Distracted Walking Laws

So various places are adding “Distracted Walking” laws to try to prevent people from texting or just reading their phones while walking.

The latest place to pass this law was Honolulu. They have started passing out tickets to those distracted while walking in a crosswalk. They are the first major city in the U.S. to pass such a law. Minimum fines will be $15 but repeat offenders can look at $75-$99. (Even higher rates of $100 for first, $200 for second, and $500 for third offenses were previously considered.)

The Mayor of Honolulu says that they had more pedestrians hit in crosswalks than almost anywhere else.

Ontario Canada is looking to pass a “Phones Down, Heads Up Act” as well to make it illegal to cross a street while using a phone.

npr.com
treehugger.com

Whaling Attacks

We recently came across the term “whaling” so of course, we needed to know more about it. Here is what the Victor crew found out. It is a form of phishing aimed at high-profile business executives, managers, CEOs, etc. They are going after the “big fish.” The emails sent to them are more official looking and target a particular person. A regular phishing attack usually goes out to a lot of people trying to lure anyone. Whaling is also considered “spear phishing” where it is an attempt to target an individual person or company.

As with phishing, whaling is used to get a person to reveal sensitive information, such as login credentials, to an account. They do this by trying to scare the individual into giving this information up.

Whaling goes so far as to make a web page or email that looks like the legitimate one. You may even be enticed into downloading a program in order to view a page or to get your information. It may come in the form of a false subpoena, message from the FBI, or some kind of legal complaint against you.

Be aware of what you are clicking. If you can, hover over the link and see where it is taking you. Try putting the URL in an analyzer, such as VirusTotal or TrendMicro to see if it is safe. If in doubt, don’t click or download anything you are unsure of.

Your Wi-Fi is probably vulnerable

It has recently been found that WPA2 protocol is vulnerable to hacking. They are known as Krack Attacks (Key Reinstallation AttaCKS) and there is a website where you can learn more about it. It is found that Android and Linux are most vulnerable to this exploit. They can be tricked into reinstalling an encryption key with all 0s that will allow them to enter your network and then get to sites you visit and capture your login credentials.

If you watch the video below you will see it is a rather involved process to actually crack into the network but that doesn’t stop someone who is intent on getting into your network.

There isn’t a whole lot you can do because this vulnerability bypasses any security measures. Some of the more simple things you can do is not use unsecure Wi-Fi. Ever. Keep your firmware to your router updated. Do not downgrade to even more insecure protocols like WPA or WEP.

A new way to call

Last week, Amazon announced new devices. Among the new devices are the Echo Show, costing $229.99. This is a more triangular device with a screen. It allows you to make video calls as well. They are offering $100 off if you buy 2 devices with code SHOW2PACK. You can actually watch flash news briefings, see lyrics of songs, security cameras, just to name a few.

Other new devices are a shorter new Echo, the Echo Plus and the 4K Fire TV device. Also announced was the Echo Connect, Echo Buttons, and BMW partnership. The Echo Connect is an accessory to link Echo to home phone line. It costs $35 and is coming later in the year.

If you already own an Echo, Echo Dot, or Echo Show, effective immediately you can make phone calls. It is supposed to work with your land line or your mobile phone.

Echo Show at Amazon.com

Equifax Breach – What you can do

By now you’ve heard about the Equifax breach. Something you may want to do by November 21 is put a security freeze on your account. Until then, they are waiving fees to do this.

A security freeze is supposed to block outsiders from opening an account in your name. This is different from a fraud alert which will only notify you if someone opens an account in your name (even you).

A security freeze has you adding a PIN in order to make any changes. The three major credit monitors are TransUnion, Experian, and Equifax.
Right now you can only put the freeze on Equifax for free. TransUnion and Experian will charge $10 for each. Currently there is legislation pending on making this free. If you are planning to buy a car or house you don’t want to freeze your credit just yet.

Equifax will not be calling you so if you get a call saying it is from them, it is most likely a scam.

If you enroll in their monitoring program, you would waive rights to sue if you are impacted by the breach.

