when he suddenly changed the subject to thanking supporters of KVMR.

Glenn continued by thanking the contributors and underwriters and he thanked the members who support KVMR thru their donations. <If you’d like to become a member, you can call the station at 530-265-9073 or go to kvmr.org>

The guys noted the passing of Stephen Hawking, a famous mathematical physicist.
<A brief history of Stephen Hawking’s discoveries.
Stephen Hawking: pop culture icon>

Glenn has been educating himself in using Word and Excel recently. He said there’s a lot more to Excel than just spreadsheets. One of his projects is creating name badges. He found that the border color can change depending on what is entered in certain fields. He was using the 2013 version of Excel but thought that earlier versions might be capable of the same thing.

Paul mentioned the possibility of getting malicious code when someone gives you a Word <or Excel> document. The document may have macros (mini programs), which enhance the functionality but can be made to do strange things. Your Excel application should warn you that there are macros in the document you’re about to open, and ask you if the macros are to be executed.

The macros are in English and Paul said you can look thru them to see if the words like ‘delete’ are present or a website is mentioned, which might hint at something malicious. Glenn said the main Excel file has the extension .xlsx and the macro files are .xlsm. Otherwise, just be aware where you get your document and what it’s supposed to be doing.

A long time ago there was defect in Windows that would allow code to be executed if you clicked on a .gif file — “the picture viewer could be tricked into overrunning the code.” The .gif picture file could be longer than what it was meant to be and code could be stuck on the end, which would then cause what was called “arbitrary code execution”. Adobe .pdf files have had a similar problem. And the worst of all have been .swf, Shock Wave Flash files, which exploit defects in the Flash player.

Next, Paul talked about crytocurrency viruses. A lot of computer processing is needed to manage cryptocurrency like Bitcoin. So someone came up with the idea of using the computers you or I have to help out — to distribute the processing out to the computers on the internet. The virus will use your computer’s spare time to do a small fraction of the processing that would otherwise require a huge array of computers. Paul reasoned that it shouldn’t use more then 50% of your computer’s time, otherwise you’ll suspect something’s going on.

Paul found out how such a virus can get on your computer. It appears that some Windows machines still have a flaw despite all of the recent patching. The flaw is called Eternal Blue that exists in the “networking stack”. It was first developed by the NSA and is now used by the cryptocurrency miners and also by the ransomware Wannacry virus.

Microsoft came out with a patch for Eternal Blue. If you have Windows XP and are keeping it off the internet for security reasons, you can download the patch to a flash drive and then plug the flash drive into the XP machine to update it. You should also have an updated anti-virus program to protect it from compromised flash drives.
<Further info from Microsoft.>

Glenn invited to call with their questions and comments at 530-265-9555. And they can send email to zen at kvmr dot org.

Paul has a Kindle app for his Android tablet for reading books and such. And though it can read .pdf files, it’s pretty rudimentary. So he discovered a free app called Calibre, which is an ebook reader and converter that runs on a PC or Mac. It can convert a .pdf file into a Word document, which you can then edit. In fact it can convert between 20 different formats, including..mobi, the native format for the Kindle.

Calibre has a bit of a learning curve and the interface is clunky, but it’s a far better program than he first thought. It also lets you subscribe to various free magazines, news sources, periodicals and documents. And it comes with a list of websites where you can get all of this free stuff

Caroline called. She has an iPhone 4 and keeps getting the error message “Can not get mail. The mail server ‘IMAP Gmail.com’ is not responding. Verify that you have entered the correct account info into mail settings.”
– Paul said the email app on your old phone is out of date for what Gmail expects. Google has started imposing a a more stringent authorization scheme called OAUTH.
– Use the Safari browser to go to Gmail and get your mail. Though eventually Safari will become out of date and fail to access the mail.
– It’s not obvious, but there is a setting in Gmail to permit less secure authentication. But then you’ll get warnings saying something like ‘less secure applications are accessing your account’ <referring to your email app>.
– Get a new iPhone.
– Gmail is the least hacked mail service and this problem is the price you ‘pay’ for more security.

Last Updated 12:59 AM 3-15-2018