Category: Technology

There is a silent war being waged all around the world and you are up to your neck in it if you own a computer, smart phone, tablet device, smart television, or recent model car. Both multinational companies and nation-states are doing their best to collect information on you.

Tracking cookies and the like are so nineteen nineties. Today, any device that you own can be accessed without your knowledge or permission.  Laptop and cell phone cameras and microphones can be turned on by remote means; your television can see into your livingroom; your movement anywhere on the planet is tracked by your car, smart phone, or wrist device.

Stuxnet was just the beginning of what a carefully planned hack can accomplish. If you are not familiar with Stuxnet I recommend that you read up on it. Here are a few links:

Stuxnet is a malicious computer worm believed to be a jointly built American-Israeli cyberweapon, although no organization or state has officially admitted responsibility. However, anonymous US officials speaking to The Washington Post claimed the worm was developed during the Bush administration to sabotage Iran’s nuclear program with what would seem like a long series of unfortunate accidents.

Stuxnet specifically targets programmable logic controllers (PLCs), which allow the automation of electromechanical processes such as those used to control machinery on factory assembly lines, amusement rides, or centrifuges for separating nuclear material. Exploiting four zero-day flaws, Stuxnet functions by targeting machines using the Microsoft Windows operating system and networks, then seeking out Siemens Step7 software.

Wikipedia Link: Stuxnet

Link: Wired Magazine—An Unprecedented Look at Stuxnet, the World’s First Digital Weapon

Link: Business Insider—The Stuxnet Attack On Iran’s Nuclear Plant Was ‘Far More Dangerous’ Than Previously Thought

Apple, Sony, and Lenovo are famous for putting rootkits on computers without user permission to spy on you. Visio televisions are also known to spy on users and report data back to somewhere.

WikiLeaks reportedly used spyware installed purposely by Lenovo to obtain information on the Democrat National Party and Hillary Clinton’s campaign.

Recently, Russia and China have been in the news on this subject.

Russia has stated that they want to move away from any software made by a foreign countries. While the biggest target for this announcement was Microsoft, they also had others in mind. They fear that the software may be compromised by backdoors programmed into the software. It is widely believed that the FBI, CIA, and National Security Agency can access any computer at will.

Link: Microsoft, Google, Adobe Leave Russia Due to Putin’s New Laws

Link: Moscow’s government ditches Microsoft for Russian software

While Russia is trying to strengthen its defenses against spying and foreign snooping, China is again broadening its ability to keep tabs on the rest of the world. Instead of planting listening posts all over the world and circling the globe with satellites like the West, China is programming devices to report personally identifiable information to servers in their country. If you’ve been watching this subject then you know that any electronic device from their country is probably compromised or could be at a later date. Unlike us, they really have a military/industrial complex.

Here’s the latest example to be made public earlier this month. Only 700 million Android devices are affected by this one instance.

The firmware it uses receives automatic updates from the maker. The covert transmission of personal data is taking place periodically every 72 hours for text messages and call logs and every 24 hours for other personally identifiable information. The user has no ability to switch off the eavesdropping.

“The collected information was encrypted with multiple layers of encryption and then transmitted over secure web protocols to a server located in Shanghai,” Kryptowire said. “This software and behaviour bypasses the detection of mobile anti-virus tools because they assume that software that ships with the device is not malware and thus, it is white-listed.”

Link: Made in China’ smartphone spies on users, researchers found

 

Link: SHOCK REPORT: China Loaded Up to 700 Million Android Devices With Pre-Installed Spyware

For about $50, you can get a smartphone with a high-definition display, fast data service and, according to security contractors, a secret feature: a backdoor that sends all your text messages to China every 72 hours.

Link: New York Times—Secret Back Door in Some U.S. Phones Sent Data to China, Analysts Say

Link: The Hacker News—Chinese Android

Kryptowire has identified several models of Android mobile devices that contained firmware that collected sensitive personal data about their users and transmitted this sensitive data to third-party servers without disclosure or the users’ consent. These devices were available through major US-based online retailers (Amazon, BestBuy, for example) and included popular smartphones such as the BLU R1 HD. These devices actively transmitted user and device information including the full-body of text messages, contact lists, call history with full telephone numbers, unique device identifiers including the International Mobile Subscriber Identity (IMSI) and the International Mobile Equipment Identity (IMEI). The firmware could target specific users and text messages matching remotely defined keywords. The firmware also collected and transmitted information about the use of applications installed on the monitored device, bypassed the Android permission model, executed remote commands with escalated (system) privileges, and was able to remotely reprogram the devices.
Link: Kryptowire finds Android firmware

So there we are. I bet many readers didn’t know that we were even in a global “Information Cold War”.

Donald Trump’s advocating the return of manufacturing back to the United States is the right thing to do—not just for economic reasons but because it’s actually a national security issue of the highest order. Most of our military infrastructure and weapons systems are dependent on parts from foreign countries—especially China. In addition, last I heard, Russian manufacturers make parts that are vital for our cruise missile weapons systems. Farming out our military to other countries might make globalists happy but in a time of national emergency it’s a suicidal foreign policy.

The HD antenna that I deployed when our family “cut the cord” was really marginal. The antenna was located in our attic but many local channels were downright unwatchable. All we were able to get on some stations was pixels that changed every four or five seconds and highly fragmented audio. To watch many shows, I had to catch them on Hulu the following day. Watching the evening news was impossible on many stations and ditto for live sports.

Just in time for the new television season—such as it is—I went to Frys and bought a new antenna. (Assembly required) I then got up the nerve to get on the roof to install it. Our ladder is too short to reach the roof and standing on the top step is a dicey proposition—especially when working by yourself. Thankfully, my eleven year old is willing to help his old dad by holding the ladder.

I removed the DirecTV dish and replaced it with the new antenna. I used the same mast but had to exclude some parts from the clamp assembly to get it to fit.

It may not reach the advertised 70 miles but we do get more channels and at a much better quality. After filtering out the Spanish language and home shopping stations, we still have a fairly good variety of over-the-air stuff to choose from.

I went to “Cho- Choo” Fry’s in Roseville last week-end and bought their last AMD 480 video card. It was made by Diamond.
Link Fry’s: Diamond AMD RX 480 8GB PCIE GDDR5 Graphics Video Card
(For those that don’t know, AMD and NVidia make video chipsets and sell them to various manufactures that customize them and sell them under various brands.)

This is the super-duper video card that has very high specs even when compared to cards costing more than twice as much. (NVidia’s comparable version is GTX 1060.) The card has 8 GB of video memory and this particular model has three Display Ports and one HDMI connection.

I bought a two pack of Display Port to DVI cables for $21.99 since the old monitors have DVI connectors.
Link: Amazon Display Port to DVI Two Pack

Like most video cards, this one takes up two expansion slots on the motherboard and it is long, almost ten inches.
Diamond Spec Sheet
Diamond Video Card

When the Display Port to DVI cables arrived, I installed them to the computer and nothing happened. The cables did not seat properly on the video card. After a visual investigation, I determined that the video ports on the back of the computer were too close to the metal support between the slot openings on the back of the computer case. (If you recall, the video card is two expansion slots wide.) I had two choices, either cut the metal support on the case or try a different set of video cables. I opted for different video cables. I swapped the cables that I bought on Amazon with some older ones at work. My work computer is happy with the new cables and the computer at home is happy too.

The other challenge was getting the video driver to install. Simply downloading the driver from AMD and clicking “RUN” was a miserable failure. To make it work, download the driver. Uninstall your existing video driver. Then in your Download folder, right click on the driver file and select “Run as Administrator” or the equivalent.

Now I just need my son to put it to the test when he gets back with from his summer trip with Grandma and Grandpa.

For those that haven’t read this book in a while, here is a portion of the plot synopsis from Wikipedia. I have added emphasis to a portion; you will learn why in a moment.

The protagonist of the novel, Winston Smith, is a member of the Outer Party, who works for the Ministry of Truth (or Minitrue in Newspeak), which is responsible for propaganda and historical revisionism. His job is to rewrite past newspaper articles, so that the historical record always supports the party line. The instructions that the workers receive specify the corrections as fixing misquotations and never as what they really are: forgeries and falsifications. A large part of the ministry also actively destroys all documents that have been edited and do not contain the revisions; in this way, no proof exists that the government is lying.
Wikipedia 1984

In his novel 1984, Orwell envisioned that it would be an all present and all powerful government that would be running the Ministry of Truth ; however; in modern America, we prefer to let large corporations do the unpleasant lifting for government. This allows something Orwell overlooked in his dystopian world, plausible deniability.

“Plausible deniability is the ability for persons to deny knowledge of or responsibility for any damnable actions committed by others because of a lack of evidence that can confirm their participation, even if they were personally involved in or at least willfully ignorant of the actions.”
Link: Definition of Plausible Deniability

The irony that this particular book—1984—is the victim of document destruction is all the more poignant.

The perpetrator of this action happens to be Amazon.com

Amazon Secretly Removes “1984” From the Kindle
Thousands of people last week discovered that Amazon had quietly removed electronic copies of George Orwell’s 1984 from their Kindle e-book readers. In the process, Amazon revealed how easy censorship will be in the Kindle age.

In this case, the mass e-book removals were motivated by copyright . A company called MobileReference, who did not own the copyrights to the books 1984 and Animal Farm, uploaded both books to the Kindle store and started selling them. When the rights owner heard about this, they contacted Amazon and asked that the e-books be removed. And Amazon decided to erase them not just from the store, but from all the Kindles where they’d been downloaded. Amazon operators used the Kindle wireless network, called WhisperNet, to quietly delete the books from people’s devices and refund them the money they’d paid.

An uproar followed, with outraged customers pointing out the irony that Amazon was deleting copies of a novel about a fascist media state that constantly alters history by changing digital records of what has happened. Amazon’s action flies in the face of what people expect when they purchase a book. Under the “right of first sale” in the U.S., people can do whatever they like with a book after purchasing it, including giving it to a friend or reselling it. There is no option for a bookseller to take that book back once it’s sold.
Joe Miller: Amazon Secretly Removes 1984

Gizmodo’s original story can be found here

This action by Amazon, which has happened before as the article in Gizmodo points out, is one of the reasons that I don’t purchase eBooks. It is also a reason I have grown adverse to buying downloadable music if I can get a physical CD instead.

The fine print in the Licensing Agreements is that you don’t really own the eCopy, the seller does. You just paid for permission to use it. Furthermore, after you give them money, they have the right to unilaterally change to the Terms of Use Agreement.

Ultimately, this is also true of your Windows or Apple Operating System. In fact, most of this stuff actually has an expiration date buried in the software —although it us usually two or three decades in the future.

This is what I dislike about anything proprietary. With the flick of a switch, someone can delete your entire library of eBooks, adobe PDF docs or anything else. Worse yet, they can secretly edit these same works and you would never know. As in 1984, there is no paper trail to follow because there is no paper.

Also, storing things on other people’s servers is problematic. It is common knowledge that Google reads everything you send or receive via Gmail or store on their servers.

Even without this ability, look what things have been purged from our culture.

I dare you to find a copy of Disney’s Song of the South. The plot is black folks on a plantation help to keep a white family together. Yeah, the blacks are the heroes in the movie but Disney has buried it.

Leslie Neilson did a live action Mr. Magoo movie in 1997 but again you can hardly find it.

If things run afoul of Political Correctness they get purged from popular culture.

Any references to Indians or Christians in our country are experiencing the same purge: Braves, Redskins, Warriors, Crusaders, etc. How did Star n’ Bars become a symbol of racism?

If you recall, following 9/11, Hollywood briefly wanted to digitally remove the Twin Towers from movies previously filmed in New York. Yeah, really! They wanted to purge any images that the Towers ever existed instead of getting mad at the folks that blew them up. As far as I know, the only Hollywood movie to purposely delete the Twin Towers was the first Spiderman movie. If you can find the first theatrical preview for the movie, it had a helicopter suspended between the Towers in a large web. Based on the preview, the men in it had just committed a bank robbery. Also, the final battle at the end of the movie was scrapped and re-shot because it had footage of the Towers.

In the computer age, with the flick of a switch, Amazon can delete a book from your library or update it to remove offensive content. Apple can drop music from your iTunes library; Netflix can edit offensive religious material from a movie. Need I go on?

Then there is social media. Express support for traditional marriage or call homosexuality a sin and you might have your account banned from Facebook. (I Know people this has happen too.)

Support traditional family values and the day is near when you will be denied government employment and student loans.

Doubt global warming and some politicians in California want you to be subject to criminal sanctions. (Yes this is a real bill in the state legislature.)

The brave new world is here. Failure of citizens to conform in thought and deed is slowly being criminalized. Freedom, Truth, Patriotism, and Faith are the enemies of the Liberal State.

My son is an avid reader and as an incentive to push him, we offered him some cash if he would get a certain point value by the end of the school year. (Each book he reads at school has a point system based on content and grade level.)

Earlier this month, he achieved the goal set for him and wanted to use his money to buy a Microsoft Band 2. About a week ago, the Band arrived from Amazon. It was on sale again for $175.

I had him charge it while I was at work and when I got home, I told him that I would connect it with his Lumia 640.

What should have been a five minute procedure ended up taking 3 ½ hours.

First, the Band is designed to sync with the Microsoft Health application. Unlike Apple products, the Microsoft Band works on Windows, Android, and Apple phones. What I learned is that on a Windows phone, there is no ability to log off of the Microsoft Health app. It is defaulted to use the user signed into the phone. Well the Lumia 640 was my old phone. I uninstalled the app and then reinstalled, hoping to get a log-in prompt. This failed.

I deleted my email accounts, entered my son’s email account, and tried again. The Microsoft health app then tried to log into my son’s account.

I need to give you a bit of background to understand what happened next. My son is listed as my son on my Microsoft Live account. As such, I have some ability to monitor his Internet activity and control things like purchases that he makes on the phone. By having his age listed, I can also control what he does on the XBOX.

When the app tried to log on to my son’s Microsoft account, it gave him an error stating that he was too young to use the Band and locked him out of the app. We deleted the app and reinstalled. The app jumped to this same blocked message.

I ended up wiping the phone completely and starting over. After I tried to run the Microsoft Health app, it once again locked him out due to his age. Please remember that without the ability for him to connect to this application, the Band is a $175 brick.

I researched this on the Internet and found that the Microsoft Health app will only allow connections with people 18 and older. Nowhere is this documented on Microsoft’s sales information on the Band. I then researched how to change his age on the youth account. Once I changed his age to 21 in my Live account, I was told by the website that this made him an adult and he could no longer be under my supervision. Reluctantly, I agreed to this.

Then we tried the MS Health app again. We were still locked-out. So once again I had to wipe the phone and start over. This time when the Microsoft app was installed, it reluctantly allowed him to connect. My problem is that the version of Windows 10 on the phone is a beta copy and not an approved production release. By wiping my account, I’m sure I broke the link to get further updates on the phone.

I think it is stupid that Microsoft targets youth to buy their Band and then won’t let them use it because they are youth. Thus we need to lie to MS about the age of our children to use their products.

What kind of society are we living in? We aren’t supposed to care which bathroom our children use or if they get an abortion but they have to be over 18 to buy a glorified watch?

Clearly there are lawyers involved in this somehow. You’d think Microsoft would get their highly paid lobbyists to fix any issues that might prevent youth from using their products. I’m sure Fitbit has no such concerns about their products. In fact I doubt many people in Fitbit’s ads are over 18.

The bottom line is when you get your kids a Microsoft Band 2 be sure and lie about their age before trying to connect it to the Internet. Great product, but lying is not good behavior to model for your kids.

A week ago, my financial institution killed my ability to use Microsoft Money. Up to this point, I’ve been happy with Golden 1 Credit Union but this move has given me pause to consider moving my finances to another business.

Three reasons why I’m not happy:
• Golden 1 lied
• Quicken is inferior
• Privacy and Security concerns

Golden 1 Bad IT Guys
Golden 1 lied to their customers when they claimed that their software upgrade just made their site more secure and gave customers more options. They never stated that they would be discontinuing support for Money ahead of the upgrade. Not in emails to customers nor on their website. This is lousy customer service. In fact, they state just the opposite.

Does everything work the same as before the upgrade?
We worked hard to make sure that all functionality within Online and Mobile Banking remains the same.
https://www.golden1.com/OnlineServices/NewLook

The above statement has clearly been proven false.

My wife and I wrote to Golden 1 about this and got the following response. In effect, we were told to go pound sand.

Thank you for your email. Microsoft Money was discontinued in 2009, therefore it is not compatible with our website. Although you may have been able to use the service after it was discontinued, technical support is no longer offered. Golden 1 supports Quicken for Windows 2014 and 2015, Quicken for Mac 2007 and Essentials, as well as Buxfer and Mint.

When Golden 1 upgraded their website, the Quicken file format changed from QIF to QFX. I think they hosed some Quicken users as well.

Again, money was compatible with their website before the upgrade.

Quicken Inferior by Design
You may ask why I’m so upset? Quicken has always been an inferior product to Money.

Here are some samples of the differences:

Transaction entry screens

 

Money gives you a way bigger area to enter a transaction on the same screen as your account register. In Quicken you have to resort to pop-up windows to find something comparable. This is a clunky design that is not user friendly.

Money lets you hide items that are reconciled without affecting the bank balance.  This allows you to limit your day-to-day interaction to recent items. Historical data is one mouse click away. If you try this in Quicken it will literally change the numbers that it shows for your bank account. This is stupid behavior.

I do accounting for a living. My bank balance is a record of withdrawals and deposits and that is the only things that should change it. If I want to slice and dice my financial information, I can run a report. Reporting is a separate tab in both programs.

In Money my ending balance is my ending balance and the check register stays the same (reconciled items are older and to see them you just scroll up).

In Quicken, this is a convoluted question. If you select to show only unreconciled items instead of all transactions then the running balance in the account goes into crazy land.

Here are screenshots for the same transactions in Quicken toggling between All Transactions and Unreconciled Transactions. In money the running balance would not change.

The download and matching of transactions in Quicken also seems inferior to Money. Matching transactions in Money was intuitive but Quicken requires much more clicking to do the same task.

The other gripe I have is the invasiveness of Intuit. When I install Money, I click on setup.exe and install the program and go. If I have a Money file, I just double click on it and I’m off to the races but Intuit is different and not in a good way.

When I installed Quicken, it offered to import my Money file. Once I did that, I was forced to go to a registration screen and either create a new Intuit account or login and tie-in my Quicken account to my Turbo Tax account. Without your financial data being tied to Intuit via the Internet you cannot run the program. 

Quicken also gladly offers to keep a copy of all your banking data on their website. As invasive as their program is, I wonder if they are anyway.

The Quicken program does not have a product key required for installation, just the requirement that you have an Intuit account. Without a product key, Quicken can be installed on as many devices as you wish but the program needs an Intuit account in order to run.

Quicken Bugs
I did experience two bugs in the program while messing with all this nonsense.

First, on my Windows 10 desktop, Quicken was unable to connect to the Internet. After messing around for longer than I should have, I finally found the “Mondo Patch” for Quicken 2016.
Link to Mondo Patch
Once installed, I was able to get beyond the registration screen.

I later installed Quicken on my wife’s Lenovo laptop and did not experience this issue. After waiting about 10 minutes, the program finally patched itself before completing setup.

A second bug that I experienced was the mess Quicken made of my Money file. Quicken duplicated about twelve transactions in my check register and overstated my bank balance in excess of $4,000. Quicken created duplicates of items that had been reconciled in the previous month plus some other nonsense. I really hated going into my check register and deleting transactions but that’s what it took.

Not a good first impression!

Price
Before I get to my next section I did want to mention price.
Microsoft Money Sunset is a free download Money Download is here

Of course I couldn’t just get the basic version of Quicken, I needed Quicken Deluxe to import Money files. The program sells at Fry’s and Best Buy for $75. Thankfully, it sells at Sam’s Club for $55.

I wish back in the day that Microsoft had purchased Intuit but the Clinton Administration nixed the deal.

The Microsoft Corporation, in the software industry’s largest acquisition ever, agreed today to acquire Intuit Inc., the producer of the leading personal finance program, Quicken, in a stock swap valued at about $1.5 billion.
Microsoft to buy Intuit

Privacy
I have problems with all my personal information being retained by Intuit. Over the years my concern has grown. I have come to understand that they are retaining large amounts of data on users of their products.  This information is a lot of knowledge and corporate power that they could wield. Intuit is maintaining files on millions of people.

Writing about Mint—another Intuit company—and online privacy concerns I found this:

Finally, besides security issues, there are also privacy issues associated with using such sites. The sites are sitting on financial behavior information that would be extremely valuable in aggregate to marketers and others if they chose to sell it, an option Mr. Patzer of Mint.com has spoken about in the past.

Plus, even if a site promises now not to sell aggregate data about customers, it could change the agreement at any time and go ahead and sell the data. In addition, if such sites go bankrupt, even if they currently don’t sell data, trustees may decide to sell it to maximize the value of the assets.
Should you trust Mint?

I found this in the Quicken privacy policy.

If Quicken or its assets are acquired by another company, or in the event of a merger, consolidation, change in control, transfer of substantial assets, reorganization, or liquidation, we may transfer, sell, or assign to third parties, information concerning your relationship with us, including, without limitation, personal information that you provide and other information concerning your relationship with us.
Quicken Privacy Policy

See also Quicken-Intuit privacy hole

Bottom line is “we might keep your info safe but if we transfer it elsewhere, you’re on your own”.

Also, in the privacy notice, it says NOTE that on April 1, 2016 Quicken has changed ownership and is no longer a part of Intuit.

The notice then goes on to say that Quicken will continue to use the Intuit ID
This will remain in effect as a service that Intuit provides to the Quicken organization.

So presumably Intuit gives Quicken a copy of my financial data because I use their log-in services?
So does this mean hackers have two sets of data they can target? Or can be sold to a third party?

Security Concerns
Intuit seems to have better image control than the University of California at Davis campus.
However, every once in a while, their company makes the news.

As you might recall, there was a security scare with Intuit just last year.

On Thursday the company had stopped transmitting state returns filed via TurboTax because of “an increase in suspicious filings and attempts by criminals to use stolen identity information to file fraudulent state tax returns and claim tax refunds,” Intuit said in a blog post at the time. The company began transmitting state returns again on Friday afternoon Pacific Time after determining that the faked filings “did not result from a security breach of its systems,” according to a follow-up post.
http://www.cnet.com/news/turbotax-back-to-full-speed-after-fraud-concerns/

Intuit glitch affects one percent of their users.

A programming glitch in Intuit Inc.‘s TurboTax software has posed a potential security problem for as many as 150,000 users and may force them to change their passwords, the company said Thursday.
ABC News Technology story

That’s right, one percent is 150,000 thousand users. That means over 15 million use Turbo Tax.

As more people move to web based solutions, I think the likelihood that Intuit or Quicken gets hacked increases. I wish consumers like me could reduce this part of our digital footprint to minimize the impact that this will have.

Conclusion
I sure miss the old days of keeping my finances between me and my bank.