Welcome! Are KeyLoggers still a problem?, Is Someone Tracking Your Browsing?, Why China Is Banning Encryption, and more on Tech Talk With Craig Peterson today on Maine's WGAN Saturday Show11-02-19]
Release Date: 11/02/2019
Craig Peterson - America's Leading Security Coach
Good morning everybody! I was on with Matt and Marty (who was sitting in for Ken.) We had a good discussion about election technology and what different states are doing to assure that they are secure. We also talked about the FBI and Homeland Security about Passwords and Passphrases and security. Here we go These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig If the Secretaries of State get hacked, I'm not sure we can feel comfortable. Would they even know that hacking occurred? If they did, it would be much after...info_outline AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Passwords, Data Collection, Big Tech and more
Craig Peterson - America's Leading Security Coach
Welcome! Good morning, everybody. I was on with Mr. Jim Polito this morning and we discussed Passwords, huge databases, data collection by Big Tech and our schools, COPPA and Google. So, here we go with Mr. Polito. For more tech tips, news, and updates visit - --- Automated Machine Generated Transcript: Craig Now we've got the New Mexico Attorney General, who I'm sure will be joined by other attorneys general to file suit on this. We've got this children's online Privacy Protection Act, which has been around for quite a while that says any personal data for a child under the age...info_outline AS HEARD ON NH Today with Jack Heath WGIR-AM 610: The Technology and Spread of the Coronavirus and More
Craig Peterson - America's Leading Security Coach
Welcome, Good Monday morning, everybody. Craig Peterson here. I was on with Jack Heath this morning. We discussed the Coronavirus, Covid-19 and its spread and how Technology is helping and hurting. Here we go with Jack. These and more tech tips, news, and updates visit - --- Automated Machine Generated Transcript: Craig So there we go this morning with Jack Heath Craig Peterson here, and let's get into it. We talked quite a bit about some different aspects of what's happening with technology and the Coronavirus, the Covid-19. Jack Joining us on the Autofair listener lines, our...info_outline Welcome! Election and Voting and the use of Technology, Poorly written apps and Bad Chrome Extension and more on Tech Talk with Craig Peterson on WGAN
Craig Peterson - America's Leading Security Coach
Welcome! We are going to hit a number of topics today from the world of Technology. Primaries and Caucuses are underway and with that always comes the topic of technology and security and it is no different this year. Apps are being developed and brought to market without being fully tested. Extensions are being created that have ulterior purposes and are being downloaded by thousands and even more, on Tech Talk With Craig Peterson today on WGAN. It is a busy show -- so stay tuned. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: ...info_outline AS HEARD ON: WGAN Mornings with Ken and Matt: Election and Voting Technology, Phishing and Coronavirus Covid-19
Craig Peterson - America's Leading Security Coach
Good morning everybody! I was on with Ken and Matt. We had a good discussion about the upcoming Nevada Caucus and if they will experience some of the same issues as in Iowa. We also discussed the cybercriminal phishing emails being sent out with the warnings about the Coronavirus that if clicked on will infect your machine and network and also why you should delete apps that you do not use to protect your privacy. These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig saying, Wow, cool new technology is going to be great. Hey, I...info_outline AS HEARD ON - The Jim Polito Show - WTAG 580 AM: Apps, tracking, selling info and election security
Craig Peterson - America's Leading Security Coach
Welcome! Good morning, everybody. I was on with Mr. Jim Polito this morning and as you know today is Primary Day in New Hampshire it is the Big Day for our State Sport - Politics. That means it is the day to address voter manipulation, voter fraud, low tech solutions and why apps are not the answer. So, here we go with Mr. Polito. For more tech tips, news, and updates visit - --- Automated Machine Generated Transcript: Craig You've got this free little cute little game, isn't this fun to play? Well, that game is tracking you everywhere you're going. They sell that information to...info_outline Welcome! Rampant Intellectual Property Theft by China, Scams - Airbnb, VRBO and CoronaVirus Phishing, ACLU and DHS and more on Tech Talk with Craig Peterson on WGAN
Craig Peterson - America's Leading Security Coach
Welcome! Today there is a ton of stuff going on in the world of Technology and we are going to hit a number of topics today. There are some scams that are getting more and more prevalent with Airbnb and VRBO that we will talk about. Also, phishing scams using the Coronavirus as a way to trick you into clicking. The ACLU is filing suit against DHS. China is stealing our Intellectual Property. Shadow IT becoming more and more of a problem and even more on Tech Talk With Craig Peterson today on WGAN. It is a busy show -- so stay tuned. For more tech tips, news, and...info_outline AS HEARD ON - The Jim Polito Show - WTAG 580 AM: First in the Nation New Hampshire Primary Day and Election Hacking
Craig Peterson - America's Leading Security Coach
Welcome! Good morning, everybody. I was on with Mr. Jim Polito this morning and as you know today is Primary Day in New Hampshire it is the Big Day for our State Sport - Politics. That means it is the day to address voter manipulation, voter fraud, low tech solutions and why apps are not the answer. So, here we go with Mr. Polito. For more tech tips, news, and updates visit - --- Automated Machine Generated Transcript: Craig You know, they don't release their source code, they hold everything close to the chest. They say, Well, you know, it's obscure people don't know what we're...info_outline AS HEARD ON: WGAN Mornings with Ken and Matt: Hacks, Deep Fakes, CEO, Business Email Compromise, IOWA caucuses and more
Craig Peterson - America's Leading Security Coach
Good morning everybody! I was on with Ken and Matt. We had a good discussion about The Iowa Caucus app fiasco, Business Email Compromise, and Deep Fakes what it is, who is at risk and what we can do about it. I went into detail about Passwords and Password Managers and even two-factor authentication and why you need to use them. So here we go with Ken and Matt. These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig The problem we see this daily when I get notices from the FBI. It all boils down to personal hygiene, just keeping...info_outline AS HEARD ON - The Jim Polito Show - WTAG 580 AM: The problems with the Iowa Caucuses
Craig Peterson - America's Leading Security Coach
Welcome! Good morning, everybody. I was on with Mr. Jim Polito this morning and we discussed the debacle that was the Iowa Caucuses and what it means to you as the election season moves forward. In short, test, test, test. So, here we go with Mr. Polito. For more tech tips, news, and updates visit - --- Automated Machine Generated Transcript: Craig Tied into Hillary's campaign staffers that were paid 10s of thousands of dollars by the Iowa Democratic Party. $60,000 was paid to them by the Nevada Democratic Party, who was caucusing in a couple of weeks as well. Craig Morning everybody,...info_outline
Today there is a ton of stuff going on in the world of Technology and we are going to hit a number of topics from Keyloggers, to Privacy and Encryption, and Tracking -- so stay tuned.