Here are some links:
Equifax blog with explanation of the problem
How to put on and remove a freeze from your account
Form to fill out to get a PIN to freeze account

Other Uses for Social Media

Maybe you love, maybe you hate it but social media is here to stay. Many people used it as their lifeline during the past storm in Texas, known as Harvey. Many used Twitter or Facebook or Instagram to let people know they were in stuck and needed to be rescued. Still others used social media to let people know they were able to help.

The U.S. Coast Guard preferred for people to call them or 911 but people had trouble getting through. People even turned to Airbnb to offer their homes as shelters for those in need. The Hurricane Harvey Texas Rescue Facebook group offered ways to help those trapped or in need of rescue.

“Farm Fresh” Amazon

The Amazon and Whole Foods deal going through today is leaving its mark in a lot of different ways. Whole Foods prices are going down on a lot of items in an effort to allow more people to enjoy the benefits of organic foods. You may start seeing some Amazon devices on Whole Food shelves and Whole Food items on Amazon’s website.

Prices have been slashed on many items already. For example in New York it was reported that organic fuji apples went from $3.49/lb to $1.99/lb, avocados dropped $0.80 per lb, organic rotisserie chicken dropped $4.00/lb, and organic bananas went from $0.99 to $0.69 per lb.

The Amazon devices like Echo and Echo dot found in the Whole Foods stores are the same discounted prices found on their website right now.

The Victor crew plans to shop at one later this week and will report back any other findings.

Bloomberg
TechCrunch

Robotics

Robots

See SpotMini run! In this TedTalk by Marc Raibert of BostonDynamics gives a demo of how far robotics have come. He talks about dynamic mobility, balance, and mobile manipulation. He has a few demonstrations on video and live to show some things they have done to meet the goals of using robots.

In one demonstration, they show some examples of what might challenge the robots if faced with some obstacles keeping them from what they are trying to do. For his live demonstration he shows the different movements of SpotMini – a dog-like robot. He shows on the screen what the dog robot is seeing and how the robot plans where and how it will step.

Keep your browser extensions updated!

It is important to keep all software you use up to date. There are updates for a reason – most likely some of the code used was found to be vulnerable to attacks.

This past week, a popular extension was hijacked. The developer of the Web Developer for Chrome extension had his own account hijacked. The hijackers phished his Google account, then modified the code in his account and pushed it out to users. The version of Web Developer for Chrome that was pushed out is 0.4.9. You need to make sure you have the updated version 0.5 installed NOW!

The version the hijackers uploaded can force ads on pages, capture passwords, or other unreported problems. Consider changing passwords to pages visited during the time of the compromise. The date was August 2. The developer himself admits he fell for a phishing attack that started this. This effected over one million users.

The developer details the events in his blog. The bottom line is anyone can click on a bad link and it is important to have two-factor verification in place.

iPhone Smuggling

iPhones bring many people joy. Their prices vary in different regions. They happen to be cheaper in Hong Kong than mainland China, due to taxes and levies, so people try to get them there. A woman was recently caught by customs trying to smuggle in 102 iPhones strapped to her body. She was also smuggling 15 luxury watches. The added weight came to about 44 pounds.

Unsure of what types she was carrying, if they all were the iPhone 7 Plus, she would have had over $78,438 in USD at the very least. For the full capacity iPhone 7 Plus, it would have come to $98,838 at $969 each.

It seems this is an ongoing thing in China. In January 2015, a man was arrested at customs for smuggling 94 iPhones. Just two months later in March 2015, another man was caught trying to smuggle 146 iPhones. Most people are caught with up to a dozen or so. Sometimes they are caught with more, but this number made international news. It’s easier to smuggle in colder weather because they can wear heavier jackets.

Sources:
Chinese smuggler caught with 102 iPhones strapped to her body, doesn’t beat the record …
Chinese iPhone smuggler caught with 94 iPhones strapped to his body
http://kotaku.com/smuggling-146-iphones-looks-difficult-1690990925

Fireworks of the Future

Imagine your sitting on a blanket on the grass with your family nearby. You get ready to watch the Fourth of July drones? Ha! So some are re-imagining see the Fourth of July with drones. So what’s the upside of this? No smoke. No explosions. No air pollution. Maybe you can hear the music they could be flying to. May be even cheaper to run drones than to blow up 30 tons of fireworks for an eighteen minute display. The drones can be choreographed into amazing displays.

Now maybe instead of “Intel Inside” we can see “Intel Outside” as they develop this. Find out more.

The Price to say “Buh-Bye Ads!”

Don’t you just love it when you go to a website and you have all these things pop up, music blaring, or you’re reading something and along comes an annoying ad blocking you. There are two sides to this. Some people make their living from these ads. But for the user, it’s no picnic.

Google has joined the Coalition for Better Ads. This coalition has guidelines that should be followed when designing ads for a website. They plan on building a new Chrome browser with this ad-blocking built in. It won’t block all ads and you may only get the most annoying ads from showing.

The up side: maybe you will see fewer annoying ads.
The down side: someone will be making money from this. On the Google post, they mention Funding Choices where publishers can show a customized messages to people who are using ad blockers on their browsers. They can either enable ads or pay for removing the ads on that site through a new Google Contributor program.

So how does Google Contributor work? You buy a $5 pass for a particular website. The site has a per-page fee of their choosing (some are $0.01 per page, some $0.03 per page.) Every time you visit a page without ads, it deducts from the pass. You can add or remove sites from your pass at any time. This is still in beta at this time. They plan the rollout some time in 2018.

Google Post about Ad Blocking
Google Contributor

Windows 10 Creators Update

When the Victor crew was notified of the Windows 10 Creators Update, we scratched our heads. What in the world is that? Why would I need it?

There is a new Gaming category in Settings. When in game mode it will make the experience smoother.

You can use the new Paint 3D app to make 3D drawings along with 360 degree view.

There is feature that allows you keep open tabs by setting them aside so you don’t have to favorite them but put them aside for small projects you may be working on.

Microsoft Edge becomes the default eBook reader. You can customize the eBook as you are reading it, highlight parts, set bookmarks. You can also change the screen for night use.

There is a setting for Mixed Reality that works with HoloLens VR headsets.

Plan and measure trips on Maps. You can share them with others.

There’s a new privacy dashboard to allow you to set your own security settings.

Mini View allows you to keep a video in a small window.

The first of these updates were rolled out April 11, 2017.

Source:
https://blogs.windows.com/windowsexperience/2017/04/11/whats-new-in-the-windows-10-creators-update/#lTLvawf2Zc4QtKJx.97

Ransomware

The Victor crew has heard a lot of news lately about a cyber attack nicknamed WannaCry using ransomware. Ransomware is holds an infected computer hostage until a ransom is paid, usually in bitcoin, money that is virtually untraceable. This latest attack has caused global problems. In the UK, hospitals have been attacked. In the US, FedEx fell victim. If you use a Macintosh computer you are most likely safe as these attacks are targeted at PC users. If you are still running Windows XP you are even more vulnerable as there are no more patches being made for these systems.

Here are some things you can to do to prevent this from happening to you:

Keep your computer up to date. Do the patches for your operating system.
Make sure to do security updates for your security service.
Only open attachments from the person you know and trust.
Be careful of programs or other items you may want to download.
Back up your computer to an external hard drive.
Keep copies of your files on cloud services.

If you do get infected and don’t want to pay the ransom, which has been about $300-$600, you will have to flatten your machine (reinstall your OS). If you have kept your files on a cloud service or on an external hard drive, you will have defeated them. You will need to reinstall all your programs if you haven’t backed up the entire system.

The predictions are that today there will be even more as people turn on their computers if they haven’t been kept up to date.

Sources:
http://www.foxnews.com/tech/2017/05/15/ransomware-how-to-protect-yourself.html
http://abcnews.go.com/US/simple-things-protect-ransomware-attacks/story?id=47410339

Rogue Science: Outlaw Tech

If you get the Science Channel, you might already know about the Outlaw Tech program. They explore the different ways tech is used to commit crimes. Be it heists sort of like Ocean’s Eleven, counterfeiting, or identity theft, they may cover it.

They have six hour-long episodes showing how banks, museums, casinos can be hacked. During the episodes, they show how people have defeated have cracked sensors, codes, ATMs, and computers to get what they want.

You can find out more here.

Why it’s important to keep doing your updates

The Jody Victor crew ran across an article that is truly disturbing.

A flaw in Microsoft Office given the ID CVE-2017-0199 has quite a history. This vulnerability allowed remote attackers to use Microsoft products to execute arbitrary code and take over computers. Ryan Hanson found the flaw last year. He spent some time to see if it could be made more deadly before contacting Microsoft in October 2016. Microsoft did not patch this right away. If they told people of a change in Word settings that would fix the flaw, then word would be out that there was a flaw with more ramifications.

They decided to release a fix in a later update. However, they sat on it and took their time. They started working on a solution in January but attacks had already begun. Through links in email, computers were infected with software that allowed eavesdropping. McAfee saw some attacks on April 6 of this year and blogged about it April 7. April 9, a program was for sale underground for hackers to exploit the flaw. On Tuesday, April 11, the flaw was finally patched in an update.

They don’t know how many computers were hacked or how much money was stolen before this exploit was patched. If you don’t automatically patch your PC, please do so now!

Source:
http://www.reuters.com/article/us-microsoft-cyber-idUSKBN17S32G

Can you put down your smartphone?

A few weeks ago 60 Minutes aired a segment called Brain Hacking. The Victor crew was surprised by some of the information.

Tristan Harris, a former Google product manager, compares smartphones to slot machines. Every time you pick it up and check on it, you are looking to see “what you get.” The person being interviewed, said that techniques are used to cause people to keep checking their phones and apps.

In another part of the segment, we find Ramsay Brown, a programmer who understands how the brain works and writes code accordingly. Co-founder of Dopamine Labs, tries to write apps based on the pleasure and desire in our brains. They try to find ways to keep people using apps longer or more often. For instance, he says Instagram may hold back some of your “likes” and release them in a sudden burst. They even try to figure out when the best moment to release them is. You don’t pay for social media like Facebook – advertisers do. He says it’s “your eyeballs are what’s being sold there.”

Read more about the segment.

New type of phishing attacks affecting browsers

The Victor crew came across an urgent matter. If your browser is Chrome or Firefox, be aware of a new phishing attack. An attacker can send you an email with a link to a malicious website. You could visit a site that will either infect your computer or make you think you are signing in with your credentials as they trick you into thinking you are accessing the correct site.

The people from Wordfence, a security plugin for WordPress found this last Friday, April 14, 2017. They set up a demo site to show what is happening. It is well worth it to check their article and see if you are affected and what to do. They have set up a demo using a medical site, epic.com, so you can test your browser and browser settings. You can visit their demo site here in Chrome or Firefox. To compare the demo site with the real site they faked for comparison, you can click here to visit the real site here.

This does not affect Windows or Safari browsers. Currently there is a fix for Firefox browsers. Here is what you do:

Open your Firefox browser
Type about:config in the address bar
Search for ‘puny’ (without quotes)
You should see network.IDN_show_punycode set for ‘false’
Double click it to make it ‘true’

Chrome currently does not have a fix for it.

Geeky April Fools Day

This past Saturday was April Fools Day. The Internet wasn’t short of pranks. The Victor crew enjoyed putting together this list of some of them.

Stack Overflow had fun making this video of their Dance Dance Authentication protocol:

In case you don’t know, Stack Overflow is a site that is used by developers as a forum.

Google had fun with Google Gnome, something to make your backyard smart:

T-Mobile Onesie:

Amazon brought us Petlexa

Honda has Horn Emojis

New iPad – Flat-out Fun.

For those of us waiting for a new iPad, last week Apple announced the new iPad. It wasn’t really given a name and it isn’t an iPad Air. It has a 9.7-inch Retina display with an A9 processor. It comes in just 2 sizes: 32GB and 128GB. (We really wanted a 64GB but had to get the 128GB.) It has iOS 10.3 and Touch ID. It comes in silver, gold, or space gray and costs $29 for the 32GB Wi-Fi model and $459 for the 32GB Wi-Fi + Cellular model. For the 128GB model it’s $100 more each respectively.

Ordering began March 24 and shipping begins on March 31. Read more here. Don’t forget to back up your old device through the cloud or iTunes so you will get back all your apps!

Server is down

Last week, there was a major outage of Amazon’s cloud servers on the east coast in VA. It lasted a few hours and caused havoc with many websites. It’s not often that this happens, but when it does, it causes problems in many places.

If you use any of their services, you can check the status of their servers here. Even if you don’t keep your website on their servers, you can find some of your apps having problems. Think Alexa, Nest, etc. Some major websites depend on these services as well and you may find them down as well.

If you are having trouble reaching a site, you can go to isitdownrightnow.com. The home page of this site has a list of major services listed with (hopefully) a green box to let you know it is running. It includes sites such as Netflix, Facebook, Youtube, Google, Yahoo, and the like. There is also a list on the right site of sites last checked and some sites that are currently down.

Oh, and human error was blamed for the massive Amazon server outage.

The Victor Crew

Scamalot

You may have heard of the Broadway play Spamalot. But there is British Mashable contributor who has recorded a bunch of short videos called Scamalot. The premise of the videos by James Veitch is that instead of deleting spam messages he receives, he actually answers them. They are all under 4 minutes long so they are quick watch. Season 1 includes the following episodes: Gold, Poem, Toaster, Mary Gary, Novel, and China Jewelry Corp.

You can watch a season of it on Amazon video or see them on his Youtube channel.

Here is the first episode: Gold.

Yahoo!

Yahoo has recently been in the news again lately due to yet another problem with data breaches. Having a Yahoo account, this Victor crew member has received an email from Yahoo about it.
Yahoo Email
In this message, they tell me that they are investigating the creation of forged cookies. They say they are taking steps to secure accounts. They say this forged cookie may have been created in 2015 or 2016 and they believe it to be connected to the September 22, 2016 data theft. They also give some actions you can take.

They suggest using a Yahoo Account Key which is something we will investigate ourselves at a later time. This user is on the verge of dismissing this account altogether although it was my first email created back in the 90s. I have added 2-step verification as well as changed the password.

Yahoo Email
Another email as a reminder from Yahoo states a reminder to secure to secure the account. They suggest updating to the Yahoo Mail app on android or iOS. They suggest to turn off insecure apps.

Yahoo Email
As I logged into the account after the above emails, there was a link to update security settings to block apps with less secure login. I am not sure what this entails yet, but will let you know when I find out.

Cortana

Remember that email you sent telling someone you’d send them something by Friday? Oh. You forgot. Well now you won’t … with Cortana. Cortana can now help you remember these things. She will give you reminders.

Just launched last week, Cortana’s reminders work on Windows 10 and will eventually support Android and iOS. It works with Outlook.com and Office 365 work and school addresses with support for other email services coming soon.

You can also have Cortana add a reminder to your list by talking to her. Unfortunately, you cannot link them all yet if you have an Office 365 Home edition. Hopefully that is in the future as well.

Can you hear me?

Don’t say yes! If someone calls from an unknown number and asks, “Can you hear me?,” don’t say ‘yes.’ It will be recorded and they will have your voice saying yes in agreement and may use it to authorize changes on a phone bill, utility bill, or credit card bill.

The Victor crew thinks this sounds a lot like the old ‘slamming’ fraud where a phone company would ask you a few questions and if you said ‘yes’ to anything they would change your phone billing method, mostly to a much higher rate with another company.

Right now this is mostly happening in Virginia, although similar complaints came from the Pittsburgh Better Business Bureau in October.

Police are urging people that if they receive this type of call, to hang up immediately and don’t answer.

http://www.foxnews.com/tech/2017/01/27/can-hear-me-scam-has-police-urging-people-to-hang-up-immediately.html