Craig Peterson's Tech Talk

Follow Craig Peterson's Tech Talk
Share on
Copy link to clipboard

ClearChannel Radio's Number One Weekend Tech Show in the Boston Market -- More Than 20,000,000 Podcast Downloads! Craig interviews top industry insiders and explains the technology secrets everyone needs to know. www.CraigPeterson.com

Craig Peterson


    • Oct 15, 2021 LATEST EPISODE
    • weekdays NEW EPISODES
    • 15m AVG DURATION
    • 1,231 EPISODES


    Search for episodes from Craig Peterson's Tech Talk with a specific topic:

    Latest episodes from Craig Peterson's Tech Talk

    How Many Times Per Week Are You Being Cyber Attacked? From Where? How? Why?

    Play Episode Listen Later Oct 15, 2021 84:46


    How Many Times Per Week Are You Being Cyber Attacked? From Where? How? Why? We've got a new study out showing that North American organizations, businesses, and others, are being hit with an average of 497 cyber attacks per week, right here in the good old USA. [Following is an automated transcript] This is a study by checkpoint software technologies. Checkpoint, I used, oh my gosh. It would have been back in the nineties back then. They were one of the very first genuine firewall companies. And it was a system that I was putting in place for my friends over at troopers. I think it was New England telephone. It might've been Verizon by then. I can't even remember, man. [00:00:41] It's been a little while, but it was, a system we were using in front of this massive system that I designed, I made the largest internet property in the world. At that time called big yellow. It morphed into super pages. It might be familiar with. But it was me and my team that did everything. We built the data center out. [00:01:05] We wrote all of the software. Of course they provided all of the yellow pages type listing so we can put it all in. And we brought it up online and we were concerned. Well, first of all, You know, I've been doing cyber security now for over 30 years. And at this point in time, they wanted something a little more than my home grown firewall. [00:01:29] Cause I had designed and written one in order to protect this huge asset that was bringing in tens of millions of dollars a year to the phone company. So they said, Hey, listen, let's go ahead and we'll use checkpoint and get things going. We did, it was on a little, I remember it was a sun workstation. If you remember those back in the. [00:01:52] And it worked pretty well. I learned how to use it and played with it. And that was my first foray into kind of what the rest of the world had started doing, this checkpoint software, but they've continued on, they make some great firewalls and other intrusions type stuff, detection and blocking, you know, already that I am a big fan, at least on the bigger end. [00:02:17] You know, today in this day and age, I would absolutely use. The Cisco stuff and the higher end Cisco stuff that all ties together. It doesn't just have the fire power firewall, but it has everything in behind, because in this day and age, you've got to look at everything that's happening, even if you're a home user. [00:02:37] And this number really gets everybody concerned. Home users and business users is. Businesses are definitely under bigger attacks than home users are. And particularly when we're talking about businesses, particularly the bigger businesses, the ones that have a huge budget that are going to be able to go out and pay up, you know, a million, $10 million ransom. [00:03:05] Those are the ones that they're after and this analysis. Point software who does see some of those attacks coming in, showed some very disturbing changes. First of all, huge increases in the number of cyber attacks and the number of successful ransoms that have been going on. And we're going to talk a little bit later, too, about where some of those attacks are coming from, and the reason behind those attack. [00:03:36] According to them right now, the average number of weekly attacks on organizations globally. So far, this year is 40% higher than the average before March, 2020. And of course that's when the first lockdowns went into effect and people started working from home in the U S the. Increase in the number of attacks on an organizations is even higher at 53%. [00:04:07] Now you might ask yourself why, why would the U S be attacked more? I know you guys are the best and brightest, and I bet it, I don't even need to say this because you can figure this out yourself, but the us is where the money is. And so that's why they're doing it. And we had president Biden come out and say, Hey, don't attack the. [00:04:27] well, some of those sectors are under khaki for more after he said that then before, right. It's like giving a list to a bad guy. Yeah. I'm going to be gone for a month in June and yeah, there won't be anybody there. And the here's the code to my alarm. Right. You're you're just inviting disaster checkpoints. [00:04:49] Also showing that there were more. Average weekly attacks in September 21. That's this September than any time since January, 2020. In fact, they're saying 870 attacks per organization globally per week. The checkpoint counted in September was double the average in March, 2020. It's kind of funny, right? [00:05:14] It's kind of like a before COVID after COVID or before the Wu Han virus and after the Wu Han virus, however, we might want to know. So there are a lot of attacks going on. Volume is pretty high in a lot of different countries. You've heard me say before some of my clients I've seen attack multiple times a second, so let's take a second and define the attack because being scanned. [00:05:40] I kind of an attack, the looking to see, oh, where is there a device? Oh, okay. Here's a device. So there might be a home router. It might be your firewall or your router at the business. And then what it'll do is, okay, I've got an address now I know is responding, which by the way is a reason. The, we always configure these devices to not respond to these types of things. [00:06:04] And then what they'll do is they will try and identify it. So they'll try and go into the control page, which is why you should never have when. Configuration enabled on any of your routers or firewalls, because they're going to come in and identify you just on that because all of a sudden them brag about what version of the software you're running. [00:06:26] And then if it's responding to that, they will try and use a password. That is known to be the default for that device. So in a lot of these devices, the username is admin and the password is admin. So they try it and now off they go, they're running. Some of these guys will even go the next step and we'll replace the software. [00:06:52] In your router or firewall, they will replace it so that it now directs you through them, everything you are doing through them. So they can start to gather information. And that's why you want to make sure that the SSL slash TLS. That encryption is in place on the website. You're going to, so if you go to Craig peterson.com right now, my website, I'm going to go there myself. [00:07:22] So if you go to Craig peterson.com, you're going to notice that first of all, it's going to redirect you to my secure site and it doesn't really matter. You won't see it. Okay. But you are there because if he. Typically at the left side of that URL bar where it says, Craig peterson.com. You'll see, there's a little lock. [00:07:44] So if you click that lock, it says connection is secure. Now there's a lot more we could go into here. But the main idea is even if your data is being routed through China or. Both of which have happened before many tens of thousands, hundreds of thousands of time times. I'm not even sure of the number now. [00:08:06] It's huge. Even if your data is being routed through them, the odds are, they're not going to see anything. That you are doing on the Craig Peterson site. Now, of course you go into my site, you're going to be reading up on some of the cybersecurity stuff you can do. Right. The outages what's happened in the news. [00:08:27] You can do all of that sort of thing on my side, kind of, who cares, right? Um, but really what you care about is the bank, but it's the same thing with the bank. And I knew mine was going to be up there. And when everybody just check it out anyway, so. So the bad guys, then do this scan. They find a web page log in. [00:08:47] They try the default log in. If it works, the Le the least they will do is change. What are called your DNS settings. That's bad because changing your DNS settings now opens you up to another type of attack, which is they can go ahead. And when your browser says, I want to go to bank of america.com. It is in fact, going to go out to the internet, say is bank of America, the bad guys. [00:09:18] Did, and they will give you their bank of America site that looks like bank of America feels like bank of America. And all they're doing is waiting for you to type into your bank of America, username and password, and then they might redirect you to the. But at that point, they've got you. So there are some solutions to that one as well, and Firefox has some good solutions. [00:09:44] There are others out there and you had to have those that are in the works, but this is just an incredible number. So here's what I'm doing, right. I have been working for weeks on trying to figure out how can I help the most people. And obviously I needed to keep the lights on, right? I've got to pay for my food and gas and stuff, but what I'm planning on doing and what we've sketched out. [00:10:10] In fact, just this week, we got kind of our final sketch out of it is we're going to go ahead and have a success path for cyber security. All of the basic steps on that success path will be. Okay. So it will be training that is absolutely 100% free. And I'll do a deeper dive into some of these things that I'm doing that I'm doing right now here on the radio, because you can't see my desktop. [00:10:40] It's hard to do a deep dive and it's open to anybody, right? If you're a home user or if you're a business user, all of the stuff on that free. Is going to help you out dramatically. And then after that, then there'll be some paid stuff like a membership site. And then obviously done for you. If the cybersecurity stuff is just stuff that you don't want to deal with, you don't have the time to deal with. [00:11:05] You don't want to learn, because believe me, this is something that's taken me decades to learn and it's changing almost every day. So I understand if you don't want to learn it to. That is the other option. I'll give you, which is done for you, which we've been doing now for over 20, 30 years. Stick around. [00:11:25] We'll [00:11:25] So which sectors are economy are being hacked? I mentioned that in the last segment, but yeah, there are some problems and the sectors that president Biden lined out laid out are, are the ones that are under, even more attack after his message. [00:11:42] 497 cyber attacks per week. On average here in the US, that is a lot of attacks. And we started explaining what that meant so that we talked about the scan attacks that are automated and some person may get involved at some point, but the automated attacks can be pretty darn automated. Many of them are just trying to figure out who you are. [00:12:09] So, if it shows up, when they do that little scan that you're using a router that was provided by your ISP, that's a big hint that you are just a small guy of some sort, although I'm shocked at how many bigger businesses that should have their own router, a good router, right. A good Cisco router and a really good next generation firewall. [00:12:34] I'm shocked at how many don't have those things in place, but when they do this, That's the first cut. So if you're a little guy, they'll probably just try and reflash your router. In other words, reprogram it and change it so that they can start monitoring what you're doing and maybe grab some information from. [00:12:56] Pretty simple. If you are someone that looks like you're more of a target, so they connect to your router and let's say, it's a great one. Let's say it's a Cisco router firewall or Palo Alto, or one of those other big companies out there that have some really good products. Uh, at that point, they're going to look at it and say, oh, well, okay. [00:13:18] So this might be a good organization, but when they get. To it again, if when access has turned on wide area, access has turned down, that router is likely to say, this is the property of, uh, Covina hospital or whatever it might be, you know? And any access is disallowed authorized access only. Well, now they know. [00:13:42] Who it is. And it's easy enough just to do a reverse lookup on that address. Give me an address anywhere on the internet. And I can tell you pretty much where it is, whose it is and what it's being used for. So if that's what they do say they have these automated systems looking for this stuff it's found. [00:14:02] So now they'll try a few things. One of the first things they try nowadays is what's called an RDP attack. This is a remote attack. Are you using RDP to connect to your business? Right? A lot of people are, especially after the lockdown, this Microsoft. Desktop protocol has some serious bugs that have been known for years. [00:14:25] Surprisingly to me, some 60% of businesses have not applied those patches that have been available for going on two years. So what then button bad guys will do next. They say, oh, is there a remote desktop access? Cause there probably is most smaller businesses particularly use that the big businesses have a little bit more expensive, not really much more expensive, but much better stuff. [00:14:51] You know, like the Cisco AnyConnect or there's a few other good products out there. So they're going to say, oh, well, okay. Let's try and hack in again. Automate. It's automated. No one has to do anything. So it says, okay, let's see if they patch, let's try and break in a ha I can get in and I can get into this particular machine. [00:15:14] Now there's another way that they can get into their moat desktop. And this apparently has been used for some of the bigger hacks you've heard about recently. So the other way they get in is through credential stuff. What that is is Hey, uh, there are right now some 10 billion records out on the dark web of people's names, email addresses, passwords, and other information. [00:15:43] So, what they'll do is they'll say, oh, well this is Covina hospital and it looks it up backwards and it says, okay, so that's Covina hospital.org. I have no idea if there even is a Gavino hospital, by the way, and will come back and say, okay, great. So now let's look at our database of hacked accounts. Oh, okay. [00:16:04] I see this Covina hospital.org email address with a password. So at that point they just try and stuff. Can we get in using that username and password that we stole off of another website. So you see why it's so important to be using something like one password, a password generator, different passwords on every site, different usernames on every site, et cetera, et cetera. [00:16:29] Right. It gets pretty important per te darn quickly. So now that they're in, they're going to start going sideways and we call that east west in the biz. And so they're on a machine. They will see what they can find on that machine. This is where usually a person gets some. And it depends in historically it's been about six days on average that they spend looking around inside your network. [00:17:00] So they look around and they find, oh yeah, great. Here we go. Yep. Uh, we found this, we found that. Oh, and there's these file server mounts. Yeah. These SMB shares the, you know, the Y drive the G drive, whatever you might call it. So they start gaining through those and then they start looking for our other machines on the network that are compromised. [00:17:23] It gets to be really bad, very, very fast. And then they'll often leave behind some form of ransomware and also extortion, where that extort you additionally, for the threat of releasing your data. So there, there are many other ways they're not going to get into them all today, but that's what we're talking about. [00:17:43] Mirman, we're talking about the 500 cyber attacks per week against the average. North American company. So we have seen some industry sectors that are more heavily targeted than others. Education and research saw an 60% increase in attacks. So their education and I've tried to help out some of the schools, but because of the way the budgets work and the lowest bidder and everything else, they, they end up with equipment. [00:18:17] That's just totally misconfigured. It's just shocking to me. Right. They buy them from one of these big box online places. Yeah. I need a, a Cisco 10, 10. And I need some help in configuring it and all, yeah, no problems or we'll help you. And then they sell it to the school, the school installs it, and it is so misconfigured. [00:18:38] It provides zero protection, uh, almost zero, right. It provides almost no protection at all. And doesn't even use the advanced features that they paid for. Right. That's why, again, don't buy from these big box. Guys just don't do it. You need more value than they can possibly provide you with. So schools, 1500 attacks per week research companies, again, 1500 attacks per week, government and military. [00:19:10] Entities about 1100 weekly attacks. Okay. That's the next, most highest attacked. Okay. Uh, health care organizations, 752 attacks per week on average. Or in this case, it's a 55% increase from last year. So it isn't just checkpoints data that I've been quoting here. That, that gives us that picture. There are a lot of others out there IBM's has Verizon's has all of these main guys, and of course in the end, They've got these huge ransoms to deal with. [00:19:50] Hey, in New Hampshire, one of the small towns just got nailed. They had millions of dollars stolen, and that was just through an email trick that they played in. K again. I T people, um, I I've been thinking about maybe I should put together some sort of coaching for them and coaching for the cybersecurity people, even because there's so much more that you need to know, then you might know, anyways, if you're interested in any of this. [00:20:22] Visit me online. Craig peterson.com/subscribe. You will get my weekly newsletter, all of my show notes, and you'll find out about these various trainings and I keep holding. In fact, there's one in most of the newsletters. Craig peterson.com. Craig Peterson, S O n.com. Stick around. [00:20:43] We've been talking about the types of attacks that are coming against us. Most organizations here in north America are seeing 500 cyber attacks a week, some as many as 1500. Now, where are they coming from? [00:21:00] Whether they're scanning attacks, whether they're going deeper into our networks and into our systems who are the bad guys and what are they doing? Microsoft also has a report that they've been generating, looking at what they consider to be the source of the attacks. Now we know a lot of the reasons I'm going to talk about that too, but the source is an interesting way to look at. [00:21:29] Because the source can also help you understand the reason for the attacks. So according to dark reading, this is kind of an insider, a website you're welcome to go to, but it gets pretty darn deep sometimes, but they are showing this stats from Microsoft, which you can find online that in the last year rush. [00:21:53] Has been the source of 58% of the cyber cat tax. Isn't that amazing now it's not just the cyber attacks. I, I need to clarify this. It's the nation state cyber tech. So what's a nature's nation state cyber attack versus I don't know, a regular cyber attack. Well, the bottom line is a nation state cyber attack is an attack that's occurring and is actually coordinated and run by and on behalf of a nation state. [00:22:31] Uh, So Russia at 58% of all nation state attacks is followed by North Korea, 23% Iran, 11% China, 8%. Now you probably would have thought that China would be. Right up there on that list, but Russia has 50% more of the nation state cyber attacks coming from them than from China. And then after China is south Vietnam, Viet, or I should say South Korea, Vietnam, and Turkey, and they all have less than 1%. [00:23:14] Now, this is this new pool of data that Microsoft has been analyzing. And it's part of this year's Microsoft digital defense report, and they're highlighting the trends in the nation state threat cyber activity hybrid workforce security. Disinformation and your internet of things, operational technology and supply chain security. [00:23:35] In other words, the whole gambit before, before all of this, now the data is also showing that the Russian nation state attacks are increasingly effective, calming from about a 21% successful compromise rate last year to 32%. So basically 50% better this year at effectiveness there, Russians are also targeting more government agencies for intelligence gathering. [00:24:10] So that jumped from 3% of their victims last year to 53%. This. And the Russian nation state actors are primarily targeting guests who us, right? The United States, Ukraine and the United Kingdom. Now this is all according to the Microsoft data. So why has Russia been attacking us? Why is China been attacking us and why the change this. [00:24:38] Well, Russia has been attacking us primarily to rent some us it's a cash cow for them just like oil and gas. They are making crazy money. Now that president Biden has made us dependent on foreign oil supplies. It's just insanity and even dependent on. Gas coming from other places. Well guess where the number one source of gases now for Europe and oil it's Russia. [00:25:08] So we are no longer going to be selling to Europe. Russia is so they're going to be making a lot of money off of. But before then they were actually counted on ransomware to help fund the Russian federal government, as well as of course, these Russian oligarchs, these people who are incredibly rich that have a substantial influence on the government. [00:25:33] Don't if you're wondering who they might be, just think of people like, oh, I don't know. Bill gates and, uh, w who are on the, some of the other big guys, you know, Tim cook, uh, Amazon's Jeff bayzos Elon Musk, right? Those are by my definition and looking it up in the dictionary, they are all a. They get exemptions to laws. [00:25:58] They get laws passed that, protect them. In fact, most of regulations actually protect these big companies and hurt small companies. So I would call them oligarchs and that's the same sort of thing in Russia in Russia. Okay. They probably have a little bit more underhanded stuff than these guys here do, but that's what Russia has been. [00:26:21] China has been continually going after our national secrets, national defense, the largest database of DNA of Americans DNA, of course, is that unique key. If you will building block for all of us, that's what DNA is. And the largest database of all of that uniquely identifying information is in. China stole from the office of personnel management records of a federal employees, their secret clearance, all of their background check information who was spoken with, what did they have to say? [00:27:03] And on and on. So China has been interested in infiltrating our businesses that provide things to the military and the military themselves and the federal state, and even the local governments that's who they've been targeting. And that's why there's 8% number might seem small. Although, as I just mentioned this year, Russia moved, moved dramatically. [00:27:30] They used to be about 3% of their attacks or against the government agencies. And now it's 53%. So Russia. And China are going after our national secrets and they can use them in a cold war, which as I've said, I think the first shots of the third world war have been fired. And frankly, they're all cyber, it's all online and Russia. [00:27:57] Isn't the only nation state actor who's changing its approaches here as espionage is the most common goal amongst all nation state groups as of this year. Tivity of hackers reveals different motivations in Iran, which quadrupled its targeting of Israel. Surprise, surprise. Over the last year. And Iran has been launching destructive attacks, things that will destroy power, power plants, et cetera, and North Korea, which is targeting cryptocurrency companies for profit. [00:28:29] So they're stealing these various crypto coins again, funding their government. So it's, it's a problem. Absolute problem. Government sectors are some of the most targeted 48%. These NGOs non-government organizations that act kind of a quasi government functions and think tanks are 31%. Uh, and Microsoft, by the way, has been alerting customers of nation, state attack, attack attempts. [00:29:01] Guess how many this year that they had to warn about 20,500 times in the past three years. So that's a lot and Microsoft is not a company that's been out there at the front lines. It never has been it's in behind. So to have them come out and say, this is. And okay, by the way, your stolen username and password run for a buck per thousand, and it's only gonna take you hundreds of hours to get it all cleared up. [00:29:32] Isn't that nice spear fishing for a hire can cost a hundred to a thousand dollars per successful account takeover and denial of service attacks are cheap from protected sites, roughly $300. Per month. And if you want to be ransomware king, it's only going to cost you 66 bucks upfront 30% of the profit. [00:29:54] Okay. Craziness. Hey, visit me online. Sign up Craig, peter.com/subscribe. [00:30:03] I had an interesting mastermind meeting this week. There's six of us. We're all business owners and it opened my eyes pretty dramatically because one of the members got hacked, but that's not what I really want to emphasize. [00:30:20] This whole cybersecurity thing gets pretty complicated, pretty quickly. And a friend of mine who is in one of my mastermind groups had a real problem. And the here's here's what went on. We'll call him Walt for back of a letter, lack of a better name since that is his name. [00:30:40] And he doesn't mind me sharing this with you. Walt has a very small business that he and his wife run, and they have a couple of contractors that help out with some things, but his business is very reliant on advertising and primarily what he does is Facebook advertising. Now I've been talking for two years, I think in this mastermind group about cyber security and the fact that everyone needs good cyber security. [00:31:13] And he always just kind of pole hum to, uh, wow. You know, and it's just too complicated for me. I got to thinking for a, you know, a bit, really a few weeks, what does he mean to complicated? Cause there's some basic things you can do. So this week on Tuesday, I was on our mastermind groups meeting and I explained, okay, so here's what happened to Walt. [00:31:42] He had $40,000 stolen, which by the way, it's a lot of money for a teeny tiny husband wife company. And. Uh, well, here's what we did. He, we helped them. We got the FBI involved and, you know, with our direct ties, cause we work with them on certain types of cases and he got back every dime, which is just totally unheard of. [00:32:06] But um, without going into all of the details there, I spent a problem. 1520 minutes with the whole group and the mastermind explaining the basics of cyber security. And that really kind of woke me up, frankly, because of their responses. Now these are all small business owners and so they're making pretty decent money. [00:32:31] In fact, every one of them and they all have some contractors and some employees all except for Walt and his wife, they had just have contractors and. I had two completely different responses from two members of this group that no. Let me tell you this was really eye opening for me. And this is why you might've heard me in the first segment talking about this, but this is why I have really changed my view of this stuff, this cybersecurity stuff, because I explained. [00:33:08] If you're using things like Norton antivirus or McAfee, antivirus, or really any of them, even the built-in Microsoft defender this year, those standard antivirus system. I have only been able to catch about 30% of the malware out there, 30%, you know, that's like having a house and you've got a security guard posted out front. [00:33:39] He's armed, he's ready to fight. And yet all of your windows are open and all of your doors are unlocked. And all someone has to do is crawl in the side window because that guy that's posted up front, he's not going to be able to stop. So 30% effectiveness. And of course, Walt had all of the basic stuff. [00:33:59] He thought he was good enough. It's not worth spending time or money doing any of this. And of course it turned out to be well worth the time and money if he had done it. But he has a friend who has contacts and, and made things happen for him. So I guess he's kind of, kind of lucky in that regard, but I explained that and I said, do you know the, the way you. [00:34:21] To go. If you're a small business, it's about $997 a month for a small business, with a handful of employees to get the type of security you really need. There's going to catch. 90 something 98%. Maybe if, if things go well of the stuff going on, in other words, you don't just have an armed guard at the front door. [00:34:46] You've got all the windows closed and blocked and the doors closed and locked as well. So yeah, somebody can still get in, but they got to really want to get in and risk getting caught. So that's kind of the analogy that I used now. One of the members of my. Of my mastermind thought, well, okay. Cause you're just being Frank with me. [00:35:09] Right? We're all friends. She said, well, initially I thought, oh Craig, I'm going to have to have you help out with stuff here. Cause my, you know, I'm concerned about my security. I make some good money. Uh, she's the one that has employee. She has a million dollar plus a year business and she wants to keep it safe. [00:35:26] But then she. Uh, you know, but, but you know, you were talking about all of this Norton and stuff and that it doesn't work. So I, I just, I don't have any hope. And that's when the another member jumped in and this other member said, well, Uh, oh, that's not what I got at all. I got the, the normal off the shelf stuff that you buy that you're going to get from Amazon, or you're going to get from PC connection or wherever that stuff is not going to work, but there is stuff that does, but it's only professional stuff. [00:36:02] You can only get it from professionals that are trained in certified. Which is the right message. Right. That was the message I was trying to relay. Yeah. Don't try and do it yourself because you can't even get the right tools that you need. That is frankly a problem. So that really got me to think. In, in a very big way, because here are two people that have heard me talk about cybersecurity and their eyes probably glazed over, but now their eyes, I know at least one of these ladies definitely glazed over. [00:36:36] So I've come to the realization that sometimes I. A little too deep into things. And although I can explain it quite well to many people, sometimes people glaze over and I get emails from you guys saying kind of the same thing. I really appreciate it. I don't understand a lot of what you're saying, Craig, but thanks for being there. [00:36:59] Listen to you every week here on the radio. Uh, then that's good. That's reassuring, but now I've come to realize a few things. One is. The I've got to be a lot clearer in my messaging, because even when talking to my friends, it is a little bit overwhelming for them sometimes. Right. And then the next thing is everybody needs help because you're being lied to. [00:37:29] Right. How are people getting ransomware? If the stuff that they're buying work. Maybe it's just me, but I think there's a disconnect there. So a lot of you guys have gone out and you've hired people and I want to spend just a few minutes right now, going through some red flags that you need to be looking out for in vendor security assessment. [00:37:56] Now I'm putting one together. As well, right yet another one. Uh, and what I'm trying to do is help you out, right? This is not as sales tool. It is trying to help you figure out where you're at. I'm putting together a webinar that I'm going to be holding these what I'm calling bootcamps, where I go through and show you exactly how to do the basic steps that you need to do in order to be safe on. [00:38:25] Okay. If an online, all that means is your, is plugged in, right. Okay. It doesn't mean you're going out and doing a lot of stuff out there on the internet just means it's connected. So those are going to be coming out. I will send an email out as soon as all of that. Stuff's ready. Cause. Absolutely free. And these assessments, I have the basic one that you can do yourself. [00:38:47] It's a self-assessment. And then I have the more advanced ones that I do that are five grand. Okay. So you've got to be a decent sized business for this to make sense where we look for all of the security problem. On all of your computers and your networks, and then give you a list of things you need to do and how to do them. [00:39:10] Okay. So it's well worth it for them, but if you're a very small company and you're trying to do some of this yourself, I want to help you. So that's what these boot camps are going to be all over. And also what the scorecard is going to be all about. So that's coming up, but here are some good red flags and an assessment. [00:39:30] I found this again on dark reading. This is kind of an insider website for those of us in the cybersecurity business, but, um, How can you verify the information that vendors are giving you about their own cybersecurity posture? We've heard in the news and I've talked about them all year, this year, and for years past. [00:39:56] That are we're vendors can be our worst nightmare because some of these hacks come in through our vendors. So you've got yourself, a cybersecurity company. How do you know if they are really telling you the truth? And man, is that hard for you to know? Right. You're going to ask him questions and the salesmen are going to say, oh yeah, yeah, yeah. [00:40:21] That's why we don't have salesmen. Right. We have engineers. You talk to me, you might talk to my son or my daughter, people who have been doing this with me, who I have trained and helped out. So this guy who wrote the article and there's this on attributed, I don't see an attribution on here on this page. [00:40:41] I definitely want to give him, probably I heard is John Babinec wrote this thing and he is a principle threat hunters. What he calls himself over at net and rich. So he says, here's what you got to do. And if you're trying to be cost-effective, he puts it in. What I call an ed month clause. And one of these days I'll tell you that story, but he calls it a validity check question so that an honest vendor would tell you, no, they don't do X and give you a good reason why they don't like it's not cost effective. [00:41:17] It's outside of a reasonable risk model. Does that make sense to you? So when you're trying to evaluate a vendor, who's going to be doing your cyber security put in one of these validity checks put in one of these questions. It doesn't really matter to you, but it's something that would be very hard for one of these cybersecurity companies to do. [00:41:42] And maybe it doesn't fit the risk model that you have. I think it's just absolutely brilliant. Probably one of the better ways when you're trying to evaluate an MSSP as cybersecurity managed or otherwise provider stick in something like that. So you have a red flag that just stands out for you. All right. [00:42:04] Make sure you are registered online. Craig Peter sohn.com/subscribe. So you can find out about all of these trainings coming up. [00:42:17] If you've never heard of the Carrington event, I really hope, frankly, I really, really do hope we never have to live through one of these. Again, there is a warning out there right now about an internet apocalypse that could happen because of the Sun. [00:42:34] Solar storms are something that happens really kind of all of the time. The sun goes through solar cycles. About every seven years, there are longer cycles as well. You might know. I have an advanced class amateur radio license I've had for a long time, and we rely a lot when we're dealing with short wave on the solar cycle. [00:42:59] You see what happens is that the sun charges, the atmosphere. You see that if you've ever seen the Northern light, that is. Part of the Sunzi missions, hitting our magnetic field and kind of getting sucked into the core of the earth, if you will, as they get caught in that field. And the more charged the atmosphere is, the more bounce you get. [00:43:24] That's what we call it bounce. And the reason us hams have all these different frequencies to use is because of the battle. We can go different frequencies with different distances, I should say, using different frequencies. So think about it right now. You've got the earth and I want to talk from Boston to Chicago. [00:43:47] For instance, I know about how many miles it is, and I have to figure out in the ionosphere up in the higher levels of the atmosphere, what frequency. To use in order to go up into the atmosphere, bounce back, and then hit Chicago. That's the idea. It's not quite as simple or as complex in some ways, as it sounds, a lot of people just try different frequencies and a lot of hams just sit there, waiting for anybody anywhere to talk to, particularly if they are. [00:44:20] It's really quite fun. Now what we're worried about, isn't so much just the regular solar activity. We get worried when the sun spots increase. Now, the solar cycle is what has primary image. On the temperature on earth. So no matter what, you might've heard that isn't your gas, guzzling car or a diesel truck that causes the Earth's temperature to change. [00:44:49] Remember the only constant when it comes to the Earth's temperature has been changed over the millions of years. We had periods where the earth was much warmer than it is now had more common that carbon dioxide in the atmosphere than it does now had less. In fact, right now we are at one of the lowest levels of carbon dioxide in the atmosphere in earth, long, long. [00:45:15] So the sun, if you might remember, comes up in the morning, warms things up, right? And then it cools down. When the sun disappears at nighttime, it has a huge impact. It's almost exclusively the impact for our temperatures. If there's other things too, for instance, eruption can spew all to hold a lot of carbon dioxide. [00:45:40] In fact, just one, just Mount St. Helens wanted erupted, put more carbon dioxide into the atmosphere than man has throughout our entire existence. Just to give you an idea, right? So these alarms that are out there, uh, you know, come on, people. Really, and now we're seeing that in, uh, this last year we had a 30% increase in the ice cap up in the, in, up in the north, up in Northern Canada, around the polls. [00:46:12] Uh, we also had some of these glaciers growing. It was so funny. I saw an article this year, or excuse me, this week that was showing a sign that was at one of our national parks. And it said this glacier will have disappeared by 2020. Of course it hasn't disappeared. In fact, it has grown now and it's past 2020. [00:46:34] Anyhow, the sun has a huge impact on us in so many ways. And one of the ways is. Well, something called a coronal mass ejection. This is seriously charged particles. That tend to be very, very directional. So when, when it happens, when there's one of these CMS coronal, mass ejections, it's not just sending it out all the way around the sun everywhere. [00:47:02] It's really rather concentrated in one. One particular spot. Now we just missed one not too long ago. And let me see if I can find it here. Just mast, a cm E near miss. Here we go. There a solar super storm in July, 2012, and it was a very, very close shave that we had most newspapers didn't mention it, but this could have been. [00:47:33] AB absolutely incredible. We'd be picking up the pieces for the next 50 years. Yeah. Five, zero years from this one particular storm. And what happens is these, these solar flares, if you will, are very, very extreme, they CME. You're talking about x-rays extreme UV, ultraviolet radiation, reaching the earth at the speed of light ionizes, the upper layers of atmosphere. [00:48:02] When that happens, by the way, it hurts our communications, but it can also have these massive effects where it burns out saddle. And then causes radio blackouts, GPS, navigation problems. Think about what happened up in Quebec. So let me just look at this call back, uh, hit with an E and yeah, here we go. And March 13th, 1989. [00:48:33] Here we go. Here's another one. Now I remembered. And this is where Quill back got nailed. I'm looking at a picture here, which is, uh, looking at the United States and Canada from the sky and where the light is. And you can see Quebec is just completely black, but they have this massive electrical blackout and it's becomes. [00:48:57] Of this solar storm. Now they, these storms that I said are quite directional, depending on where it hits and when it hits things can get very, very bad. This particular storm back in 1989 was so strong. We got to see their Rora Borealis, the Northern lights as far south, as Florida and cue. Isn't that something, when we go back further in time to this Carrington event that I mentioned, you could see the Northern lights at the equals. [00:49:35] Absolutely amazing. Now the problem with all of this is we've never really had an internet up online. Like we have today when we had one of the storms hit. And guess what we're about to go into right now, we're going into an area or a time where the sun's going to be more active, certainly on this, this 11 year cycle and possibly another bigger cycle too, that we don't really know much about. [00:50:07] But when this hit us back in the 1850s, what we saw was a, uh, a. Telegraph system that was brought to its knees. Our telegraphs were burned out. Some of the Telegraph buildings were lit. They caught on fire because of the charges coming in, people who were working the telegraphs, who are near them at the time, got electric shocks or worse than that. [00:50:34] Okay. 1859 massive Carrington event compass needles were swinging wildly. The Aurora Borealis was visible in Columbia. It's just amazing. So that was a severe storm. A moderate severity storm was the one that hit in Quebec here, knocked out Quebec, uh, electric. Nine hour blackout on Northeast Canada. What we think would happen if we had another Carrington event, something that happened to 150 years ago is that we would lose power on a massive scale. [00:51:13] So that's one thing that would happen. And these massive transformers that would likely get burned out are only made in China and they're made on demand. Nobody has an inventory. So it would be at least six months before most of the country would get power back. Can you believe that that would be just terrible and we would also lose internet connectivity. [00:51:39] In fact, the thinking that we could lose internet connectivity with something much less than a severe storm, maybe if the Quebec power grid solar, a massive objection here. Maybe if that had happened, when. The internet was up. They might have burned out internet in the area and maybe further. So what we're worried about is if it hits us, we're going to lose power. [00:52:07] We're going to lose transformers on the transmission lines and other places we're going to lose satellites and that's going to affect our GPS communication. We're going to lose radio communication, and even the undersea cables, even though they're now no longer. Regular copper cables. It's now being carried of course, by light in pieces of glass. [00:52:32] The, those cables need to have repeaters about every 15 miles or so under underwater. So the power is provided by. Copper cables or maybe some other sort of power. So these undersea cables, they're only grounded at extensive intervals, like hundreds or thousands of kilometers apart. So there's going to be a lot of vulnerable components. [00:52:59] This is all a major problem. We don't know when the next massive. Solar storm is going to happen. These coronal mass ejections. We do know they do happen from time to time. And we do know it's the luck of the draw and we are starting to enter another solar cycle. So be prepared, everything. Of course, you're listening to Craig Peterson, cybersecurity strategist. [00:53:28] If you'd like to find out more and what you can do, just visit Craig peterson.com and subscribe to my weekly show notes. [00:53:39] Google's got a new admission and Forbes magazine has an article by Zach Dorfman about it. And he's saying you should delete Google Chrome now after Google's newest tracking admission. So here we go. [00:53:55] Google's web browser. Right? It's been the thing for people to use Google Chrome for many years, it's been the fastest. Yeah, not always people kind of leapfrog it every once in a while, but it has become quite a standard. Initially Microsoft is trying to be the standard with their terrible browser and yeah, I to Exploder, which was really, really bad and they have finally completely and totally shot it in the head. [00:54:29] Good move there on their part. In fact, they even got rid of their own browser, Microsoft edge. They shot that one in. They had to, I know I can hear you right now saying, oh, Craig, I don't know. I just use edge browser earlier today. Yeah. But guess what? It isn't edge browser. It's actually Google Chrome. The Microsoft has rebranded. [00:54:52] You see the guts to Google Chrome are available as what's called an open source project. It's called chromium. And that allows you to take it and then build whatever you want on top of. No, that's really great. And by the way, Apple's web kit, Kat is another thing that many people build browsers on top of and is part of many of these browsers we're talking about right now, the biggest problem with the Google Chrome. [00:55:22] Is they released it so they could track you, how does Google make its money? Well, it makes us money through selling advertising primarily. And how does it sell advertising if it doesn't know much or anything about you? So they came out with the Google Chrome browser is kind of a standard browser, which is a great. [00:55:43] Because Microsoft, of course, is very well known for not bothering to follow standards and say what they have is the actual standard and ignoring everybody else. Yeah. Yeah. I'm picking on Microsoft. They definitely deserve it. Well, there is what is being called here in Forbes magazine, a shocking new tracking admission from. [00:56:05] One that has not yet made headlines. And there are about what 2.6 billion users of Google's Chrome worldwide. And this is probably going to surprise you and it's frankly, Pretty nasty and it's, I think a genuine reason to stop using it. Now, as you probably know, I have stopped using Chrome almost entirely. [00:56:31] I use it when I have to train people on Chrome. I use it when I'm testing software. There's a number of times I use it, but I don't use. The reality is the Chrome is an absolute terror. When it comes to privacy and security, it has fallen way behind its rivals in doing that. If you have an iPhone or an iPad or a Mac, and you're using safari, apple has gone a long ways to help secure your. [00:57:09] Well, that's not true with Chrome. In fact, it's not protecting you from tracking and Dave up data harvesting. And what Google has done is they've said, okay, well, we're going to get these nasty third party cookies out of the whole equation. We're not going to do that anymore. And what they were planning on doing is instead of knowing everything specifically. [00:57:34] You they'd be able to put you in a bucket. So they'd say, okay, well you are a 40 year old female and you are like driving fast cars and you have some kids with a grandkid on the way, and you like dogs, not cats, right? So that's a bucket of people that may be a few hundred or maybe up to a thousand. As opposed to right now where they can tell everything about you. [00:58:04] And so they were selling that as a real advantage because they're not tracking you individually anymore. No, we're putting you in a bucket. Well, it's the same thing. Right. And in fact, it's easier for Google to put you in a bucket then to track everything about you and try and make assumptions. And it's easier for people who are trying to buy ads to place in front of you. [00:58:28] It's easier for them to not have to kind of reverse engineer all of the data the Google has gathered in instead of. To send this ad to people that are in this bucket and then that bucket. Okay. It makes sense to you, but I, as it turns out here, Google has even postponed of that. All right. They really have, they're the Google's kind of hiding. [00:58:54] It's really what's going on out there. Uh, they are trying to figure out what they should do, why they should do it, how they should do it, but it's, it's going to be a problem. This is a bad habit. The Google has to break and just like any, anybody that's been addicted to something it's going to take a long time. [00:59:16] They're going to go through some serious jitters. So Firefox is one of the alternatives and to Google Chrome. And it's actually a very good one. It is a browser that I use. I don't agree with some of the stuff that Mozilla and Firefox does, but again, right. Nobody agrees on everything. Here's a quote from them. [00:59:38] Ubiquitous surveillance harms individually. And society Chrome is the only major browser that does not offer meaningful protection against cross cross site tracking and Chrome will continue to leave users unprotected. And then it goes on here because. Uh, Google response to that. And they admit that this massive web tracking out of hand and it's resulted in, this is a quote from Google and erosion of trust, where 72% of people feel that almost all of what they do online is being. [01:00:19] By advertisers, technology firms or others, 81% say the potential risks from data collection outweigh the benefit by the way, the people are wrong. 72% that feel almost all of what they do on online is being tracked. No, no. The answer is 100% of what you do is probably being tracked in some way online. [01:00:41] Even these VPN servers and systems that say that they don't do log. Do track you take a look at proton mail just last week. Proton mail it's in Switzerland. Their servers are in Switzerland. A whole claim to fame is, Hey, it's all encrypted. We keep it safe. We don't do logging. We don't do tracking, uh, guess what they handed over the IP addresses of some of the users to a foreign government. [01:01:10] So how can you do that? If you're not logging, if you're not tracking. Yeah, right. They are. And the same thing is true for every paid VPN service I can think of. Right. So how can Google openly admit that their tracking is in place tracking everything they can, and also admit that it's undermining our privacy and. [01:01:38] Their flagship browser is totally into it. Right? Well, it's really, it's gotta be the money. And Google does not have a plan B this anonymized tracking thing that they've been talking about, you know, the buckets that I mentioned, isn't realistic, frankly. Uh, Google's privacy sandbox is supposed to Fitbit fix it. [01:02:00] I should say. The, the whole idea and the way it's being implemented and the way they've talked about it, the advertisers on happy. So Google's not happy. The users are unhappy. So there you go. That's the bottom line here from the Forbes article by Zach Dorfman, delete Google Chrome. And I said that for a long time, I do use some others. [01:02:27] I do use Firefox and I use. Which is a fast web browser, that some pretty good shape. Hey, if you sign up for my show's weekly newsletter, not only will you get all of my weekly tips that I send to the radio hosts, but you will get some of my special reports that go into detail on things like which browser you shouldn't be using. [01:02:52] Sign up right now. Craig peterson.com. [01:02:57] Many businesses have gone to the cloud, but the cloud is just another word for someone else's computer. And many of the benefits of the cloud just haven't materialized. A lot of businesses have pulled back and are building data centers again. [01:03:14] The reason I mentioned this thing about Microsoft again, and the cloud is Microsoft has a cloud offering. [01:03:23] It's called Microsoft Azure. Many people, many businesses use it. We have used it with some of our clients in the past. Now we have some special software that sits in front of it that helps to secure. And we do the same thing for Amazon web services. I think it's important to do that. And we also use IBM's cloud services, but Microsoft is been pitching for a long time. [01:03:51] Come use our cloud services and we're expecting here probably within the next month, a big announcement from Microsoft. They're planning on making it so that you can have your desktop reside in Microsoft's cloud, in the Azure cloud. And they're selling really the feature of it doesn't matter where you are. [01:04:17] You have your desktop and it doesn't matter what kind of computer you're on. As long as you can connect to your desktop, using some just reasonable software, you will be able to be just like you're in front of a computer. So if you have a Chromebook or a Mac, Or a windows or tablet, whatever, and you're at the grocery store or the coffee shop or the office, you'll be able to get it, everything, all of your programs, all your files. [01:04:47] And we, Microsoft will keep the operating system up to date for you automatically a lot of great selling points. And we're actually looking into that. Not too heavily yet. We'll give them a year before we really delve into it at all. Cause it takes them a while to get things right. And Microsoft has always been one that adds all kinds of features, but most of the time, most of them don't work and we can, we can document that pretty easily, even in things like Microsoft. [01:05:18] Well, the verge is now reporting that Microsoft has warned users of its as your cloud computing service, that their data has been exposed online for the last two years. Yeah, let me repeat that in case you missed it, you, uh, yeah. I'm I'm I might've misspoken. Right. Uh, let me see, what does it say? It says, um, users of Azure cloud competing service. [01:05:48] So that's their cloud. Microsoft's big cloud. Okay. Um, their data has been. Exposed online. Okay. So that means that people could get the data, maybe manipulate the data that sort of exposed means for the last two years. Are you kidding me? Microsoft is again, the verge. Microsoft recently revealed that an error in its Azure cosmos database product left more than 3,300 as your customers data. [01:06:24] Completely exposed. Okay guys. So this, this, this is not a big thing, right? It can't possibly be big thing because you know who uses Azure, right. Nobody uses a zer and nobody uses hosted databases. Come on, give me a break. Let me see, what else does this have to say? Oh, okay. It says that the vulnerability was reported, reportedly introduced into Microsoft systems in 2019, when the company added a data visualization feature called Jupiter notebook to cosmos DB. [01:06:59] Okay. Well, I'm actually familiar with that one and let's see what small companies let's see here. Um, some Azure cosmos DB clients include Coca Cola. Liberty mutual insurance, Exxon mobile Walgreens. Hmm. Let me see. Could any of these people like maybe, maybe Liberty mutual insurance and Walgreens, maybe they'd have information about us, right. [01:07:26] About our health and social security numbers and account numbers and credit cards. Names addresses. Right, right. That's again, why I got so upset when these places absolutely insist on taking my social security number, right? It, it, first of all, when it was put in place, the federal government guaranteed, it would never be used for anything other than social security. [01:07:53] And the law even said it could not be used for anything other than social security. And then the government started expanding it. Right. And the IRS started using it. To track all of our income and you know, that's one thing right there, the government computers, they gotta be secure. Right. All of these breaches we hear about that. [01:08:12] Can't be true. Uh, so how about when the insurance company wants your personal information? Like your social security number? What business is it of? There's really no. Why do they have to have my social security number? It's a social security number. It's not some number that's tattooed on my forehead. [01:08:36] That's being used to track me. Is it this isn't a socialist country like China is, or the Soviet union was right. It's not socially. So why are they tracking us like that? Walgreens? Why do they need some of that information? Why does the doctor that you go to that made the prescription for Walgreens? Why do they need that information? [01:09:00] And I've been all over this because they don't. Really need it. They want, it makes their life easier, but they don't really need it. However, it exposes us. Now, if you missed the email, I sent out a week ago, two weeks ago now, I guess. You missed something big because I, in my weekly newsletter went through and described exactly what you could do in order to keep your information private. [01:09:35] So in those cases where websites asking for information that they don't really need, right? You don't want to lie, but if they don't really need your real name, why you're giving them your real name? Why do you use a single email address? Why don't you have multiple addresses? Does that start make sense to you guys? [01:09:54] And now we find out that Microsoft Azure, their cloud services, where they're selling cloud services, including a database that can be used online, a big database, uh, 3,300 customers looks like some of them are actually kind of big. I don't know. ExxonMobil pretty big. Yeah. I think so. Walgreens, you think that that might be yeah, yeah, yeah, yeah. [01:10:22] Y. Why are we trusting these companies? You know it, if you have a lot of data, a lot of customers, you are going to be a major target of nation states to hack you and bat just general hackers, bad guys. But you're also, if, if you've got all this information, you've also got to have a much higher level of security than somebody that doesn't have all of that information. [01:10:52] Does that make sense too? Did I say that right? You don't need the information and, and I've got to warn anybody that's in a business, whether you're a business owner or you're an employee, do not keep more data than you need the new absolutely need to run your company. And that includes data about your customers. [01:11:16] And maybe, maybe it's even more specifically data about your customer. Because what can happen is that data can be stolen and we just found. That? Yes, indeed. It could have been, it was exposed Microsoft the same. We don't know how much it was stolen. If anything was stolen. Um, yeah, Walgreens. Hey, I wonder if anyone's going to try and get some pain pills illegally through, uh, this database hack or a vulnerability anyways. [01:11:47] All right, everyone. Stick around. We'll be back. Of course, you listening to Craig Peterson. I am a cybersecurity strategist for business, and I'm here to help you as well. You can ask any question any time, uh, consumers are the people I help the most, you know, I wish I got a dime for every time I answered a question. [01:12:09] Just email me@craigpeterson.com me@craigpeterson.com and stick around. [01:12:18] Whether or not, you agree with the lockdown orders that were put in place over this COVID pandemic that we had. Uh, there are some other parts of the world that are doing a lot more. [01:12:34] Australia has, I don't know. I think that they went over the deep end. The much, the same thing is true right next door to them. [01:12:45] And I am looking at a report of what they are doing with this new app. Uh, you might be aware that both apple and Google came out with an application programming interface. That could be used for contract tack tracking, contact tracking. There you go. Uh, it wasn't terribly successful. Some states put some things in place. [01:13:13] Of course you get countries like China. I love the idea because heaven forbid you get people getting together to talk about a Tannen square remembrance. Now you want to know who all of those people were, who were in close proximity, right? So, you know, good for China a while, as it turns out, Australia is putting something in place they have yet another COVID lockdown. [01:13:39] They have COVID quarantine orders. Now I think if you are sick, you should stay on. I've always felt that I, you know, I had 50 employees at one point and I would say, Hey, if you're sick, just stay home. Never required a doctor's note or any of that other silliness, come on. People. If someone's sick, they're sick and let them stay home. [01:14:04] You don't want to get everybody else in the office, sick and spread things around. Right. Doesn't that just kind of make sense. Well, they now in Australia, don't trust people to stay home, to get moving. Remember China, they were, they were taking welders and we're going into apartments in anybody that tested positive. [01:14:22] They were welding them into their apartment for minimum of two weeks. And so hopefully they had food in there and they had a way to get fresh water. Australia is not going quite that far, but some of the states down under. Using facial recognition and geolocation in order to enforce quarantine orders and Canada. [01:14:47] One of the things they've been doing for very long time is if you come into the country from out of the country, even if you're a Canadian citizen, you have to quarantine and they'll send people by your house or you have to pay to stay for 10 days in a quarantine hope. So you're paying the course now inflated prices for the hotel, because they're a special quarantine hotel. [01:15:14] You have to pay inflated prices to have food delivered outside your door. And that you're stuck there for the 10 days, or if you're at home though, they, you know, you're stuck there and they'll send people by to check up on you. They'll make phone calls to check up on you and. They have pretty hefty find. [01:15:36] Well, what Australia has decided to do is in Australia is Charlene's even going from one state to another state are required to prove that they're obeying a 14 day quarantine. And what they have to do is have this little app on their phone and they, the app will ping them saying, prove it. And then they have to take a photo of themselves with geo location tag on it and send it up via the app to prove their location. [01:16:15] And they have to do all of that within 15 minutes of getting the notification. Now the premier of the state of south Australia, Steven Marshall said we don't tell them how often or when on a random basis, they have to reply within 15 minutes. And if you don't then a police, officer's going to show up at the address you're supposed to be at to conduct an in-person check. [01:16:43] Very very intrusive. Okay. Here's another one. This is a, an unnamed government spokesperson who was apparently speaking with Fox news quote. The home quarantine app is for a selected cohort of returning self Australians who have applied to be part of a trial. If successful, it will help safely ease the burden of travel restrictions associated with the pandemic. [01:17:10] So there you go. People nothing to worry about. It's just a trial. Uh, it will go away. Uh, just like, uh, for instance, income tax, as soon as rule, number one is over, it will be removed and it will never be more than 3% and it will only apply to the top 1% of wage-earners. So there you go. Right. And we all know that world war one isn't over yet. [01:17:34] Right. So that's why they still have it in somehow. Yeah, some of the middle class pays the most income tax. I don't know. Interesting. Interesting. So there you go. Little news from down under, we'll see if that ends up happening up here. News from China, China has, uh, China and Russia have some interesting things going on. [01:17:55] First of all, Russia is no longer saw. Country, they kind of are. They kind of aren't, they are a lot freer in many ways than we are here in the United States. Of course, China, very heavily socialist. In fact, they're so socialists, they are communist and China. And Russia both want their kids to have a very good education in science, engineering, and mathematics. [01:18:23] Not so much on history, not so much on, on politics. Right. But definitely heavy on the, on the sciences, which I can see that makes all the sense. I think everybody should be pretty heavily on the science. Well, according to the wall street journal this week, gamers under the age of 18 will not be allowed to play online games between 8:00 PM and 9:00 PM on Friday, Saturdays and Sundays. [01:1


    What Happened With Facebook's Outage? When Will It Happen Again?

    Play Episode Listen Later Oct 5, 2021 9:08

    What Happened With Facebook's Outage? When Will It Happen Again? Facebook had a huge outage all of its properties. So why did it happen? How did it happen? And what's going to happen in the future? The frankly, some of this technology just isn't that stable. And I'm going to explain why right now! [Automated transcript follows] [00:00:20] I've already talked about it a little bit this morning on the show, but Facebook was. Facebook was down a lot. Facebook too was down a long time. And Mr. Zuckerberg has now lost about $7 billion because of how long it was down. And Craig Peterson joins us now to talk a little bit about exactly what happened, why it matters, what it means and so much more. [00:00:39] Craig, how are you this morning? [00:00:41] Hey, good morning. Doing well. [00:00:42] Thanks. Good to have you as always. So tell me first. What actually happened yesterday. I read that the explanation from Facebook seems like not a big deal as just a configuration problem, a little unexpected issue. They're not sure exactly what happened or looking into it. [00:00:57] It's not a big deal though. Continue on with your day. What's the reality, what actually happened. [00:01:01] Yeah, nothing to see here. You look at the number of companies and the companies Facebook has bought over the years, basically since 2005, they've spent $410 billion on all these companies named some names. [00:01:17] You might actually recognize you remember Friendster? [00:01:20] I do remember friends. Yes. That was a little, that's a little bit back there, but yeah. [00:01:25] That was about 10 years ago, they paid $40 million for that. But of course, Facebook has moved on from that and owned all kinds of companies. Right now. [00:01:35] It's got Instagram, WhatsApp, by the way they paid 19 billion is what it's wiping sorts out Oculus live rail and many [00:01:45] others basically. That's when Ben one of the main complaints events. Supposedly being a monopoly is that they've been gobbling up their competition and other things that maybe even weren't competition, but things they could just add to the big beast and have it consolidated at all under Facebook's banner. [00:02:02] Yeah. So the problem that tech guys have is this scale, massive scale. So on top of all of that, they have they claimed to have almost half the people. Earth go logging on to Facebook. So how do you deal with numbers like these and gets very difficult. And what appears to have happened is they're using a tool. [00:02:26] There's a few that we use. And in fact, we'd had a similar problem yesterday with my company's networks, where w here's what happened? Here's the basics, right? You heard it was a DNS problem. Some people have said that. That's not the real problem. The real problem lies underneath that. And it's something that we have to deal with because we're working with multiple companies that have multiple network connections, and that's where it comes from the multiple network connections. [00:02:56] So on the internet, what happens if you're going to go to Facebook, you're typing in facebook.com that has to be turned into an internet address. And to do that, you use DNS. But how bout beneath that basically the street directory who has main street in downtown Portsmouth. For instance, if you want to get there, there's another protocol that's used beneath DNS, and this protocol is used to actually map the, these addresses, these internet numbers. [00:03:32] So that was the problem yesterday. And I checked it online myself with a site that we use to monitor all of this type of ad dressing. And what turned out had happened is Facebook stopped advertising where it addresses. If you tried to look up Facebook, you couldn't find it. And you got a DNS error because the DNS servers addresses were unknown. [00:03:57] You knew the address, but you didn't know how to get to that address on the. And Facebook has become so big. They're using automated tools in order to push the configurations to all of these, what are called BGP servers. So what probably happened yesterday in reading some things on Reddit and other places where there are some people who claim to be working for Facebook, what probably happened. [00:04:26] Somebody forgot to put the peer configurations into their BGP routing tables, pushed it out to all of their BGP routers worldwide. Now I've got to say on the outage that lasted six or eight hours with a problem. This is amazing because now you have to worry about the cold start of the whole. Some kind of like Texas, another four minutes, they would have been without power in some areas for months, [00:04:57] we were referring to it. [00:04:58] I'm thinking of a cold start your side. It sounds like you're starting a car. It's too cold outside and the car just doesn't have enough juice in the battery. So it's a, is that basically what happened? [00:05:06] Yeah. Yeah. What happened is you couldn't get to anything. Facebook probably could not get to its own routers to update the configuration. [00:05:14] Similarly took so long then is that they really were having a difficult time even gaining access to the thing that would be necessary to fix it. [00:05:20] Exactly. And there were a lot of people, myself included that were thinking man, it's going to be days because the cold start also has problems with like caches. [00:05:31] For instance, you go to a page. There's pictures, there's videos, there's texts while all of that information gets stored in a cache. So it doesn't have to be generated every time somebody sees something. So there would be cold Cassius out there that would need to be updated. It's a nightmare. This was a nightmare scenario for them and was probably caused by letting some junior guy. [00:05:55] We'll make some changes through their BGP table. [00:05:59] That is remarkable. We're talking with Craig Peterson, our tech guru. He joins us on Wednesdays typically to go over the world of technology. And of course we'll do that tomorrow as well, but we wanted to have him join us to talk a little bit about Facebook before I let you go. [00:06:11] Craig. I The implications of this, I think are massive. I take to consider, even if you don't care about Facebook, if you don't use it, it's not part of your life. Obviously it is such a big part of not just American life, but this is a worldwide issue, right? I It is used by billions and billions of people and this kind of an outage lasting this long is not only unprecedented, but really important in terms of having good Lord. [00:06:34] If you're a, if you're a Facebook. I was talking about that a little bit earlier this morning. If you had Facebook stock, how do you feel today? I know mark Zuckerberg doesn't feel great. That's why he lost $7 million of value yesterday. How does this affect at Facebook, the company going forward here, this, and when you combine this with the whole whistleblower thing, it's not exactly been a good week. [00:06:51] Yeah, not at all. This problem frankly, comes from the early days or earlier days of the internet. I was on the internet back in the early 1980s and helping to develop the protocols. And back then, we were not worried that. That's type of massive scale. We were not worried about hackers, really getting in. [00:07:13] Cause it was a great community. I'm most of us knew each other and we used to joke around and have a lot of fun. These protocols were not designed for the types of problems we're seeing today. So until these problems are solved, not by Facebook, but by the internet community as a whole, these types of things can happen again. [00:07:37] So Facebook, it could go down again because frankly we have seen times where for instance, traffic from the Washington DC area was all routed through Moscow. So you would send data from the white house and I'm know to someone in the building, across the street. And it was referred through mosque gal who knows what the Russians are doing with all of that data, but we just don't have the safeguards in place that would support, frankly, the way we are using the internet today. [00:08:12] Facebook could face this problem. Again, we're talking about fiber as much as I've seen numbers, $500 million an hour in lost revenue from Facebook, but it could happen to anyone. And I'm sure there will be a lot of work here. Others, people sharpening pencils, and finally getting in line on how do we actually do. [00:08:33] The stop work at huge scale. Huge. We're talking now hundreds of billions, probably trillions of devices connected to the internet by 2025. [00:08:46] They're actually sharpening pencils. Craig, you think anybody uses pencils anymore? I begged to do. Not a technology companies. Craig Peterson, we appreciate it as always. [00:08:55] Of course you hear them on Saturdays as well on WGAN and we'll hear his voice tomorrow, joining us for the more traditional tech topics, other things besides Facebook to chat about, obviously, but we appreciate him joining this morning. Thanks a lot, Greg. And we'll talk to you tomorrow. [00:09:07] Take care.

    Could Using the Right Multi-Factor Authentication Save You?

    Play Episode Listen Later Oct 3, 2021 83:13

    Could Using the Right Multi-Factor Authentication Save You? I had a good friend who, this week, had his life's work stolen from him. Yeah. And you know what caused it? It was his password. Now, you know what you're supposed to be doing? I'm going to tell you exactly what to do right now. Let's get right down to the whole problem with passwords. I'm going to tell you a little bit about my friend this week. He has been building a business for. Maybe going on 10 years now, and this business relies on advertising. Most companies do so in some way; we need to have new customers. There's always some attrition. Some customers go away. So how do we keep them? We do what we can. How do we get new customers? For him, it was. Advertising, primarily on Facebook. He did some Google ads as well, but Facebook is really where he was focused. So how did he do all of that? Here's the bottom line you have to, if you are going to be advertising on Facebook, you have to have an advertising account. The same thing's true. Google. And then, on that account, you tie in either your bank account or your credit card. I recommend a credit card so that those transactions can be backed up. And on top of all of that now, of course, you have to use a pixel. So the way the tracking works is there are pixels on websites, about those already. And the bottom line with the pixels. Those are also. Cookies are about the pixels are used to set a cookie so that Facebook knows what sites you've gone to. So he uses those. I use those. In fact, if you go to my website, I have a Facebook pixel that gets set. And the reason for all of that is so that we know with. I'd be interested in something on the site. So I know that there are many people interested in this page or that page. And so I could, I have not ever, but I could now do some advertising. I could send ads to you so that if you were looking at something particular, you'd see ads related to that, which I've always said. It is the right way to go. If I'm looking to buy a pickup truck, I love to see ads for different pickup trucks, but if I don't want a car or truck, I don't want to see the ads. It isn't like TV where it sometimes seems every other ad is about. Car or a pickup truck. It drives me crazy because it's a waste of their money in advertising to me. After all, I don't want those things. And it's also not only just annoying in money-wasting. There are better ways to do targeting. And that's what the whole online thing is. Anyways, I told you about that because he had set up this pixel years ago. Basically, the Facebook pixel gets to know you. All of the people who like you that might've bought from you. Cause you can have that pixel track people through your site, your purchase site, they know what you purchase on the shopping cart, et cetera. And you can identify these people over on Facebook and their ads because they abandoned the cart or whatever it is you want to do there. So there's just a whole ton of stuff that you can do for these people. And it's so bad. It is so valuable. It takes years to build up that account. Years to put that pixel in place. And our friend here, he had done precisely that. Then he found that his account had been compromised. And that is a terrible thing in this case because the bad guy used his account to place ads. So now there are really two or three problems here. We'll talk about one of them. Why was the bad guy going after him? He has been running ads on Facebook for a long time. So as far as Facebook is concerned, his account is credible. All of the ads he runs don't have to be reviewed by a human being. They can go up almost immediately. He doesn't have to wait days for some of these things to go up. So our bad guy can get an account like his that has years' worth of advertising credibility and now start advertising things that are not correct. So there again is part of the value of having one of these older accounts for advertising. And so the bad guy did that use his credibility. And then secondly, he used 25 grand worth of my friend's money to run ads. Also, of course, very bad, very bad. So I sat down with him. In fact, it was this last week, and I was out on a trip with just a vacation trip. It was absolutely fantastic. I never just do vacation. It's always business plus work whenever I do anything like this, but I was on a trip last week. And so my eldest son who works closely with me, and he's also part of the FBI InfraGard program. So I had him reach out to my friend, and he helped them out, and they talked back and forth. So here's the problem that he has. And I'm trying to figure out a perfect way to solve this. And I haven't figured that out yet. And if you guys have an idea because you are the best and brightest, you really are. So go ahead and drop me an email at me@craigpeterson.com if a good way around this particular problem, which is he has. This Facebook could count and many other accounts, including his website, hosting account, email account, et cetera. And. He has people who manage his ads for him. Who operates his website for him, who put up some promotions, advertising, and everything else. So these are third-party. This is what we generically call a supply chain, risk people who are not him have access to his stuff, his private property. And how does he do it, or how did he do it? Is he went ahead and gave them. Access by giving them accounts or passwords. How well were they guarding their passwords and their accounts? So the first thing I had my friend do was going to haveIbeenpwned.com. I had him put in his email address, the one he uses the most, and it showed up in five different. Hacks data dumps. So these are five various sites where he had used that same email address in this case. And he found out that in those five cases, the bad guy's got his passwords and personal information. All bad. And he went ahead and cleaned it up. So I said put in the password because have I been, pwned also let you check your password, just see if it has been used by someone else and then stolen. So there are billions of passwords in this database. It's incredible of all of these known passwords. So he put in his password, and no, it had not been stolen, but the problem is how about the people that were managing his ads on Facebook and managing his Facebook ad. We're the usernames, which are typically the email addresses and the passwords kept securely. That's a supply chain thing I'm talking about, and that's where I'd love to get him. But from you guys, me@craigpeterson.com. If you think you have a good answer, What we've been doing. And our advice to him was use one password. That's the only one to use. I don't trust last pass anymore. After their last big hack where they got hacked one password, the digit one password. And go ahead. And set it up. And in a business scenario, you can have multiple vaults. So have a vault. That's just for people that are dealing with your Facebook ad account, maybe have another vault for people who are posting for you on Facebook. Or better yet when it comes to Facebook, go ahead and have an intermediary that is trusted the, if this, then that, or there's a few of them out there that can see that you put the post up on the website and automatically posted on Facebook. So you don't have to get. All of these people, your passwords, but again, it's up to you. You got to figure out if that makes sense to you that those are the types of things that I think you can do. And that is what we do as well. Now, one of the beauties of using one password like that, where you're not sharing all of your passwords to everything you're sharing, the minimum amount of login information that you possibly can share is that if they leave your employees, All you have to do is remove their access to the appropriate vault or vaults, or maybe all of your vaults. And this is what I've done with people that worked for me in the US and people would work for me overseas, and there have been a lot of them and it has worked quite well for me. So with one pass, We can enforce password integrity. We can make sure the passwords on stolen. One password ties automatically into have I been postponed. If a password has been exposed, if it's been stolen online, it's a great way to go. Now I've got an offer for you guys who are listening. I have a special report that I've sold before on passwords, and it goes through talks about one password. He talks about the last pass, which I'm no longer really recommending, but give some comparisons and how you can use these things. Make sure you go and email me right now. Me, Me@craigpeterson.com. That's ME at Craig Peterson dot com and just ask me for the password special report, and I'll be glad to get that on-off to you. There is a lot of good detail in there and helps you, whether you're a home user or a business. So the next step in your security is multi-factor authentication. Interesting study out saying that about 75% of people say that they've used it for work or for business, but the hard numbers, I don't think they agree One of the things that you have to do is use good passwords. And the best way to do that is to use a password manager. I was talking about a friend of mine who had been hacked this last week and his account was hacked. His Facebook ad account was hacked. We asked him if we could reach out to. BI and he said, sure. So we checked with the FBI and they're looking to turn this into a case, a real case, because they've never seen this type of thing, the hijacking of an advertising account who hijacked it. And why did they hide jacket? Was this in preparation maybe for. Playing around with manipulating our next election cycle coming up. There could be a lot of things that they're planning on doing and taking over my friend's account would be a great way to have done it. So maybe they're going to do other things here. And our friends at the FBI are looking into it. How now do you also keep your data safe? Easily simply. When we're talking about these types of accounts, the thing to look at is known as two factor authentication or multifactor authentication. You see my friend, if he had been using multi-factor authentication. I would not have been vulnerable. Even if the bad guys had his username, email address and his password, they still would not be able to log in without having that little six-digit code. That's the best way to do multi-factor authentication. When we're talking about this code, whether it's four or 5, 6, 8 digits long, we should not be using our cell phones to receive those. At least not as text messages, those have a problem because our phone numbers can be stolen from us and they are stolen from us. So if we're a real target, in other words, they're going after you. Joe Smith and they know you have some, $2 million in your account. So they're going after you while they can, in most cases, take control of your phone. Now you might not know it and it doesn't have to be hacked. All they have to do is have the phone company move your phone number to a new phone. Once. So that means one of the things you need to do is contact your telephone vendor, whoever it is, who's providing new that service. That's a company like Verizon sprint T-Mobile a T and Tone of those companies that are giving you cell service, you have to contact them and set up a pass. So that if they have a phone call coming in and that phone call can be faked. So it looks like it's coming from your phone, even if there was a phone call coming in, whether it's coming from your phone or not, they have to get that password or passcode that you gave them. And once they have that passcode now, and that's great, but if you don't have that in there targeting you specifically, then you're in trouble. So for many of us really it may not make a huge difference. But I would do it anyways. I have done it with every one of my cell phone carriers now. A couple of decades set up a password. So the next step is this multifactor authentication. If I'm not supposed to get it via text message to my phone, how do I get it? There are a couple of apps out there. There's a free one called Google authentic. And Google authenticator runs on your phone. And once it's there on your phone and you are setting it up on a website, so Facebook, for instance, your bank, most websites out there, the bigger ones, all you have to do is say, I want to set up multi-factor authentication, and then it'll ask you a case. So how do you want to do it? And you can say, I want an app and they will display. A Q R code. That's one of those square codes with a bunch of little lines inside of it. You're seeing QR codes before they become very common. And you take your phone with the Google authenticator app. Take a picture. Of that little QR code on the screen, and now it will start sinking up so that every 30 seconds Google authenticator on your phone will change that number. So when you need to log back into that website, it's going to ask you for the code. You just pull up Google authenticator and there's the code. So that's the freeway to do it. And not necessarily the easiest way to. Again, going back to one password. I use this thing exclusively. It is phenomenal for keeping my passwords, keeping them all straight and then encrypted vault, actually in multiple encrypted vault it's so that I can share some of them. Some of them are just strictly private, but it also has that same authenticator functionality built right into it. Microsoft has its own authenticator, but you can tell Microsoft that you want to use the standard authenticator. Of course, Microsoft has to do everything differently. But you can tell it. And I do tell it, I want to use a regular authenticator app, not Microsoft authenticator. By the way. That's why I advise you to don't use the Microsoft authenticator, just use one authenticator for all of the sites, and then Microsoft will give you that same QR code. And then you can take that picture and you're off and running. Next time you log in, it asks you for the code and instead of texting it to you to your phone smarter, otherwise it will not. That require you to open up your authenticator. So for me, for instance, when I'm logging into a website, it comes up and asks for the username, asked for the password. Both of those are filled out automatically by one password for me. And then it asks for that code identification code and. One password automatically puts it into my pace to buffer copy-paste, buffer, and I just paste it in and they've got the code. So I don't have to remember the codes. I don't remember passwords. I don't have to remember usernames or email addresses. One password remembers them all for me. Plus it'll remember notes and other things. So you can tell, I really one password. We use it with all of our clients. That's what we have for them. And it does meet even a lot of these DOD requirement on top of. Depending again, how much security you need. We will use duo D U O and it also has this authenticator functionality and we will also use UBI keys. These are those hardware key. They do oh, can provide you with hardware tokens. Those are those little tokens that can go onto your key ring. That show a changing six-digit number every 30 seconds. And that's the same number that would be there in your smartphone app. Your one password or Google authenticator smartphone. Hopefully, I didn't confuse you too much. I think most of the reason we're not using the security we should is because we're not sure how to, and we don't know what we're going to be. And I can see that being a big problem. So if you have questions about any of this, if you would like a copy of my password security, special report, just send an email to me. M e@craigpeterson.com. That's me M e@craigpeterson.com. That's S O N.com. I'll be glad to send it to you. Also, if you sign up for my newsletter there on my website@craigpeterson.com, you are going to get. I was hold little series of the special reports to help you out, get you going. And then every week I send out a little bit of training and all of my articles for the week. It's usually six to 10 articles that I consider to be important so that, what's going on in the cybersecurity world. So you can. With it for yourself, for your family, for your business. Craig peterson.com. According to researchers. 32% of teen girls said that when they felt bad about their bodies, Instagram made them feel worse. And you know what Facebook knew and knows Instagram is toxic for teen girls. There's a great article that came out in the Wall Street Journal. And I'm going to read just a little bit here from some of the quotes first. When I went on Instagram, all I saw were images of chiseled bodies, perfect. Abs and women doing 100 burpees in 10 minutes, said, Ms.  Now 18, who lives in Western Virginia. Amazing. Isn't it. The one that I opened now with 32% of teen girls said that when they felt bad about their bodies, Instagram, I made them feel worse. So that is studies again, that looks like yeah, these were researchers inside Instagram and they said this in a March, 2020 slide presentation that was posted to Facebook's internal message board that was reviewed by the wall street journal quote comparisons on Instagram can change how young women view and describe themselves. Apparently, for the past three years, Facebook has been conducting studies into how Instagram is affecting its millions of young users. Now, for those of you who don't know what Instagram is, it allows these users to create little stories, to have. Pictures videos of things that they're doing, and it's a lifestyle type thing you might've heard, of course, of how this I don't know what it is. Kidnapping murder plot. These, this young couple and the body I think was found up in Wyoming. I'm trying to remember, but of her and it's yeah, there it is. It wasn't my OMI. And I'm looking up right now, Gabby potato. That's who it is. She was what they called a micro influence. And I know a lot of people who can loom, that's what they want to be. There's a young lady that stayed with us for a few months. She had no other place to live. And so we invited her in here and we got some interesting stories to tell about that experience. And it's, a little sad, but anyhow, she got back up on her feet and then she decided she was going to become an influence. And what an influencer is someone that has a lot of followers. And of course, a lot means different numbers. You get these massive influencers that have tens of millions of people that quote, follow unquote them. And of course, just think of the Kardashians they're famous for. Being famous, nothing else. They have subsequently done some pretty amazing things. At least a few of them have. We've got one of those daughters who now was the first earliest billionaire. I think it was ever youngest. So they have accomplished some amazing things after the fact, but they got started. By just becoming famous by posting on these social media sites. So you get a micro-influencer, like Gabby Petito, who is out there posting things and pictures. And you look at all of these pictures and, oh my gosh, they're up at this national park. Oh, isn't she so cute. I'll look at her boyfriend. They'll look so good together and people. Fall for that image, right? It's just like Photoshopping these pictures of models, changing them. There've been some real complaints about those over the years. So Instagram sets these kids up with these pictures of people that are just totally unrealistic. One of the slides from a 2019 presentation says, quote, we make body. Excuse me. We make body image issues worse for one in three teenage girls teams, blame Instagram for increases in the rate of anxiety. And depression said another slide. This reaction was unprompted and consistent across. Groups among teens is this according to the wall street journal who reported suicidal thoughts, 13% of British users, and 6% of American users trace the desire to kill themselves to Instagram. Again, according to one of these presentations, isn't this just absolutely amazing. And you might've heard it discussed a little bit. I saw some articles about it, obviously in the news wall street journal had it, but this is a $100 billion company, Instagram. That's what their annual revenues. More than 40% of Instagram users are 22 years old and younger. And about 22 million teens log into Instagram in the US each day, compared with 5 million that log into Facebook, the younger users have been declining. Facebook it's getting the population there is getting older and older on Facebook. In average teens in the us spend 50% more time on Instagram than they do on Facebook. And also tick-tock, by the way I took talk has now surpassed YouTube in some of these metrics. Quote, Instagram is well-positioned to resonate and win with young people said a researcher's slide posted internally. Inside Facebook. Another post said there is a path to growth. If Instagram can continue their trajectory. Amazing. So Facebook's public phase has really tried to downplay all of these negative effects that the Instagram app has on teens, particularly girls, and hasn't made its research public or available to academics or lawmakers who have asked for it. Quote, the research that we've seen is that using social apps to connect with other people. Positive mental health benefits said Mark Zuckerberg. He's the CEO of course of Facebook. Now this was 2020. In March one at a congressional hearing, he was asked about children and mental health. So you see how he really lawyered the words that they can have positive mental health benefits, but Facebook's own internal research seems to show that they know it has a profound negative effect on a large percentage of their users. Instagram had Adam Moseri told reporters in may of this year, that research he had seen suggest the app's effect on team's wellbeing is likely quote quite small. So what the wall street journal seems to be pointing out here is that Facebook is not giving us the truth on any of this stuff. It's really sad. We've got to be careful. No, apparently Mr. Moseri also said that he's been pushing very hard for Facebook to really take their responsibilities more broadly. He says they're proud of this research. I'm just summarizing this before we run out of time here, but it shows the document. Internal documents on Facebook show that they are having a major impact on teen, mental health, political discourse, and even human trafficking. These, this internal research offers an unparalleled picture. Courtney told the wall street journal of how Facebook is acutely aware that the products and systems central to its business success routine. Fail great article. I've got it in this week's newsletter. You can just open it up and click through on the link to the wall street journal. They have a paywall and I hate to use payroll articles, but this one's well worth it. And they do give you some free articles every month. So if you're not on that newsletter, you can sign up right now. Craig peterson.com. You'll get the next one. If you miss a link today, if you want some, the special report on passwords, et cetera, just email me directly. Give me a few days to respond. But me M e@craigpeterson.com. That's me M e@craigpeterson.com. We've all worked from home from time to time. At least if we're somehow in the information it industry, I want to talk right now about why you need a personal laptop. Even if the business is providing you with a laptop. Laptops are something that was designed to be personal, but many of us are using them as our main computer. I know I often am using my laptop, a couple of my kids and my wife. It's really their main computer, even though they all have other computers that they could potentially be using, laptops are just handy and you have them with, you can take them with you. We've got workstation set up that are kind of. Workstations, if you will, where there are three screens set up and they're all hooked up into one central screen controller that then has a USBC connection that goes right into the, your laptop. So you can be sitting there with four screens on your Mac laptop on your mac pro if you need four screens, it's really handy. No question. Many of us have a laptop for home and a laptop for business. And many of us also look at it and say, oh wow, this is a great laptop I got from work. It's much better than my home laptop. And you start to use the business laptop for work. At home. Okay. That's what it's for. Right. But then we start to use that business laptop for personal stuff. That's where the problems start. We've seen surveys out there that are shown. Then half of workers are using work issue devices for personal tasks that might be doing it at home. They might be doing it at the office. Things like personal messages, shopping, online, social media, reading the news. So the prospect of using your work laptop as your only laptop, not just for work, but also for maybe watching some movies, group chat and messaging, reading, fan fiction, paying bills, emailing to family or friend. It just seems not. It's so tempting. It's just natural. I'm on it. I'm on it all day long. Why wouldn't I just use it? And this is particularly true for people who are working from home, but we have to be careful with that. It's really something that you shouldn't be doing for a couple of reasons. One that. Top that's a business. Laptop is the property of the business. It's just like walking home with boxes, full of pencils and paperback in the old days, it is not yours to use for personal use. We also have to assume, assume since it is the company's laptop that hopefully it's been secure. Hopefully they haven't set up. So it's going through a special VPN at the office and it's going through special filters, maybe snort filters or something else. That's doing some deeper inspection on what's coming through your laptop. Well, there are also likely on that laptop. Tools that are monitoring your device. Things like key loggers, biometric tracking, Jill location, software that tracks your web browser and social media behavior, screenshot, snapshot software, maybe even your cam. Is being used to keep track of you. I know a number of the websites that I've used in the past to hire temporary workers. Those workers have to agree to have you monitor what they're doing. These hourly workers, subtle take screenshots of their screen, unbeknownst to them. Pictures from the cameras at random intervals. Again, unbeknownst to them, it'll track what they're doing. And so I can now go in and say, okay, well he billed me five hours for doing this. And I look at his screen and guess what? He wasn't doing that for all of those five hours that he just billed me. Well, the same thing could be true for your company, even if you're not paid by the hour. Right now, we're looking at stats that show over half of the businesses that are providing laptops for the employees to use more than half of them are using monitoring software. And through this whole lockdown, the usage of these different types of monitoring systems has grown. Now there's some of the programs you're using. You might be VPN in, you might be using slack or G suite enterprise, all good little pieces of software. They can monitor that obviously, but it goes all the way through to the business. And using your slack access as paid for, by the businesses also idiotic to do things like send messages to your buddies, set up drinks after work, complain to other people about someone else in the business, your boss, or otherwise your it, people at the business can see all of that. They can see what you're doing with slack. Even if you have a separate personal account. It's still more likely that you'll end up mixing them up if you're logged into both on the same computer. So the bottom line is if you are on a work computer, whether it's a laptop or something else, you can reasonably assume that I T can see everything. That's not. They own it. Okay. And they have to do some of this stuff to protect themselves. We put software on laptops for companies not to spy on employees. That's none of our business, but we put software on computers for employees. To make sure they stay safe. Think of what happens when your computer, your laptop, whatever it might be, connects to the company's network. Now that can be through a VPN. It can be because you take your laptop home or on the road when you're traveling and you bring it back into the office. If that computer is infected, somehow now you've brought that infection into the office. And that's how a lot of the malware works. It goes from computer to computer. So once they get in that front door where there's through a website and email that you clicked on or in a computer that you're bringing into the office, they can start to move around. Now it's not just your activity. And this is an interesting article from the verge by Monica chin. It's not just your activity that they can see on your laptop, but in many cases, they're also able to look at anything you're downloading any of your photographs or videos that you might've sinked up from your smart. Laura loading these types of things, your text messages on your work device for safekeeping, or just because it's your primary device might seem harmless, right? Cause you're just going to remove them before you hand it in. But some companies such as Apple won't allow you to wipe your device before handing it in regardless of how personal the contents are. And that makes sense too, because many times an employee leaves. And they don't give the company all of the information that they have, that they're obliged to give back to their employer. Things that they've been working on, customer information, et cetera. So Manalive, there are plenty of other devices out there. Hopefully if you leave your company with plenty of notice, moving a bunch of things off your work device in the last few days, uh, might raise some eyebrows at the. And I'm saying hopefully, because they should notice that sort of thing, because it could be malicious activity. It could be an insider risk that maybe they're not even aware of. There's so much you could go wrong here. So bottom line don't use the work laptop for home. So what should you use? You know, my personal recommendation. Almost always is get a Mac. They are safer to use the patches that they get are usually not destructive. You know, sometimes you can install a patch for windows and now your machine just won't work anymore. Right. You've had that happen. I know every last one of us out there that are tried to install Microsoft patches for a while have had that happen to them. All of a sudden the patch has completely messed up your computer and you are so out of luck, it's ridiculous. Right? So don't, you know, hopefully don't do that, but I like the max because they are basically safer than windows. And also because the patches just work on them, apple tends to get them out in plenty of time to try and protect us the next level. If he can't afford an apple and. Apple laptops really are not expensive when you consider how long they last and the quality that components, they are not expensive at all. But if you can't afford that, the next thing I would look at is getting a Chromebook. There are a lot of companies that make Chromebooks Chrome is an operating system from Google. It's similar to Android. Google keeps the Chromebooks up-to-date. They patch them quite regularly and make sure that there aren't nastiness is going on. You just have some of the same issues and Android has patches might take a while to get to you because it has to go through the vendor that made the Chromebook. You might have a Chromebook for Sam from Samsung, for instance, it's not Google's even though it's called a Google Chromebook. Now Chromebooks rely heavily on the cloud services that Google provides, but they can also run just locally. So with a Chromebook and you can get them for as little as 150 bucks, but remember you get what you pay for. Or as much as I've seen them in the $2,000 price range with fancy GPU's, local storage and other things, but at 150 bucks, it could be well worth it for you. It lets you do the regular word processing. Just think of what you can do with Google docs, spreadsheets against Google docs, spreadsheets, all of those types of things are built into it. You can. Cruz the web, obviously using Google Chrome on your Chromebook. And send and receive email, which is what most people do. That's really kind of all, most people do at home. So consider that as well. I also like iPad. They are quite safe again, but they tend to be more expensive and they can do pretty much everything. And now with Android support built right into Google Chromebooks, you can even run Android apps. So there you go. Keep safe and be safe out there. Right. Have a hack free life. Make sure you get my newsletter. Craig peterson.com/subscribe. Craig peterson.com/subscribe. The national cyber director, Chris Inglis said that we need cyber bullets, that cyber bullets are part of the war on hacks. And it makes sense on one level. But when you get into the reality, it's a much different story..  I had an interesting email this week from a listener. Actually he sent it about two weeks ago when I finally was able to get to it this week and responded, and he was pointing out how there are some things that I talk about on the show that I put into my newsletter that are really good. And. I'm paraphrasing here but theoretical to so many people, there's some things that you can figure out pretty easily yourself. Some things you can do yourselves and other things that are just different. To do still. And a lot of that has to do with the websites you go to in order to maintain your passwords. And he was complaining specifically about bank of America and how you can, according to what he has found here in the real world, you can come up with a. Password a 20 character long password that is going to keep everything nice and safe at trend to be generated. You're using one password and great. So you set your password up in bank of America's account, and then you try and log in later, and it doesn't work because it lets you put 20 character passwords and when you're creating it, yeah. But the login screen only takes the first 16. So of course they'd home match. You see it's things like that really are pushing us back, holding us back. But I'd say pushing us back from being secure as a country, there, there just aren't enough people paying enough attention to make sure this cyber security, even the basic stuff like passwords and two factor authentication are being done properly. So one of the things I wanted to make sure you guys were aware of is I need to know when you're having these problems, because what I want to do is put together some trainings to show you exactly how to do it. Because on some websites you were saying, it's pretty hard to use one password he's paying for it, but it's kinda difficult for him. And I think in some ways, a lack of understanding. Then, it can be difficult to spend a bunch of time trying to watch some training videos for some of the software. And so I want to hear when you're having problems so I can do what I did for him this week and spend a little time, write some stuff up, and I even am reaching out to some of this website. People like bank of America who are really messing up cyber security for people who are trying to do the right thing and writing them and saying, Hey, listen, I'm part of the FBI InfraGard program. I'm a member of it. I paid a lot of attention to cybersecurity. Heck I ran the training for the FBI InfraGard program for a couple of years, and there are some real things lacking. In the login anyways, and this one particular case of the cybersecurity, but I don't know all of this stuff. I'm not using all of these things and I have a disadvantage over you guys, and that is that I've been doing this for so long. I've forgotten what it's like to not know it. Does that make sense? So if you have something that I've talked about on the show, that's appeared in my newsletter and you're having some confusion over, let me know. Just email me M e@craigpeterson.com. What he did is he just hit reply to my newsletter. And of course, that goes to me and me@gregpeterson.com and it tracks it. So I know I need to reply, so I can sit down and go through and answer people's questions. I sent out a lot of the copies of my password, special report to people you guys had requested specifically some of the. People out there had requested a little bit of help. And I had sent out an email to most of the people that I could identify as being business people. I sent out a little thing saying, Hey, listen, if you could use half-hour my help, let me know myself or my team. And then, again, you can just send me an E Craig. So I answered a lot of those questions this week. And in fact, that's how I come up with much of what I cover here on the show. You guys ask the questions and that's how I know that it's a real problem. If I understand it, that's one thing. But for the people who don't do cybersecurity as their primary job or a strategy, I get it. I can get why you guys are confused. So make sure you get my weekly newsletter. So you can find out about all of the trainings, the free stuff, the paid courses, and. It's easy. Just go to Craig peterson.com/subscribe. That's Craig Peterson, P E T E R S O N. Craig peterson.com/subscribe. And I'm more than glad. Add you to that list. And there are now thousands of people on that list to get my email pretty much every week. If you miss it one week, it's probably, cause I just got too busy, but I put out all my show notes. I put it all a little bit of training notes, all. The us government is supposedly getting ready to fire what they're calling cyber bullets in response to these significant hacking attacks. This is what they're calling a comprehensive strategy to dissuade. Adversaries. And this is all from the national cyber security director, Chris Inglis. This is from an article in American military news.com by Chris Strome. That was out this week. And of course I included that in my newsletter this week as well, coming out. Today or tomorrow, depends on how this all goes right with the weekend. I got to help a buddy out today, but president Joe Biden has been really talking about how do we use cyber weapons to retaliate. For instance, he gave a list of industries that Russia should not be. As though Putin himself is running all of these hacks or come out of Russia. Yeah, certainly there are some that are part of their military, but there many of them that are just bad guys that are trying to make some money, we should feel sorry for them. So Biden gives him this list and says, Hey, listen, if you attack any of these various industries or actually portions of our economy, We are going to retaliate. We have seen the us retaliate under President Trump and the retaliation. Of course he did all kinds of economic stuff to stop it. And much of which has been reversed by president Biden's administration, but also he attacked them directly in. Down some power systems there in the Moscow area, which I thought was really kinda cool. So kudos to President Trump for doing that and for president and Biden now to say, Hey, we are going to attack back. Of course. The biggest question is. What would we be attacking? How would we be attacking it? And for what reason, for instance, the red Chinese have gone after our office of personnel management, OPM records and got them all back in 2015. So they now know everything about everybody that had a secret security clearance or the took a paycheck from the federal government. All of those records, they would get their hands on them and get them on all of the records a lot. So Inglis was in front of the let's see here, the, yeah, he was a former director of the national security agency. He's the first to hold his Senate-confirmed position at the white house, this national cyber director position. And he says there is a sense that we can perhaps fire some cyber bullets and shoot our way out of this English set at the conference. It was hosted by the way, by the national security agency and a nonprofit group, he said that will be useful in certain circumstances. If you had a clear shot at a cyber aggressor and I can take them offline, I would advise that we do so as long as the collateral effects are acceptable. Yeah. What we have done here under president Biden administration is we have shut down some people who were operating illegally, we have shut down some cyber actors that were attacking us. So we've been doing that, but it isn't exactly. Wow. We just saw a muzzle flash over there. And so we are returning fire to the area of that muzzle flash, because as I've said many times before, we just don't know. Where in fact that bullet is coming from, it makes it a lot more difficult. English went on to say there's a larger set of initiatives that have to be undertaken. Not one of those elements is going to be sufficient to take this. Out let's see here, the us should make clear to Russia now their adversaries, what kinds of attacks would prompt a response, which is what president Biden did when he was talking with, of course, President Putin over there, red lines of both good and bad red lines are clear and crisp. Although I got to say many of our administrations have. Really done anything about it. It's the red line in the sand and Syria president Obama didn't do anything when they stepped over that red line. So yeah. And then with what we just finished doing in Afghanistan, where we drew a red line and said, we're going to protect all of you who helped us. And then we not only abandoned them, but we abandoned Americans behind there. I don't think a lot of people aren't going to believe us. So here's the last statement here. And again, this is an article in American military news from our cyber chief is the government actions. Aren't always going to be broadcast. In some cases, it's not helpful to broadcast those for all of mankind to see another one. We are doing some things behind the scenes. And I have certainly seen some of the results of those over the last few years. Stick around.  You're listening to Craig Peterson online@craigpeterson.com. You've got a smartphone and there are some new versions out, right? New hardware, new software, Android iOS. How long should you keep that device? How long can you stay safe with that older device? Apple has now done something. Different something they've never done before. One of the reasons that apple equipment tends to be safer than almost anything else out there is that they have, what's known as a closed ecosystem. There's arguments both directions here on whether that's safer or not. But the real advantage when it comes to cybersecurity is there are only. So many versions of the iPhone out there. What are we now in a couple of dozen versions of the hardware platform that makes it easier for apple to be able to support older versions of the software and multiple pieces of hardware, much easier than for, let's say Microsoft windows. It doesn't even have a single. Platform or Android, where there are hundreds of hardware platforms out there and tens of thousands of versions of the hardware, because one model phone can contain many. Changes different types of hardware to talk to the cell towers or the screen you name it. So it's very hard to keep up. Android has for quite a while now supported three versions of their operating system. Of course, we're talking about Google, but Android operating system. So they support the current release. Of Android and the Breviary release is two previous releases in fact of Android. Now that is frankly a pretty good thing to know, but there's over a billion Android devices out there that are no longer supported by security updates. We've got Android 10, nine, and eight that are fairly supported right now. We're actually up to Android 12. So here's how it works. If you've got Android version 10 out, if that's the main one, then you can continue to do. Eight and nine and get updates, security updates. But then here's the problem, everybody, those security updates are coming out of Google, but that does not mean that they are making it all the way to you. So there you go. It's one thing for Google to provide updates, but if you can't get them because your phone manufacturer is not supporting them, you've got trouble Samsung. Is probably the best company other than maybe Google and the Google Pixel phone. Samsung's the best company to go to. If you want some longer-term support. Many of these other companies just don't provide support past the current version. So keep that in mind as well. Android 12 was the 12th major version of Android announced by Google, February, 2021. And it is starting to roll out a Android. The 11th, 11 is the one that was out in February of last year. At least it was announced then. And we're, they're coming out, they're getting pushed out. So basically Google is saying the current version plus two prior versions. And that usually gives you about a four or maybe even a five year window. So if you're. An Android device from a major manufacturer, particularly Samsung on the Android side, your device is going to be good for at least four years, maybe five years now on the, and by the way, you don't necessarily have to upgrade the. You could be continuing to run an older release saw, as I mentioned earlier, if it version 11 is the current one that's out there being supported, which it is right. 12 is early still, but version 11, that means two prior versions still get security updates. You don't get featured. Dates, you don't get the new stuff, but you get security updates. So Android 11, the current one that means 10 and nine get security updates. So you don't, you're not being forced to do an upgrade. Most people don't upgrade their phones from an older major release to a newer major release. In other words, they don't try and go from Android eight to Android 11. Because in fact, most of the time, the hardware manufacturer doesn't support it. That's why there's over a billion Android devices out there right now that cannot get security updates. So have a look at your phone and your vendors. See what you're running. You probably want to do an update because most phones cannot get any support on the, in the apple side. Things are a lot different with Apple iOS, which is the operating system used on the iPhone and the I pad apple has always forced you to move to the next major version. No, they only force you to do that. If they support the hardware. And I've got to say kudos to them, they're still supporting the iPhone six S which came out quite a while. The iPhone success is something that my wife has been using and that I had as well. In fact, she got my old iPhone success, but that's a six-year-old. Phone came out in September of 2015. So it is still getting security updates, and we'll probably continue to get them. Not only is it getting security update this six-year-old iPhone success is getting the latest and our iOS operating system. It's getting iOS 15. Isn't that just amazing? Yeah, exactly. And so not just security updates, like you might get from some of the other vendors out there, Android vendors. So the apple keeps their arms around you for quite a while. Here's, what's changed now with Apple and iOS, the, for the first time ever in the iOS world, Apple is not forcing you to upgrade. So you're not being forced to upgrade to iOS 15. You can continue to run iOS 14. And that's how apples got around the security patches in the past, because what happens is you get the updates and installs them. Basically. There's no reason for you not to upgrade your phone. And so you do so apple never had to worry about releasing some of these fixes for really old versions of iOS. Although they have done that from time to time. In the Mac iOS side, Apple has done a couple of good things. The, where they always have supported basically three releases, what Google's doing with Android. So you now have a new feature. If you will, with iOS, here's a PSA for everyone. Public service announcement. You don't have to take the iOS 15 upgrade. Now I did. I put it on my iPhone and I seem to have some sort of a problem with messages where it's telling people that my phone has notifications turned off, which it does not. So I haven't figured that one out yet. I'll have to look into that a little bit more, but. This is nice because that means you're not going to have to upgrade your iPhone to iOS 15. You'll still get security updates for iOS 14, something Apple's never done before. We'll see if they continue this. We will see if they match Google going back. Three releases in Android. It just never been done before over on the iOS. So good news for them. Also course in the windows world and the Mac world, you really should upgrade the operating system as much as you can. Windows 11 though, man, windows 11. And I said this to my newsletter. I warned you guys is going to be a nightmare. For many people. You are not going to be able to do an automatic upgrade unless you have the newest of hardware, with the highest end of features, Craig peterson.com. One of the very big ransomware operations is back online. And now we have some inside information from one of the contractors working for this ransomware organization and oh yeah, there's an FBI tie, too.. This organization, ransomware gang, almost business, whatever you might want to describe them as is known as revolt. They have a few other names, but that's the really big one. And they are basically the 800 pound gorilla in the ransom. Business, you might be using cloud services right now. Maybe you use Microsoft's email service. Their Microsoft 360, I think, is what they call it now and use it for email and various other things pretty handy. It's mostly in the cloud. Computers you own or operate or have to maintain. I think that makes some sense too, but here's the bottom line it's software as a service right now, salesforce.com software as a service, Oracle has their accounting stuff. QuickBooks online, all software as a service. It isn't just those legitimate businesses that I just mentioned. That are using the cloud that are providing software as a service where you're paying monthly or however frequently. And you're getting this software as a service. That's what that means. Typically it means it's in the cloud and you don't have any real control over it. That's what this ransomware gang has been doing. This gang known as rebill. They all appear to be in. And there's some interesting stuff. That's come out. A transcript was released of an interview with one of their contractors. Now the original interview was in Russian. So I read through a translation of the Russian. I have no idea how good it is, but it is being quoted by a bank. Insider magazine that you might be familiar with bank info, security. That's one of the places that I follow. And there's a few interesting things that he talked about that I want to get into, but these are the people who have been behind things like the colonial pipeline attack and some of the other very large attacks, the way they work, their business model is. You can license their software, their ransomware software, and you go after a business or a government agency, whatever it might be, you get that ransomware software inside. And the reveal gang will take a percentage of the money that you have in rent. Now, how is that for a, an interesting business model, right? Taking something that the rest of the world has been using, and then take that model and put it into the legal side of the world. For three weeks, during this whole reveal ransomware attack, this summer turns out that the FBI secretly withheld the key that could have been used to decrypt. And computers that reveal had infected with ransomware and looks like kids up to maybe 1500 networks. Now those are networks, not just computers. That includes networks run by hospitals, schools, and businesses, including critical infrastructure businesses. The way the FBI got their hands on this decryption game. Is by penetrating reveal gangs servers. So they got into it. They were able to grab the keys and then the FBI waited before. Did anything with it. See, what they were trying to do is catch the people behind reveal. And so they didn't want to release information, get information out there to the press that might tip off those bad guys over there in Russia. And then shut down their operations. But as you might know, because I mentioned it here before the reveal gang went offline on July 13th, before the FBI could really track them down. And then the FBI didn't release the key until July 21st. And then I think it was Malwarebytes released a decryption tool. So if you had been hacked by the gang, you could. Now, remember it isn't reveal itself. That's doing most of them. Ransomware hacking if you will or a placement it's small guys. And that's why some people, including this contractor that apparently worked for the reveal gang itself says, people think that it's the Russian government, that it's Putin, that's doing this. He said, in fact, it's not it's small guys. And people like me are getting four or five hours a night. Because we're working so hard trying to make a whole of this work, come up with the new software approaches. We have to provide code tech support unquote to our affiliates, as well as tech support to the people who have had their computers and their data ransomed. So it a real interesting mix. Absolutely. Interesting mix. Now Christopher Ray here a couple of weeks ago, he's the FBI director told Congress that cool. We make these decisions as a group, not unilaterally. To the FBI and working with other government agencies, these are complex decisions designed to create maximum impact. And that takes time and going against adversaries, where we have to marshal resources, not just around the. But all over the world. So this Russian based gang first appeared in 2019, they've been around, they've been exporting large amounts of money from businesses for a very long time. One of the interest he'd things I think about all of this is that this reveal gang has their software as a service, and they provide it to quote affiliates, quote that, go ahead and then install the software, get you to install it on your computers in order to ransom you a double whammy ransom you, but there's now reports out there that there's a secret back door in the ransomwares code that allow. Rebill to go around their affiliates and steal the proceeds. How's that for hilarious, you've got a bad guy who goes in and gets the software from revolt, pays them a commission, and then reveal apparently has been jumping in on these customer support chats. In other words, you just got nailed and because you got nailed with ransomware, you have to go to. Chat room. And so you go in there and you're getting customer support on how to buy Bitcoin and how to transfer to their wallet. And apparently revival is getting right in the middle and is extorting money from these people directly instead of having the affiliates do it pretty amazing. So here's this part of this interview? It was aired on the Russian news outlet, London. And was trans translated by yeah. Flashpoint. Here are the guys that got the full transcript of the interview. He says in the normal world, I was called a contractor, doing some tasks for many ransomware collectives that journalists considered to be famous. Money is stolen or extorted with my hands, but I'm not ashamed of it. I do. And again, this goes into the thinking of many of these bad guys of Americans are all rich and they don't deserve what they have. He said, let's put it this way. This is a very time consuming job. And if you've earned enough, then you can quit the game. But chronic fatigue, burnout, deadline. All of these words from the life of ordinary office workers are also relevant for malware developers. So there you go. You should feel sorry for these malware developers who are developing software to steal millions from you and. Down our critical infrastructure. Hey, join me online. Craig peterson.com. And if you subscribe to my weekly newsletter right there on the site, I'll send you a few of my special reports. The most popular ones will come to you right there in your email box. Craig peterson.com/subscribe. We all pretty much have some form of insurance. And we're going to talk right now about the types of cyber insurance you may have. Now this might be through your homeowners policy or perhaps a rider on a business policy.  Many of our homeowners policies have started coming with cyber insurance. So we're going to talk about that. What is it? Businesses as well are also using cyber insurance and I'm sure you've heard of insurance basically called LifeLock and what that's all about. So let's kind of start. When we have a breach in a business, usually what happens is information about our customers is stolen. Look at some of the biggest breaches in history where we. Hundreds of millions of our personal records stolen Equifax breach is an example of a huge breach where we had all kinds of personal information that was stolen by the bad guys. Now, some of this information gets stale pretty quickly, but of course, other parts of it like our address, our social security number, they are probably not going to change for years. If for. No, of course our social security number will never change the social security administration. Just doesn't reissue them for very many reasons at all. And they do not reissue a social security number was stolen online because. Just about everybody's has, so what does a company like LifeLock do? They keep an eye on your credit report for you. And they're looking at what's going on new accounts that are open. They look at various other things, just related to that. And they, at that point say, wait a minute, something weird is happening. Now my credit cards, for instance, I have a credit card that if let's say I buy two of the same thing, one after the other and the, both the same price that credit card company pops a message right up on my phone saying, Hey, did you just buy two? Of these $15 things from and I can say yes or no, if I'm out on the road and I am purchasing gas, the credit card can pop up on my phone and it does and say, Hey, will you just trying to buy gas at this gas station? Because what'll happen as you use the credit card at the pump. And the pump says it was denied and then up at pops and yeah. Okay. No, that was me. And they said, okay, we'll try the transaction. Okay. And we'll approve it next time. And that's all automated. And that has nothing to do with LifeLock. LifeLock is there to more or less detect that something happened and if something happened and it was a bad guy and basically your identity was stolen. So they might be trying to buy a Ferrari in your name or maybe a 10 year old, four Ford focus, whatever it might be. And. They will help you try and clean it. That's what they do. So that's why it's cheap. And I don't know that it's terribly useful to you if you're really concerned. Go ahead and do that, but do keep an eye on your credit report. I do as well. My bank has free credit reporting for me, my credit card. Same thing. Free credit reporting that lets me know everything that's going on. So that's an easy way to tell WhatsApp. And there are different types of cyber insurance beyond this sort of thing, beyond the LifeLocks of the world. And many of us just get our cyber insurance through our homeowner's policy. It's a little rider. And businesses can buy cyber insurance as well. We have cyber insurance, that's underwritten by Lloyd's of London and we provide a $500,000 or million-dollar policy to our clients. As well, because that's what we do is cyber security, right? So the idea is if one of our clients gets hit, we have some insurance to back us up, but of course we go a lot further. It's almost like the LifeLock where if you do get hit by ransomware or something else, we will help you get back in business. We'll help restore your data. We'll help you with providing you. The information you need in order to do press releases, which agencies you need to contact, which of your customers you need to contact. And we've got scripts for all of that. So you can send it all out and just take care of it. So the idea is you don't want ransomware. So you hire us. We are extremely likely to keep ransomware out of your systems. And on top of that, if you are hit with ransomware, we restore everything. LifeLock does not do that. Obviously they all, I'll only do stuff after the fact and the cyber insurance you buy from an insurance agency is much the same, and there's a huge caveat with these policies that we're buying for our businesses and for our homes. And that is. They have a checklist at the insurance companies. Did you do this and this? And if you did, then they might payout if you did not, they may not payout. In fact, pay outs on cyber insurance policies are not known because. Bottom line. They really don't payout. Okay. I'm looking at some numbers right now and about paying ransoms and everything else. You may or may not. You got to have a look at it. Many of these policies are never paid out by the cyber insurance covers. They usually just regular insurance companies, but it's a special rider. And what they do is they say, Hey, listen, you did not follow the rules, so we're not going to payout. And there are many cases. If you go online and do a search, just use duck, go and say cyber insurance, payout. Lawsuits I'm doing that right now is. And it'll come up and show. Oh, okay. Does it cover lawsuits? Why are liability claims so costly? Yeah, exactly. A 2% payouts is talking about here. I'm invoicing, the most common cyber insurance claim denial. Yeah, it goes on and on. There are a lot is an act of war clause could nix cyber insurance payouts. That's another big one that they've tried to use. So the cyber insurance company will say, Hey, that was China attacking you. Therefore it was an act of. And you can bet if there is a big hack, they will use that. Think of what happens with the hurricanes coming onshore. How much do they push back on payouts? Especially with the real big one, it would bankrupt them. So we gotta be very careful. There are some different types of  cyber insurance. Policies do which have different types of coverages. You've got the first party lost loss, I should say. So that's you to covering you and your loss, your first-party expenses, third party liability. Each one of those has specific parameters. So sub-limit retention and others. First-party losses are usually including the loss of revenue due to business interruption. First party expenses would include all of the services and resources that you needed to use to recover from attack like forensic or system rebuilding services. These third-party liabilities. May cover expenses and legal fees related to potential damage caused by the incident to third parties like partners, customers, or employees whose sensitive information may have been compromised. So read them carefully. Be very careful. There are next-generation, cyber insurance policies are going even further and make these types of services. Prior to any incident to reduce exposures and prevent incidents in the first place. Now we don't provide insurance. We are not an insurance company, but that's basically what we're trying to do here. Not become an insurance company, but to make sure. The businesses have the right services so that the likelihood of anything happening or is extremely low. And then following up after the fact it's different obviously than insurers in and insurance, the guardians, Jessica Crispin had a great article about a couple of weeks ago that I've been hanging on. And it's talking about this tattle where that's been incorporated into the computers we're using at home. Now we're specifically talking about employers that are putting this. The software on computers, they belong to the companies. A lot of businesses are worried. If workers are at home or where we can't see them, how do we know that they're actually working, not watching Netflix or something else on. They have, of course, come up with software that can reassure your boss. It does things like take snapshots of what you're doing. Record your keystrokes grabs photos from. Picture from your camera. There's a new program called sneak, which makes your webcam take a photo of you about once a minute and makes available to the supervisor to prove you're not away from your desk. There's no warning in advance. It just takes that photograph catches your doom. Pretty much anything can be absolutely anything. Then, it's the type of thing you'd expect the national security agency to do. So there are some good reasons for this lack of trust because sometimes employees have not been doi

    Are You Using Encrypted Email Yet? Here's How!

    Play Episode Listen Later Sep 18, 2021 70:51


    Are You Using Encrypted Email Yet? Here's How! Security emails aren't something that most people think much about. Yet, they're becoming more and more important as the bad guys are monitoring us more closely to steal our information, and then there are advertisers. So, do you want them to see your stuff? [Automated transcript] Email is something that's been around now for quite a while. It was undoubtedly even before the internet standards came out. Many of the systems had a version of the email. I remember some systems back in the early. The seventies, late sixties that had an email functionality is something that we've always needed. Usually, it was for just communicating within a group. And then, in the early eighties, when I got on the internet, we could send email to people all over the world, and the email then looked a lot like it did. Now you net email, we use different types of addressing for, but basically, it's the same thing that we're used to today. Many of us have Gmail accounts. I have some Gmail accounts. I use them basically for throw-away stuff that I don't want to have tracked. I don't use Gmail for anything that I consider particularly important, because again, it's not saying. So now there are two types of security. Really. We need to consider, and I got an email from one of the listeners today. Who's on my newsletter? And he said, Hey, I love all of the stuff you put in the newsletter every week. It helps keep me updated on what's happening in cyber security and what things I need to know. But I'm reluctant to click on any of the links in your email because they're all trackers. I do that so that I know what the people who subscribed to the newsletter are interested in. So, for example, I see many people clicking on an email I sent out a few months ago talking about different emails, services, and which ones provide the most WhatsApp security. If a lot of people click on that, Then I know. Oh, okay. Great. People are interested in this. So I'll talk more about it on the radio show. I'll probably put something together for the newsletter so that they have it. It's like the example I've used for a couple of decades now, which is, Hey, if I'm looking to buy a car, I don't mind seeing a car. Because it gives me something to compare. If I'm looking to buy an F150, I don't want to see ads for the latest Chrysler minivan. I'd like to see ads for people who are competing to sell me a Ford pickup truck. Maybe some competitors, maybe Dodge gets in there with the Ram or Chevy. Their truck, but I wanted to focus in it. It just makes sense to me because I don't want to waste time on some shoes when that's not what I'm interested in and the person who's paying to show me this ad for shoes is wasting money and being a small businessman. I hate to see that I know what it's like. It gets really frustrating to be spending a lot of money on advertising. That really is not going in. So you have that type of a monitoring where the advertisers are looking at, what you are looking at, what you're searching for. They know the sites you're going to, they know you're interested in that. F-150. Make sense to you? It certainly does to me as well. So I don't have a big problem at all with a people collecting basic advertising information about me. It starts to go over a line. It's a little bit of a, an obscured thing, frankly, but it starts to go over the line where they're gathering all this information that could be useful for a bad. We don't want hackers to have the information. I want to have a hack free life. I don't want them going out there and finding information about me and, oh, I'm going to be on vacation. I'm going to be out of town for three weeks and unable to be reached. And so that gives them the opportunity to now go in via phishing campaign. Maybe try and get my CFO to write a check to somebody or, do something that's frankly, quite malicious. What do we do? How do we deal with that? What makes sense there? That's a really good question, frankly, and that line has to be drawn by you personally. I draw it as, I don't really care most of the time if someone knows. So here's what I do with my mail client. I turn off the automatic download of photos of pictures, and that way I can see the email. And if it's. Piece of spam, where I don't even want that spammer to know that I opened the email. They're not going to be able to find out because my male client is not downloading photos. The way it works is you as a marketer or as a spammer. In this case, you are giving a unique URL for that. So that unique URL. Now, if that photo's downloaded, tells you that almost certainly that person opened your email. What's a legitimate email address. You can spam it some more in the future, a little bit more about them. The same thing is true with my emails. For instance, if you sign up at Craig peterson.com/subscribe, and you get my weekly email. The training and all the other stuff, that's, all for free in there. You now are telling me when you open it, that you opened my email. Now, why would you want to tell me that? Why would you want to tell anybody that? Nowadays when it comes to email delivery, one of the things we have to face as businesses and as a marketer, who am I using? Mt. Is that you are great. Every email is scored. This has been true for a long time. SpamAssassin the software I've used for. I don't even know how long now, at least a decade, maybe two. And it looks at the content of the email. It looks to see how much of the email is a graphic. How much of it is using these types of words that are often used by spammers or. Maybe crazy marketers. So they will score that email. And if it's above a certain score, if it's accumulated too many bad points that email doesn't get delivered, we have a similar system. We have some real fancy stuff that we use ourselves and we use for our clients from Cisco that compares all of these emails that are being delivered worldwide, millions of the members. And learns from it and automatically blocks them for me, which is really great. But if I'm sending you emails, just like if you're on my email list, I'm going to send you an email at least one a week. Usually not more than two, but basically one email a week. It's not only scored on how my email reads the wording, the. But it's also scored on how old is my domain. Have other people reported my emails as spam and how many people have opened that email sites? Google track that. So if you're on Google, if you're using. It will come up and the email come up and Google says, okay, he read the email. Maybe he downloaded the photos. He was very interested in it. But if people are not opening the emails, you start to develop as a person sending an email, a low-risk. Lower and lower in this case, lowers is bad. Then the case of SpamAssassin hires bad. So what'll happen then is your emails will stop getting delivered. You don't want that. I put a lot of work into these emails. I send out every week. I usually have a number of tips, usually six to eight different ones in each email. I don't want that to go to waste. So if people are not opening my email. Then I'm going to automatically remove them after a period of time from my email list, because I don't want to send email to people who aren't going to open it, because if I do that sites like Google and many others are going to stop delivering my emails to everybody else, the people that do want it, just see how that works. So I am reliant on understanding if you open the. How can I tell? I can tell if you clicked on a link and I can also tell if you've downloaded any of the graphics that might be in that. Otherwise, I have to assume you're not opening that email. And if you're not opening that email, I don't want to send it to you because if I send it to you and you don't open it, it's going to slow down or completely stopped the delivery to other people within the. For instance, gmail.com. And this is true for any of the major mail vendors that are out there. And I don't want that to happen. So what I ended up doing, if you have an open them for awhile, I'll send you an email saying, Hey sorry to be bothering you here. But I wanted to make sure that you did want to get these emails or I'm going to automatically remove them. You might've had that from other people before then. The reason those emails are sent out isn't because I'm being snotty about it. It isn't because I'm upset that you subscribed and you haven't been reading the emails. It's because I don't want my email delivery to other people to be damaged because you have no pundit. Even though I do block images from being downloaded on my emails at the top of the email when I open it up and it has a little button that says load images. And if that email is from someone that I care about it, isn't from just some spammer that stole my email address or bought it from somebody else. If it's a legitimate email, I want to see, I click on that load images. So what happens now is the images in that email or downloaded the whoever sent me the email now knows that email was opened up and I don't also get kicked off for their list. Now, a few of you guys have complained about that with me, just not complained as much as said, why are you kicking me off of your email? I told you it's because you haven't been opened that. Oh, but I haven't opened them. You haven't. But if you turn off the load images on emails, then I don't know that you've been reading them and therefore you're going to automatically end up being re removed. When we come back, I want to talk about secure email providers. I'm going to compare some of them. And that came up this week because what was the number one secure email vendor out there? They no longer are. So we'll talk about that. It's all in the news. Visit me online. Craig peterson.com. You use email, everybody uses email, but which providers provide you with security and what do these different types of security actually mean to you? Of frankly? What is security? What is a secure email?  There are a number of different secure email providers. And there are multiple ways of defining secure email nowadays. All of the email that I send and receive from my company and I send and receive for our client companies is incorrect. There something called TLS. That is basically it's the same as HDDP S it's you know, that secure VPN that set up. No, I don't want you to get confused with these VPM services. It has nothing to do. But if you go into your web browser and you look up in the URL bar, you'll see a little lock. It's typically on the left side of that bar, you click on it and it will come up and say, the connection is secure. What does that mean? It means that the data that you send from your browser. We'll get to that remote server in a secure fashion will be encrypted. So if it's intercepted the third party, won't be able to decrypt it. Now there's exceptions to this, but we'll just keep it nice and simple. When we're talking about email and the two email servers talking to each other, we're talking about the same sort of thing. If you send an email, you have an email provider. It might be my company, but it's not likely, right? Because we only deal with a certain number of small to medium businesses, but the email goes from you to a server. So let's say you're using Microsoft 365. So your email, as you're sending it to me@craigpeterson.com that email. Goes from your browser or your email client over to the Microsoft 365 server. Now I understand there's different ways to do it. In fact, we don't do it quite this way. We always go through an intermediate server that we maintain that helps keep things secure, but the email goes over to Microsoft 365. And that first connection is probably a secured connection also by TLS. Now you're sending it to me@craigpeterson.com. That was the two address in your email. So what happens next is it needs to find out who's handling the email for Craig peterson.com. It finds out, and then it says, A again, TLS session and encrypted session over to my email server. That encrypted session is much the same as what you have on your web browser. It is. Very hard, very unlikely that anyone in between can see your email. And then the email ends up on my server, whatever service I'm using for my server. And then it ends up at my client. It might be on my phone. It might be on my desktop. It could be anywhere. And again, that is using another encrypted session. There's different protocols that might be involved. For instance, I map S SMTP maybe there's TLS over SMTP, whatever. We're not going to get into all of those technical details before you guys all leave me because your eyes just glossed over, but there are a lot of ways to have that all encrypted. So just sending an email from your phone to me@craigpeterson.com means it's going through a minimum. Four machines and each time it gets to one of these machines it's encrypted. That's hopeful, right? I'm going to knock on wood here because in reality, not every one of these points has encryption. Not every email service has that type of encryption, TLS, or other ones. What I want to talk about now is the secure email providers. If you have Microsoft 365 email, you can go to and Microsoft website and send and receive email there. Do your calendar there. You've seen that before. I've used that before, so you can do it all online on the web server. You can also do it on your client on whatever device you have. These secure email providers. I'm going to talk about right now as a rule are using a web front. So what is a secure email? Obviously the first step needs to be the connection from you to the server needs to be encrypted. And if you're using a web based encryption, which again is that HTTPS, which is the TLS nowadays. That is encrypted end to ended choosing public key encryption, the whole RSA patent. And it's just fascinating stuff. It was absolutely amazing what they were able to come up with. I love it. There is also the server itself, which needs to be secured somehow. And then how about the ultimate delivery to the third party? Now we use Cisco again. For our email filters, but that our Cisco server that we have for ourselves here in our very own data center located right here then server also handles emails for some of our other clients. So what happens now is if I want to send a secure email to somebody. Party. So I want to send it to somebody working at the bank or working at the repair shop, whatever it might be. All I have to do is in the subject line, just say secure and the Cisco email, server's going to notice that. And it is then going to send an email off to the recipient saying you need to come to this IP address. And it gives them a link and I, and grab your secure email. So in that way, I know it was delivered to curly because whoever the recipient is had to go to this secure site on this mail server that my company maintains. Okay. So that's another way of doing it. If you don't have the types of equipment that I have here in software that we use for small businesses, then there are still some options. The number one for quite a while has been proton mail, P R O T O N M a I L. And I wrote a big thing about that. You would have got that in my newsletter a few months ago. If you save those things, which you shouldn't do by the way, save them all, just do a search for proton mail in there, and you'll see my detailed explanation of what it is, why you might want to use it. Proton mail is located over in Switzerland. And of course, Swiss has some good privacy laws sodas, the European union, but that was their claim to fame. Hey, we are in Switzerland. We do not do log. We do have self-destructing messages and we have some real neat little features that you can use on your on your device. That's proton mail. It's been very good, but just this month, a Swiss court ordered proton mail to log the attachment. To their service. So now when I say attachments, what I mean is the IP address is the two addresses the, from addresses of any body that's using their service. No, they were specifically looking for this one individual. And so now they are doing some logging. They actually have to change their website. So that's a negative and we'll explain why that's a negative. And we'll talk about a couple of. I of the email services that are out there right now and what you can use, what you might want to use, what the costs are, so that you have a good idea. So stick around because of course we'll be right back. And I want to invite you right now to just take a couple of minutes, go to CraigPeterson.com and subscribe to the newsletter so that you get everything. You'll get my show notes every week. You'll get some of these free trainings I'm in trying to make it so that it's under three minutes to help you understand different concepts and things that are going on. Craig, Peterson.com/subscribe What are the features? These secure email providers are providing, what are the costs? Which ones might you want to consider? We're going to run through the top three right now. What are their features and why would you want to use them?  We started talking a little bit about Proton Mail, some of the real basics here, and it is still the kind of 800 pound gorilla when it comes to secure email, finally they had to capitulate to the Swiss court because they are located in Switzerland. So just goes to show that even being Swiss doesn't mean that it is. Completely secured, then there's a difference too. I want to point out between having a government issue, a subpoena and a court order to have your information revealed. There's a big difference between that and a hacker who's trying to hack you and get into your life. So I think most of us understand that we need to be secure in our documents. We need to have that privacy is guaranteed to us from the constitution, but we also need to have one more level of security, which is okay. How. The hackers. So having a hack free life means you there's a lot of things that you have to be concerned about, email being one of them. So I'm not too worried about Proton Mail and the fact that they had a court order to. Provide IP addresses for a specific group of people. And it was a very small group and I can see that. I can agree with that. Proton Mail does have a free version. That's the one I have because I want to try it out. And it has a 500 megabytes of free. The storage, you can get up to 20 gigabytes and Proton Mail starts at $4 a month. It has end-to-end encryption, which is really important. Again, it means from you all the way to the recipient, all three of these that I'm going to talk about have end-to-end encryption. They also all have. Two-factor authentication. Remember when we're talking about two factor authentication, a lot of places try to pass off this thing where they send you a text message with a number in it. They try and pass that off as two factor authentication. Yeah, it is a type of two factor authentication, but it's not a. If you're already doing something like maybe you've got cryptocurrency, you are potentially not only under attack, but I'm very hackable. If you're using a text message in order to verify who you are. So that's an important thing to remember. Proton Mail has self-destructing messages, which is a very big thing, very positive. It tends to be expensive. Proton Mail being the 800 pound gorilla kinda dictates what kind of price they want to charge and they are on the more expensive. Side the web client is a little bit on the outdated side. It does not support pop three, which I doubt is an issue for any of you guys out there because nowadays the modern email clients aren't using. Anyways, any more now Proton Mail has PGP support. I use PGP, I have a built into my Mac mail and it allows me to send and receive and do end encrypted messages. And that's something you might want to look at a plugin that uses PGP or GPG, which is effectively the same. Which allows you to send and receive encrypted email using your regular email client. However, the person who's receiving it at the far end has to have that PGP client or GPG client as it is. So it might not be the best idea in the world to use that. I use it and I use it for. People within the organization that I know have PGP, because again, we're dealing with third parties information. We have clients and the clients trust us. So we have to be pretty darn careful with some of that stuff. So that's our first one, proton mail. It's something I've used. I know a lot of you are using it. I had so many responses to that email that I sent out to everybody talking about secure email and specifically proton mail. And you guys were all telling me, Hey, listen, I'm switched on I'm away from Google forever because Google is by far the least secure of anybody you could be using out there. Now, the next one is called top-down. Two U T a N OTA. So it gets just what Tatan call 10 town, tow hours, something like that, but a N O T a I'm sure you guys are gonna all send me pronunciation guides and it has again, a free version, one gigabyte. So twice as much as proton mail and it doesn't really offer quite as much storage, but it starts at a dollar 18 month. Down from proton mail's four bucks a month. It also has end to end. Encryption also has two factor authentication. It has an encrypted search function, a calendar function, and aliases. I use aliases not only for my hack free life, but I use aliases because I will. To use a different email address for pretty much everybody I'm dealing with. So these, this way to do that is with an alias. One of the problems here with top I, this is a German company. I bet you it's a German word. Somehow Tottan TOA is that it is injured. Germany is one of those 14 eyes countries. That means it's one of the 14 countries, large countries that share information about people online and spy on each other's citizens. See, that's how the government's gotten around it. The government have preclusions from monitoring citizens. So what did they do while they all get together, serve with the five eyes now once twenty-something eyes, but they're part of the 14 eyes agreement. So Germany, for instance, would spy on us citizens while they're in the U S. And the U S will spy on German citizens while they're in Germany and all over the world. Okay. So that's a negative, however, as a general rule, the European union has pretty good privacy laws, so you're probably safe. And then the third one, which is again, the third in my priorities here too, is called counter mail. Now it has. Interesting features, for instance, they have what are called Ram only servers. So the server boots up, obviously it has to boot off of some sort of a device, but once it's running, everything's in memory. So if that server loses power, it loses everything. Now that's an interesting thing to do and can be a problem if you're trying to store emails, right? It has men in the middle attack protection, which all of these due to one degree or another, but counter male makes that a kind of a big deal. They have a safe box and anonymous payment systems that you can use. And it starts at $3 and 29 cents a month. They have a four gig storage limit. They do not have a free version. So I liked this one counter mail, but I do use proton mail, at least for testing. Some mothers also rans here that allow you to send and receive encrypted mail. Secured mail is Zoho mail, Z O H O mail. The X, Y Z is another one post deal. So I've used Zoho before, by the way post geo P O S T E O. You might want to look@mailbox.org and start mail. So there you go. Top three proton mail. That's still my recommendation. If you want some secure email and it'll cost you a bit, if you want cheaper, look at this T U T A N O T A. All right, everybody make sure you spend right now about a minute. Go to Craig peterson.com and sign up for my weekly newsletter and training. Is there no such an example of Silicon valley and they're a hoity toity attitude of fake it until you make it, or is it the reality of Silicon valley? What's happening out there? WeWork and others.  Theranos. How many of you guys know about Theranos? They had a really great idea and it was started in 2003 by a 19 year old young lady named Elizabeth Holmes. That is pretty young, but her idea was why do we need to have a whole tube or more of blood in order to do blood? With the technology we have nowadays, we should be able to just use a drop of blood and be able to test for hundreds of diseases with just a pinprick of blood. It seemed pretty incredible at the time, but she was able to. Been a yarn that got a lot of people right into investing in her company. We're talking about nearly a billion dollars in capital that was put into their nose. How could she have fooled all of these people or was she fooling them? Was she doing what you expect to have done in Silicon valley? That is in fact the argument that her attorneys are using right now. She is on trial because this company Theranos was never able to produce and tests. They could just take out a drop of blood and run hundreds of tests on it. And there's a lot of evidence that has come out that has shown in fact, a great little documentary that I watched not little on her and the company Theranos. That showed that they had in fact, been taking vials of blood and using other people's equipment, not the Theranos equipment to do the valuations of the blood, to look for diseases, to look for things like vitamin D deficiency that is in fact, something that could have helped with this whole COVID-19 thing. A real quick and cheap check a vitamin D levels in your blood, but what happened? Elizabeth Holmes was really a great talker. She was able to convince a lot of people and a lot of businesses, including Walgreens to invest in her. Not only did she have Walgreens invest in her, but some of the biggest names that you can think of in the investing community, including Rupert Murdoch, he invested in fairness. Now her argument in her. At least her attorney's argument is, Hey, listen, we're not doing anything differently than any other Silicon valley company that's out there. It's this whole creed that they have of fake it until you make it. Is that legit. Is it just one more live from Silicon valley? There's a great article that was in Forbes, talking about some of these, what are called unicorns. These are companies that are startups and are taken under the wing by investors, starting with angels, and then moving into venture capitalist, actually, even before angel. Friends and family and moving into venture capitalist positions, and then eventually public companies, all of these businesses really required proof before they got any funding. So here's an example from Forbes, Airbnb. Obviously they, hadn't what we consider today to be a rather unique business model. But it had been tried before. The whole assumption was that people would rent rooms in their homes on this huge scale, but they didn't have any pre. They were the first to make it in this global trend, they built up this whole idea of becoming a hotelier yourself with your home. But when the founder, Brian Chesky tried to get angel capital, he did not get a dime. He had to prove that renters were interested and people were interested in renting out their homes and that he could pull them together. Once he proved that, then he was able to get the money and prove is you. To have a viable business. First, it's really rare that you don't have to, Facebook was started by Zuckerberg now, all of those stories, but the whole idea was having Harvard students connect with the. And then he expanded it to students and other universities and then expanded it to the world at large, his natural initial investors, like most or friends and family, people who give the money to you because they want to see you successful. Eventually here. Zuckerberg was able to prove it and get money from Silicon valley. And then VCs, I'm not getting into any of the ethics of how he did it or any of these other people that had Google. Google was started by these two Stanford students page and Brin, and they got angel capital from investors. And, but these investors were different than most the investors into Google, where people who were already very successful in the computer industry and could understand the ideas behind the algorithm and believed in page and Brynn and that they could grow this company. Microsoft. Again, another company that started with extremely questionable methods was started by gates. And now. They didn't have any VCs, either. They started by running programs for other people. They convinced IBM that they needed to license an operating system from Microsoft and Microsoft didn't even have the rights to, and then they went out and acquired it on a non-exclusive basis. IBM acquired it from Microsoft and non-excludable exclusive basis. Then they got VC money after they started to take off. Okay. Amazon was started by bayzos with funding from his family and small investors from Seattle. He got a VC from Silicon valley after he launched and was already earning thousands in revenues. Bezos had real proof. Walmart was started by Sam Walton with 25 grand from his father-in-law. He built this business and financing strategy and used his skills to become one of the world's most successful companies as he grew. We work. I don't know if you've seen these. There's a great documentary out there. And we work that I watched too, but again, like Elizabeth Holmes, he was a great guy at standing in front of a group and getting investors to put money. And he was even great at getting people to buy from. We work that he even started this whole, I think it was called wee life thing where he had people who would move into the building. That they were renting this office space from, and they'd all lived there. They all had their own little units and they'd get together every night and they'd eat together and have community and everything again, collapsed when they couldn't sustain the momentum. And it was like a Bernie Madoff thing where he needed more money coming in order to support it. And he got incredible amounts of money from this big Japanese investor. And then we've got Theron. Elizabeth Holmes. She failed when this investigative reporter questioned whether the technology really works, the investigative reporter said, Hey, can you really do hundreds of tests reliably with just a drop of blood? Why did this report, or even have to ask the question at all? How about all of these investors? Huge companies, my including medical field companies. How did all of them get built basically into spending about a billion dollars with her in an investor? It is a real problem. And it's a real question because ultimately what we're talking about is companies and Silicon valley thinking you fake it till you make it, who are bilking investors and everybody else out of it. Now you have to have a certain amount of that. No matter what the company is. Do you think. Faith in yourself. You've gotta be able to stand up and make a presentation to customer or to an investor, an angel investor or friends or family, whatever it might be, but how could you have sold value to customers and convince them? To pay the rent that's needed before you've even shown a profit. And that's a big question. Things have not changed in Silicon valley because of what we work did. And because of their failure, things have not changed because of Elizabeth Holmes and Theranos and the major failure there. These people are investing money. They hope that two times out of 10, one times out of 10, they will actually make money from their investments. We're talking about the venture capitalists and they are jumping on all of these things that are, maybe. Quite legal. That was actually the pitch that was used by the founder of Uber. Yeah. We don't really know if this is quite legal or not, but we're going to let people use their own vehicles to drive their own cars, to pick up strangers and take them places. And it was obviously not legal, especially in big cities where they had laws about all of this. And then all of a sudden now Silicon valley. Really listening closely and say, oh, not quite legal. Okay. That means you are going to completely overturn the whole industry. And that means we could make a whole lot of money on you again, just the knee jerk. So we've got to be careful. The other side of the point and coin is the secret sauce, which is many companies are being careful to not disclose things for very good reason. They don't want an employee to leave and take with them. Their secrets. Look at the lawsuits that have been out there with Google and some of the other self-driving companies. You stole an executive, the executive brought all of this knowledge. Them. And maybe even some documents, this should not be legal. And now you've got the Biden administration issuing an executive order, trying to change this whole thing by saying, while you cannot lock people in to not disclosing or to your secrets or to not compete with you. How well to Silicon valley or any business anywhere. To keep their secrets, their secret sauce, the recipe to Coke. If you will, how are you going to keep it secret if you cannot hold people to these nondisclosure agreement? And so I think again, the Biden administration is going the complete. Wrong direction. I'm going to keep an eye on this whole Theranos thing, this trial that's going on. I didn't have an idea how it's going to turn out, but we do have to change the fake it till you make it. Ideology of Silicon valley. Hey, take a minute and sign up online. Get my free special reports and trainings. Craig peterson.com. Your cybersecurity strategist. It doesn't look like what's app is safe anymore. So what can you use if you want to have a conversation with someone, how many of you have a friend that's in China or Iran or Afghanistan or one of those other countries?  I was warning about our friends at Facebook. Of course they've been buying competition and in fact, they're being sued right now because of that. And they have been going after these companies that look like they are going to eat Facebook's lunch and then they buy them for way more. The market value. So what are the founders supposed to do? If I was offered crazy money for my company, I'd sell it at the drop of a hat. Just like that. It'd be done. Thank you very much. WhatsApp is one of those apps. My Facebook and Facebook bought it, allegedly because it looked like it was going to be serious competition. So our friends at the federal government decided, okay, we'll let this one go and we'll let them know. When Facebook gets their hands on something, it's like Google, getting their hands on, what's going to happen. Ultimately Facebook is going to be using it in order to sell you things. I'm not against having these various websites that we use, online apps and other things going ahead and Colleen us a little bit. What about things we want things to mean might want that we don't even know we want because we don't know they're available. So there's a lot of good reasons from a marketing perspective for them to be able to find out what we're into. They used to be a little bit different than it is today, but not that much. I was in the. Oh, direct marketing business way back in the seventies. It was my second job, really. And I wrote software. That was part of this system that actually put all of our competitors in the country, out of business. Yeah. I wonder if they're still around. It's called marketing electronics of Canada. And let me see if it comes up. Eh, statistics and be okay, so it's not really around anymore. So they master gone out of business. But what we would do for our customers is we'd say, okay, so who should you mail to this? It was direct mail back in the day. And so when we get asked a business, we were in and so they'd say, oh, okay. How about we mail to what 40 year old men who maybe want to buy a pickup truck? So how would we do that? We would look for the magazines that 40 year old men were likely to be. We'd look for anything, the newspaper subscriptions, neighborhoods. It was a real big deal. When, of course the zip code came in. That's not what it is in Canada, but the postal codes came into place because then we could narrow it down based on neighborhoods. So we'd put all of this together and we'd say, okay if someone is getting this magazine, And they're definitely not getting that magazine, but they're getting this newspaper and they live in this part of town. Then we put all of that together and we did the duplicate eliminations and figured out exactly. Okay, this is who we want to be. And then we would do direct mail for the customer to all of those people. So it would be whatever it might be back in the day, it was Grolier encyclopedia was our, one of our customers and Columbia music. You remember, those guys was one of our customers and a few other places out there and we made pretty good money and the, it was pretty easy to do. But back then we were doing almost the same thing. This was what now? 40 plus years ago, as they are doing today. But Facebook of course has way more information. They don't just know what website you might be going to, which is the equivalent of which magazines did you subscribe to back in the day, but they all say. Are in the middle of your conversations, they know who your friends are. They know what your friends have bought. They know what your friends are interested in. So it's not that much different than it used to be, but it's more intrusive because now instead of only having one. A couple of hundred magazines Countrywide that people might subscribe to. We now have millions of websites that we're likely to go to. And we have the conversations, the listen in which frankly, I think is the worst part of all of them. So when they bought WhatsApp, there was a warning of by myself and others saying, be careful, Facebook's going to start to watch you on WhatsApp and Facebook. Good. No. That's never going to happen. There's an article that came out this week. Okay. It's absolutely amazing. This was from pro public. Who looked at the WhatsApp messaging platforms, privacy claims, WhatsApp of course offers quote end-to-end encryption and quote, which most people interpret means that Facebook who owns WhatsApp. Can neither read your messages nor send them off to law enforcement. So some of us are concerned that they're reading it and they're using it from Arcadena et cetera, which okay. I can see, that's a little bit of an invasive invasion of privacy, but it's nothing that hasn't been going on since the 1950s. And the other side of it is what happens if the bad guys get their hands on that information or law enforcement? It reminds me of the old days was stolen, remember stolen. And in his henchmen, they said, Hey, show me the person I'll show you the crime. And the reason he was able to say that is there's so many potential laws that you can bring. If you tell me the person's name, I'll dig into them and watch them, and we'll be able to accuse them of a crime and get them convicted and thrown in prison. So there's those of us who are worried about that potentially happening, then you might say it's not going to happen today. I think frankly, it well could happen today more than it could have, or would have happened just a few years ago, but it keeps getting worse and worse. So I get all. Stuff, but the claim to WhatsApp being safe to say anything on that. No one's monitoring you. No one can see what you're saying is basically false because what they've found a ProPublica is that Facebook employs about a thousand WhatsApp moderators whose entire job is reviewing WhatsApp messages. Now, about some of the censorship this has been going on at Facebook. This is not the same thing because in general, in Facebook, of course, everything is open and available for their computer systems to flag. The automated systems will see it and say, oh, okay. Yeah, this is bad. And they'll just shut you down and then maybe send it off for a person to review. What's happening here with WhatsApp is someone can flag a message that they have received at. Improper now that's where it starts getting to be a little bit crazy here, because with this loophole in WhatsApp's end-to-end encryption, now you don't have that to fall back on that they don't have it, that they can't read. The recipient of any of the WhatsApp messages can flag it once. Flag the messages copied on the recipient's device and sent as a separate message to Facebook for review. Now, the messages are typically flagged for the same reasons they would be on Facebook, but one of the things that's been happening. Is with this content moderation, people who have received the messages from people that they don't like are reporting these messages to Facebook. So they might be in, in a group. You typically is why it works happening. And in, within this group, there's people who are saying things that they just don't like. That is frankly a loophole. Absolutely a loophole. So it's not any different from someone receiving a message screenshot in it or shown their device to another person that's received. But now it's an automated process. Millions of teams every year have found that out too, with their disappearing videos on Snapchat. They don't all just disappear. And that's a problem we're having right now with WhatsApp. So what should you use? What could you use? The number one recommendation that I have for you guys is to use signal. You'll find it online. Signals available for every mobile device out there, pretty much it's available for most desktop operating systems and it is end to end encrypted. And the guy who wrote it who has Mr. Marlin spike has an odd name? He has done this because he wants people to have true privacy in their messages. So signal pretty good. WhatsApp, not so good. You might not want to use it, but by the way, it's huge in use. Hey, take a minute. If you haven't already sign up for my weekly show notes and my trainings that are in them, you'll get them absolutely free. Craig peterson.com. And if you had done that, you'd already know all about WhatsApp and signal and what type of email you should be using. Big data has strikes again in this time it's in Los Angeles. If you get pulled over by the police, would you give them your social media information, your email address, et cetera. Question mark? Huh? Here we go. LAPD has started doing something that most people are saying is unethical and may be illegal is well, they were sued the Los Angeles police department in order to. Some information out of the police department. Cause some people had been reporting things and the Brennan center for justice is what it's called, sued them. Okay. Now this is at the New York school of law. The NYU school of law, the Brennan center is, and they filed a public records request with LAPD and police departments from other major cities. And they were trying to find out what's going on. What kind of data are these police departments collecting and the LAPD resisted making these documents available? I guess that's a clue, right? And so they did ultimately provide over 6,000 pages of documents after the Brennan center. Sued the department. And one of these documents was a memo from the LAPD chief. His name was Charlie. Back in May, 2015. He said that quote one, completing. F I report officers should ask for persons shall social media and email account or information and included in the additional info box. Now, what they're talking about is a, basically a field contact or field interview form, and he was telling them that they need to get all kinds of information, basically anything they can, but more specifically, once or Twitter handle Instagram. Profiles. There's a spot on here for all kinds of information. I'm looking at the report right now. Who are the name your date of birth, your sex, your gang, your or your monitoring moniker? Yeah, not everyone's in a gang guys. And let's see field interview, incident number, the division detail. So the only thing, oh, and by the way, social security number as well. And if you're asking them for their social security number, it tells you they have to read this assess federal law requires that you be in. When asked for your social security number that must be provided for use and identification authority for required. This information is based upon field interview procedures operational prior to January 1st, 1975. Remember the social security number was only going to be used by the treasury department for. Income to verify that you'd been paying and would not be used by any other federal departments or state and local. In fact, it was illegal at the time. Anyways, I guess I'm rambling about this. Cause the social security number thing really upsets me because of. Everybody's collecting it and the bad guys have your social security number and it's being used as some sort of a university universally unique number. We call those UIDs IDs in the computer world, but it's not. And unlike a regular you ID that can easily be regenerated, they will not issue you in a new social security number. If your old one was stolen. It's really crazy. So it may be an unusual policy, even though the LAPD has been doing it for years. Let's see. So a lawyer in the burn-in centers, the library in national security programs wrote, he said, apparently nothing bars officers from filling out field interview forms for each interaction, they engage. On patrol, notably our review of information about the field information cards in 40 other cities did not reveal any other police departments that use the cards to collect social media data though. Details are spars, publicly available documents to try to determine if other police departments are channeling. I collect social media during the field interview were requested, but found that most are not very transparent about their practices. So I guess that's not too surprising. Here's where it starts getting more concerning for me anyways. And that is, they are feeding all of this information from these contact cards into a system that was developed by. Amazon. This is a system called plant Palentier. There you go. Palentier. And in fact, there was an open letter that was written by the staff at Amazon to Jeff. Bayzos asking bayzos to stop selling this technology to law enforcement. Okay. That's how bad it is. Here's an article from ARS Technica. Amazon staff have called on CEO, Jeff Bezos to stop selling facial recognition technology to law enforcement and government agencies. Do the book 10 channel that the tech is used to harm the most marginalized. Microsoft and Google also have done the same thing. Now you hear that and you say, that's really good, kudos to you. I'm glad that you are trying to stop this. And yet at the same time, these same employees don't seem to have a problem with selling this technology to the red, Chinese. At all, they don't seem to have a problem with it in some of these other countries that are using it for just terrible things. Further this letter that they wrote demanded that Amazon stopped selling their cloud services to data analytics from planet here. They have numerous government contracts involved in the operation of ISIS detention and deportation programs goes on and on. So what makes sense to you? The ACL you recently reported that Amazon's recognition facial technology is being sold to police departments. It can identify faces in photos and videos. Amazon pitched in as a way of identifying and tracking suspects. The issue that is raised here by the ECLU is the militarization of the police. How far can it go? Should it go? The targeting of activists and ISIS family separation policy. Now this was in 2018, just so that okay. So back in the day, of course, anything president Trump did was evil. And so this stuff they came out and said was evil. I haven't, I looked and I haven't got anything more reasoned about this. So for some reason, the Biden administration using this, isn't a problem LAPD using this apparently was a problem and continues to be a problem. Keep an eye out for it locally, because here's the other side of this whole thing they say. Are they being the police officer when they pull you over I need this information. I need to inspect your car. I need to search your person, et cetera. They may need to, but that doesn't mean that they have the. Legal right or constitutional right to do it. So typically the police only ask for things that they can constitutionally asked for, that they should ask for. And people, most people know they can refuse a search depending on the circumstances and they, but they don't because you're honoring the police officer. Going on from there honoring the police officer. I also mean that people are allowing the police to gather this information because of, again, the respect that giving to that police officer. And in fact, they apparently do. There's another study in this article that talks about that. It's a problem. We gotta be careful all of this data being fed into a big system that tracks us, that, the bad guys are going to get their hands on that data. Eventually. Hey, visit online Craig peterson.com and check out today's newsletter. You'll find in there links to this and all of today's stories. Do you remember when president Trump was trying to block Tik TOK, this Chinese social site that so many of us were using? Of course now that's all gone. That's all history. And there's another piece of news about them.  Tik TOK is a social media site that really rose a like crazy. It is owned by 10 cent, which is a Chinese company. Now, as all companies in China are controlled by the socialists, the communist party of China, the CC CCC CCP. Remember those initials from back in the day. They are now being given access to location information about Americans, about all kinds of places in the United States, in photos, people's names, their locations, you name it. Through tick talk to Chinese government, the Chinese military, the people's liberation army as they call it. And we're giving all of this information voluntarily. So president Trump had a problem with that. Why should a Chinese company be allowed to track American citizens? Now at the time, took talk was quite popular and was growing in popular. Now we're seeing a news story from the BBC saying the tech talk has overtaken YouTube in the average watch time per user in the United States and the United Kingdom. YouTube is still the bigger video site. They have YouTube as far more users, they have far more video that's watched, but what we're talking about here is something that is specific, but it's still scary, which is the average us tick-tock user watches, more video than the average YouTube view. So if you're a marketer, maybe it's time to get on Tik TOK, but also right now, tick talk is really the younger generations. It's not the older folk. Okay. I expect that eventually just like Facebook started with the college students and it has now really grown to being a an over 40, even over a 50 year old web. At Facebook, the same thing will happen for Tik TOK, but we're getting concerned here because tic talk is upended the streaming and social landscape. With these small videos, it reminds me of how the goldfish, why is the gold fish or the happiest animal in the world? Because it only has a five second. That was just great from Ted lasso. I don't know if you've watched that show at all. That's one of these apple TV shows out there it's really it's really true because these Tik TOK videos are extremely short and the whole goal of it is to have something that's funny and they've had challenges and various other things that they've done too, but they have really gone crazy. Google has tried to counter tic talk. They've had their own little thing. Facebook's had their own little thing with these short videos, but this time spent metric that we're talking about here is from the monitoring from app Annie. That's the name of it. And it only accounts. Android phones because some of this monitoring cannot be done on I-phones. Okay. But it also does not include China where tech talk is a major app in over in China. It's called . I probably didn't pronounce that one quite right either, but it is a massive audience that they have out there and. I'm looking at all of the stat. It's just absolutely amazing. You can see those of course in the newsletter for today, but yeah. Live streaming apps Twitch. For example, viewers can purchase bits virtual currency and send them to cheer for streamers journal, live stream and stuff. This is an interesting business. Tik TOK has definitely taken it over. And we're seeing that that nobody's been able to really do anything. YouTube has it's Tik TOK clone called YouTube short. It was launched in may. This is a 62nd video clips, whole ideas. It's mobile first it's swipe up. Also out there with, I love this. This is ARS Technica, calling it a photocopier, which is what YouTube does, within an upstart video service comes along a Twitch, see YouTube gaming. Anyways, everybody's trying to get into it. No one's being successful at it yet, other than tech talk. And do we really want the red, Chinese having access to all of that? Think what's innovative. You've got GPS information coming from your smartphone. So they know exactly where it's taken. They know who you are. They know information about you as a user. I don't know. It gets scary. And then you think about what happened with the Wu Han lab and what escaped out of there. Could they use that? Might they use that home? My goodness on a very concerned. Okay. From Krebs on security, we have a warranty. For Microsoft users, attackers are now exploiting a windows zero day PLA. So this is a previously unknown vulnerability in windows 10 and many windows server versions. And what it allows them to do is seize control over PCs. When users open a malicious document or. A booby trapped website. There's currently no official patch for it, but Microsoft has released recommendations in order to help mitigate the threat. These mitigations aren't the best, frankly, but we'll see it affects what's called the Ms. HTML component of internet Exploder on windows 10 and many windows servers that are out there. And of course, internet Exploder has been deprecated. For use people should not be using it anymore. So for those of you who are still using internet Explorer, I've got two words for you from the famous Bob new heart, just an amazing guy. So here we go. Okay. Here you're there. That's from an old routine. I couldn't help, but think of it, but yeah, that's the bottom line. You need to stop using internet Explorer. It does not work well. It is bug Laden. Like most Microsoft software seems to be, and it is now under direct attack. So make sure that. Patch had Shirley patch off. And now I am in the middle of putting together. This is another bit of free content for everybody, but two things. One is a cyber health assessment that you can do yourself. And shall I show you how? And I'm going to have a course on that too. A paid course that gets into a lot more detail. But the basics is, I want you guys to understand that. And then the other thing is in the next 90 days, what are the things that you should do and can do to make your computers safer? Now, as usual, this is aimed at businesses, but works great for. Individuals for home users. And we'll see how this ends up going. But frankly, the zero day attacks are going to keep happening. They happen to Microsoft. They happen to apple. They happen to everybody, but they all release patches. The only one that you are going to have trouble with patches on is older versions of windows. And of course Android. What else do I have to say? Any older Android phone? Cause they lose support very quickly. So don't use those, but make sure patch Tuesday. All of those patches are installed from Microsoft and visit me online. Craig peterson.com. Make sure you sign up for my newsletter so you can get these coming up and more.


    Do You Know How to Identify a Fake Web Page? - Whole Show

    Play Episode Listen Later Sep 10, 2021 81:44

    Do You Know How to Identify a Fake Web Page? The FBI's reporting that more than 70% of all business hacks are because of our employees. They're clicking on emails, they're going to websites, what can we do? How do we know if a website is legitimate or not? [Automated transcript] [00:00:19] There's a great little article that McAfee published now, McAfee is a company that's been in the cybersecurity business for quite a while. [00:00:28] I do not use their products. I use some competing products. I have not been impressed with their products. [00:00:35] Let me tell you this particular web post that they put up is fantastic and you'll see it in my newsletter this week. Make sure you get that. [00:00:45] Have you ever come across a website that didn't look quite right if you haven't, you haven't been on the internet very much because whether you're an individual at home or you are in a business environment, we are likely going to end up on websites that are not legitimate. Sometimes we'll see these things, that company logo might be wrong. There's not enough information on the page. You've been there before and this looks down page. The odds are that you were on a hack site, a site that's trying to get you to do something most of the time when you end up on these sites, they're trying to get you to put in your username and password. [00:01:31] Already that the bad guys have stolen your username and password from so many websites out there. So why would they try and do it this way? It's because if they're pretending to be your bank and you try and log in, They know this as your bank account, and many times they immediately try and get into your bank account or your phone account, whatever it might be. [00:01:56] This is a very long-standing tactic that's relied on by hackers everywhere. Usually it's a knockoff of a real page. They'll take it and they will recreate it. Then it's easy to do if you're in a web browser right now, when you go to your bank's website. You can just go to file, save as, and go ahead and save the entire webpage and you'll get everything. [00:02:23] You'll get all of the links that are on there. All of the graphics that are there, it'll pull it in for you all automatically. And that's all they do. That's what they use. Just a copy. How do they get in front of you in the first place? Typically the hackers will go ahead and send a phishing email. [00:02:43] They'll make the email sound legitimate. They'll make it look legitimate. They'll often even use a URL that looks a lot like it. B the real banks email. I've seen it before where the URL is bank of america.safe site.com. That sort of a thing. I'm not blaming safe site. They could be a great company. [00:03:04] I don't know. I just made it up as we're going, but that type of a URL where it's not really bank of america.com or it's a misspelling of bank of America, that's the sort of thing that gets to be pretty darn common and. Clicking on that link and then submitting your information. It hasn't been leading to credit card fraud, data extraction, wire transfers, identity theft, and a whole lot more. [00:03:34] Now with the COVID relief, that's been out there. All of these things from filing for unemployment claims through filing for PPP protection as a business, the whole. Industry has changed. I'm talking about the hacker industry here, because there are so many people who are falling for these scams and ransomware as well has gone up over 300%. [00:04:08] It's just absolutely amazing. Now, if you go online and you duck, duck, go. Fake login pages. And for those of you who don't know what I mean by that duck go is the search engine I've been recommending lately. It is a search engine that doesn't take politics into play like Google does. And it also does not track you. [00:04:31] And what you're looking at it is ad based. It gets its revenue from advertisement, but it's not selling your information just on the basic search. That you're doing. I think it's a very good alternative, but if you go ahead and your search for fake login pages, you're going to find thousands of guides on how to create websites. [00:04:53] And these bad guys can create these websites in absolutely no time at all. It just a minute or two in order to make one of them. Now it can be difficult nowadays to figure out if it's a fake site, because the, again, the hackers are constantly updating their techniques to be more sophisticated. So it's made it more difficult for consumers to really recognize when something's fraudulent. [00:05:22] Now I want to get it into a psychological term. In attentional, blindness. You've probably heard of this. I remember this from, I think it was college days for me, so a very long time ago, but there's a study that was done on inattentional blindness called the invisible gorilla test. If you go right now online and just search for invisible gorilla test, you'll see a bunch of these coming. [00:05:52] No, there's even a book called that the invisible gorilla test that came out about 11 years ago, 12 years ago, I think. But here's the bottom line on this? They tell you to do something in this study. What they did here is there's a video. People there's six people, three of them are dressed with white shirts and three of them have black shirts and they're passing basketballs back and forth. [00:06:20] The white shirts are only passing to the white shirts and the black shirts under the black shirts. And what they ask you to do is count the number of times the team in white past. Now, you're sitting there watching, knowing they're going to try and fool you, you're paying a whole lot of attention to it. [00:06:40] And then at the end, they ask you a question that may be not expecting the video. I just watched on this, that was called the monkey business. Illusion is the name of this. I counted and I counted carefully and I came up with 16 passes. So the monkey business, illusion, 16 times the people in the white shirts passed the basketball back and forth. [00:07:06] So I got that. But then they said did you notice the person in the gorilla costs? Who walked through the game. He didn't just walk through the game, walked in, beat on this chest and then walked out of the game. If you didn't know about this and okay. In chorus, all honesty, I always try and put everything upfront here. [00:07:29] I knew about it beforehand. I remember from college days. But eight, most people actually about 50% of people who did not know, there is a gorilla in the middle of this. Would not have noticed the gorilla walking through the game, but this monkey business illusion video, there's something else too. [00:07:52] And I've got to admit, I did not notice that. And that is the curtain color change. From red to gold, this curtain that was in the background of all of these players. And I didn't notice one other thing. I'm not going to tell you what that is. You'll have to watch the video of yourself too, to figure that out again, just go online and search for the monkey business illusion. [00:08:19] And I think you'll find it. So the reason I brought this up is because if you come across a well forged login page and you're not actively looking for signs of fraud, you're fairly likely to miss a cybercriminals gorilla. You're likely to miss that the logo's not quite right, or the placement isn't the same as I'm used to. [00:08:45] Because you're focused in, on doing what you're supposed to be doing. It's the whole concept as well of have tunnel vision. And I'm sure you're aware of that. We've all had that before, where we're really focused on this one little thing and we don't notice everything else going on. It particularly happens in high stress times. [00:09:08] So how do you steer clear of the fake login pages? We're going to talk about that when we get. But it's absolutely crucial for everyone, even if you've had phishing training and you are trying to be cautious, you could fall for this invisible gorilla and enter in your personal details, not something that you really want. [00:09:36] Hopefully you guys got my newsletter last weekend. I got a lot of comments on it. People are saving. In fact, that's the first thing I said in this email last week is don't lose this because it went through point by point on about 10 different things that you should be doing too. Yourself and your business safe during the holidays. [00:10:03] Now, of course we had labor day coming up. We're going to have more holidays, right? There's always more holidays in the future and less it's after the first of the year, then you got to wait a long time. Make sure you get it, make sure you dig it out. If he didn't notice it just search for me@craigpeterson.com. [00:10:23] That's where the email comes from and have a look at that. I have links on how to do all of those things. It's very important. FBI warning out just last week. [00:10:33] I just told you about one of the biggest problems we are facing right now, when it comes to hackers and then has to do with fishing and going to fake login pages. Now I'm going to tell you exactly what to do. [00:10:47] How do you steer clear of these fake log-in pages and how do you protect yourself in case you accidentally do provide the bad guys with the information that you shouldn't have? [00:11:01] If they've got your email address or your login name and they have your password, it's pretty easy for them to log in. In most cases right into your bank account. So first of all, don't fall for phishing, but as we just described because of this whole inattentional blindness that we have, it's easy enough to fall, pray for this. [00:11:28] Beat yourself up too bad if you followed, if you fell for some of that stuff, but there is a great little website the Google has that you might want to check out. And that website gives you a real quick quiz, is the best way to. And it shows you some emails and you get to determine whether or not you think it's fishing and then it tells you what the reality of it is. [00:11:59] So go to fishing quiz. Dot with google.com. If you miss that, you can always email me M e@craigpeterson.com and I'll send it off to, but phishing quiz dot with google.com. And of course, phishing is spelled P H I S H I N G fishing. Dot with google.com. So you can go there and right there on the screen, it says, take the quiz. [00:12:30] You can hit it and make up a name and an email address. So it doesn't have to be your real name or your real email address. Okay. It's not going to send you anything. It's not going to sign you up for stuff. It just wants to use it in. Phishing email examples. That's going to give you, so I put in a fake name and a fake email address and it is showing me an email. [00:13:00] So to me, from a Luke, John. And it says Luke Johnson shared a link to the following document, Tony 21 budget department dot doc. So if I click on that, I have now told them, Hey, I'm open to all that sort of stuff. It's so anyways, it's got the link and it's got the opening docs and you now up above say, is this phishing or is it. [00:13:27] Legitimate. Okay. So if we say fishing that says, correct, this is a phishing email. You might have spotted the look alike, you are out. And that is indeed exactly what it is cause it it wasn't legitimate. And remember when you mouse over a link, you can see down at the bottom. The URL that is going to open up for you. [00:13:51] So you can just go through this at your own speed at your own pace and figure it out again. If you didn't get that, you can always email me M E ed Craig peterson.com. And I'll be glad to get back to you. So that's a good way to learn about fishing. I want to con really warn, I should say businesses. If you are sending out phishing emails to your employees to see if they are opening fake phishing emails or not. [00:14:23] That's an okay. Practice. The problems really come in with the companies that are sending out phishing emails and are then following up in such a way that employee is punished in some places they are being punished by if you've opened three fake emails over the last year or whatever it might be. [00:14:47] But over the last year, you're. It's that bad. So we have to be careful. You're not going to increase the confidence of your employees by doing that. And what's, you're actually going to end up doing is slowing down the productivity of your employees. Because now they're going to be really worried about opening, any emails that look like they might be legitimate. [00:15:14] And so your business is going to slow right down. So having some more training about it. Okay. I can see that everyone makes mistakes and we've got to remember that as well, but watch free, man. But we really are trying to get you to move quickly, act fast, or I need this answer right away. Or one of the big ones is we've got this vendor and in fact, I'll, let me give you a real world example. [00:15:41] It's a manufacturing company and of course they. To buy product from vendors, as supplier. And then they use that product or whether it's copper or whatever it might be now to put it all together to make their products. And this one person, this one, hacker a lady again in Eastern Europe, she went and found out about this company. [00:16:08] Okay, great. Found on their website, who the CEO was, who the CFO was. Okay, great. And was able to find the CEO online on Facebook and on his Facebook account, he said, yeah, we're going to The Bahamas. Rear-ending a sailboat. We're going to be out there, the whole family for two weeks. This is going to be fantastic disconnected. [00:16:37] So she found all of that. Now what she had to do was she found out who it was. The CEO, what school he went to. So first she had to get around the restrictions. Cause he had said, don't share my posts with anyone other than friend. So she sent him a message because she found his LinkedIn profile. You see how easy this is to do. [00:16:59] She found his LinkedIn profile and that he went to Harvard and got his MBA. So she sent him. A little note saying, Hey, remember me Janie from X, Y, Z class at Harvard, and want to be friends catch up a little bit. And then he doesn't remember who she is, but the picture looks cute enough. I might as well say yes. [00:17:21] And now she had his contact information over on LinkedIn, send him a friend request over on Facebook as well. That's how she found out he was going to be gone for two weeks. And so now she knows when he's gone. And where he's going to be completely out of touch. So once he's gone about two or three days later, she sent an email off to the CFO inside the company and said, Hey. [00:17:49] We've got this new vendor they've been providing us with product for the last three months. We haven't paid them at all yet. I need you to wire. It was a little more than $40 million because she'd done her homework. She knew how much money the company made, what their expenses probably were. I need you to wire $40 million to this account, or they're going to stop. [00:18:17] All shipments to us. And instead of the CFO doing a little bit more homework into it and digging in and finding out because talking to the people in receiving that we've never received anything from that company. I don't know what you're talking about. And then talking with the guy on the manufacturing floor, the CFO didn't do any of that, just okay. This looks legit. And by the way, it is so easy for these hackers to also gain access to personal email accounts. And we're not going to spend time going into that right now. So he wired. Yes indeed. So there's an example of falling for fishing. A little bit of follow up on the part of the CFO would have shown him that this was not legitimate. [00:19:07] Even over on Shark Tank. Barbara Cochran. She fell prey to this, actually it was her assistant and who wired some $400,000 to a vendor that wasn't real. Now the good news is the assistant copied Barbara who saw the email right away and said, whoa, wait a minute. They called the bank and they put a stop on it.. [00:19:34] Doing a little training here on how to spot fake log-in pages. We just covered fishing and some real world examples of it, of some free quiz stuff that you can use to help with it. And now we're moving on to the next step. [00:19:50] The next thing to look for when it comes to the emails and these fake login pages is a spelling mistake or grammatical errors. [00:20:02] Most of the time, these emails that we get that are faking emails are, have really poor grammar in them. Many times, of course the commas are in the wrong place, et cetera, et cetera. But most of us weren't English majors. So we're not going to pick that up myself included. That's why I use Grammarly. [00:20:21] If you have to ever write anything or which includes anything from an email or a document you probably want to get Grammarly. There's a few out there, but that's the one I liked the best for making sure my grammar. So a tip, to the hackers out there, but the hackers will often use a URL that is very close to it. [00:20:45] Where are you want to go? So they might put a zero in place of an O in the domain, or they might make up some other domain. So it might be amazon-aws.com or a TD bank-account.com. Something like that. Sometimes the registrars they'll catch that sort of thing and kill it. Sometimes the business that they are trying to fake will catch it and let them know as well. [00:21:19] There's companies out there that watch for that sort of thing. But many times it takes a while and it's only fixed once enough people have reported it. So look at the URL. Make sure it's legitimate. I always advise that instead of clicking on the link in the email, try and go directly to the website. [00:21:41] It's like the old days you got a phone call and somebody saying, yo, I'm from the bank and I need your name and social security numbers. So I can validate the someone broke into your account. No, they don't. They don't just call you up like that nowadays. They'll send you a message in their app. [00:21:56] That's on your smart. But they're not going to call you. And the advice I've always given is look up their phone. And by the way, do it in the phone book, they remember those and then call them back. That's the safest way to do that sort of thing. And that's true for emails as well. If it's supposedly your bank and it's reporting something like someone has broken into your account, which is a pretty common technique for these fissures, these hackers that are out there, just type in the bank URL as it not what's in the email. [00:22:33] There will be a message there for you if it's legitimate, always. Okay. So before you click on any website, Email links, just try and go directly to the website. Now, if it's one of these deep links where it's taking new Jew, something specific within the site, the next trick you can play is to just mouse over the link. [00:22:58] So bring your mouse down to where the link is. And typically what'll happen is at the bottom left. Your screen or of the window. It'll give you the actual link. Now, if you look at some of them, for instance, the emails that I send out, I don't like to bother people. So if you have an open one of my emails in a while, I'll just automatically say, Hey, I have opened them in awhile, and then I will drop you off the list. [00:23:28] Plus if you hit reply to one of my newsletters, my show notes, newsletters. That's just fine, but it's not going to go to me@craigpeterson.com and some people you listeners being the best and brightest have noticed that what happens is it comes up and it's some really weird URL that's so I can track. [00:23:51] Who responded to me. And that way I can just sit down and say, okay, now let me go through who has responded? And I've got a, kind of a customer relationship management system that lets me keep track of all of that stuff so that I know that you responded. I know you're interacting, so I know I'm not bothering you. [00:24:11] And I know I need to respond. Much the same thing is true with some of these links. When I have a link in my newsletter and I say, Hey, I'm linking to MIT's article. It is not going to be an MIT. Because again, I want to know what are you guys interested in? So anytime you click on a link, I'll know, and I need to know that, so I know why, Hey, wait a minute. [00:24:36] Now, 50% of all of the people that opened the emails are interested in identifying fake login pages. So what do I do? I do something like I'm doing right now. I go into depth on fake logs. Pages. I wouldn't have known that if I wasn't able to track it. So just because the link doesn't absolutely look legit doesn't mean it isn't legit, but then again, if it's a bank of it involves financial transactions or some of these other things be more cautious. [00:25:11] So double check for misspellings or grammatical errors. Next thing to do is to check the certificate, the security certificate on the site. You're on this gets a little bit confusing. If you go to a website, you might notice up in the URL bar, the bar that has the universal resource locator, that's part of the internet. [00:25:38] You might've noticed a. And people might've told you do check for the lock. That lock does not mean that you are safe. All it means is there is a secure VPN from your computer to the computer on the other side. So if it's a hacker on the other side, you're sending your data securely to the hacker, right? [00:26:05] That's not really going to do you a whole lot of good. This is probably one of the least understood things in the whole computer security side, that connect. May be secure, but is this really who you think it is? So what you need to do is click on their certificate and the certificate will tell you more detail. [00:26:29] So double check their certificate and make sure it is for the site. You really. To go to, so when it's a bank site, it's going to say, the bank is going to have the bank information on it. That makes sense. But if you go for instance on now, I'm going to throw a monkey wrench into this whole thing. [00:26:48] If you go to Craig peterson.com, for instance, it's going to. Connection is secure. The certificate is valid, but if you look at their certificate and the trust in the details, it's going to be issued by some company, but it's going to just say Craig peterson.com. It's not going to give a business name like it would probably do for a bank. [00:27:14] So you know, a little bit of a twist to it, but that's an important thing. Don't just count on the lock, make sure that the certificate is for the place you want to contact. Last, but not least is multi-factor authentication. I can't say this enough. If the bad guys have your username or email address and your password for a site, if you're using multifactor authentication, they cannot get in. [00:27:53] So it's going to prevent credential stuffing tactics, or they'll use your email and password combinations that have already been stolen for mothers sites to try and hack in to your online profile. So very important to set up and I advise against using two factor authentication with your, just a cell phone, as in a text message SMS, it is not secure and it's being hacked all of the time. [00:28:23] Get an authorization. Like one password, for instance, and you shouldn't be using one password anyways, for all of your passwords. And then Google has a free one called Google authenticator. Use those instead of your phone number for authentication. [00:28:40] You're listening to Craig Peterson, cybersecurity strategist, and online@craigpeterson.com. [00:28:48] I've been warning about biometric databases. And I sat down with a friend of mine who is an attorney, and he's using this clear thing at the airport. I don't know if you've seen it, but it's a biometric database. What are the real world risks? [00:29:04] This clear company uses biometrics. [00:29:08] It's using your eye. Brent, if you will, it's using your Iris. Every one of us has a pretty darn unique Iris, and they're counting on that and they're using it to let you through TSA very quickly. And this attorney, friend of mine thinks it's the best thing since sliced bread, because he can just. On through, but the problem here is that we're talking about biometrics. [00:29:34] If your password gets stolen, you can change it. If your email account gets hacked, I have another friend who his account got hacked. You can get a new email account. If your Iris scan that's in this biometric database gets stolen. You cannot replace your eyes unless of course you're Tom cruise and you remember that movie, and it's impossible to replace your fingerprints. It's possible to replace your face print. I guess you could, to a degree or another, some fat injections or other things. Could be done to change your face sprint, but these Iris scans fingerprints and facial images are something I try not to provide any. [00:30:29] Apple has done a very good job with the security of their face print, as well as their fingerprint, because they do not send any of that information out directly to themselves or to any database at all. Period. They are stored only on the device itself. And they're in this wonderful little piece of electronics that can not be physically compromised. [00:30:59] And to date has not been electronically compromised either. They've done a very good job. Other vendors on other operating systems like Android, again, not so much, but there are also databases that are being kept out there by the federal government. I mentioned this clear database, which isn't the federal government, it's a private company, but the federal government obviously has its fingers into that thing. [00:31:29] The office of personnel. For the federal government, they had their entire database, at least pretty much the entire database. I think it was 50 million people stolen by the red, Chinese about six years ago. So the communists. Copies of all of the information that the officer personnel management had about people, including background checks and things. [00:31:55] You've probably heard me talk about that before. So having that information in a database is dangerous because it attracts the hackers. It attracts the cybercriminals. They want to get their hands on it. They'll do all kinds of things to try and get their hands. We now have completely quit Afghanistan. [00:32:20] We left in a hurry. We did some incredibly stupid things. I just, I can't believe our president of the United States would do what was done here. And now it's been coming out that president and Biden completely ignored. The advice that he was getting from various military intelligence and other agencies out there and just said, no, we're going to be out of there. [00:32:46] You have to limit your troops to this. And that's what causes them to close the air base battleground that we had for so many years. Apparently the Chinese are talking about taking it over now. Yeah. Isn't that nice. And whereas this wasn't an eternal war, right? We hadn't had anybody die in a year and a half. [00:33:05] It's crazy. We have troops in south Vietnam. We have troops in Germany. We have troops in countries all over the world, Japan, you name it so that we have a local forest that can keep things calm. And we were keeping things calm. It's just mind blowing. But anyhow, politics aside, we left behind a massive database of biometric database. [00:33:38] Of Afghanis that had been helping us over in Afghanistan, as well as a database that was built using us contractors of everyone in the Afghan military and the basically third genealogy. Who their parents were the grandparents blood type weight, height. I'm looking at it right now. All of the records in here, the sex ID nationality. [00:34:11] Date of exploration, hair color, favorite fruit, favorite vegetables, place of birth, uncle's name marker signature approval. Signature date, place of birth. Date of birth address, permanent address national ID number place of ISS. Date of ISS native language salary data salary, group of salary, police of salary education, father's name, graduation, date, weapon and service now. [00:34:41] These were all in place in Afghanistan. We put them in place because we were worried about ghost soldiers. A gold soldier was someone who we were paying the salary of taxpayers of the United States were paying the salaries of the Afghan military for quite some time. And we were thinking that about half of the. [00:35:06] Payroll checks. We were funding. We're actually not going to people who were in the military, but we're going to people who were high up within the Afghan government and military. So we put this in place to get rid of the ghost soldiers. Everybody had to have all of this stuff. In the database, 36 pieces of information, just for police recruitment. [00:35:39] Now this information we left behind and apparently this database is completely in the hand of the Taliban. Absolutely. So we were talking about Americans who helped construct Afghanistan and the military and the telephone. The looking for the networks of their Ponant supporters. This is just absolutely amazing. [00:36:07] So all of the data doesn't have clear use, like who cares about the favorite fruit or vegetable, but the rest of it does the genealogy. Does they now know who was in the police department, who was in the military, who their family is, what their permanent address is. Okay. You see the problem here and the biometrics as well in the biometrics are part of this us system that we were using called hide H I D E. [00:36:41] And this whole hide thing was a biometric reader. The military could keep with them. There were tens of thousands of these things out in the field. And when they had an encounter with someone, they would look up their biometrics, see if they were already in the database and in the database, it would say, yeah, they're friendly, they're an informant. [00:37:03] Or we found them in this area or w we're watching them. We have concern about them, et cetera, et cetera. All of their actions were in. Turns out that this database, which covered about 80% of all Afghans and these devices are now in the hands of the Taliban. Now, the good news with this is that a lot of this information cannot be easily extracted. [00:37:32] So you're not going to get some regular run of the mill Taliban guy to pick one of these up and start using. But the what's happening here is that we can really predict that one of these surrounding companies like Pakistan that has been very cooperative with the Taliban. In fact, they gave refuge to Saddam, not Saddam Hussein, but to a bin Ladin and also Iran and China and Russia. [00:38:04] Any of those countries should be able to get into that database. Okay. So I think that's really important to remember now, a defense department spokesperson quote here, Eric Fay on says the U S has taken prudent actions to ensure that sensitive data does not fall into the Tolo bonds. And this data is not at risk of misuse. [00:38:29] Misuse that's unfortunately about all I can say, but Thomas Johnson, a research professor at the Naval postgraduate school in Monterey, California says not so fast, the taller Bon may have used biometric information in the Coon dues. So instead of taking the data straight from the high devices, he told MIT technology review that it is possible that Tolo bond sympathizers in Kabul, provided them with databases of military personnel, against which they could verify prints. [00:39:07] In other words, even back in 2016, it may have been the databases rather than these high devices themselves pose the greatest risk. This is very concerning big article here in MIT technology review. I'm quoting from it a little bit here, but there are a number of databases. They are biometric. Many of these, they have geological information. [00:39:35] They have information that can be used to round up and track down. Now, I'm not going to mention world war two, and I'm not going to mention what happened with the government too, before Hitler took over, because to do that means you lose that government had registered firearms, that government had registered the civilians and the people and Afghanistan. [00:40:04] The government was also as part of our identification papers, registering your religion. If you're Christian, they're hunting you down. If you were working for the military, they're hunting you down. And this is scary. That's part of the reason I do not want biometric information and databases to be kept here in the U S Hey, make sure you get my show notes every week on time, along with free training, I try to help you guys out. [00:40:41] If you've never heard of the Carrington event, I really hope, frankly, I really do hope we never have to live through one of these. Again, there is a warning out there right now about an internet apocalypse that could happen because of the sun. [00:40:58] Solar storms are something that happens really all of the time. The sun goes through solar cycles. About every seven years, there are longer cycles as well. You might know. I have an advanced class amateur radio license I've had for a long time, and we rely a lot when we're dealing with short wave on the solar cycle. [00:41:22] You see what happens is that the sun charges, the atmosphere. That if you've ever seen the Northern light, that is. Part of the Sunzi missions, hitting our magnetic field and getting sucked into the core of the earth, if you will, as they get caught in that field. And the more charged the atmosphere is, the more bounce you get. [00:41:46] That's what we call it bounce. And the reason us hams have all these different frequencies to use is because of the bow. We can go different frequencies with different distances, I should say, using different frequencies. So think about it right now. You've got the earth and I want to talk from Boston to Chicago. [00:42:08] For instance, I know about how many miles it is, and I have to figure out in the ionosphere up in the higher levels of the atmosphere, what frequency. To use in order to go up into the atmosphere, bounce back, and then hit Chicago. That's the idea. It's not quite as simple or as complex in some ways, as it sounds, a lot of people just try different frequencies and a lot of hams just sit there, waiting for anybody anywhere to talk to, particularly if they are. [00:42:41] It's really quite fun. Now what we're worried about, isn't so much just the regular solar activity. We get worried when the sun spots increase. Now, the solar cycle is what has primary image. On the temperature on earth. So no matter what, you might've heard that isn't your gas, guzzling car or a diesel truck that causes the Earth's temperature to change. [00:43:10] Remember the only constant when it comes to the Earth's temperature has been changed over the millions of years. We had periods where the earth was much warmer than it is now had more common that carbon dioxide in the atmosphere than it does now had less. In fact, right now we are at one of the lowest levels of carbon dioxide in the atmosphere in earth long. [00:43:36] So the sun, if you might remember, comes up in the morning, warms things up, right? And then it cools down. When the sun disappears at nighttime, it has a huge impact. It's almost exclusively the impact for our temperatures. There's other things too, for instance. eruption can spew all to hold a lot of carbon dioxide. [00:44:01] In fact, just one, just Mount St. Helens wanted erupted, put more carbon dioxide into the atmosphere than man has throughout our entire existence. Just to give you an idea, right? So these alarms that are out there, come on, people. Really, and now we're seeing that in this last year, we had a 30% increase in the ice cap up in the, in, up in the north, up in Northern Canada, around the polls. [00:44:32] We also had some of these glaciers growing. It was so funny. I saw an article this year, or excuse me, this week that was showing a sign that was at one of our national parks. And it said this glacier will have disappeared by 2020. Of course it hasn't disappeared. In fact, it has grown now and it's past 2020. [00:44:54] Anyhow, the sun has a huge impact on us in so many ways. And one of the ways is. Something called a coronal mass ejection. This is seriously charged particles. That tend to be very directional. So when it happens, when there's one of these CMS coronal, mass ejections, it's not just sending it out all the way around the sun everywhere. [00:45:21] It's really rather concentrated in one. One particular spot. Now we just missed one not too long ago. And let me see if I can find it here. Just mast, a cm E near miss. Here we go. There a solar super storm in July, 2012, and it was a very close shave that we had most newspapers didn't mention it, but this could have been. [00:45:51] AB absolutely incredible. We'd be picking up the pieces for the next 50 years. Yeah. Five, zero years from this one particular storm. And what happens is these solar flares, if you will, are very extreme, the CME. You're talking about x-rays extreme UV, ultraviolet radiation, reaching the earth at the speed of light ionizes, the upper layers of atmosphere. [00:46:19] When that happens, by the way, it hurts our communications, but it can also have these massive effects where it burns out saddle. And then causes radio blackouts, GPS, navigation problems. Think about what happened up in Quebec. So let me just look at this back hit with an E and yeah, here we go. And March 13th, 1989. [00:46:50] Here we go. Here's another one. Now I remembered. And this is where Quill back got nailed. I'm looking at a picture here, which is looking at the United States and Canada from the sky and where the light is. And you can see Quebec is just completely black, but they have this massive electrical blackout and it's becomes. [00:47:13] Of this solar storm. Now they, these storms that I said are quite directional depending on where it hits and when it hits things can get very bad. This particular storm back in 1989 was so strong. We got to see their Rora Borealis, the Northern lights as far south, as Florida and cute. Isn't that something, when we go back further in time to this Carrington event that I mentioned, you could see the Northern lights at the eclipse. [00:47:50] Absolutely amazing. Now the problem with all of this is we've never really had an internet up online. Like we have today when we had one of the storms hit. And guess what we're about to go into right now, we're going into an area or a time where the sun's going to be more active, certainly on this 11 year cycle and possibly another bigger cycle too, that we don't really know much about. [00:48:22] But when this hit us back in the 1850s, what we saw was a a. Telegraph system that was brought to its knees. Our telegraphs were burned out. Some of the Telegraph buildings were lit. They caught on fire because of the charges coming in, people who were working the telegraphs, who are near them at the time, got electric shocks or worse than that. [00:48:48] Okay. 1859 massive Carrington event compass needles were swinging wildly. The Aurora Borealis was visible in Columbia. It's just amazing. So that was a severe storm. A moderate severity storm was the one that hit in Quebec here knocked out Quebec electric. Nine hour blackout of Northeast Canada. What we think would happen if we had another Carrington event, something that happened to 150 years ago is that we would lose power on a massive scale. [00:49:27] So that's one thing that would happen. And these massive transformers that would likely get burned out are only made in China and they're made on demand. Nobody has an inventory. So it would be at least six months before most of the country would get power back. Can you believe that would be just terrible and we would also lose internet connectivity. [00:49:52] In fact, the thinking that we could lose internet connectivity with something much less than a severe storm, maybe if the Quebec power grid solar, a massive objection here. Maybe if that had happened, when. The internet was up. They might have burned out internet in the area and maybe further. So what we're worried about is if it hits us, we're going to lose power. [00:50:20] We're going to lose transformers on the transmission lines and other places we're going to lose satellites and that's going to affect our GPS communication. We're going to lose radio communication, and even the undersea cables, even though they're now no longer. Regular copper cables. It's now being carried of course, by light in pieces of glass. [00:50:45] The, those cables need to have repeaters about every 15 miles or so under underwater. So the power is provided by. Copper cables or maybe some other sort of power. So these undersea cables, they're only grounded at extensive intervals, like hundreds or thousands of kilometers apart. So there's going to be a lot of vulnerable components. [00:51:12] This is all a major problem. We don't know when the next massive. Solar storm is going to happen. These coronal mass ejections. We do know they do happen from time to time. And we do know it's the luck of the draw and we are starting to enter another solar cycle. So be prepared. Of course, you're listening to Craig Peterson, cybersecurity strategist. [00:51:42] If you'd like to find out more and what you can do, just visit Craig peterson.com and subscribe to my weekly show notes. [00:51:52] Google's got a new admission and Forbes magazine has an article by Zach Dorfman about it. And he's saying you should delete Google Chrome now after Google's newest tracking admission. So here we go. [00:52:09] Google's web browser. It's been the thing for people to use Google Chrome for many years, it's been the fastest. Yeah, not always people leapfrog it every once in a while, but it has become quite a standard. Initially Microsoft is trying to be the standard with their terrible browser and yeah, I to Exploder, which was really bad and they have finally completely and totally shot it in the head. [00:52:42] Good move there on their part. In fact, they even got rid of their own browser, Microsoft edge. They shot that one in. They had to, I know I can hear you right now saying, oh, Craig, I don't know. I just use edge browser earlier today. Yeah. But guess what? It isn't edge browser. It's actually Google Chrome. The Microsoft has rebranded. [00:53:04] You see the guts to Google Chrome are available as what's called an open source project. It's called chromium. And that allows you to take it and then build whatever you want on top of. No, that's really great. And by the way, Apple's web kit, Kat is another thing that many people build browsers on top of and is part of many of these browsers we're talking about right now, the biggest problem with the Google Chrome. [00:53:35] Is they released it so they could track you, how does Google make its money? It makes us money through selling advertising primarily. And how does it sell advertising if it doesn't know much or anything about you? So they came out with the Google Chrome browser is a standard browser, which is a great. [00:53:55] Because Microsoft, of course, is very well known for not bothering to follow standards and say what they have is the actual standard and ignoring everybody else. Yeah. Yeah. I'm picking on Microsoft. They definitely deserve it. There is what is being called here in Forbes magazine, a shocking new tracking admission from. [00:54:17] One that has not yet made headlines. And there are about what 2.6 billion users of Google's Chrome worldwide. And this is probably going to surprise you and it's frankly, Pretty nasty and it's, I think a genuine reason to stop using it. Now, as you probably know, I have stopped using Chrome almost entirely. [00:54:42] I use it when I have to train people on Chrome. I use it when I'm testing software. There's a number of times I use it, but I don't use it. The reality is that Chrome is an absolute terror. When it comes to privacy and security, it has fallen way behind its rivals in doing that. If you have an iPhone or an iPad or a Mac, and you're using safari, apple has gone a long ways to help secure your data. [00:55:19] That's not true with Chrome. In fact, it's not protecting you from tracking and Dave data harvesting. And what Google has done is they've said, okay we're going to get these nasty third party cookies out of the whole equation. We're not going to do that anymore. And what they were planning on doing is instead of knowing everything specifically. [00:55:43] You they'd be able to put you in a bucket. So they'd say, okay, you are a 40 year old female and you are like driving fast cars and you have some kids with a grandkid on the way, and you liked dogs, not cats, right? So that's a bucket of people that may be a few hundred or maybe up to a thousand. As opposed to right now where they can tell everything about you. [00:56:12] And so they were selling that as a real advantage because they're not tracking you individually anymore. No, we're putting you in a bucket. It's the same thing. And in fact, it's easier for Google to put you in a bucket than to track everything about you and try and make assumptions. And it's easier for people who are trying to buy ads to place in front of you. [00:56:34] It's easier for them to not have to reverse engineer all of the data the Google has gathered in instead. To send this ad to people that are in this bucket and then that bucket. Okay. It makes sense to you, but I, as it turns out here, Google has even postponed of that. All right. They really have, they're the Google's kind of hiding. [00:56:59] It's really what's going on out there. They are trying to figure out what they should do, why they should do it, how they should do it, but it's going to be a problem. This is a bad habit. The Google has to break and just like any, anybody that's been addicted to something it's going to take a long time. [00:57:19] They're going to go through some serious jitters. So Firefox is one of the alternatives and to Google Chrome. And it's actually a very good one. It is a browser that I use. I don't agree with some of the stuff that Mozilla and Firefox does, but again, nobody agrees on everything. Here's a quote from them. [00:57:41] Ubiquitous surveillance harms individually. And society Chrome is the only major browser that does not offer meaningful protection against cross site tracking and Chrome will continue to leave users unprotected. And then it goes on here because. Google response to that. And they admit that this massive web tracking out of hand and it's resulted in, this is a quote from Google and erosion of trust, where 72% of people feel that almost all of what they do online is being. [00:58:19] By advertisers, technology firms or others, 81% say the potential risks from data collection outweigh the benefit by the way, the people are wrong. 72% that feel almost all of what they do on online is being tracked. No. The answer is 100% of what you do is probably being tracked in some way online. [00:58:41] Even these VPN servers and systems that say that they don't do logs. Do track you take a look at proton mail just last week. Proton mail it's in Switzerland. Their servers are in Switzerland. A whole claim to fame is, Hey, it's all encrypted. We keep it safe. We don't do logging. We don't do tracking guess what they handed over the IP addresses of some of the users to a foreign government. [00:59:09] So how can you do that? If you're not logging, if you're not tracking. Yeah, they are. And the same thing is true for every paid VPN service I can think of. So how can Google openly admit that their tracking is in place tracking everything they can, and also admit that it's undermining our privacy. [00:59:36] Their flagship browser is totally into it. It's really, it's gotta be the money. And Google does not have a plan B this anonymized tracking thing that they've been talking about, the buckets that I mentioned, isn't realistic, frankly. Google's privacy sandbox is supposed to Fitbit fix it. [00:59:56] I should say. The whole idea and the way it's being implemented and the way they've talked about it, the advertisers on happy. So Google is not happy. The users are unhappy. So there you go. That's the bottom line here from the Forbes article by Zach Dorfman, delete Google Chrome. And I said that for a long time, I do use some others. [01:00:20] I do use Firefox and I use. Which is a fast web browser. That's pretty good shape. Hey, if you sign up for my shows weekly newsletter, not only will you get all of my weekly tips that I send to the radio hosts, but you will get some of my special reports that go into detail on things like which browser you shouldn't be using. [01:00:46] Sign up right now. Craig peterson.com. [01:00:50] Many businesses have gone to the cloud, but the cloud is just another word for someone else's computer. And many of the benefits of the cloud just haven't materialized. A lot of businesses have pulled back and are building data centers. [01:01:07] Now, the reason I mentioned this thing about Microsoft again, and the cloud is Microsoft has a cloud offering. [01:01:17] It's called Microsoft Azure. Many people, many businesses use it. We have used it with some of our clients in the past. Now we have some special software that sits in front of it that helps to secure. And we do the same thing for Amazon web services. I think it's important to do that. And we also use IBM's cloud services, but Microsoft is been pitching for a long time. [01:01:45] Come use our cloud services and we're expecting here probably within the next month, a big announcement from Microsoft. They're planning on making it so that you can have your desktop reside in Microsoft's cloud, in the Azure cloud. And they're selling really the feature of it doesn't matter where you are. [01:02:11] You have your desktop and it doesn't matter what kind of computer you're on. As long as you can connect to your desktop, using some just reasonable software, you will be able to be just like you're in front of a computer. So if you have a Chromebook or a Mac, Or windows or tablet, whatever. And you're at the grocery store or the coffee shop or the office, you'll be able to get it, everything, all of your programs, all your files. [01:02:41] And we, Microsoft will keep the operating system up to date for you automatically a lot of great selling points. And we're actually looking into that, not too heavily yet. We'll give them a year before we really delve into it at all. Cause it takes them a while to get things right. And Microsoft has always been one that adds all kinds of features, but most of the time, most of them don't work and we can document that pretty easily, even in things like Microsoft. [01:03:11] The verge is now reporting that Microsoft has warned users of its as your cloud computing service, that their data has been exposed online for the last two years. Yeah, let me repeat that in case you missed it, you yeah. I'm I might've misspoken. Let me see, what does it say? It says users of Azure cloud competing service. [01:03:36] So that's their cloud. Microsoft's big cloud. Okay. Their data has been. Exposed online. Okay. So that means that people could get the data, maybe manipulate the data that's exposed means for the last two years. Are you kidding me? Microsoft is again, the verge. Microsoft recently revealed that an error in its Azure cosmos database product left more than 3,300 as your customer's data. [01:04:12] Completely exposed. Okay guys. So this is not a big thing, right? It can't possibly be big thing because you know who uses Azure, nobody uses a zer and nobody uses hosted databases. Come on, give me a break. Let me see, what else does this have to say? Oh, okay. It says that the vulnerability was reported, reportedly introduced into Microsoft systems in 2019, when the company added a data visualization feature called Jupiter notebook to cosmos DB. [01:04:46] Okay. I'm actually familiar with that one and let's see what small companies let's see here. Some Azure cosmos DB clients include Coca Cola. Liberty mutual insurance, Exxon mobile Walgreens. Let me see. Could any of these people like maybe Liberty mutual insurance and Walgreens, maybe they'd have information about us, about our health and social security numbers and account numbers and credit cards. Names addresses. That's again, why I used to get so upset when these places absolutely insist on taking my social security number, right? It, first of all, when it was put in place, the federal government guaranteed, it would never be used for anything other than social security. [01:05:34] And the law even said it could not be used for anything other than social security. And then the government started expanding it. And the IRS started using it. To track all of our income and that's one thing right there, the government computers, they gotta be secure. All of these breaches we hear about that. [01:05:52] Can't be true. So how about when the insurance company wants your personal information? Like your social security number? What business is it of? There's really no. Why do they have to have my social security number? It's a social security number. It's not some number that's tattooed on my forehead. That's being used to track me. [01:06:18] Is it this isn't a socialist country like China is, or the Soviet union was right. It's not social. So why are they tracking us like that? Walgreens? Why do they need some of that information? Why does the doctor that you go to that made the prescription for Walgreens? Why do they need that information? [01:06:40] And I've been all over this because they don't. Really need it. They want, it makes their life easier, but they don't really need it. However, it exposes us. Now, if you missed the email, I sent out a week ago, two weeks ago now, you missed something big because I, in my weekly newsletter went through and described exactly what you could do in order to keep your information private. [01:07:13] So in those cases where websites asking for information that they don't really need, right? You don't want to lie, but if they don't really need your real name, why you're giving them your real name? Why do you use a single email address? Why don't you have multiple addresses? Does that start make sense to you guys? [01:07:33] And now we find out that Microsoft Azure, their cloud services, where they're selling cloud services, including a database that can be used online, a big database 3,300 customers looks like some of them are actually big. I don't know. ExxonMobil pretty big. Yeah. I think so. Walgreens, you think that might be yeah. [01:07:57] Why. Why are we trusting these companies? If you have a lot of data, a lot of customers, you are going to be a major target of nation states to hack you and bat just general hackers, bad guys. But you're also if you've got all this information, you've also got to have a much higher level of security than somebody that doesn't have all of that information. [01:08:24] Does that make sense to you? Did I say that right? You don't need the information and I've got to warn anybody that's in a business, whether you're a business owner or you're an employee, do not keep more data than you need the new absolutely need to run your company. And that includes data about your customers. [01:08:48] And maybe it's even more specifically data about your customer. Because what can happen is that data can be stolen and we just found it. That? Yes, indeed. It could have been, it was exposed Microsoft the same. We don't know how much it was stolen. If anything was stolen. Yeah, Walgreens. Hey, I wonder if anyone's going to try and get some pain pills illegally through a, this database hack or a vulnerability anyways. [01:09:17] All right, everyone. Stick around. We'll be back. Of course, you listening to Craig Peterson. I am a cybersecurity strategist for business, and I'm here to help you as well. You can ask any question any time consumers are the people I help the most, I wish I got a dime for every time I answered a question. [01:09:38] Just email me@craigpeterson.com and stick around. [01:09:44] Whether or not, you agree with the lockdown orders that were put in place over this COVID pandemic that we had. There are some other parts of the world that are doing a lot more. [01:10:00] Australia has. I don't know. I think that they went over the deep end that much, the same thing is true right next door to them. [01:10:11] And I am looking at a report of what they are doing with this new app. You might be aware that both apple and Google came out with an application programming interface. That could be used for contract tack tracking, contact tracking. There you go. It wasn't terribly successful. Some states put some things in place. [01:10:38] Of course you get countries like China. I love the idea because heaven forbid you get people getting together to talk about a Tannen square remembrance. Now you want to know who all of those people were, who were in close proximity, right? Good for China a while, as it turns out, Australia is putting something in place they have yet another COVID lockdown. [01:11:03] They have COVID quarantine orders. Now I think if you are sick, you should stay here. I've always felt that I, I had 50 employees at one point and I would say, Hey, if you're sick, just stay home. Never required a doctor's note or any of that other silliness, come on. People. If someone's sick, they're sick and let them stay home. [01:11:26] You don't want to get everybody else in the office, sick and spread things around. Doesn't that just make sense. They now in Australia, don't trust people to stay home, to get moving. Remember China, they were taking welders and we're going into apartments in anybody that tested positive. [01:11:42] They were welding them into their apartment for minimum of two weeks. And so hopefully they had food in there and they had a way to get fresh water. Australia is not going quite that far, but some of the states down under. Using facial recognition and geolocation in order to enforce quarantine orders and Canada. [01:12:07] One of the things they've been doing for very long time is if you come into the country from out of the country, even if you're a Canadian citizen, you have to quarantine and they'll send people by your house or you have to pay to stay for 10 days in a quarantine hope. So you're paying the, of course now inflated prices for the hotel, because they're a special quarantine hotel. [01:12:34] You have to pay inflated prices to have food delivered outside your door. And that you're stuck there for the 10 days, or if you're at home though, they, you're stuck there and they'll send people by to check up on you. They'll make phone calls to check up on you. They have pretty hefty fines. [01:12:54] What Australia has decided to do is in Australia is Charlene's even going from one state to another state are required to prove that they're obeying a 14 day quarantine. And what they have to do is have this little app on their phone and they, the app will ping them saying, prove it. And then they have to take a photo of themselves with geo location tag on it and send it up via the app to prove their location. [01:13:32] And they have to do all of that within 15 minutes of getting the notification. Now the premier of the state of south Australia, Steven Marshall said, we don't tell them how often or when on a random basis, they have to reply within 15 minutes. And if you don't then a police, officer's going to show up at the address you're supposed to be at to conduct an in-person check. [01:13:59] Very intrusive. Okay. Here's another one. This is an unnamed government spokesperson who was apparently speaking with Fox news quote. The home quarantine app is for a selected cohort of returning self Australians who have applied to be part of a trial. If successful, it will help safely ease the burden of travel restrictions associated with the pandemic. [01:14:27] So there you go. People nothing to worry about. It's just a trial. It will go away. Just for instance, income tax, as soon as rule, number one is over, it will be removed and it will never be more than 3% and it will only apply to the top 1% of wage-earners. So there you go. And we all know that world war one isn't over yet. [01:14:47] So that's why they still have it in somehow. Yeah, some of the middle class pays the most income tax. I don't know. Interesting. Interesting. So there you go. Little news from down under, we'll see if that ends up happening up here. News from China, China has China and Russia have some interesting things going on. [01:15:08] First of all, Russia is no longer. Country, they are. They aren't, they are a lot freer in many ways than we are here in the United States. Of course, China, very heavily socialist. In fact, they're so socialists, they are communist and China. And Russia both want their kids to have a very good education in science, engineering, and mathematics. [01:15:35] Not so much on history, not so much on, on politics. But definitely heavy on the sciences, which I can see that makes all the sense. I think everybody should be pretty heavily on the science. According to the wall street journal this week, gamers under the age of 18 will not be allowed to play online games between 8:00 PM and 9:00 PM on Friday, Saturdays and Sundays. [01:16:02] Okay. So basically what they're doing, I reverse that what they're doing is they're only allowing the kids three hours of gaming per week. In other words, they can play between eight and 9:00 PM, Friday, Saturday, and Sundays. I think that might overload some gaming servers. Cov gaming addiction has affected studies and normal lives. [01:16:23] And many parents have become miserable. That's China's press and public administration. Sedna state. Okay. There's going to be some relief during the school holidays. Children will be allowed 60 minutes per day for gaming hard to say how China plans didn't force it, but they have their ways, identity cards. By the way required for playing online. They've got a facial recognition system introduced in July by 10 cent. Remember all of the uproar around 10 cent and their apps and president Trump trying to get them blocked here in the U S yeah, there you go. Facial recognition bill right into the app, and it's proven effective at catching children pretending to be adults in order to get around government gaming curves. [01:17:12] So this goes on and on and Korea as well, South Korea has had some very big problems. You might remember it was headlines just a few years ago of some of these south Korean kids dying because they were playing video games four days straight with no sleep, no real food. Just taking all of these energy. [01:17:37] And we'll literally gaming themselves to death. So South Korea passed a law that prevented young people from playing online video games late at night. So that was introduced back in 2011 and it's targeted at players 16 or up. And south Korean miners were prevented from playing online PC games between midnight and six, 8:00 AM. [01:18:03] Now South Korea has scrapped that law. Interesting. So they're saying it's out of respect for younger citizens, right? They're going to abolish this law, replace it by. Permit system that allows players to request a permit per game and play during self-assigned hours that their parents will sign off on. [01:18:27] This is in an article from GameSpot, by the way, a gamespot.com. You might remember them too, the whole Robin hood scandal. But I think it's an interesting question. When my kids were young lo those many years ago I got this box that the, you took the TV wire, you ran it into the box and you could program. [01:18:51] So that each kid had their own code and you could specify how much time the kid could watch TV or how much time or when they could watch TV and how much time cumulative the kids could have. And it actually worked pretty well. And the kids certainly complained a lot about it. And a couple of them tried to work the way around it hard to when the plug is inside the box. [01:19:17] Yeah, ingenuity as they are. They were able to do that. They cut the wire off and put another power connector on the end of the TV wire. Anyhow Microsoft, we've been talking about them a lot. This show. I do not like Microsoft, that already the windows 11 is coming out and we talked about. [01:19:38] Before, because windows 11 is plying. Microsoft is planning on requiring you to have a very modern computer. You need to have a TPM in it, which is this special security module. You need to have a certain speed, et cetera, but the TPM is a big thing. That's going to make it. So most of your computers won't work. [01:20:04] Tons of pushback on that. I can see what Microsoft is trying to do it. They really would love to have a clean operating system that really wasn't getting hacked all the time. And this will help it won't solve their problem, but it will help. So that they're going to be doing now is they're going to over

    You Need to Start Using Burner Identities ASAP

    Play Episode Listen Later Aug 28, 2021 83:25


    You Need to Start Using Burner Identities ASAP! In this day and age, if you don't have a burner identity, you are really risking things from having your identities stolen through these business email compromises. It's really crazy. That's what we're going to talk about. [Automated transcript] An essential part of keeping ourselves safe in this day and age is to confuse the hackers. The hackers are out there. They're trying to do some things. Ransomware, for instance, like[00:00:30] business email compromise, is one of the most significant crimes times out there today. It hits the news legitimately. It's terrifying. It can really destroy your business, and it can hurt you badly. If you're an individual, you don't want ransomware. How about those emails that come in? In fact, I just got an email from a listener this week, and they got a phone. His wife answered, and it was [00:01:00] Amazon on the phone, and Amazon said, Hey, listen, your account's been hacked. We need to clear it up so that your identity doesn't get stolen. And there's a fee for this. It's a $500 fee. And what you have to do is just go to amazon.com. Buy a gift card, and we'll then take that gift card number from you. And we'll use that as the fee to help recover your stolen information. [00:01:30] So she went ahead and did it, and she went ahead and did all of the things that the hackers wanted. And now they had a gift card. Thank you very much. We'll follow up on this and. Now she told her husband, and of course, this isn't a sex-specific thing, right? It could have happened to either one. My dad fell for one of these scams as well. So she told her husband, or her husband looked at what had happened and [00:02:00] said, oh my gosh, Don't think this is right. Let me tell you, first of all, Amazon, your bank, various credit card companies are not going to call you on the phone. They'll send you a message right from their app, which is usually how I get notified about something. Or they will send an email to the registered email app. No, that you set up on that account. So that [00:02:30] email address then is used by them to contact you, pretty simple. Or they might send you a text message. If you've registered a phone for notifications, that's how they contact you. It's like the IRS. I was at a trade show, and I was on the floor. We were exempt. And I got no less than six phone calls from a lady claiming to be from the IRS, and I needed to [00:03:00] pay right away. And if I didn't pay right away, they were going to seize everything. And so all I had to do was. Buy a gift card, a visa gift card, give her the number and use that to pay the taxes. And this lady had an American accent to one that you would recognize. I'm sure. And it's not something that they do now. They do send emails, as I [00:03:30] said. So the part of the problem with sending emails is it really them? Are they sending a legitimate email to a legitimate email address? Always a good question. Yeah. Here's the answer. Yeah, they'll do that. But how do you know that it isn't a hacker sending you the email? It can get pretty complicated. Looking into the email headers, trying to track. Where did this come from? Which email servers did it go through? [00:04:00] Was it authenticated? Did we accept? Did the provider use proper records in their DNS, the SPIF, et cetera, to ensure that it's legitimate? How do you follow up on that? That's what we do for our clients. And it gets pretty complicated looking at DKMS and everything else to verify that it was legitimate, ensuring that the email came from a registered MX server from the actual [00:04:30] server. There is a way around this. And this has to do with the identities, having these fake burner identities. I've been doing this for decades myself, but now it's easy enough for anybody to be able to do it. There are some services out. And one of the more recommended ones. And this is even the New York times; they have an article about this. They [00:05:00] prefer something called simple login. You can find them online. You can go to simple login dot I O. To get started now, it's pretty darn cool. Cause they're using what's called open-source software, it's software. So can anybody examine to figure out this is legitimate or not? And of course, it is fair, but it's all out there for the whole world to see. And that means it's less likely in some ways to be hacked. There are people who [00:05:30] argue that having open-source software means even more. In some ways, you are, but in most ways, you're not; anyway, it doesn't matter. Simple login.io. Now, why would you consider doing this? Something like simple login? Simple login is friendly because it allows you to create dozens and dozens of different email addresses. And the idea is with a simple login, it will [00:06:00] forward the email to you at your actual email address. So let's say you're doing some online shopping. So you can go ahead and set up an email address for, whatever it is, shopping company.com that you're going to use a shopping company.com. So you'd go there. You put into simple login "I want to create a new identity," and you tag what it's for. You then go to some shopping company.com and [00:06:30] use the email address generated for you by simple login. Now you're a simple login account. Is it going to be tied into your real email account, wherever that might be if you're using proton mail, which is a very secure email system, or if using outlook or heaven forbid Gmail or one of these others, the email will be forwarded to you. You will be able to see that indeed, that [00:07:00] email was sent to you. So shopping company.com email address or your bank of America, email address, et cetera, et cetera, that makes it much easier for you to be able to tell, was this a legitimate email? So, in other words, if your bank's really trying to get ahold of you, and they're going to send you an email, they're going to send you an email to an address that you use exclusively. For bank of America. In reality, you only have the one email [00:07:30] box over there wherever proton, mail, outlook, Gmail, your business Excel. You only have that one box you have to look at, but the email is sent to simple login. Does that make sense? You guys, so you can create these alias email boxes. It will go ahead and forward. Any emails sent to them, to you, and you'll be able to tell if this was indeed from the company, because [00:08:00] that's the only place that you use that email address. That makes it simple, but you don't have to maintain dozens or hundreds of email accounts. You only have one email account. And by the way, you can respond to the email using that unique aliased email address you created for the shopping company or bank of America or TD or whomever. It might be, you can send from that address as well. [00:08:30] So check it out online, simple login dot IO. I really liked this idea. It has been used by a lot of people over, out there. Now here's one other thing that it does for you, and this is important as well. Not using the same email address. Everywhere means that when the hackers get your email address from shopping company.com or wherever, pets.com, you name it. [00:09:00] They can not take that and put it together with other information and use that for business, email compromise. Does that make sense? It's it makes it pretty simple, pretty straightforward. Don't get caught in the whole business email compromise thing. It can really hurt. And it has; it's one of the worst things out there right now, dollar for dollar, it's right up there. It, by the way, is one of the ways they get ransomware into your [00:09:30] systems. So be very careful about that. Always use a different email address for every Website you sign up for. Oh, and they do have paid plans like a $30 a year plan over at simple IO will get you unlimited aliases, unlimited mailboxes, even your own domain name. So it makes it pretty simple, pretty handy. There are other things you might want to do, for instance, use virtual credit cards. [00:10:00] And we'll talk about those a little bit. As well, because I think this is very important. But, hey, I want to remind everybody that I have started putting together some pieces of training. You're going to get a little training at least once a week, and we're going to put all of that into it. What we have been calling our newsletter. I think we might change the name of it a little bit, but you'll be getting those every week. And the only way to get those is to be on [00:10:30] that email list. Go to Craig peterson.com/subscribe. Please do that right now. I am not going to harass you. I'm not going to be one of those. And I've never been one of those internet marketers that sending you multiple dozens of emails a day. But I do want to keep you up to date. So stick around; we will be back here in just a couple of minutes. And, of course, you're listening to Craig Peter's son. [00:11:00] And again, the Website, Craig peterson.com. Stick around. Cause we'll be right back. One of the best ways to preserve your security online is by using what we're calling burner identities, something that I've been doing for more than 30 years. We're going to talk more about how to do that right now.  You can do some things [00:11:30] to help keep yourself and your identity safe online. We've talked about email and how important that is. I want to talk now about fake identities. Now, a lot of people get worried about it. It sounds like it might be sketchy, but it is not to use fake identities to confuse the hackers to make it. So they really can't do the [00:12:00] things that they. To do, they can't send you fishing ear emails, particularly spear-phishing emails. That'll catch you off guard because you're using a fake. How do you do that? I mentioned to you before that I have thousands of fake identities that I created using census data. And I'm going to tell you how you can do it as well. There's a website out there called fake [00:12:30] name a generator. You'll find it online@fakenamegenerator.com. I'm on that page right now. And I'm looking at a randomly generated identity. It has the option right on this page to specify the sex. And it says random by default, the name set, I chose American the country United States. So it is applying both American [00:13:00] and Hispanic names to this creation. And now remember it's creating based on census data and some other public data. But, still, it is not giving you one identity of any real people. So I think that's important to remember, and you're not going to use these identities for illegal purposes. And that includes, obviously, when you set up a bank account, you have to use your real [00:13:30] name. However, you don't have to use yours. If you have an actual email address, you can use things like simple login that will forward the email to you, but we'll let you know who was sent to. And if you only use that one email address for the bank, you know that it came from the bank or the email address was stolen from the bank. All of that stuff. We've talked about that already. So, in this case, The name that has come up with [00:14:00] for me is Maurice de St. George in Jacksonville, Florida even gives an address. In this case it's 36 54 Willis avenue in Jacksonville, Florida. So if I go right now two, I'm going to use Google maps, and I will put in that address. Here we go. Jacksonville willows avenue, all the guests. What? There is Willis avenue in Jacksonville [00:14:30], and it showing hoes oh, from Google street view. Let me pull that up even bigger. And there it is. So ta-da, it looks like it gave me. Fairly real address. Now the address it provided me was 36 54, which does not exist. There is a 365, but anyway, so it is a fake street address. So that's good to know some, if [00:15:00] I were to use this, I'm going to get mine. Am I male saying about I pass. Maurissa tells you what Maurice means, which is neat. It'll give you a mother's maiden name. Gremillion is what gave me here a social security number. So it creates one that passes what's called a checksum test so that if you put it into a computer system, it's going to do a real quick check and say, yeah, it looks good to me. So it was not just the right [00:15:30] number of digits. It also passes the check, some tasks. Well-known how to do a checksum on their social security numbers. So again, it's no big deal. And remember, you're not going to use this to defraud anyone. You're going to use this for websites that don't really need to know; give me a break. Why do you need all this information? It gives me a phone number with the right area code. And so I'm going to go ahead and look up this phone number right now. Remember, use duck go. Some [00:16:00] people will use Google search, and it says the phone number gave me is a robocall. As I slide down, there's some complaints on that. So there you go. So they giving us a phone number that is not a real person's phone number, country code, of course one, cause I said United state birth date. Oh, I was born October 7th, year, 2000. I'm 20 years old. And that means I'm a Libra. Hey, look at all this stuff. So it's giving me an [00:16:30] email address, which is a real email address that you can click to activate or right there. Again, I mentioned the simple login.io earlier, but you can do a right here, and it's got a username and created for me a password, which is actually a pretty deal. Password. It's a random one, a website for me, my browser user agent, a MasterCard, a fake MasterCard number with an expiration and a [00:17:00] CVC to code all of this stuff. My height is five-six on kind of short. My weight is 186 pounds own negative blood type ups tracking number Western union number MoneyGram number. My favorite color is blue, and I drive a 2004 Kia Sorento, and it also has a unique ID. And you can use that wherever you want. So the reason I brought this up again, it's called [00:17:30] fake name generator.com is when you are going to a website where there is no legal responsibility for you to tell them the truth. You can use this. And so I've used it all over the place. For instance, get hub where you have it's a site that allows you to have software projects as you're developing software. So you can put stuff in, get hub. They don't know to know, need to [00:18:00] know who I really am. Now they have a credit card number for me. Because I'm on a paid plan. I pay every month, but guess what? It isn't my real credit card number. It isn't the number that I got from fake name generator. My credit card company allows me to generate either a single use credit card numbers, or in this case, a credit card number for get hub dock. So just as an example, that's how I use it. So we've get hub gets hacked, the [00:18:30] hackers, have an email address and a name that tipped me off right away, where this is coming from. And if the email didn't come from GitHub by no, they either sold my information to a marketing company, or this is a hacker. Trying to manipulate me through some form of his fishing scheme. So I know you guys are the breasts and best and brightest. A lot of you understand what I'm talking about, and I'm talking about how you [00:19:00] can create a burner identity. And let me tell you, it is more important today to create a burner identity. Than it has ever been at any point in the past, because frankly, burner identities are one of the ways that you can really mess up some of the marketing firms out there that are trying to put the information together, these data aggregator companies, and also the hackers. And it's really the hackers that [00:19:30] were off up against here. And we're trying to prevent them from. Getting all of this information. So when we come back, I want to talk about the next step, which is which credit cards can you get? These single use card numbers from? Should you consider using PayPal when my Google voice be a really good alternative for you? So we're going to get into all that stuff. Stick around in the [00:20:00] meantime, make sure you go to Craig peterson.com/subscribe. Get my newsletter. All of this. Is in there. It makes it simple. It's a simple thing to do. Craig Peterson.com. And if you have any questions, just email me, M e@craigpeterson.com. Having your credit card stolen can be a real problem for any one of us. It gives the bad [00:20:30] guys, a lot of options to spend a lot of money very quickly. We're going to talk right now about virtual credit cards. What are they, what does it mean?  Virtual credit cards come in two basic forms. One is a single use credit card, which was quite popular back when these things first came out, and another one is a virtual credit card that has either a specific life. In other words, it's only good for 30 days [00:21:00] or that can be used until you cancel it. If you have a credit card, a visa, MasterCard, American express, discover all of the major card issuers will give you the ability to reverse any charges that might come onto your cards. If your card is stolen or misused. Now that makes it quite easy. Doesn't it? I want to point out that if you're using [00:21:30] a debit card, as opposed to a credit card, there's not much challenging you can do with the credit card. You can say, I am not going to make my payment. And because of this, that, and the other thing, this was stolen, et cetera, they can file it as a disputed charge. They can do an investigation to find out. Yeah. I'm you probably were not at a bus terminal down in Mexico City, which happened to me. Because I was up [00:22:00] here in New Hampshire, quite a ways down to Mexico City. And so they just reversed it out. That money never came out of my bank account because it was on a credit card. If I were using a debit card. That money would have come right out of my account. Now, mind you, a bus ticket in Mexico city is not very expensive, but many people have had charges of many thousands of dollars. And if you need that money in your checking account, [00:22:30] and you're using a debit card, you got a problem because your check for if you ever have to pay rent again, red check is going to. Bound because they just empty it out to your bank account. So now you have to fight with the bank, get the money back. They will eventually refund it, but it could make some of you. Transactions that you might've written a check or something, it'll make them bounce. And that could be a real problem. These, it could make them [00:23:00] bounce. So using a credit card is typically less of a hassle online. So why would you want to use a virtual card or also known as is a master credit card masked and may S K E D? The main reason behind this is to allow you. Control payment. I've used them. In fact, I use them exclusively on every Website [00:23:30] online. And I'm going to tell you the names of some of them here in just a couple of minutes, but I use them all the time. And part of the reason is let's say, I want to cancel. A service. Have you ever tried to cancel a service before and you have to call them many times, and so you're arguing with somebody overseas somewhere who doesn't want you to close the account. And of course, Bump you up to the next level person who also doesn't want you to close the account. And [00:24:00] so you have to fuss. Have you ever had that experience and I'm sure you have. It just happens all the time. So with using the virtual credit card, the advantage to me is, Hey, if you are going to try and fight with me, I don't care because I'm just going to cancel that credit card number. So I don't have to cancel my credit card. I don't have to have the company reissue credit card for me. I don't have to do any of this sort of thing that [00:24:30] makes my life pretty easy. Doesn't it? And because of that, I am now I think in a much better. Place, because it just, I don't have to fight with people anymore. So that's one of the reasons I used it. The other big reason is if it gets stolen, they can cause less harm. Some of these credit card it's virtual credit cards are set up in such a way that you can limit the amount that's charged on them. Do you like that? [00:25:00] So if you are using it on a site that maybe is charging you $50 a month, no problem. $50 a month comes off of the credit card. And if someone tries to charge more bounces and then hopefully you find out, wait a minute, it just bounced on me. Then next step up is okay. It bounced and. I'm just going to cancel the card, and then you issue a new credit card number for that Website. So an example. In my case is [00:25:30] get hub.com. We keep software up there, and they charge me every month if get hub were to get hacked and that credit card number stolen I'm I really don't care because there's almost nothing that can happen. And if good hub doesn't properly cancel. My account, I can just cancel the credit card and let them come after me. This isn't going to happen. So then it's also called a master credit card number, cause it's a little safer than using your [00:26:00] real credit card details. I also want to point out something about debit card. I went for years with no credit cards at all. Nowadays, many of my vendors will take a credit card for payment. And in fact, give me a bit of a better deal. And then with the credit card, I can get 2% cashback, which I use to pay down the credit card. It couldn't get any better than that, but when you're using a debit card, what I always do. [00:26:30] Is I had two accounts that I could transfer money between at the bank. So I had one checking account. That was my main operating, if you will account. And then I had another checking account where I would be. Just moving money out of it. Or you could even do it with a savings account, but some banks, they only let you do so many transactions a month on a savings account. So the idea is I know that I have this much credit card [00:27:00] obligate while debit card obligations for this month, that money is going to be coming out. So I make sure that. In the debit card account to cover the legitimate transactions I know are coming up and then I keep everything else in the other account. And then I manually transferred over every month. So that's how I dealt with the whole debit card thing. And it worked really well for me. Bottom line. I think it's a really great idea. So there you go, who are the companies that [00:27:30] you can use to do this? I've used some of these before all of them have worked really well. If you have a capital one credit card, they have something called Eno, E N O, and it's available to all capital one cardholder. Eno even has an extension for your web browsers. So if it notices you're on a webpage, it's asking for credit card number, it'll pop up and say, do you want me to create a [00:28:00] credit card number or a virtual one for this Website you can make your payment. Does it get much easier than that? Citibank has something they call a virtual credit cards available to all Citibank cardholders, master pass by MasterCard. That's available to any MasterCard visa, American express discover diners club cardholders, credit, debit, and prepaid cards by their way. So you might want to check that one out. Yeah, [00:28:30] so that's the only one I see on my list here. That will do it for debit cards, master pass by MasterCard American express checkouts available to all American Express cardholders. Chase pay available to all chase cardholders, Wells Fargo, wallet visa checkouts, available to all visa, MasterCard, and American express and discover color cardholders, credit and debit cards. Plus. Prepaid cards. Okay. So it does [00:29:00] do the debit cards as well. Final that's all owned by Goldman Sachs and is not accepting any new applicants and entro pay. Also not accepting new applicants. There's a couple online. All right, everybody, make sure you check me out. Craig peterson.com/subscribe. We're going to wrap up how you should be using these burner identities of [00:29:30] few more tips and tricks that are going to help keep you safe from the hackers that are out there. So here we go.  There are a lot of hackers out there. The numbers are just astounding. The cost of these hackers coming in and stealing our information is just unbelievable. And it goes all the way from big corporations, from things like the colonial [00:30:00] pipeline, the US government all the way on down through you and me. I want to tell you a little story about a friend of mine. He is about 75 years old, and he supplements his income by driving for Uber eats and one other company. And so what he'll do is someone puts in an order for food somewhere. He'll go pick it up and then he'll drive it to where whoever wanted, whoever ordered it. Now, [00:30:30] there are. Pricing number of scams with this. So he's very careful about some of that orders, a cookie, for instance, because it's usually a bit of a scam anyway, we won't get into those, but I'll tell you what happened to him. His information was stolen online as it was probably yours. Mine I know was as well. So it's all stolen. What do you do? In his case, what ended up [00:31:00] happening is they managed to get into his email account. Once they're in his email account, they now had access to the emails he was getting from one of these companies. Now it wasn't the Uber eats guy. He was, there was another company. So let's just explain this a little bit. Uber eats sends him a request for him to go ahead and do a deliver. Go to the restaurant, pick it up and take it to this client's house. [00:31:30] And in order for him to register, he had to register an email address. Now, of course, he uses the same email address for everything. All of it. Now, personally, that drives me a little bit insane, but that's what he does. And he has just a few passwords. Now. He writes them down a little book and heaven forbid he ever lose the book so that he can remember them. He [00:32:00] just wants to keep his life simple. He's 75. He's not technophobic, he's not up on all of this stuff. What he found was a paycheck didn't show. And it was an $800 paycheck. We're talking about real money that he should have had in his pocket. It didn't show up. So he calls up the company and says what happened to my paycheck and a record show? Yes, indeed. It had been paid. We [00:32:30] paid you, we deposited right into your account. Just like you asked. Yeah. ACH into the account. Great. Wonderful. What had happened is bad guys had gone, gained control of his email address and use that now. Because they figured I see some emails in his account from this food delivery service, let's try and see if this email address that we're looking at right now. All of his emails let's [00:33:00] look and see. Okay. Yeah. Same. Email address and same password as he used at this email address? Yeah, it worked. Okay. Great. So now we have access to this guy food delivery account. So they changed. The bank account number, no easy enough to confirm. They change it, Mel. Hey, I want to make sure that it was you until the bad guys, the hackers, click out, yada. Yeah, it was [00:33:30] me and then lead the email. So he doesn't see it. And now his $800 paycheck. In fact, I think there were a couple of different checks is deposited directly into the bad guy's bank account and. The money of course has transferred out pretty quickly. Now the, that guys, these hackers are using what are called mules. You might be familiar with that in the drug trade. They'll have a third [00:34:00] party deliver the drugs just to mule. They don't know what all is going on. They probably know the delivering drugs in this case. Most of the meals are useful idiots, of which there are many in this country, unfortunately. Political and otherwise. And these people are convinced that all they need to do is transfer the money into this account so that the hackers can then pull it out. And now [00:34:30] they're gonna take care of their grandmother who is stuck in the hospital and they have no way to pay for it. And they can't transfer the money out of the country directly. That's one of the stories they use for people. And in many cases, these mules know what they're doing. The FBI earlier this year arrested a whole group of mules out in California that were purposefully transferring the money. They knew what they were doing. So his money was now out [00:35:00] of the country. No way to get it. And this food delivery company was not about to pay him. So it isn't just the big guys it's you and me as well. So what I want to talk about right now is multi-factor authentication. Now. You guys are the best and brightest. I hope you understand this. If you have questions, please reach out to me. I am more than glad to send you some good material on this. Just [00:35:30] me. M E add Craig peterson.com. I am here to help. What multi-factor authentication does is allows you to not just log in by using an email address and a password, or maybe a username and a password. Which is much better, by the way. I don't like it. When sites require an email address to log in. Although as I use multiple email addresses, and I think you should as well, a different email address for every site [00:36:00] out there beyond question, you should be doing that. So anyway, this is. You should be doing with multi-factor authentication. They will have you put in your email address, have you put in your password, and then they'll do something that is supposedly something you have. So the best security is something, along with something you physically have. So in most cases, they'll use two factor [00:36:30] authentication by sending you a text message with a code. And then you type in that usually six digit code, and now you're in, and it only does that. If it doesn't recognize the browser, are you using, or in many cases of, it needs to be a little more secure than that it's only good for 24 hours or maybe a week. That is not good enough. You should be using a code generator. Google [00:37:00] has one for free, but I want you guys to use something called one password. That's the digit one password. You'll find it online. You'll find it in all the app stores. It is what we use for the most part. It's great for families. And it's great for businesses because you can have different vaults and you can share them and control access. Now there's a couple of reasons why that we're talking about multi-factor authentication right [00:37:30] now. So the first reason kind of the biggest reason is you can use it for generating passwords. Fairly random ones or fairly memorable ones. And then when you go to a site, one password can pop up and give you the password for the site. So you don't even have to look it up. You don't have to remember it. You don't have to look it up. Isn't that phenomenal. And then it also has built into it. Token this six digit [00:38:00] key generator. I'm trying to keep this simple. So you can then use that for the site. So it says, okay, what's the code go to your code generator. So you just go to one password. There it is. Copy it and paste it right in. And you're in that alone would have prevented my buddy's account from getting there. It's that simple, one more thing that you want to use one password. And that is those questions that you're [00:38:30] asked to verify. It's you many sites out there banks are really big into this and I don't get it cause it's not very good in most cases. So they'll ask you things like where were you born? What's your mother's maiden name? Where did you go on your first day to what was the car that you owned first? Or, your dog's name, et cetera. The reason, those things are so bad is because the hackers can go online, look at your [00:39:00] social media and figure out the answers to a lot of those questions. