Weekly - Microsoft is planning on making you buy a new computer
Release Date: 08/19/2021
Craig Peterson - America's Leading CyberSecurity Strategist
Do You Trust Homeland Security And The FBI For Your Cyber Security? What a week the FBI got hacked, Homeland Security supposedly is sending out emails about hackers in your network. This is what we're going to talk about to start with today. What are these new emails and how are they trying to con you? And can we trust the Feds for our Cyber Security? [Following is an automated transcript] This is a little bit concerning. We know that the FBI's email system got hacked. And for everyone that's sitting there saying gee, if the FBI gets hacked, there's no way my business can possibly survive an...info_outline Are You Ready For Your Car to Spy On You? It's Already the Law
Craig Peterson - America's Leading CyberSecurity Strategist
Are You Ready For Your Car to Spy On You? It's Already the Law They pass the infrastructure bill, which means now it's time to figure out what is in the infrastructure bill. And we're going to talk about the technology that they decided to fund the technology that will win the game because it has billions of dollars of federal money behind it. [Following is an automated transcript] [00:00:16] This is disappointing, but it's normal, right? [00:00:20] It's absolutely normal because the federal government has always been one that picks winners and losers. If you're old enough, you remember, of...info_outline Do You Have a Smartspeaker? Another Danger Comes Your Way!
Craig Peterson - America's Leading CyberSecurity Strategist
Do You Have a Smartspeaker? Another Danger Comes Your Way! By now, you've heard of tick talk. You might use Tik TOK. Many people do. It's their go-to site online, especially if you're a little on the younger side. Here is a danger of some of these tick talk challenges and combine that with Alexa. Oh my [Following is an automated transcript] This is a little bit on the scary side. We built our house some 25 years ago, we contacted a builder, and I put together all of the specs, and I made sure that the wood he used was better than average. [00:00:30] It's all plywood. It's not particle board or...info_outline Have You Checked If Your Email Is On The Dark Web? Let's Do It Now!
Craig Peterson - America's Leading CyberSecurity Strategist
Have You Checked If Your Email Is On The Dark Web? Let's Do It Now! Do you know how to find out if you have had your private information stolen? Well, you know, the odds are probably pretty bad, but where was it stolen? When? What has been stolen? How about your password and how safe is that password? We're going to show you real hard evidence, and what you can do to fix things! [Following is an automated transcript] [00:00:16] Knowing whether or not your data has been stolen and what's been stolen is very important. [00:00:24] And there is a service out there that you can go to. They don't...info_outline Are You Ready For the Next Hacker Wave? It's Going to Be Brutal!
Craig Peterson - America's Leading CyberSecurity Strategist
Are You Ready For the Next Hacker Wave? It's Going to Be Brutal! Right now, we're going to talk about this vulnerability, this huge vulnerability in almost the entire internet that will affect your life over the following number of years. And if you're a business, you better pay close attention. [Following is an automated transcript] [00:00:16] Well, we are looking at what is being called the single most significant, most critical vulnerability ever. [00:00:24] And if you want more information on this, have a look at last week's show, you'll find it up on my website. I talked quite a bit about...info_outline The Worst Internet Vulnerability Ever? And It Isn't Going Away Soon. What's Log4J?
Craig Peterson - America's Leading CyberSecurity Strategist
2021-12-18 1144 [00:00:00] Well, the tech world is all a buzz with this log for J or log for shell. However you want to call it because we are looking at what is probably the biggest security vulnerability the internet has had in a long time. [00:00:16] This is huge, huge, huge to chew. [00:00:19] I don't know how to express it anymore, but there are multiple problems here. And even the patch that was released to fix this problem was broken as being exploited in the last 24 hours. There've been no less than 30 different new. Variations of the exploit. So what is going on? There is a computer...info_outline Did Your Computer Have "Intel Inside"? It Won't For long!
Craig Peterson - America's Leading CyberSecurity Strategist
Did Your Computer Have "Intel Inside"? It Won't For long! We're going to talk a little bit about shopping right now. Then we'll get into our chip crunch, and why Intel is being left on the side of the computer road. [Following is an automated transcript.] [00:00:16] There's lots of fun stuff to do. And it's kind of fun getting out of the house. Isn't it getting out, going out, going around? There's a, an outlet store close by where I live and it's kind of one of these outdoor. Outlet things. And it was fun. Just walking around, enjoying the little bit of fresh air, no matter what the weather...info_outline Do You Think There's Nothing You Can Do to Keep the Bad Guys Out?
Craig Peterson - America's Leading CyberSecurity Strategist
Do You Think There's Nothing You Can Do to Keep the Bad Guys Out? What a week. The FBI got hacked. Homeland security supposedly is sending out emails about hackers in your network. This is what we're going to talk about to start with today. What are these new emails, and how are they trying to con you? [Automated Transcript Follows] This is a little bit concerning. We know that the FBI's email system got hacked. And for everyone sitting there saying, well, gee, if the FBI gets hacked, there's no way my business can survive an attack. Remember that the FBI is a huge, huge target. They have so...info_outline Is Your Firewall Actually Protecting You? What Should You Be Doing?
Craig Peterson - America's Leading CyberSecurity Strategist
Is Your Firewall Actually Protecting You? What Should You Be Doing? New stats are out this week. So what's the number one vector of attack against us? Our Firewalls. And they're failing. So, what's going on. And what can you do about it? [Automated transcript follows] [00:00:16] And of course, I'm always talking about cyber security, because if you ask me that is one of the biggest problems we have in business. [00:00:27] Today. Well, yeah, you got to find employees. In fact, uh, it's almost impossible to find them in the cyber security space as well. And it's been hard for years. So I try to...info_outline You Know How To Use Fake Email Addresses to Stay Safe?
Craig Peterson - America's Leading CyberSecurity Strategist
If you follow my newsletter, you probably saw what I had in the signature line the last few weeks: how to make a fake identity. Well, we're going to take it a little bit differently today and talk about how to stop spam with a fake email. [Automated transcript follows] [00:00:16] Email is something that we've had for a long time. [00:00:19] I think I've told you before I had email way back in the early eighties, late seventies, actually. So, yeah, it's been a while and I get tens of thousands of email every day, uh, sent to my domain, you know, mainstream.net. That's my company. I've had...info_outline
Weekly - Microsoft is planning on making you buy a new computer
[00:00:00] Microsoft has had some incredibly successful operating systems and some significant failures. Think of windows millennial edition. While now they're coming up with windows 11, and frankly, things just aren't looking that good.
[00:00:16] If you know me, you know how I have had some issues with Microsoft here over the years. They are a company that has been, in my opinion, very dishonest have been doing all kinds of immoral things for a very long time by destroying.
[00:00:36] Parts of the market that they considered being competitors of theirs, so they have used their position at the top of the market with billions of dollars in cash to really nail anybody that tries to challenge them. And it's incredible to me what has happened over the years. But, of course, you might know Microsoft did.
[00:00:57] Putting investment into Apple. And many people say that investment that bill gates authorized really saved apple from total collapse. And I can see how is this a reasonable audience or argument? But the bottom line is that Microsoft Windows has never been a great operating system when we get down to it.
[00:01:21] It's always had issues. It's always had glitches, and we could go into a lot of reasons for that. But I think one of the main ones is that it has really tried to stay compatible with everything, all of the. When you were a kid, you certainly rode a bicycle. But, still, the bike that you might be riding when you're in your thirties or forties is probably not going to have three wheels.
[00:01:46] And it's probably not going to have a pedal connected to the front wheel. It is going to be a whole lot different, and Microsoft, over the years, has tried to make their more modern operating systems as time has gone on. Compatible with older operating systems of theirs. And that inevitably leads to problems.
[00:02:06] If you're trying to fix a problem, Einstein said this, right? If you're trying to fix a problem, you cannot use the thinking that created the problem in that first place, in order to fix a problem, you have to think at a different level. And when it comes to software and operating systems, you actually. To program at a different level.
[00:02:29] And the entire structure of the programs has to be different than it is when you're starting. Microsoft has been doing that a little bit. And with Windows 11, they are really trying, they've gotten such black eyes over the years for security problems, and I think they deserve them for the most part.
[00:02:50] Now they're forcing you to use, what's called a TPM. Now these TPMS have been around for quite a while. You see them built into your Macs, and they've been built into your apple Macs now for years built-in frankly to your iOS devices for your iPhone also for years. But this is a trusted platform module TPM.
[00:03:17] And the idea behind a TPM is that your computer hardware is locking. All of this information and the senior TPM. Now there are a lot of difficult implementations of TPMS. The implementation that apple uses stores, all kinds of stuff that makes sure you're booting properly security, keys, et cetera. What Microsoft is doing now is for windows 11.
[00:03:47] If you're going to. Your machine has to have a TPM and not just a older TPM 2.0, now there are alpha images available right now for developers of Windows 11. And I have to absolutely encourage you if you are a software developer to get an alpha version of windows so that you can double-check, is my software still going to be able to run in this.
[00:04:13] And I also want to encourage you if you are relying on certain applications and maybe they're a little bit older, maybe they're not, but if your business requires you to use a piece of software, you really should get windows 11. Right now, get the alpha code, follow it through beta and test your software.
[00:04:36] Make sure it works. If it isn't working, then talk to your software vendors, warn them that it's. Because Windows 11 requiring TPM support, although it doesn't require right now in this alpha version that they're releasing, but it does require it. Supposedly when they finally release windows 11, your computers that you have today probably don't have this chip.
[00:05:07] We have a client that decided they were going to go out and buy their own server against our judgment. And what we told them they should be doing. So they went out and they bought we're going to get an HP server from HP enterprise and they did. And it did not have most of the security staff that they needed, including it did not have a TPM.
[00:05:27] It did not have one of these trusted platform modules on it. Now, in their case with this HP server, they could buy one after the fact and install it. Although the entire machine had to be completely destroyed and reloaded, that's a minor price to pay versus buying a whole new server.
[00:05:48] The TBM is not necessarily going to be compatible with the new version of windows. In fact, Microsoft surface tablets. I look this up their highest end surface tablets, Microsoft branding all over it. Microsoft certified $6,000 almost to buy this, or, top end surface tablet with all of the bells and whistles you can get on it.
[00:06:15] It will not work with windows 11. How's that? So the reason Microsoft is doing this, I think is a good reason. They really want to lock down this system so that we're no longer having as many security problems. And we're not going to get into all of the different types of security problems that TPM is not going to solve a lot of them, but it's going to solve.
[00:06:40] Some of them, but the program manager over Microsoft, her name is Al area. I guess it is Carly. She said that the hardware floor of TPM 2.0 support is going to be in place for the final version. We'll see. I think a lot of people are going to push back. However, Microsoft really does and legitimately does want to make sure that everything is safe.
[00:07:07] So keep that in mind. There are a lot of people complaining about it, the alpha version. And that is why you have an alpha version, they're complaining about it because of the TPM, but also because of some of the other things that are going on with windows 11, at least right now, some of the things Microsoft has announced they've got, for instance group policy will not let you get around hardware enforcement for windows 11.
[00:07:34] Microsoft is still going to block you from upgrading your device. To make sure your devices stay supported and secure. So that's good news and it's good news because many times in the past, how many of us we've upgraded our machines and to a new version of the operating system. And I use upgrade with air quotes around it, but we've upgraded our machines and they won't work with the new version of it.
[00:08:00] The audience here for her little statement, which was part of this, a Microsoft tech community user questions was very upset. They did not like the answers that she was giving. And this is according to windows central, the videos, top comment, read, quote, a lot of these answers come off as super tone.
[00:08:22] Deaf is looking like Windows 11 will be another windows. So for those of us that know yeah. Windows eight was really quite the flop member. They very quickly came out with windows eight one and the Microsoft is, and the only tone-deaf company out there, I've got to say, I think Apple has been very tone-deaf in a lot of different ways.
[00:08:44] Now they seem to be waking up doing some things a little bit better, so kudos to them for that. But a lot of companies really. Tone, deaf to what users want. And there's a lot of blog posts here. We'll have to see if what they're saying ultimately ends up in windows 11. If it does, things will be a bit of a problem.
[00:09:08] But part of the reason we don't know. Is because Microsoft disabled, any more comments on the video, they were getting so many of them. And of course there's trolls people who hate Microsoft. I'm certainly not one of them. They also, by the way, deleted all existing comments on the video here about windows 11 with their program manager in response to the negativity, the voting is still upon this video and.
[00:09:37] 2,700 dislikes and only 146 likes as of this last week. It's interesting. Microsofts are really rushing to these new hardware requirements. They're being very aggressive, and I think they're handling it. Sound familiar. We've heard these sorts of things before, but now we'll see here into the legitimacy of this, how much is it going to benefit is limited as well because where are we having our biggest problems?
[00:10:09] People cooking, links, things get installed et cetera, that nothing to TPM is going to be able to handle. The TPM is going to make sure that you have a secure boot that's it's missing. Goal in life. So how was it we're going to help with a lot of this other stuff we will see, and I'll definitely keep you up to date on this.
[00:10:28] It's a real. Hey, I want to remind you guys, go to Craig peterson.com. Hopefully you got my newsletter last week. I gave you a private link to a webinar that I did about VPN, because there's a lot of people selling VPNs. Most of them are misrepresenting what they can. And in fact, most of them make you less safe.
[00:10:53] So don't miss another thing. Go to Craig peterson.com right now. And subscribe
[00:10:59] There seems to be a worker shortage. And a lot of businesses are finding that frankly, people who are involved in technology are resigning, they're calling it a great resignation of workers. We have a lot of problems as business people, filling jobs nowadays.
[00:11:20] And one of the things I've thought about doing is maybe even starting a course for people who want to figure out if this whole cybersecurity thing is right for them. I think that might make a lot of sense for some people. And there are some of you listeners. I know, because I've talked to you who have gone out and.
[00:11:40] Gotten into, is that a word who have changed careers into the cybersecurity realm? So does it make sense for you? I don't know. Do you think it would make sense for me to offer something? A cybersecurity course to give you guys the basics and help you to understand it, to see if it might be good for you.
[00:12:00] Only, you know that, and if you're interested, make sure you drop me a note just to me, M E Craig peterson.com and let me know what you think, but the big tech is suffering from this great resignation of workers and workers in the technology field right now. It's a good time to leave. Now, this isn't the same as many workers who, for instance, were in the restaurant business for many years, were in food service.
[00:12:31] You make money. Maybe you don't make money. Who knows those. And of course, those jobs pretty much disappeared during the lockup. Big tech, it's different in big tech. Most of these people, most of us, frankly, we retained our jobs. We were still able to work, still able to do the stuff we'd always been doing, but we were doing it from home, and many employees looked at the situation and said, I am not going to leave.
[00:13:04] Because I don't know if I'll be able to get a new job. Does that make sense to you? So we have a bit of a pent up demand in the tech field of people who maybe didn't like the boss didn't really like what they were doing, but kept the job because at least it was a job. It paid some bills. And from the bottom-line standpoint, it didn't make sense to.
[00:13:28] Now we see something else going on, people are leaving like crazy Facebook here. There's a quote in an article in MarketWatch. Lost this guy named Raymond Andres. Who's now the chief technology officer at air table. Now I've used air table before I was a client of theirs for a while. It's really something.
[00:13:51] If you need to do some basic project management, or if you have a process for doing something. That needs to be tracked and maybe something handed over to another person when it meets a certain stage, check it out, air table.com online, but he left Facebook and he said, there's been a burst of activity of people leaving.
[00:14:15] If anything. The lockdown delayed decisions. And that's exactly what I was saying. I've been saying that for a very long time, but there's another factor involved when it comes to technology. And that is the funding, which is just amazing. You might remember a couple of years ago we had this. Brakes on IPO's on initial public offerings.
[00:14:40] These tech companies just were not going to go public at all. And because of that, many angel investors and venture capitalists said, forget about it. I'm not going to go ahead and make any sort of investment. That is the time when a lot of these small companies just failed and of course, incomes the lockdown and even more of them failed.
[00:15:03] But now. But the investors are a spinner spending a lot of money so far this year, there have been 84 initial public offerings in the U S alone. Isn't that amazing? 50 plus billion dollars in IPO's. Now that's up from about 38 billion. Last year. So there's obviously money in the IPO world. So that gets the venture capitalists interested.
[00:15:36] So VC money is also a record hives. This year's track to be the best year yet. According to PitchBook through June. This year 2021, $150 billion has been raised among about 7,000 deals. Now that's ahead of last year's record, a total of $164 billion for the year. So we're looking at some major money going in.
[00:16:09] And we're have a lot of people that are leaving from Google and Facebook and Amazon and Apple, maybe your company as well, who are saying, wow there's some real opportunity now I could get in on the ground floor. The VC money is a record high, so I can take at least some salary enough to make it heck I haven't had to pay rent for a year.
[00:16:32] So I can afford to do that, to try and. Something with some of my friends and that's exactly what they're doing. Robert half, which is a company I've had on my show before Robert half international, they did a survey and they found that about one third of the almost 3000 information technology professionals.
[00:16:56] They surveyed said they planned to look for a new job in the next few months. They're also saying Robert half is that while employers posted more than 365,000 job openings in June alone, they're not getting filled that's by the way, the highest monthly. In about since September, 2019, and that's according to comp Tia, which is a, an industry trade group.
[00:17:24] I'm a member of that. My company is a member of comp Tia as well. So there are a lot of things happening that are really driving people to startups. And there's a lot of advantages to that. So here's another guy. This is an engineering manager who left Facebook last year. And he quickly returned.
[00:17:45] He said working at a startup, you have much more connection with employees and things moved faster. So tiger graph, by the way, also hired ex-Googlers. And they're increasing the workforce this year too, about 300 from 90. So think about what they're doing. That's not, yeah, technically it's probably still a startup, but it's 300 employees.
[00:18:10] That's not us. That is a lot of employees, and they've got a lot of money behind them. Here's another guy. And she's saying, I thought I would be a lifer at Amazon. But this was a tremendous opportunity. I can have a far greater impact and more influence on the company's trajectory, which quite frankly was harder at Amazon.
[00:18:32] And we're seeing more and more of particularly the younger employees looking at that. Her name's Anna fag fabric, sorry about the names butchering here, but she's now at freshly she's their chief criminals commercialization. Officer. So a lot of people are saying in this survey from Robert half international that having a chance to have an impact at a smaller company was a major reason for leaving.
[00:19:00] And that's after years of massive growth at big tech companies. So again, IBM in the 1970s. They were the ruler, they were the king. They was impossible. If you work for IBM, man, they're going to be around forever. And of course, they still are. And they have amazing products, especially the Z series mainframe, but they're not the company they were.
[00:19:24] And I think we now are seeing. The next step in these big high-tech, but is no longer being the companies that they were innovation is going to leave with these employees, and they're going to really be hurt and hurt quite a bit. All right. So coming up, we're going to talk, of course, more about some of the more important tech stuff, you've got to, if you haven't already get on my email list, I'll send you a couple of special reports that we.
[00:19:54] As well as of course, every week, one or two newsletters, not sales documents, newsletters, Craig peterson.com.
[00:20:04] Bitcoin is all of the rage. In fact, these cryptocurrencies or something, a lot of people have considered investing in of course, many have invested in it. I played around with them about a decade ago, and the IRS seized 1.2 billion worth of it.
[00:20:19] You might remember, we talked years ago about the IRS trying to tax things in the virtual world. So if you were in one of these real life type things and you owned property, as it were inside this virtual world, they wanted to tax it. Of course, if you sold something with real hard money and. You sold it inside that real world with real hard money, you would end up having to pay taxes.
[00:20:47] Just if you sold a hammer to someone, that's the way it works. A lot of people have decided that, for some reason, cryptocurrency is completely untracked. Now we know about cases. I've talked about them here where some of these coins in this particular case, we're talking about Bitcoin or has been used online.
[00:21:15] And in fact, the government has found out who was using it and really stepped in, in a big way. Silk road is the biggest example. This was an online black market for everything you can think of, from illegal drugs to firearms, to all kinds of illegal commodities that were for sale online.
[00:21:40] This was back in 2013, they were using Bitcoin to buy and sell things on this free trade zone. I think they called themselves and silk growed was just thriving. On comes the federal government and federal agents in the United States really cut their teeth in crypto search and seizure. With taking down the silk road, you might remember this was very unprecedented.
[00:22:10] People had no idea. What they could do. How could the federal government monitor this? Can I buy and sell these Bitcoins? All of that sort of thing. And 20 years as the chief of money laundering and asset forfeiture in. Yeah, us attorney's office for the Southern District of New York. Sharon Levin said that this whole takedown or silk road was completely unprecedented and it was new technology.
[00:22:41] What do you do well because people. Here cryptocurrency and crypto, of course, being short for cryptography, they figure that okay. While obviously it is absolutely untraceable untrackable. Tell that to the people that this year have tried to ransom money out of enough. US corporation, some of the major consider for instance, colonial pipeline and what happened with them and how at least half of their cryptocurrency was returned to them.
[00:23:15] So don't think that this stuff is a way that you can get away with breaking in the law or not paying taxes. It is not the whole. Business, if you will, of crypto seizure and sale is growing incredibly fast. In fact, the federal government just enlisted the help of the private sector to manage and store these crypto tokens that have been seized from.
[00:23:47] Now I mentioned that the IRS has seized about $1.2 billion worth of cryptocurrency this fiscal year. That is a whole lot of cryptocurrency. And what are they doing with it while it's the same thing? Remember the drug dealers back in the day. Miami, what was happening? I used to love Miami vice TV show. What happened there while they seize boats, they seized cars.
[00:24:13] They seized cash. Obviously, they can just put back into circulation, but everything else, what do they do? Cores, they go ahead and they sell it at auction. And that's what they've been doing. Then in June, they started auctioning off light coin and Bitcoin cash. They had 11 different lots on offer.
[00:24:38] It was a four day auction and it included 150.2, 2 5 6 7 1 5 3 light coin. You like that. Remember cryptocurrency is not necessarily a whole coin. It's like having a gold coin. That's worth 500 bucks. How are you going to use that to buy a loaf? But what happens with these cryptocurrencies is you can buy and sell fractions of a coin.
[00:25:04] So that's why you get into the millions of a piece of a coin. So they sold 150 ish like coin and. Above 0.00022 a Bitcoin cash worth more than 21 grand. So that's one of the 11 lots that was out there. And this crypto property is what they're calling. It had been confiscated as part of a tax noncompliance case.
[00:25:34] I'm looking right now at the public auction sale notice. And where it was, where you could go online. It was a GS, a auctions.gov. If you want to check these things out, as in the general services administration, auctions.gov, GSA, auctions.gov, and they were selling it, and it was a taxpayer, it tells you all kinds of information about them.
[00:25:56] It's a. Crazy here, but you have to pay by cash to certified cashiers or treasures check drawn on different whatever banks. And it's really cool to look at some of these things, but you can find them online. If you're interested in buying them might be a good way to buy them, to buy these various cryptocurrencies if you want to get into there.
[00:26:20] But a lot can refer to almost anything could be, as I said, boats or cars like it was on Miami vice. It could be some number of crypto coins that are being auctioned. So they're going to be doing more and more of that. Then, apparently, the feds are saying that they have no plans to step back from being basically a crypto broker.
[00:26:46] Here is the bottom line here because they're seizing and selling all of these assets. So keep an eye out for that. Remember what is going on? The silk road site that I mentioned had been shut down or operating on the dark web. It used Bitcoin exclusively nowadays are using various either types of coins.
[00:27:09] Most of them are ultimately traceable, and we're not going to get into all of the details behind it, but the bottom line is so what do they do now? Think about this. Silk road had 30,000 Bitcoin that they were able to identify in CS. And it was probably the biggest Bitcoin seizure ever. And it sold for about $19 million.
[00:27:37] So that was quite a few years ago. Somebody just pull up a calculator here, say 30,000 times, and what's Bitcoin nowadays. I'm not quite sure. Let's say it's $15,000. So in today's money, it had a half, a billion dollars. Today's value, a half, a billion dollars worth of Bitcoin in there isn't that something, and that was all seized and it was all auctioned off.
[00:28:03] So keep an eye on that. They're following the money is the technique they're using. You can find out a lot more at us, marshals.gov, and that is how they found it. If you've got pictures. You're going to have to sell it. You're going to have to transfer. You have to do something with it. And that's where they're getting.
[00:28:24] Bottom line, particularly if you take the Bitcoin and turn it into something else, but this would take a while to explain. And I was very happy to be able to sit in on a presentation that was done by the treasury department on how they handle all of this. It's frankly very fascinating. Hey, make sure you spend a couple of minutes and join me online.
[00:28:49] Craig peterson.com. You can sign up for my newsletter. You can listen to my podcasts, and you can get some free, special reports just for signing up.
[00:28:59] This is a tough one. Apple has decided that they are going to build in to the next release of the iPhone and iPad operating system. Something that monitors for child porn.
[00:29:12] Apple has now explained that they are going to be looking for child abuse images in specific ones. And I just am so uncomfortable talking about this, but the whole idea behind it is something we need to discuss. Apple said, they're going to start scanning for these images and confirmed the plan. In fact, when people said, are you sure you're going to be doing that?
[00:29:43] Here's what. IOS 15, which is the next major release of Apple's operating system for I-phones. And for I pad is going to use a tie to something called the national center for missing and exploited children. And the idea behind this is to help stop some of this child abuse and there's people who traffic in children, and it's just unimaginable.
[00:30:13] What happens out there really is some people it's just such evil. I, it I just don't get it. Here's what they're going to be doing. There are ways of taking checksums of pictures and videos, so that if there is a minor change in something that might occur, because it was copied that it does not mess it up.
[00:30:39] It still can give the valid checksum and. Iman, that technology is detailed, but basically just think of it as a checksum. So if you have a credit card number, there is a checksum digit on that bank accounts have checked some digits so that if you mess it up a little bit, okay, it's an invalid checksum, so that number's obviously wrong in this case.
[00:31:03] What we're talking about is a checksum of a pitcher or oven. And these various child safety organizations have pictures of children who are abused or who are being abused, who are being exploited. And they have these checksums, which are also called hashes. That is now going to be stored on your iOS device.
[00:31:33] And yes, it's going to take some space on the device. I don't think it's going to take an enormous amount of space considering how much space is on most of our iPhones and iPads that are out there. Apple gave this detection system is called C Sam, a real thorough technical summary. It is available online, and I've got a, to this article in this week's newsletter, but they released this in just this month, August of 2021.
[00:32:06] And they're saying that they're using a threshold that is. Quote set to provide an extremely high level of accuracy and ensures the less than one in 1 trillion chance per year of incorrectly flagging a given account. Now I can say with some certainty in having had a basic look through some of the CSM detection documentation, that they're probably right about that, that the odds are very good.
[00:32:39] Small that someone that might have a picture of their kids in a bathtub, the odds are like almost so close to zero. It is zero that it will be flagged as some sort of child abuse, because it's not looking at the content of the picture. It's not saying that this picture, maybe it is a picture of child exploitation or a video of her child being exploited.
[00:33:01] If it is not one that has been seen before by the national center for missing exploited. It will not be flagged. So I don't want you guys to get worried that a picture at the beach of your little boy running around and just boxer trunks, but a lot of skin showing is going to get flagged. It's not going to happen.
[00:33:24] However, a pitcher that is known to this national center for missing and exploited children is in fact going to be flagged and your account will be flagged. Now it's hard to say exactly what they're going to do. I haven't seen anything about it, of the apples. Only say. That that they're going to deploy software.
[00:33:50] That's going to analyze images in the messages application for new system that will warn children and their parents from receiving or sending sexually explicit photos. So that's different. And that is where again, a child, you put parental settings on their iPhone. If they're taking these. Pictures, selfies, et cetera.
[00:34:13] Girls sending it to a boyfriend, sending it to his girlfriend, whatever it might be. The parents are going to be warned, as are the children that is looking for things that might be of a sexual content. Okay. It really is. It's really concerning. Now let's move on to the part that I'm concerned about, because I think everyone can agree that both of those features are something good that are ultimately going to be very good, but here's a quote.
[00:34:40] Apple is replacing it's industry standard end to end encrypted messaging system with an infrastructure for surveillance and censorship. Now, this is a guy who's co-director for the center for democracy and technology security and surveillance product project, I should say. He's Greg, no, him, no Chaim, is saying this, and he said apple should abandon these changes and restore its users, faith in the security and integrity of their data on apple devices and services.
[00:35:14] And this is from an article over an tech. So this is now where we're getting. Because what are they doing? How far are they going? Are they going to break the end encryption in something like I messages? I don't think they are going to break it there. They're not setting up necessarily an infrastructure for surveillance and censorship, but apple has been called on as has every other manufacturer of software.
[00:35:44] I remember during the Clinton administration, this whole thing with eclipse. Where the federal government was going to require anyone that had any sort of security to use this chip that was developed by the federal government. And it turns out, of course, the NSA had an very big backdoor in it, and it was a real problem.
[00:36:04] Look at the Jupiter. That was another encryption chip and it was being used by Saddam Hussein and his family in order to communicate. And it turns out yeah, there's a back door there too. This was a British project and chip that was being used. So with apple, having resisted pressure. To break into phones by the US government.
[00:36:27] But some of these other governments worldwide that have been very nasty, who've been spying on their citizens who torture people who don't do what apple are not happy, what the government wants them to do have been trying to pressure Apple into revealing this. Now I have to say, I have been very disappointed in all of these major companies, including apple, when it comes to China, they're just drooling at the opportunity to be there.
[00:36:56] Apple does sell stuff there. All of these companies do. Yeah, Google move their artificial intelligence lab to China, which just, I cannot believe they would do something like that. AI machine learning, those or technologies that are going to give the United States a real leg up technology wise to our competitors worldwide.
[00:37:17] And they move to China, but they have complied with this great firewall of China thing where the Chinese people are being censored. They're being monitored. What's going to happen now because they've had pressure from these governments worldwide to install back doors in the encryption systems.
[00:37:38] And apple said, no, we can't do that because that's going to undermine the security for all users, which is absolutely true. If there is a door with a lock, eventually that lock will get picked. And in this case, if there's a key, if there's a backdoor of some sort, the bad guys are going to fight. Now Apple has been praised by security experts for saying, Hey, listen, we don't want to undermine security for everybody, but this plan to do ploy, some software that uses the capabilities of your iPhone to scan.
[00:38:15] Your pictures, your photos, things that videos that you're sharing with other people and sharing selected results with the authorities. Apple is really close to coming across that line to going across it. Apple is dangerously close to acting as a tool for government surveillance. And that's what John Hopkins university cryptography professor Matthew Greene said on.
[00:38:46] This is really a key ingredient to adding surveillance, to encrypted messages. This is again, according to our professor over John Hopkins, green professor green, he's saying that would be a key in Greece and then adding surveillance, encrypted messaging, the ability to add scanning systems like this to end encrypted messaging systems has been a major ask by law enforcement, the world.
[00:39:14] So they have it for detecting stuff about missing and exploited children. That's totally wonderful. And I'm fine with that. No problem. But that now means that Apple's platform has the ability to add other types of scanning. All right. We'll see what ends up happening these the next thing, which is warning children and their parents about sexually explicit photos is also a bit of a problem here.
[00:39:46] Apples. Yeah on this is messages uses on-device machine learning to analyze image attachments, and determine if a photo is sexually explicit. The feature is designed so that Apple does not get access to the messages it's saying, if it detects it, they're going to blur the photo. The child will be warned, presented with helpful resources and reassured it is okay if they do not want to view them.
[00:40:16] And the system will let parents get a message. If children do view a flagged photo and similar protections are available for child attempts to send sexually explicit photos. Interesting. Isn't it. Interesting world. So I think what they're doing now is, okay, they're really close to that line, going over.
[00:40:38] It could mean the loss of lives in many countries that really totally abuse their citizens or subjects, depending on how they look at them. Hey, make sure you check me out online. Craig peterson.com. Hey, sorry about having to talk about this, but man, this isn't.
[00:40:57] It's time for a little bit of good news. We now have satellite internet performance. That's pretty much on par with fixed broadband, and it isn't just in the us. We're going to talk about that right now. What are the options?
[00:41:13] You might remember the whole Sputnik thing and what happened there really drove the space race forward very rapidly, but we're using much fancier satellites than Sputnik, which of course, all it was doing was sending out a beep.
[00:41:30] It was alive. And I remember I went over to a friend's house. I have an advanced class amateur radio license, and I went over to a friend's house, and he had some satellite equipment. He was also a ham, and we were able to tune his satellite in his satellite dish into a couple of the satellites up there.
[00:41:52] Now the amateur radio community has one or more satellites. I'm not sure. We were really impressed with all of the stuff that's up there in the sky. There are satellites, of course, that we don't even know what they're doing because they're top-secret government satellites. And they're probably a decade ahead of the rest of the industry.
[00:42:15] But he was pulling down images from some of these satellites that were open-source of what's happening on the earth and just all kinds of things back before heavy encryption. It was very cool to think that these satellites were miles up in space. No, I'm [email protected]
[00:42:37] I don't know if you've ever tried it. You should try and go to speed. Test one word.net on your web browser. And it'll open up a little window. It's a company called Uber. And that window will allow you to start a test. And the first thing it does is it tries to find, okay, where are you located? And who has the closest reflector that we can use for speed testing?
[00:43:02] Usually there's something not too far away from you. If you are out in the Netherlands and of course, many of you listening, kind of our Netherlands, when it comes to internet access, you have pretty slow internet and speed test dot nettle. I'll put there's three numbers, you, or maybe four, you really have to pay attention to.
[00:43:25] You've got the download number and that's telling you how fast the data comes down to your browser from that particular spot, which is typically, as I said, close to you, although nowadays something that's far away on the internet, isn't going to be that much. So download matters and then probably what matters the most for most people.
[00:43:48] The next thing to look at is upload most of the time. If you have a regular consumer internet link, your upload speed is about 10, maybe as much as 20% of your download speed. So if you're getting megabit down, It's going to be 10% of that megabit down, maybe as much as 20%. So you're going to get about a hundred K up versus the megabit down it again, it varies.
[00:44:21] A lot of places will have 50 megabits down and 10 megabits up so it can vary. Now the up speed, the uplink speed is what's going to affect you when you are trying to upload a file. So maybe you're trying to upload something to work, or you are trying to stream a video cause you're trying to run a webinar.
[00:44:45] That's what that is. The next number that you have to pay attention to is the round trip time. So that's the time it takes from a packet to get from your computer to the server that you're connected to. And then back again. Usually that's measured in milliseconds. And I remember the very first time I was using the ethernet, it was thick wire, ethernet, and 10 megabits.
[00:45:16] And wow. I was just so fast and very expensive to use. And the delay pinging another machine. In other words, sending a packet from my machine to another machine on the network. And then having that packet returned to me was anywhere from if it was like lightning fast, 10 milliseconds, and more likely it was 30, 40, 50, even a hundred milliseconds on the same day.
[00:45:44] Nowadays, if you're [email protected], you are probably seen speeds that just blow away what I was using back then because things have just gotten so much faster. You've probably seen a few milliseconds in speed round trip, speed time again, depending on how good your link is. And then the fourth one you have to pay attention to is.
[00:46:11] And jitter is where you are seeing inconsistent speeds in those round trip times. And that's going to affect live stuff, particularly live audio, which we'll notice a lot to that. Hey, the audio is just terrible. It's dropping out at me. Maybe sounds digitized. Usually. Parts dropout gamers care a lot about the jitter because that's going to affect their game and how they play their game.
[00:46:42] So I just ran it here on my studio computer. Now we have fiber optics. We have a business line that goes directly to Comcast backbone and I'm seeing. From where I am to a server that's about 90 miles away, I would say my ping time round trip is three milliseconds. It's just, I'm still blown away by that.
[00:47:08] Cause I remember using dial up modems that were 110 bits per second, 110. And that was just absolutely amazing. And then 300, can you believers? 300 bod and it's changed a lot, right? So three milliseconds round trip time for me. And I'm trying to brag or make you feel bad. I'm just telling you what it can be.
[00:47:30] My download speed is 720. Megabits per second. And that's because right now we're downloading a few different things and my upload speed is a gigabit per second. So you can see in a commercial link, typically your download and your upload speeds are the same. It is not, it is in 10% obviously is exactly the same.
[00:47:54] So those are the numbers you should look at. I don't see on my results. The jitter, maybe there's not reporting that anymore, or maybe they only reported on bad lines. I'm not sure, but again, speed test.net. So they have released this [email protected], some stats on the satellite companies, because our friends over at startling, that's Elon Musk's company think Tesla and SpaceX, they are showing.
[00:48:28] Amazing download speeds. They're showing 97 megabits a second download. Now that doesn't of course, I really approach the gigabit that I'm seeing, but this is from a satellite. It's just amazing. And they're going to see if more now all fixed all speeds of everyone. One in the United States that has gone to speed test.net and ran speed tests.
[00:48:56] All speeds averaged out in the United States come to 115 megabits. So Starlink is almost as fast as the average broadband connection in the United States. Now here's a little, here's where they really shine to upload speed of about 14 megabits a second. So that's not bad that still fits within our model that we talked about latency.
[00:49:24] 45 milliseconds. Now compare that with what I had, which was what three milliseconds it's slow, but it's again, remember it's a satellite. So it's going from the earth station while it's actually going from your computer to their satellite dish at your location is going up to the satellite is coming back down to an earth station is picking up the signals from the satellite, and then it's going to the server.
[00:49:53] So 45 milliseconds is pretty good. I want to put that in perspective, though. The two biggest competitors right now, satellite internet are Hughes net and ViaSat Hughes net. This is again, according to speed, test.net. Download speed is averaging a little less than 20 megabits a second. So it's 20% of the speed of startling.
[00:50:20] Yeah, pretty bad. A and star links latency. Remember, and this matters a lot. If you're trying to do live video or you're trying to run your phone over it, latency is 724 milliseconds. So that's three quarters of a second. From the time a packet goes out until it comes back. So that will affect any sort of phone calls that you're making on HughesNet and then ViaSat none, much better download speed of 18 megabits a second, which is worse, but the upload is slightly better than HughesNet and their latency is slightly.
[00:50:56] What I'm saying is Starlink is really starting to shine. And Elon Musk is saying they are going to be even better. They're going to be much better. Give them a little bit of time. The reason that Charlene has the faster latency. Much, much faster latency than our friends at HughesNet or ViaSat is that they have low earth orbit satellite.
[00:51:23] So they are sitting up there. They do have some drag from our atmosphere, so they will come down. There's things in place to take care of all of that sort of stuff. But Starlink it's going to be available pretty much everywhere. The country. India is very excited about this because they've had real problems with the internet in some of the rural areas.
[00:51:48] But Hey, if you are out in the middle of nowhere in the United States, there is hope check out, Starlink online, lots of great stuff. Hey, stick around. We will be right back. You're listening to Craig Peterson.
[00:52:05] The hackers are still going after with ransomware, they're still doing just blanket attacks. They're still doing massive fishing, but they have glommed on to something that is being much more effective. That's what we're going to be talking about.
[00:52:21] This is a huge problem. We have seen some very high profile ransomware lately. Think of what happened with colonial pipeline, the whole solar winds attack, and much more the bad guys are trying to figure out a way to more inexpensive. Ransom money from us to more inexpensively, get all of our confidential information.
[00:52:48] I have a client that before he was my client, all of his data was stolen and they run right to the Chinese. I have another client who's operating account was completely emptied. And the problem in both of these cases, Was really the client not doing what they should be doing, but supply chain problems, supply chains, the software, you have the hardware you have that you're relying on it.
[00:53:19] One of the major types of businesses that are being attacked right now are our managed security services, company, security researchers who are trying to do, with all the effort they can maybe keep ourselves safe. But they're not doing what they should be doing. You've heard me complain for many years about programmers.
[00:53:43] I'm saying that in air quotes, people who have learned how to do Microsoft C sharp or visual basic, whatever it might be. At a very high level in share. Yeah, they can put stuff together. It reminds me of when the spreadsheets first started hitting the boardrooms, all of a sudden, business people, managers all the way on up through the board were saying I don't need the it department anymore.
[00:54:09] In order to get these numbers, I can just gather them in myself and put together a spreadsheet. I'll be safe. Everything will be great. I'm going to get that information now instead of having to wait for it, to get some programmers involved and get it done. The problem in all of these cases is exactly this.
[00:54:29] These are non-professionals that are trying to do the job. Those spreadsheets, many of them had bad data on them. They compiled into even worse data because there were in many cases. Problems with the spreadsheet. I remember when I was a professor at Pepperdine University and I was teaching management information systems out there in the west coast and beautiful campus, by the way, if you've never been there out at Pepperdine, right on the coast.
[00:54:59] But when I was working with those students, who were, it was his MIS 4 22 last year undergraduate. I ended up emphasizing spreadsheet. Because I realized most of them didn't really know how to do it. Yeah. Okay. They could go ahead and put a little thing in there that says, add up all of these columns and this row and multiply by that and cut out.
[00:55:25] I've got a number coming out, but is that number correct? It's like a county. And that's why accountants use double entries in the accounting systems to make sure everything zeroes out. Make sure everything is correct. And by having someone who's a manager using this spreadsheet, you might get some great information and might get it quickly.
[00:55:46] It might be absolutely correct, but it's very possible that it won't be. And from my experience and programmers are the worst of the worst, because many of them started when they were kids, very bright kids who were working on stuff and hacking it things. That's where the term hacker comes from.
[00:56:05] Hacker wasn't necessarily a bad thing. They certainly. Bad guys. They were just hacking it. The computer's trying to figure out how to program, and if something went wrong, they would hack at the code a little bit more to try and fix it and figure it out. Non-professional they were just hacking that stuff.
[00:56:23] And that's what we called them hackers. And so it was a derogatory term for someone that didn't really know what they were doing, but they were hacking their programming or hacking it. Some other part of it. Versus having people who are actually trained and experienced Microsoft got sued because of how bad windows millennial edition was and windows Vista.
[00:56:49] And they found that the majority of the code had been written by interns, by kids, right out of school without the experience. What does that mean? Why am I really bashing the younger generations? It has to do with the ability to foresee problems and the best way to be able to foresee a problem is to have seen it before, for instance, that you've gotta be careful when you're allocating right.
[00:57:15] And that it's not necessarily going to be cleared properly, or if at all, and that the return points can be changed in programs. That's one of the things that hackers do most nowadays. So if you have software that's written by people that don't realize all of the implications of what they're doing, you could be in trouble.
[00:57:38] I like to use the analogy of a car. Back in the day, many of us are turned a wrench and we tinkered with the older cars. We had a whole lot of fun with them trying to figure out how can I improve this? And we'll do this to the carb and we'll change this and look at this airflow problem, pretty basic stuff.
[00:57:56] But today, what we're dealing with is a car that is a whole bunch of major components. We went to replace an air intake because of a bad sensor in a Ford Crown Vic. And it was one of the last model years. And back in the day, you could pretty easily fix that. You just buy the little sensor and put it in there.
[00:58:20] And you're all set. We had to buy the whole component, which included the air intake, manifold all the way on back to the sensor and everything that was behind it. It was absolutely crazy and cost a lot of money. So think of someone who is trying to build a car today, we might equate this to you by a transmitter.
[00:58:43] You buy an engine, hopefully they fit together. If all right, have you ever tried to match a transmission to an engine and it's not right. Do you have to get a converter or make a converter that goes in the middle, or do you have to drill it out in order to make it Mount properly? All of those sorts of problems.
[00:59:00] And then you've got all of the other components in the vehicle as well that are mix and match. That's what programmers are doing nowadays. Nowadays, a programmer grabs this library that does something. So, for instance, Apple has a library you can use that identifies faces, but you don't know how it works.
[00:59:22] You don't know that transmission, how it works. Is it really going to work for you? It wasn't smart to combine that 600 horsepower engine with a Vega Chevy Vega transmission. For those of you old enough to remember what that is. But it didn't stop you from doing that either. And that's what we're seeing.
[00:59:42] That's what these supply chain attacks are all based on that. So much software is written by people that have not had the experience to think through the potential problems. And Microsoft is to blame for making it really easy for anyone to write a program, just like you could blame VisiCalc back in the day for making it really easy for anyone to make a spread.
[01:00:07] But those spreadsheets weren't accurate. The software that we're getting from our suppliers, which include Microsoft. This latest, huge hack came right through Microsoft exchange. It was a zero day bug. The same types of problems that we've had with some of the other software that's out there. Think about how we got the solar winds attack.
[01:00:31] Think about some of these other ones that we've had that are just absolutely massive. It can kill us and kill us in a very big, when we're talking of course, about all of our systems and software. Hey, I want to remind you guys, just spend a couple of minutes. If you would go online, Craig peterson.com.
[01:00:51] You're going to get the sort of thing. Last weekend. I sent out a video that I chaired with some friends, and I shared it with anybody on my list. Last weekend, it was just part of the newsletter on VPNs, who you can tell. Who you can't trust and the best ways and times to use a VPN. All right. Stick around.
[01:01:12] We'll be right back. You're listening to Craig Peterson [email protected]
[01:01:20] So now, a little bit about what supply chain attacks are. We're going to get into that a little bit more now, what can you do about it? And this European union-funded study that came in the wake of these two major cyber attacks.
[01:01:36] The European Union has now forecasted that there's going to be four times more software supply chain attacks in 2021 than there were in 2010. That, my friend, is a very big deal. These cybercriminals are now shifting to larger cross border targets.
[01:01:59] This is just an amazing report. You can look at it. It's called threat landscape for supply chain attacks. And they looked at 24 supply chain incidents that have occurred between January 20, 20 and July, 2021. The basics here are a supply chain attack is where a software provider or some sort of a trusted provider is hacked.
[01:02:25] Usually they're are hacked in a way that they don't realize they've been hacked and then they pass off. The hacked software to you. I can remember a Microsoft product back when they used to ship them on DVDs or CDs. And we got that thing. One of the first steps was always to scan it for viruses, and we did.
[01:02:48] And sure enough, Microsoft was shipping out software with a virus on it all. The same sorts of things have been happening with thumb drives some of these ones, particularly cheap ones that you buy online often have built right into them. Malware. Now with some of the reason for the malware is legitimately purposeful.
[01:03:12] Okay. What they're trying to do is get you to have their little ransomware work for them so they can make some money off of you. In other cases, you have a thumb drive that a friend gave to you, and you're now using a little thumb drive and guests. Yeah, you are a little thumb drive has some nastiness on it.
[01:03:32] Same, thing's true with Microsoft word documents that might have macro viruses, if you will, that are built into them. These little Trojans do the same thing with the Excel spreadsheets and on. But what they're finding right now is that these hackers are trying to get to the companies that provide services for the bigger companies.
[01:03:55] And that's where it can hurt you and hurt you in a big way. I was just talking about how many programmers just aren't terribly professional. And some of that has to do with their lack of experience and those programmers might be using a library. So, for instance, get hub, which I use, and it's very common to be used out there online.
[01:04:18] It has all kinds of source code called open-source code. So you can use it. You can model. That some of that software has been infected. And then there are people who are using languages that are nice and simple, like Python and others. And you write in this scripting language and pull in libraries that come from public sources that do things for you.
[01:04:41] So they might do something like display something on this screen. They might go out and grab something from a URL online or connect to a database. And what the bad guys have found out is we're not, double-checking all of the sources of all of this software, and that is causing some huge security holes.
[01:05:04] And what ends up happening is companies like solar wind are using some of this soft. And they then might be including it in the software they're providing you now, in the case of solar winds, it's a little bit different, but it's the same concept. Solar wind software was being used by a large number of companies in the U S.
[01:05:29] Agencies were using solar wind software. And so we're regular old, small businesses because what happens is you hire a managed services provider and they don't have time to look at all of your computers all of the time. So they have software that they're using called a Ryan in this particular case. And I'll Ryan is installed on all of your computers.
[01:05:55] So probably unbeknownst to you there's software on your computers. That is not being written by that managed services provider. But in this case was being written and provided by solar winds. Solar winds got hacked and the hackers put into solar wind software. Code that would eventually end up on your computer and your computer getting hacked.
[01:06:18] So you just see how complicated this gets, right? You guys are the best and brightest, but you've probably got your eyes spinning a little bit here because we're talking about multiple layers of like again, direction, right? So these attacks, which mode, it looks like it began maybe in March 20, 20.
[01:06:38] We're only detected in December last year, and they have been linked to this Russian organization called cozy bear, but we'll see what happens. We've got the more recent ones, which is the reveal. Ransomware got gang, this R E V I L reveal. And they exploited vulnerability. In Casias VSA, which again is another management platform that's used by many of these companies out there that are providing managed services.
[01:07:09] Now I've got to say by means of full exposure here. We had to use both of these pieces of software before. And when we looked into them, we found that they. Insecure. In fact, it sounds like some of these companies had been warned by their own employees, that the entire architecture of their software was insecure.
[01:07:33] Okay. So we ditched them all. We're using Cisco's software, they're advanced malware protection. The real high-end firewalls with special software, the backend that's running. So we're not getting into all of these crazy acronyms and names right now. So just so you know, that's what we use. That's what we use for our customers.
[01:07:56] I even have that at my house. Okay. So a little bit more expensive, but it's a lot cheaper than having to hire a whole bunch of it. People to keep track of everything else now, because say. I had gotten, I had this ransomware that was distributed to Casa, his client. And potentially to kiss his clients, and this reveal gang demanded a $70 million ransomware payment say is denied that it paid it.
[01:08:28] They may or may not have paid it. You might remember in the Trump years, they said, absolutely. Don't pay ransoms, or we may come after you because that is illegal to pay a ransom by. Because you are supporting a terrorist organization. So you gotta be careful with stuff like that. Don't pay ransoms, right?
[01:08:48] Because it also tells them that you are a company that pays ransoms. So guess who they're going to come after again, you, because they know you'll pay. So a lot of incidents, I'm looking at a timeline of the attacks that were studied in this report coming out of the European. Yeah. And it is amazing here.
[01:09:06] The unit max beans. That's one of those libraries. I was talking about the able desktop as Sydney. Was Vera excelling on VC or excuse me, VG, solar winds, big knocks, Mon pass Ukraine, SEI, click studios cast private stock investment manager goes on Fujitsu ledger. So this is a huge problem. And this is the sad part.
[01:09:34] European union's predicting. It'll go up four fold this year. So what do you do? You have to audit your vendors. And that usually means you have to have an agreement plays. They accept the responsibility if you are hacked. So keep it up. Yeah. Let me know if you'd like more help with that. You can always email me M [email protected]
[01:09:59] I think I got a couple of those contracts kicking around these vendor contracts. If you'd, I'll send one to, but you have to reach out to me. M E. At Craig peterson.com. All right, stick around. We've got one more segment today, and I want to make sure you spend a couple of minutes online. Craig peterson.com.
[01:10:20] And go ahead and sign up. Sign up for my weekly newsletter.
[01:10:28] We're going to do a little bit of wrap up right now, including talking about I message some of the changes that have come in Apple's messenger application, that many people are saying it shocking, and you should stop using it right now.
[01:10:44] This is an article in Forbes by Zach Dorfman, where he's talking about why you should stop using iMessage after what he's calling the shock iPhone app.
[01:10:58] Has had a number of major problems here recently that have been in the news. Of course they have about half of the smartphones in the country, right there. But things have become a little worse for apple here recently. And what we're worried about is, for instance, this whole Pegasus that we talked about a couple of weeks ago, where it is, what's called a zero-click piece of metal.
[01:11:25] Where they can send you a text message, even if they're not a friend of yours and take over your phone. And we've seen things like that before. In fact, I think it was in Saudi Arabia, where was it? The crown prince received a video from somebody. He played it, and it exploited some vulnerabilities in the video player and allowed them to have full access to his phone.
[01:11:49] And don't remember all of the details, but that part, I do remember. So the big question is, have all of these major security issues being fixed by apple is I messaged say for not, apple is saying it is encrypted end to end. They don't keep messages. There's some question about that because of a major incident back in 2018, where Apple was going to make sure it encrypted all of your backups and then.
[01:12:18] FBI apparently spoke to apple and got them to change their opinion on the whole thing, which is another interesting problem. Isn't it. So what do you do, what do you do with that? And what do you do? Very good question. Earlier this year we had WhatsApp make a major change. They had course also said we've got end to end encryption with WhatsApp or wonderful.
[01:12:41] And then people really questioned it because it was now owned by our friends over at Facebook. Is there privacy thereon WhatsApp? Is it legitimate? Is it just a bad PR move? What's going on WhatsApp, by the way, with 2 billion users worldwide and WhatsApp Facebook said, Hey, listen, we're gonna start giving you ads.
[01:13:05] And basically people were worried about them examining the content of their messages in order to give them targeted ads, et cetera. So now apples just confirmed what Forbes is calling the most shocking and controversial update in the platforms. History. And here's what's going on. Pegasus, of course, as I mentioned, this click attack, Apple's got his new update now, right?
[01:13:32] That is using machine learning. In order to see if a minor child might be sending a picture pornographic or otherwise they should not be sending or receiving. And we also have built into it. Now, this child sexual abuse. Check some set of people. That looks on your devices to see, do you have any photos that match, just check some part of the problem with this isn't that I'm not worried about these children that are being exploited.
[01:14:06] Cause I am, I'm absolutely against that. But the bigger question here is, okay, so what's next is apple going to capitulate to the government and let them know if you have a certain picture of something rather the government doesn't like, where is this going to end? So in other words, Apple's phones being a lockbox.
[01:14:30] The Apple iPad is being a lockbox is really. No longer going to be true. It is no longer going to be that encrypted lockbox that has been promised to us the electronic frontier foundation. As a little comment here, they say Apple's compromise on end to end encryption may appease government agencies in the U S and abroad, but it is a shocking about phase four users who have relied on the company's leadership in privacy.
[01:15:00] And security, which is absolutely true. Now there's not much controversy, frankly, about limiting the spread of child sexual abuse material, but where we go on from there, that's where it starts getting a little more questioning here. Here's a, this is a Jake Moore over at east set. You said the initial.
[01:15:21] Potential concern is that this new technology could drive CSM further underground. See Sam being this child abuse material, but at least it is likely to catch those at the early stages of their offending. The secondary concern, however, is that it highlights the power in which apple holds with the ability to read what is on devices and match any images to those known on a database.
[01:15:47] This intrusion is grown with intensity and often packaged in a way that is for the greater good, right? Isn't that always the case. So we're doing it for the children. I talked about this extensively earlier. You can find it in my podcast, go to Craig peterson.com/podcast. Right now you can listen to it there.
[01:16:08] Take a look in your emails from the newsletter. Pretty good about trying to send those out the last few weeks. I haven't been that great because of issues here, family issues and others. So it's been a little tough. So I apologize for that, but we all want to see technology develop. That's going to help tackle abuse.
[01:16:27] It's going to stop the real bad guys that are out there. But what happens when China says we want access to this? We want to know when there's any pictures of a weaker symbol, for instance, or something else. What's Apple going to do they get, they can no longer say, oh, that's not taught. We don't have that technology.
[01:16:45] There's nothing we can do. Just like Apple has done with the iPhones in the past, saying we don't have a back door. There is no backdoor key. We can't crack into that. That doesn't stand up when they say, okay, China comes to them or Iran or Saudi Arabia, or you name the country and says, Hey, we don't want people to see these particular messages.
[01:17:08] Absolutely amazing. So timing on this dreadful. Okay. Part of iOS 15, apparently Pegasus raised two serious concerns that Apple's ecosystem, including I message has still got some dangerous vulnerabilities and that Apple's opaque communications in the kind of a black box security really were an unhealthy man.
[01:17:32] Now Apple has in the last few months, opened up that black box, a bit to security researchers, but it's still not that open. Now we add a third, which is what happens on your iPhone. No longer stays on your iPhone. Now I get asked by a lot of people. What should I do? Where should I go? What's a safe place. I still say Apple's your best bet in general, but the next problem is so what's next after that?
[01:18:02] I can still say Android sure is not the platform you want to use. The guidance. Google has snuck stuff in time and time. Again, even going so far as to sneak a microphone. Into the nest thermostats without telling a soul and without it being on any of the datasheets. So Google's definitely not to be trusted.
[01:18:24] There are other distributions for certain phones that are based on various types of Unix. They may be good. That may not be good. One of the companies I really liked a few years ago, discontinued it's secure and it was based on Android, but they were cleaning it up a little bit. So we'll see. These attacks that came against apple to give them some credit.
[01:18:47] They were very sophisticated. They cost millions of dollars to develop. They didn't last long because apple released patches. Once I found out what had happened, and they're typically used to target an individual, think of that journalist. Who went to the Saudi embassy. I'm trying to remember his name.
[01:19:07] Cause saggy, I think was his name, but this is a real problem. Okay. We think by the way that it was fixed in 1471, but these new security child abuse things are being added in the next release. So I'm keeping an eye out. I'll keep an eye on all of this. So keep listening and not I'll let you know how things go.
[01:19:31] Apple is likely done veil the next generation I phones in September. So we've got trend force out there, outlining what it expects for the next iPhone. Now I have an iPhone. And it is about to go out of support. As soon as this new phone comes out, my eight is going to be too old to get support, but it's going to be called the iPhone 13, which is going to be formally announced by apple.
[01:19:59] So the exterior design, I'm looking at a picture of it right now. That little notch is smaller than before. They're also using some smaller silicone smaller chips inside so they can put an even bigger battery. These new iPhones are going to have support for 5g millimeter wave. And that's going to be available for sale in more countries after the release of the iPhone 13, because it's covering more bands, which is a really good thing.
[01:20:30] The circuit boards are moving from the stuff that we've seen for decades. These rigid printed circuit boards to new design that has a flex. Printed circuit board, which is quite nice because if you've ever been to phone before, you know how painful that can end up being, and they're saying this should have the increased battery because of it.
[01:20:53] There's some more stuff that should be in that phone that I've read a few articles about new features that'll be in there. China, by the way, is decreasing in its purchases of iPhone. The revenue went from 19% in 2017, down to 16 in 2020 coming from China, but they still are big players, 16.7% of global smartphone marketplace.
[01:21:20] They're also expecting by the way that these new iPhones are going to have the new processor in them as well, the a 15, and also there's going to be brand new. Mac book's coming out too. That should have some neat stuff in them. By the way, the number one app this last year was Tik TOK. It surged from fourth place to first place, knocking Facebook out of the top spot.
[01:21:48] But the top five is made up of the main Facebook apps. Yeah. WhatsApp, Instagram, and messenger. And then of course would tick talk at the top. And then the next two places go to Snapchat and telegram with another short video app from China in eighth spot. So Pinterest and Twitter, by the way. The top 10.
[01:22:10] Hey everybody. Thanks for being with me today. Make sure you keep up on it. No, the latest you can help your friends. You can help your family. You guys are the best and brightest. You guys are the guys that people rely on for technology. I know it because you tell them. Any questions, comments, just email me M [email protected] and visit the website.
[01:22:34] Listen to the podcast and please subscribe. Take care everybody. Bye-bye.