For more tech tips, news, and updates visit - CraigPeterson.com
Automated Machine-Generated Transcript:
Hello everybody, Craig Peterson here. Welcome to my Saturday show her right here on WGAN. And online at Craig Peterson calm. You'll also find me up on YouTube, where I am posting videos of this show. And I try and do that every Saturday. I've been doing this now, last few weeks. This Saturday's no exception. Next Saturday maybe because I am going to be out in the West in the conference. So we'll see how that all goes. I may end up doing next week's show from my laptop, which would be a little bit different. I haven't done that before. So we'll see how that all goes. Today we are going to be talking about Firefox. A lot of you guys asked questions about browsers. So I've got an article from naked security up on my website at Craig Peterson. Calm talking about this. But Firefox browsers and this came up in one of my masterclasses here over the last couple of weeks, you know, those free classes that I've been holding, these are not pitchfests, in the least, we spent two hours in the last one. And this particular one, we're talking about privacy, and I had mentioned the offer browser and have some questions on that. So we will be talking about that today. Keylogging is an ongoing issue. It seems that every business that we go into, to help them clean up or do a security assessment and action plan for them. They all seem to have key loggers, at least one machine, man This week, we just found one of our clients had a data x filtration going on. Thank goodness, we had the right kind of equipment in place because it automatically noticed it and shut it down. But keylogging is a great way to start. That whole BX filtration, we're going to be talking about passwords today as well, which is always a big topic. And we'll talk about one password and some common password problems. We've got a warning out from checkpoint, and those are some guys that make some security software. That is saying that there is going to be a new cyber Cold War next year like that's a surprise. So we'll be talking about what that means to you as a home user as a business. The BBC did something I don't know that anybody would think about, but when I thought about it a little more. It made sense. But the BBC is now on the dark web and will tell you a little bit about that. And that also goes into my whole commentary about some of the browsers out there. And by the way, if you want to sign up for these masterclasses, I don't think I'm going to be having one this coming week. But if you sign up for the master class, you can attend Live asked questions. I always answer all of the questions, which is why sometimes it goes much just three hours because I try and make sure everybody understands what we discussed. I've been doing them live as well on zoom so that you can kind of jump in and type in your question in the chatbox, and I'll make sure I get to it right away. And I will be having more so see the two I've done, I think, Okay, the last couple of weeks. I know I did one on VPN and one on mobile security just yesterday. So make sure you sign up Craig Peterson comm slash master class. And these are, as I said, they're free, and these are not pitchfests. But it's me looking at material trying out material answering questions that I can use in upcoming courses that I do so. Tick tock, by the way, if you haven't heard about it, I've mentioned it on one of the morning appearance appearances that I do on the radio, but Tick Tock is here. Getting back now about this is from China about claims that China is doing the nasty with it. Microsoft man who thought that they would win this Amazon was the shoe and winner for this contract with the feds. We'll talk about that. And a little bit about what does it mean for you if you are using cloud services and what's the government trying to do here, and China, they passed a cryptography law. You know, of course, about Facebook, as I mentioned this before, and Facebook's cryptocurrency while China's getting in the game as well. And hopefully, they don't beat us to the punch here when it comes to the cryptocurrencies. You can watch all of this, as I mentioned, and I just noticed myself right because I got a little monitor sitting here so I can see what we're streaming. And I noticed that this big green logo God is behind me. It is for my ball. I sit on one of these kinds of big bouncy ball things so I can keep my back moving. In fact, this whole table that I'm sending that that you can see in the video on YouTube, this whole table, and my website. Of course, this whole table goes up and down. So I've got my production equipment here. I've gotten more production equipment there. I've got a huge 4k TV up there that shows me all of the different feeds and things it's just a nice little setup, but that's what this is in case you're wondering watching on TV certainly caught my eyes I might have caught yours as well. So let's get into Firefox right now. Mozilla, these are the guys that make Firefox has been trying to focus on security and privacy. And there is a difference between security and privacy. Security is where we have information that is kept private, but it is also kept secure, so it doesn't get out. It doesn't leak out. There's no way for anybody to get it. So that's how we're defining. Well, no way, right? There's always some way. But that's how we're defining security when it comes to browsers.
Privacy is different privacy is where you don't necessarily want websites to know where you are, where you've been, what you're doing when you're online. And we should have privacy. I'm more concerned about privacy, my privacy, right. When it comes to government monitoring, then I am worried about privacy rights when it comes to business monitoring. Because businesses all they're going to do is try and sell me another pair of shoes. Or a car, maybe when I don't need a car. Government, much, much different government is going to be very intrusive government is the sole authorized entity and that it states to use force against you for what they want. In other words, the government can pull out a gun, put you in jail, take away your rights, your freedom, and kill you in some cases. So I get concerned when it comes to government. If you don't have the government, then you are really at risk. Now, how good is the government?
I don't know. We were seeing these impeachment hearings going on with President Trump. The accusations are that under Obama's direction, the CIA started an investigation into Trump for political purposes. Then the CIA fooled the FBI into launching an investigation, and then there were some people high up in both these organizations, right. It's not the normal, lower level of people that were running this sort of stuff. And there's we can tell, right? But I get concerned, because even if this was true, and also if it was only the top-level people within the CIA, the NSA, the FBI, that were involved in, could move downhill. And we keep hearing talk about the deep state and what they're doing.
Well, do you want the federal government to have all this information about you about where you're going online, what you're doing, and it goes back to the socialists. The quote that I've had in the front of my mind for the last couple of months is, show me the man I will show you the crime.
Because every last one of us has committed a crime, some of them felonies. You before you leave your house in the morning, you've probably broken some rules. Regulation or law? Because there's so many of them just on firearms, there are more than 20,000 laws, how can you be expected to comply with them all? So, if you've got a committee in Congress, for instance, that wants to impeach the president, or someone else and they're allowed to go after the guy everything look at everything they've ever done everything! YES, Everything Everything. They will find a crime because everything is a crime. Oh, finally, we found an offense. Do you think that you with what you do online might have committed a crime at some point in time? That's the real question. If you're online and you are doing something that they want to paint as a crime, right, all they have to have is rumors to destroy your life. Look What happened with Mike Flynn? Did he remember every word that was said when he was vacationing in the Caribbean? Man? I know a lot of people that are a vacation in the Caribbean and are tipping back. Few too many drinks. Do you remember everything you said last time you inebriated? Right? And then now you're led into a perjury trap. All of this can happen when it comes to your online browsing history, what you're saying online when you don't have privacy.
Again, we're talking about the government here. What the government's monitoring with the recording -- Who are you calling? What are you doing? And me, I'm a member of the media. And as a member of the media, I talked to all kinds of people I'm sure people that I have interviewed over the years have ended up being arrested and Probably some of them convicted of who knows what crime. So now they go back, and they selectively look at things that I might have said I might have talked to that person, and now I am a criminal. So when we're talking about privacy, there are two levels. I'm not worried so much about businesses tracking me. I am apprehensive about government monitoring me. And when we get back, we're going to talk more about this because the government monitoring side of things, and the business side, end up merging. It's kind of like a Moebius spurt strip here, frankly.
You're listening to Craig Peterson. I'm on WGAN and online at Craig Peterson, calm, stick around because we'll be right back.
Hey, everybody, welcome back, Craig Peterson, here on WGAN. And online at Craig peterson.com. Of course, as Peterson SO and we were talking about privacy protection before the break, I want to add one more thing about privacy protection when it comes right down to it. And that is, you are the person responsible for it. So let's do a little bit of education here. Let me help you understand what we're specifically encryption. Your web browsers can use encryption when talking to websites out there so that any data from your browser to the site is encrypted. Not that they always do it, but they can do it, and there are some plugins to make sure that it is using eat in corruption when possible. So one of those plugins is called. What is SSL everywhere, I think, is what the name of it is. But there's a number out there. But there are many browsers that do aim at trying to keep your data safe online. And I talked about those in the masterclasses here that we recently had we got more coming up, and we'll be answering even more questions. Of course, correct. Peterson comm slash master class for those three classes. But you can use a different browser. So, for instance, you know that if you have windows, you probably had Microsoft Internet Explorer on it. And then, they switch to this Edge browser. And now they have switched to using Google Chrome as the base. So basically, it's there. It's called chromium, which is the base that Google Chrome is based on and is in the OpenStack Source space. And Microsoft, of course, put their stuff on top of it so that they make sure they break a lot of websites. Well, that's, that's not why they did it. They did it because they're Microsoft and they know better anyhow. Your current Edge browser is not a Microsoft product. It's a Google product for the most part. So some of us will also use Google Chrome, which is the most popular browser out there by far right now. If you are using a Mac, you probably have Safari. So I've run through the leading browsers that people are using out there. Currently, some browsers are privacy aimed. One of them is the Firefox browser. And the other one is Opera. Those are the two most common, and Opera is probably the better of the two. But as was brought up in one of my master class, by one of the attendees, there are rumors that China has started to take control of opera, which could be a problem.
And then there is the most privacy oriented browser in the world called tour. But we're not going to go into that today. You can find all kinds of information on the tour. I have done some Facebook Lives on it. And you'll find those online at Craig Peterson comm slash Facebook. And you can find out how to use the most private and secure browser that there is out there and it's free, by the way. So Firefox is trying to be the browser when it comes to privacy. And they have a few different browsers that are available on iOS and your Android devices, each offering different levels of privacy protection. Still, they have offered another privacy treat tweak to Firefox version 70. And this is the ability to see how often websites are tracking you. So if you are running Firefox, you can go and access it by clicking on the address bar shield icon. That's where you would normally see the information about any SSL certificates in use right now. It has a drop-down at itemizes different types of trackers detected on the various websites that you might be using. Now, there are some other things that you could potentially use and what I use as well. And probably one of these days we'll have to get more into this and what am I using and how are we blocking things, but there there are a few other plugins that you could use one from our friends over at EFS Electronic Frontier foundation that I use and that I like. I recommend, but we're right now we're talking about Facebook and Facebook, Firefox. Okay. So naked security, as I mentioned, has an article you'll see up on my website as well. And it's talking about the enhanced Tracking Protection that they did test. They said users might not notice the detection of many trackers if you already have this set to a strict setting, but it works pretty well. I like what the EFF has done a little bit better. But to back up its claim that privacy protections with having of Mozilla released figures showing that Firefox had blocked 450 billion cross-site tracking requests since the second of July. And now that's risen to 10 billion blocks per day. So a cross-site tracking is a site that might put a cookie on your browser. So that it knows what you're looking at what you're interested in where you came from, right. And that's one level of being monitored by the marketers. The next level of being monitored by the marketers is this cross-site stuff, including scripting. And that is where they're pulling data from another website. I have a client that this just happened yesterday. And this client has been using Internet Explorer. Now, we have been after them for a long time to get rid of Internet Explorer. It's not even supported by Microsoft anymore. So there are all kinds of security vulnerabilities. And they use this one particular small bank to do all of their banking. And they went online to the bank, and they couldn't log in, they couldn't get it to work. And it hasn't been working for months. Well, as it turned out, the advanced security that we had installed in their Network found that the bank had used an embedded a cross-site script, going to a tracked customer relationship management system. That was a fairly new site. It's only been online for about three weeks period. So we consider that high risk because that's a typical mo modus operandi for a hacker group. So we blocked that access. And that access, then made it so that she couldn't get a login. Now, this is all good, because it's a high-risk site. And we don't want them going there. We don't like the cross-site scripting, because many times that's how hackers get your data. And we're not going to get into a whole bunch of detail on how that works. But the Mozilla will block that now, which is nice, frankly. And you have to turn that on. If Wanted again, it's called enhanced privacy protection. And by the way, there is also a built-in password tool on Firefox called block-wise. And they now can generate a secure password when signing up for a new account. Now coming up here a little bit later, I'm going to be talking about passwords, some specific stuff about password managers, and not what the best practices are. But you can use it to replace the weak ones, and Firefox has been doing a pretty darn good job. By the way, Mozilla says that lock wise can be protected using Apple's FaceID Android Touch ID face recognition systems. And they're using AS 256, which is pretty good. encryption, it's tamper-resistant, it's GCM, it's their block cipher technology. They're using one PW protocol to obtain keys a, and they're doing a pretty good all shocked to 56 for the encryption key. So have a look at that if you are concerned about privacy leading into security, have a look again. And a side note here from our friends and naked security reason test by the German Federal Office for information security Firefox as importantly only one of five browsers to be given a passing grade. And I will leave you to guess who some of the ones that had failed. Were and I talked about them all the time.
All right, stick around. You're listening to Craig Peterson on WGAN. Online at Craig Peterson dot com. We're going to talk about vampires on your computer when we get back, so stick around.
Hello, everybody, Craig Peterson here. Welcome back. Of course, we're alive. Every Saturday from one till three. You can see me on Facebook Lives I've been conducting master classes. We got a great class coming up on hardening windows. It is a course we'll let you know about that as well. Hopefully, you got this morning's email. I send it out every Saturday morning with my notes for the week, including all of the articles we're talking about today. So make sure you follow along. If you haven't already, go to Craig Peterson dot com slash subscribe, you'll get my special notes when they come out. You'll find out about some of the nastiness that might be happening out there, and you can be on top of and in Friend have any of these big problems that are out there? That's Craig Peterson comm slash subscribe. Well, let's get into the vampire side of things right the spooky time of year Halloween. Everybody's thinking about these vampires, and things about there's a kind of a cool new Walking Dead-ish show that it's a comedy on Netflix that we started watching. It is very, very cool. I think it's a fun one.
But did you know that there may be vampires lurking in your computers? I mentioned a little bit earlier. But I have seen these vampires in pretty much every business that we've done an NSAAP in. So here's what an NSAAP is. An NSAAP is a network security assessment and action plan. We call them in NSAAP, right, so we'll go with In we charge 500 bucks. We analyze all of the machines that are on their network and what their security problems are. And then they have something they can run with, to try and fix the issues themselves or because it's so complicated, we'll fix them for them, right? That's what we do, we not only fix those problems, but we keep going. We keep the patches going, which is one of the most important things for you to do. We make sure that we have multiple layers of security on the machines and then on the network, and then at the network edge, etc., etc. So when we're looking at, these will look at two things that will look at vulnerabilities. And if they want us to, and there's an additional charge for this, we'll go ahead and look at indications of compromise, which means, Hey guys, not only do you have these vulnerabilities, but it seems like there's been a compromise.
Now, you don't want to be compromised. I think that goes without saying the bottom line. But when we do this indication of compromise test, I think 100% of the times, and we have found one of these vampires on at least one computer. And what I'm talking about right now are key loggers. There is a guy that just went to prison sentenced just a couple of weeks ago for this type of thing. But there are two types of key loggers. But the bottom line is they're trying to find what you're typing because they know that you're going to have to type in password usernames, right? And they don't even need to know what's on your screen at the time because they can, you know, they can pretty reasonably recognize what you're typing. you're typing a letter versus you're logging into a system. And that, by the way, is why you need to factor authentication. That's why we use UB keys YUBI You can find them online Yubikey so that you have your account, you have your password, and then you have to physically insert this special encryption key to keep your data safe, right, that's the bottom line here. So the two types of these key loggers are there are hardware loggers, and the hardware key loggers are something that plugs into the back of the computer and then plugs into your keyboard. You don't see as much as you used to because many of us use Bluetooth keyboards. Now Apple is the best there is when it comes to it. And if you're watching me now, you see I've got an iMac over on my left, which is an Apple iMac. I've got Keyboard an apple keyboard, which is Bluetooth and an apple trackpad, which is Bluetooth hooked up to these, but it's using a special version of the Bluetooth protocol. To get the keyboard to sync up and the trackpad to sync up, I have to plug it into my iMac so that they can exchange security keys. So it's not just the basic Bluetooth security, it's much more advanced than that, which is great. So what they're trying to do now is get it so that with this apple keyboard and trackpad, there can be a key logger that pretends to be my Mac and then the keyboards talking to I'm Mac's talking to it, they get you can't do it right. Now, with the older stuff with a regular Bluetooth keyboard. What they'll do is they'll put a little Bluetooth receiver in the area, and it'll pretend it's the computer and the keyboard. Now regular Bluetooth keyboards do have security. And it does negotiate with the machine. So there's some security there. But most of them, the older ones, particularly all of them, are entirely hackable. So, what they were trying to do, again, is a key log. They sit in the middle between your keyboard and your computer and is easier to do with a hardwired or with a USB keyboard. You might want to switch to the latest version of Bluetooth available for your computer.
Now the second way that keyloggers work and how we often find them when we're scanning the software. We're looking through the system registry, and looking in detail at everything. Those key loggers are pieces of software, and they've been inserting themselves into your operating system. So, that whether you're using a Bluetooth keyboard or hard wired keyboard, they see everything that you type. That's a problem because, again, they can figure out what your username is what your password is. Well, a New Jersey man has confessed to getting into businesses during hours and after hours and planting key loggers. And we've seen this happen in some congressional Democrats offices as well where they found installed key loggers. The Department of Justice has named the companies that were victimized one to New York, the others in Texas, and they both have offices in New Jersey. And what they said was that this guy, anchor wall 45 a month Ville news jersey pleaded guilty New York Federal Court on Tuesday this week to two counts of obtaining information from computers and one count of aggravated identity theft. So these can be bad, and they can be used to break into your bank accounts and all kinds of things. That's where identity theft comes in. And according to the court documents, it started in June 2016. When he trespassed into these companies, New Jersey, Brandt's branches, he got his hands on an access badge. And it let him keep, keep coming in when he wanted to write. And he installed the hardware key logger, those are the ones that sit on the USB port, or that you can program a Bluetooth keyboard into right so if you have physical access, all you have to do is just configure the Bluetooth keyboard to talk to your keylogger and then the keylogger talk to the computer. Then and then of This is hard, right? And apparently, he got employee usernames and passwords. He also snuck his computer and hard drive under the company's computer network. So we could install malware that does the same thing, which is the software key logger just talking about, then this gives the crooks a way to track everything, breach everything and get internet works completely. Okay. It's, it's a real problem. It's a real real problem. So, key loggers can be notoriously hard to find. But there is software that can find them in your normal antivirus. Sometimes it can. Hey, stick around. When we get back, we're going to get into passwords. You're listening to Craig Peterson here on WGAN. And I got a surprise for you when we get back. Of course, online Craig Peterson dot com slash subscribe.
Hello, everybody, Greg Peterson here. WGAN online, Craig peterson.com. What we're going to talk about passwords right now, and there are some surprising numbers that have just come out. I'm going to be talking more about these next week. Zogby, these are the pollsters just came out with some statistics on businesses and getting hacked, which is amazing. Amazing. Because it turns out that a quarter of businesses hacked in 2019 went out of business, 10% immediately went out of business. It's just crazy, but we'll be getting into this in more detail coming up next week. But let's talk about passwords because this is one of the most important things you need for your security. Now there are movements underfoot, and Microsoft is involved in Google and others in getting rid of passwords entirely. That's good. And it's bad. Now, they're not saying they're getting rid of the password. So anybody can just say, Hey, I'm Greg Peterson, let me into the Twitter account, what they're going to be doing and what they're already doing actually, is those accounts that they are that they're trying to protect, or it's using an exchange between your browser, the website,
As well as something that you have like the Yubikey. You know, TLTP it's a one-time password type thing. That's where it's going. It's not there right now. And right now, the best thing you can do is protect your past. passwords by using one of these pieces of software that automatically generates a unique password for you for every website, and also store them securely will fill out the form for you with your password in there, so you don't have to remember it. And we go the next step and my company because we are a master managed services provider, that in fact for a master managed security services provider, but that's a mouthful. Be meaning that we provide the security services that other companies sell. So we're the people behind the scenes for a lot of local break-fix shops, bars, etc. So the change is now that one password we can tie in and we do tie into something called do ODUO-and it's something else that Cisco Bought, it's interesting. I don't know if they're following us around, but three or four of these products that we've been using for years, Cisco recently bought that we've been using them because we found them to be the best that was out there. So one password has a Business Edition, as well as a condition that you can be using, and you should be using for your family and using it to share passwords. So with the business version here, you can create different groups of users with varying vaults of passwords. And it makes it very, very easy, therefore effective. And frankly, according to CIO magazine, and I agree with this, you can get a measurable, beneficial impact on security just a few days after you've rolled it out. Now they have one password advanced protection, which also has extensive monitoring tools that we use to So that you can take control of your security in your business. So look at one password. It's not expensive, and it's not cheap. Okay? It's right in the middle.
But one of the things it does is it lets you know hey, we have reports at this website that you have an account on has been compromised, so you've got to go ahead and fix it. So you've got to keep control of your sensitive information I've talked to before I had quite a stir when I said .hey don't tell the truth your bank you should be lying to your bank when it comes to your password recovery questions. And some people push back one of my daughters is pretty high up in a bank, and she was taken back by the headline, which is Lie to your bank, right? And then she read the article, and she's going to share it with other people within the bank because it just makes a lot of sense. So one password business lets you securely share passwords across your teams, or do your parliament, and only the people that need access to an account can get the access to the account, which is very, very important. It's the whole concept of limited access and, and who should be able to have access, right? very minimal access. Now there are other password managers out there. As I've said many, many times, I like one password, I think it's absolutely the best out there. That's what we use. We use it in conjunction with do Oh, and use that in conjunction with Yubikey. So that we have multiple layers, multiple layers of security when it comes to logging in. So let's say that you can't use one password, maybe your home user, your Soho, small office, Home Office. Let's talk about the other options available. One of them's called LastPass, which is pretty good. I've mentioned when we've talked about Firefox that it has a password manager built-in. That's pretty good as well. But let's get into the common password vulnerability. Ladies and how to avoid them. The old thinking was that you should change your password every 30 days, maybe more frequently. And that you need to have a mixture of numbers, letters, special characters, upper and lower case. That is no longer true. Not at all. The best password is a long password, that phrase, and you throw a couple of uppercase letters and some special characters in there. That's the best password. And not having your people change passwords every 30 days is also beneficial because it encourages them to come up with better passwords. Okay, because weak passwords are just the worst. So length versus complexity. You know, a complex password. Some of them they're saying like eight characters or lowercase characters, numbers, special characters, and in reality, that's a weak way to come up with passwords. Because if you're talking about eight characters, that's easy to break, relatively speaking, you can download my table from the internet, it's about two terabytes and size is pretty long. But it allows you to break pretty much every password that was ever created by Microsoft, or that you've ever used on a Microsoft System older than Windows 10. And even Windows 10 systems where there's been a migration So in other words, pretty much every password used in Microsoft, and. And that's called a brute force attack. When you're going up to the character one's a long one, you can use these fancy crackers, okay, that are out there. Well, if you enter a 16 character password even let's get simple, a 16 character password that only has lowercase letters. Computers right now using brute force, it would take 224 million years to crack that password 224 million years, versus it could break your password in nine hours, an eight-character random password randomly generated. Okay, so the length is the key here. So whether you're using one password or you're using just one account by yourself length is what matters. Now, some applications older programs you're using, they used to be restricted eight characters, many of them. Hopefully, they're not anymore, but give it the longest password that they allow that you can reasonably remember because you don't want to grab one of these. I'm holding up a sticky notes post-it notes here in the camera. You don't want to use one of these to write down your password and stick it on the screen. or stick it in the drawer, okay? Because now that guy or gal that is breaking into your office at night can find your password good, you wrote it down. So you don't have to be so complex it has to be written down. And you don't want it to be a character because that only takes nine hours to be cracked. Okay? So keep those things in mind length. Is it enough? Well, yeah, pretty much okay. But if you're using a password that is like your catchphrase, put down that cocktail that people might know that maybe you have on your Facebook page or something on your website at the office, your LinkedIn page. The bad guys are going to do a little doc scene and find it, and they're going to use it, and they're going to get in okay. So don't use these. You know, the quick Silver Fox jumped over the lazy brown dog or other things are going to be easier us Long password, if you ever have taken one of those memory courses to help you with your memory, and then it's a random list of words and it's like, airplane armed, low brown dog, etc. And then you associate them right. So the airplane flew over into the envelope, and the brown dog ate the envelope. Well, do that. Memorize that. And you can also use foreign languages. For many of these, you can come up with crazy words, anything that you know, well, that's a long-phrase going to be the best password that you can generate. And never, ever, reuse the password. Don't use them on multiple websites because if you use it on your kid's site for their x box, and you use it on the banking side, and the Xbox gets hacked, they now have your banking site password, okay? So be careful of all of this stuff. There's this out there called Have I been Pawned - spelled P-W-N-E-D? Go there, check your password, they'll tell you how good it is, based on whether or not that same password is located online. In one of these hacked websites, it's out there and use password managers use multi-factor authentication. These are things like DUO and YUBIKeys. Just do it the right way hardware tokens. They're getting more involved. Now I mentioned OTP. One time password, which is a new protocol, is going to get rid of passwords online. Google has their own called Titan. And there was just recalled on a bunch of those Google Titan keys. certain models of them. You know, stick with Yubikey. They are quite good. smart cards open PGP Fido is the new standard that I've been alluding to, and use them all the time. All of your passwords matter. All right. So that's it for passwords. And when we come back, we're going to talk about the new Cold War. That's coming up in 2020. will be talking about the BBC now on the dark web tech talk and their response over China's influence. And Amazon was expected to win this big contract of the federal government. We didn't talk about that and what my concerns are with us, and what your concerns should be when it comes to cloud computing. So those are coming up. So stick around. You're listening to Craig Peterson right here on WGAN and online. Craig peterson.com. Subscribe to my email list. Get my weekly emails to find out about the free masterclasses etc. Craig Peterson dot com
Hello everybody, Craig Peterson here. Welcome, welcome. Welcome back. Of course, you're listening to me either on WGAN-AM online at Craig Peterson dot com, you might be watching over on YouTube Craig Peterson dot com slash YouTube or maybe Facebook, maybe LinkedIn, I'm starting to do a few things with LinkedIn. So we'll see where that all leads us. We're going to talk right now about some predictions, and this is from information security. buzz.com. An article by Checkpoint is a company that makes various types of security software. They were one of the very first firewalls many many years ago. I used them 20 years or maybe more ago, but Checkpoint has been around for quite a while, is not a product I use anymore. But they do have some useful information. And that's what we're going to talk about right now. And they're talking about 2020. And this is all about their predictions. And they're saying that we really could be looking at a significant cyberwar coming next year. What does a cyberwar look like? What are we talking about here?
Because cyber Cold War's mean what what what is it cold war. You're not using kinetic weapons writing. In other words, you're not firing missiles. You're not shooting guns. You are playing games with each other, Right? We had as part of the cold war against the socialists and in the USSR in Russia, Soviet Empire. We had a trade war going on where we wouldn't trade directly with them. We wouldn't trade certain things with countries that did do trade with them at the time, and the CCC p ended up going out of existence entirely. That's an example of a Cold War.
So today, what is a Cold War look like? We know the United States has started doing some cold war-ish things with trade. Right? We've got our president out there right now, President Trump, who is saying, Hey, listen, China, you need to smarten up. You are doing things that are hurting us. None of the Presidents before me, have had the guts to come out and say this, or do anything about it, but I am going to put tariffs on these various goods because we want you to stop stealing our intellectual property. We want you to be fair and open in your trade with us. China has been pushing back, and put some of their tariffs in place, and they go up, they go down. Is that a Cold War? Well, I don't think sustainable. But at some point, that's a Cold War. Right at some point to say, yeah, that China in the US is just going to butt heads together. I think it becomes a Cold War when we start trying to enforce sanctions against countries that do business with China, which will be bad for us. Now, the European leaders also sat on their hands for about 20 years. It's been since the late 90s. They sat on their hands and didn't do anything about China. So is this a Cold War right now? No, not really. Is it a trade war? Well, kind of. Yeah.
We do have a cold war going on with North Korea. They're, they're not shooting missiles at the US, per se. We're certainly not shooting missiles at them neither South Korea. So yeah, there's a cold war there. Where else might we have Cold War's Well, you know, kind of a little bit of a one with the socialists in Cuba? You know, killing 20 million people in Cuba turns out to be a bit of a problem. We have a Cold War right now with Venezuela. And in Venezuela, of course, again, people starving to death in the streets with their socialist government. There seems to be a trend here right with socialist governments and people dying. So yeah, we have cold wars going on right now. So what checkpoint is saying that these nation-states that are out there that don't like us, but have very little power over us are going to get into a cyber Cold War with us? Because, again, if things were to escalate, you know, China versus the United States, if we wanted to hot, or where we were shooting at each other, the United States would probably win, you know, we we'd have to see, of course, it'd be a lot of lives lost, which would be horrific. Obviously, these smaller countries, we just go in, and we could topple them pretty easily look at what happened in Iraq, look at what happened in Libya, in Syria, where the Obama administration decided they would destabilize the Syrian government. They sure as heck did that didn't they looked at where Syria is right now. So we could do this with most small countries. So what can they do to retaliate back against the United States they're certainly not going to get into a hot war with us. Well, what I what checkpoint is saying is there is going to be a new Cold War, conducted in the online world. the world as western and eastern powers increasingly separate their technologies and intelligence. We've already seen Russia have a kill switch for the internet. China has a kill switch for the internet. And in both cases, particularly in China's case, they are controlling everything that people see on the internet. And that's where the whole Tor browser on your network comes in, right to help get that information out. Behind these curtains. We've got the bamboo curtain. We've got the Great Firewall of China, all of these things. So they're saying the ongoing trade war between the US and China and the decoupling of the two huge economy economies is a clear indicator of a potential Cold War, cyberwar. And it actually might be if we don't come to terms with China, we can see things getting worse. Talking about something that happened this week with one of my clients. It is a client that took some of my advice, but not all of my advice, right? Unfortunately, that happens. And so we had some equipment in place. We found with this client that they had given remote access to employees, for the employees to get into the systems at the office. And they didn't do it right. And we gave them a proposal to go ahead and make this, you know, make this happen clean things up. And they didn't. So they still had this, how do I even put this, it's like a big box retailer, firewall VPN controller, and you've heard of the company's name before, I'm sure and just a total joke. And they wanted to continue to use it, and they continue to use it. So then Week, what we found was that someone hopped in via that one of those computers that were used remotely that remote connection, right so so they hopped in, they got on that remote connection, probably because the employee's computer on the remote side was compromised. So they connected to this VPN server on this platform that I, I'm not going to mention their name because I don't want to confuse anybody. And think that it's a good platform because it's not it's cheap, though. It's cheap. And they were able to get in now on to the computer with remote desktop. And then from that computer that was on their internal network that we had no visibility into, they were able to go to another computer for the Operations Manager. And from there, they started uploading x Phil trading data, again, customer information potential They're intellectual property, etc., etc. So they were trying to accelerate it through a device that we control that is designed to look at all of the data, make sure that none of that data that's going out is data that contains confidential information, etc. Right? And it noticed something weird, which was waiting a minute is 6 am. Why all of a sudden is are there gigabytes worth of data on the way out of the network. And so our systems alerted our tax and immediately shut it down. I think about eight gigabytes made it out before we shut it down. So this is an example of what happens in a cold or cyber Cold War in this day and age we saw this week. It's a very, very big deal and this is a small company and trying to save a few bucks. I mean, a few bucks. They may have lost everything. We stopped it partway through. But because we don't have visibility throughout the whole network, who knows what's been going on in there, we can only see stuff that's going out x filter via our network connection on the outside. Okay. So it's they're expecting our friends over at checkpoint are expecting this to escalate next year. Where did this come from? Well, we did some tracebacks. However, what happens is someone can be sitting in China, using computers that have been compromised in Russia, to connect to computers that are compromised in Brazil to connect to computers are compromised in Mexico to connect to computers right here in the northeast United States. So you see what I mean. It's unpredictable but it is exactly what happened. But we did see a little bit about the source in the routing, what happened here. Now, cyberattacks are being used as proxy conflicts between smaller companies that are countries. I should say smaller countries aligned with these bigger countries that want to go after each other. It's going to be fascinating. So we got a couple more points here. We'll get to, and I will get to them as soon as we get back. So stick around. You're listening to Craig Peterson right here on WGAN. And online at Craig Peterson dot com. Peterson, with an O, stick around. We'll be right back.
Hey, welcome back. Craig Peterson here on WGN online. Craig Peterson dot com. Thanks for joining us today. I know you got a lot of stuff going on. I appreciate you guys sticking around. Last time I saw the stats for my show. I had the stickiest show on Saturday of all shows, which means more people sit and listen to my entire show on the radio than any other weekend show. I thought that was cool and appreciate you guys for doing that. Also, our numbers keep going up. We've had some incredible days. When it comes to our podcast, we're changing it up a little bit on the podcast side, which you can get on iTunes. You can get it on tune in, SoundCloud, you name it, go to Craig Peterson dot com slash iTunes, if you wouldn't mind and give me a five-star rating. Hopefully, I've earned that from you. Craig Peterson dot com slash iTunes. Let's get into these last points here when we're talking about a new cyber Cold War in 2020.
The 2016 elections were the first major fake news elections. Now, of course, Hillary Clinton coined the term fake news during her candidacy for President. Donald Trump kind of grabbed on to it. But we're talking about fake news 2.0 you think the Russians messed around with our last election Wowsers our next election 2020 is going to be a doozy and it's just going to get worse from there. Because now we can create deep fakes that are going to make a significant impact on the elections. President Obama was the first social media president, and he claims his election was due to social media, that social media was what led him to get his message out. And it was his message getting out. That got him elected. Right? Well, now we've got the ability for politicians to really master social media and then almost automated fashion, political adversaries going back and forth Republicans and Democrats. And now you can have the greenies the libertarians, the who was it pop their head up again. Another kind of crazy guy anyways, who's out there to spread false stories to build their narrative based on fake news 2.0 Okay, very, very big deal. And they are already in the process of implementing their plans to influence these 2020 elections. It's a huge deal.
Part of what we're going to see with the cyber Cold War is more cyber attacks on utilities are critical infrastructure. They're all going to continue to grow. We've seen attacks on the US and South African utility companies this year, as well. In many cases, critical power and water distribution infrastructure and sewage plants have been using older technology and haven't been updated. Now I can tell you a little bit of inside baseball here that's not confidential that I talked with some experts about when I was running, the FBI Infragard program webinars. So the InfraGard is something the FBI put together to help critical infrastructure And other companies out there to help keep them up to date on what's going on. Okay. So I know there's been a lot of progress made, but they're not all to the point where they are highly resistant to these hackers that are out there and particularly nation-state. So we have to continue to increase our cyber defenses substantially. And another thing while we're on this topic, because of the solar flare activity, one of the most crucial things you need to be doing right now is hardening our electrical grid or electrical infrastructure. So that if we do get one of these massive solar flares, we don't end up with another Carrington event that could knock us back to the 1850s all technology gone. Something for another show, I suppose. So the checkpoints technical cybersecurity predictions for 2020 are targeted ransomware attacks are going to increase 20 1970 Somewhere being increasingly targeted against specific businesses, local government and healthcare organizations that we had a lot of that this year, you guys probably are aware of that I certainly have talked about it, okay. Attackers are spending time and intelligence gathering on the victims to make sure they can inflict maximum disruption. Remember, the disorder is what they're going to do. They want to disrupt our economy. They want to empty your bank account, they want to confuse, conduct phishing attacks going beyond the email, email is still the number one attack vector. And that's what we guard carefully for our clients. So most of our clients now are using some version of Microsoft Office 365. And remember, there's 10,000 plus skews that Microsoft has these different products and they've got a one through I can't remember where it goes now he five or seven for their email product. And then they've got data offerings, and I got all these different things. Don't go with the cheapest. Okay? But what we do with the email because Microsoft isn't very good at providing anti-phishing and anti-malware services for the email, we brought all the mail through us, we run it through some highly active filters, and then we send it on over to our customers, okay. So be very careful about that. Now, and frankly, next year and on there is now vision which is voicemail phishing, there are SMS texting attacks against mobile devices, gaming platforms, social media platforms, it's crazy. Mobile malware attacks are moving up in the first half of 2019 saw a 50% increase in attacks by mobile banking malware, over 2018. So we're talking about stealing payment data credentials and funds from the victim's bank accounts. And there are new versions that are already available for the bad guys. And this stuff isn't expensive, and you know that a nation-state might pay a million dollars to get their hands on some of the newest zero-day attacks. But there are some beautiful attacks that you can get for 20 bucks online on the dark web that you can use to destroy a company. Twenty dollars is all it takes. Okay? And unfortunately, that company is going to have to spend a couple hundred thousand in order to protect themselves from that $20 attack, right? Is it worth it or isn't it? They're getting more sophisticated phishing attacks here and more effective as well. They're getting mobile users to click on malicious web links, etc., etc. Okay.
Nice little quote here from Checkpoint that we won't read right now, but we've got to protect ourselves. These are called generation-five attack vectors, and they are getting very shrewd. They are able to really inflict maximum damage, it is just crazy. So that's why we have multiple layers, right? It goes back to Shrek, that Ogres are like onions. That's how you have to think of your security. You have to have a stack of security, and you have to have all these different layers. If they get through one layer, there's another layer underneath to protect it further. And then another layer and then another layer. That is how we stopped them this week at one of our clients from stealing all of their company's information. And, you know, again, it isn't cheap, but how much is the company worth? How much is your job worth, right? And I feel sorry for everybody that is this De facto security person and organization who does not have the budget that you need. And man, I empathize. That's why we're doing these mini-courses and the master courses as well. And that's why we got these free masterclasses and the Facebook Live so you can ask questions and get them answered because I really, really, want to help you guys. Okay, of course, I want to keep my lights turned on. So that's why I have paid for courses that you can purchase. But all of these classes are simple and free. So make sure you know about them. Sign up today. Go to Craig Peterson dot com slash master class, sign up, and you'll find out about these free classes that I'm holding more or less two times a month to three times a month, depending on what my schedule allows. All right, everybody, stick around because we'll be right back. You're listening to Craig Peterson on WGAN
Hello, everybody, welcome back. Craig Peterson here, man, the show is winding. Winding down, I guess, is what you'd say. We get about the last half hour here together, and we're going to be talking about some of the technology in our lives, some of the things we need to do to protect ourselves. Of course, that's what I do for a living. So that's what I know best. Right? So we've talked about a lot of technology, but we kind of stick most closely with some of the security stuff. We're going to talk about the BBC now and why they're using the dark web. If you've watched any of the war movies, you know, that we used the BBC the Allies did in world war two to get messages to the underground and other people who were in occupied territories. They did it through code words and things, you know, they'd have a little phrase that they would put up on the radio as they were broadcasting it. And sometimes, the phrase would mean something, and sometimes the phrase wouldn't mean anything. The whole idea was to confuse the enemy during the war. That way, the socialists in Germany didn't know what we were talking about. The Socialist Party, the Nazis, and that that's true to the Japanese and what was happening there with their socialist Empire. We wanted to get messages through, but how do you do that in a time of war when people are listening? Well, that's one of the proper ways to do it. Today, in this day and age, things a little bit different. It turns out that China, Iran, and Vietnam are three of the country's This is according to the BBC, that has tried to block access to the BBC. Now the BBC is biased, but you know, they overall have some pretty darn good news. And I get my news from several different places because I want to hear all sides. So I listened to the BBC. I listened to the CBC, I listen to PBS. I listen to Fox, I listen to NBC, I listen to all of these different ones in podcast format. Well, that's easy enough to do right now in the United States but in many places around the world, there is serious censorship. I've mentioned the Great Firewall of China before. And that is total censorship where they can pretty much ban anything at least that's their idea behind this. So what the BBC has done is they have launched our new website that looks identical to their existing normal website out on the dark web.
You know, if you attend a masterclass where we were talking about VPN, and we're talking about mobile security. I talked about what the onion network is. And it is essentially a hidden network that sits on top of the normal internet. And it was established by the United States. It's still maintained by the United States. And it's for dissidents, to be able to communicate with our State Department. That's kind of what it was set up, for now, would use for almost everything. It's the dark web. We just talked about it in my show, where we're saying the dark web was also being used by the bad guys to sell these hacking tools. They use it to sell our identities to do trades with each other. Right? The dark web, though, isn't all bad. It was, as I said, designed to be good and to be very helpful. In fact, it still is. So the BBC set up a new version of their website on the dark web. And you can look it up on the BBC website to find out more if you'd like. And you can also find it on my website at Craig Peterson calm. What's the only way to get at it is for most people is to use the Tor browser to our browser. And the lot of detail I went into for like half an hour about the Tor Browser in the master class. But users of the Tor browser can visit a special URL. It's BBC News v to VJTPSUI dot onion. Now you're not going to remember that I'm sure which is why I told you to go to the BBC calm or go to Craig Peterson and you'll find it there. But it is a different type of URL than you're used to his net. And if you click on that address, it won't work. If you're using a regular browser, but if you're using a browser that's on the onion network that knows how to use it, like the Tor Browser, which is the ultimate and privacy, it can get to the BBC website. So the countries that are blocking it that I named a little bit earlier, including China, Iran, Vietnam, we know North Korea is and some others to people in those countries that have internet access, can use this browser even if they have some blocks, firewalls, etc, in place to stop people from getting out. So I think that's pretty darn cool and smarter. The BBC, they're saying is going to include foreign language services such as BBC Arabic, BBC, Persian, and BBC Russian.
But UK only content like usual only be available within the UK due to broadcast right. So check out the TOR if you haven't already. T-O-R There is TOR clients for all major operating systems, including your desktop computers and mobile devices. And it attempts to hide a person's location and where they're going. It's not 100% effective, but it's pretty darn close. And that uses these exit nodes that are really all over the world. So it looks like you're coming from the United States or India, etc, etc. So check it out online and kudos to the BBC, for doing just that. I'm going to talk right now about Tick Tock with you guys. Because social media is really important to our kids, our grandkids, it's become important to society. It's one of the most effective ways to do advertising nowadays. Social media, it's where it's at. And there are these people on social media that have huge followings. haven't done anything, right? Like the Kardashians, right? They're famous for being famous. And they use the money from the OJ Simpson trial to really get that thing going because the or the old man had was a popular attorney and he charged a lot and she, his wife was able to manipulate it and do some amazing things with it just absolutely amazing. Well, one of the apps that our kids are using this become very, very popular is called Tick tock, ti KT, okay. If you have kids or grandkids or maybe you're using it, you need to need to have a talk with them and help them understand. Because Tick Tock is owned by a company called ByteDance. That is based in Beijing. And what many people forget is that China is a socialist country and it is socialist it is gone down the communist road. And any company that's based in China, you know, the Chinese government doesn't necessarily run the company, but they heavily regulate the country, which is why you compare the United States to, for instance, the Nordic countries, United States is very socialist. The Nordic countries are actually much more capitalist. But they have the money to put in these safety nets that we don't because of the socialist control anyways, blah, blah, right. So Tick Tock is owned by a company based in Beijing, China, which means there are surveillance systems in place. And the concern that's been expressed in the reason why people need not states are calling for Tick Tock to be banned in the US and they're calling immediately for people to delete it from their phone. is we just don't know how much of our data is being shared with the communist government over there. So let's look at the response and that one to think back. Right. President Nixon, I want to make one thing perfectly clear. Right. Let me make this perfectly clear. I did not have with Miss Lewinsky. When we get back, we're going to finish this. I'm going to read what the statement is that came out of China. You're listening to Craig Peterson are right here on WGAN. Online, Craig Peterson. com, of course, online kind of everywhere on all of the podcast platforms on YouTube on Facebook. And you can just go to my homepage, Craig Peterson, calm or keep listening to me here. We'll be right back.
Hey, welcome back, everybody, Craig Peterson here. WGAN online, Craig Peterson calm. And I am videotaping everything today. So you can watch me online that Craig peterson.com slash for YouTube. And we're changing the podcast formats up a little bit as well, trying to put the concepts together and just single podcasts as opposed to how I do things here on the radio show where I might go from one segment to the next segment, and make this just a little more friendly for the general online consumption. Now, before the break, I mentioned that I want you to keep something in mind. Remember President Nixon Nixon, and this is quoted all of the time I want to make one thing perfectly clear. And remember President Trump, let me make this clear. I did not Have with that woman misc Alinsky. Let's read the statement that came out from the company that makes this. Let me be very very clear. Sound familiar? Tik Tok does not remove content based on sensitivities related to China. We have never been asked by the Chinese government to remove any content, and we would not do so if asked. We are not influenced by any foreign government, including the Chinese government Tick Tock does not operate in China, nor do we have any intention of doing so in the future. So it makes me wonder when I hear let me make one thing clear. Are they lying? Right? It's like I always tell my kids because I know they're not trying to be deceitful, right, but if someone starts to sent insane Well, to be honest, You have to wonder where they been dishonest with you before, and now they're honest. Have you had that happen? I know I caught myself saying that I got into the habit of saying Well, to be honest, even though I had been correct the whole time, and I realized, wait a minute now, I'm painting a picture of me having been dishonest before this. So when were you telling the truth after you said let me make this clear or before? So the pushback from Tick Tock comes after US senators Tom Cotton and Chuck Schumer requested intelligence officials assess the national security risks posed by Tick Tock as well as other Chinese content platforms. Hundred 10 million downloads in the US alone. It's a potential counterintelligence tool that we can't ignore. That was in the statement that came out. Facebook boss Mark Zuckerberg, Whose firm competes with Tik Tok, particularly in the youth market, has also recently attacked the platform. Oversensitive. Concerned, remember that Coburg makes a competing product. Another US Senator Marco Rubio previously asked us national security panel to review their acquisitions of musically as well that happened this year. Concerns about censoring concerns also, about whether or not these guys are honest with everybody. So there you go. There's Tik Tok.
I've got two more articles. Let's see if we can get through them here in the last segment. One is about the Pentagon. Many people have been looking at stuff saying Oh, man, I'm just moving to the cloud because then I don't have to worry about security anymore or configuration or updating computers. Remember, the cloud is just another word for someone else's computer. Your legal responsibility These to protect your data do not disappear when you move that data to the cloud. And you are frequently much more exposed once you're in the cloud than if you kept it on your machines. So what's happened here now is the Department of Defense is looking at their budgets saying, Hey, listen, if we move everything to the cloud, it's going to be cheaper for us. Now the Pentagon realizes it's not necessarily going to be more secure. And, in this day and age, most cloud services are far less reliable because of Miss configurations that humans have made on them, so I don't think the Pentagon is looking at as this as a way to make things more secure. Like so many small businesses do unknowingly and end up out of business because of it. But the Pentagon is looking to save money, and The winner that everyone was expecting from this was Amazon. And then President Trump came into power and said, Hey, wait a minute now. My administration has been looking at this bidding process for this project and says it doesn't look like this was fair. It's called the Jedi contract. By the way, JEDI. It doesn't look like this was appropriate. So let's have another examination at it. And Amazon came out with a statement awarding it to Microsoft. Amazon said that a detailed assessment purely on the competitive offerings would lead to a different conclusion. Amazon is said to be evaluating its options and has ten days to decide whether or not to launch a challenge. In a statement, the Pentagon said all offers reasonably considered. Microsoft Executive Tony towns, Whitley said the company was proud to have its cloud technologies picked by the Department of Defense to satisfy the urgent and critical needs of today's warfighters. So let's get into this just a little bit more. Amazon has a real problem when it comes to the cloud computers that they have in the cloud systems. And that is, Amazon is a first-generation cloud service. They were the first and the biggest, and they still are the biggest out there. And because of that, that the design of the system is intricate for many people to understand. And it's undoubtedly extremely complicated, especially when you get into the microcomputing aspect of containers. Very, very difficult. And many of the problems we've seen stem from people making mistakes because of the complexity of configuring Amazon Equifax aside and we'll talk about that one next week. But it's challenging to configure. So Microsoft with their as your platform has an advantage. Because even though they weren't first to market and usually first to market is a substantial competitive advantage and it has been for Amazon. So also through Microsoft Azure was not first to market, it has been second or third to market means it's a more advanced system. And in this case, it means it's simpler. So I'm sure that played into the Department of Defense's strategy here when they were looking at it. Microsoft is going to provide artificial intelligence-based analysis and host classified military secrets, among other services. They're going to be you Using to run this thing military contractors with the various types of secret top secret, etc.
The Normal Microsoft employees won't have any access to this. So I think this might be good as long as they stick to this, right? Remember, the cloud doesn't solve your security problems. It makes some major ones. In July, President Trump told reporters he was getting tremendous complaints about the contract with the Pentagon and Amazon. He said that the companies had told him the contact to us and competitively bid. So, he took a very, long look at it. Of course, President Trump has repeatedly criticized Amazon and his founder Jeff Bezos, but he criticizes everybody, right equally. He praises the military and criticizes the military, but he gets specific. It's not as though hates someone, well maybe he does. But he hates someone like Jeff Bezos. He's just criticizing Bezos for some of his actions. I was a big blow for Amazon because this is expected to be a 10 billion $11 billion project. The Pentagon saying is going to be ten separate cloud computing contracts over the next two years. And the statement from the Pentagon is the J-E-D-I deal continues our strategy of a multi-vendor multi-cloud environment as the department's needs are diverse and not met by a single vendor or by any single supplier. So good on them. And again, they are putting their personnel in the Microsoft data centers, and they have their staff in various data centers because they understand that cloud does not mean secure, but in this case, it is going to save them some money. Well, there are more articles you'll find online that I don't have time to get to today. One of them is China. Central Bank. They set up a research team five years ago to look into steps into establishing a cryptocurrency. And China, of course, is trying to establish itself as a major, the dominant world power. Right now, the price of oil is determined based on the United States dollar. Our dollar is the world's currency bottom line. And what China is doing at this point is they want to establish this new cryptocurrency as the world currency and get rid of the US dollar as the standard dollar. So China's got a new crypto cryptography law that takes place, in fact, on January 1, and it's designed to facilitate the development of the cryptography businesses. All right, I am going to be out of town this week. So I will not be making my regular appearances on the various radio stations around the Northeast. I'm on a whole bunch of stations, and I probably will do one or two Facebook Lives will see, depending on how my time gets split up here. And I am not planning on doing one of my free masterclasses this week, but I probably will when I get back. We're also going to be launching a mini-course on hardening windows, every step, everything you need to do to make Windows as resilient as possible, as resistant as humanly possible. So a very, very big deal. So keep an eye out for that master a mini-course that will be coming out on hardening windows. Make sure you on my email list so you can find out about all these free pieces of training. Also, after I get back, I'm going to start sending out emails about Facebook Lives and things, different pieces of training I've been doing. I've been doing them under the radar, right you guys know about it, but nobody else does. And so we will start announcing those as well. So keep an eye out. There's just lots to keep track of, and I appreciate everybody being with me today. Make sure you subscribe to a live podcast. On tune in, listen to me right here live on the radio as well. 123 pm every Saturday. And most Wednesdays not this Wednesday at 7:38 am on with Ken and Matt. Everybody have a safe week. Check out the video of today's show online Craig peterson.com slash YouTube. You've been listening to me on WGAN.
Transcribed by https://otter.ai
More stories and tech updates at:
Don't miss an episode from Craig. Subscribe and give us a rating:
Follow me on Twitter for the latest in tech at:
For questions, call or text: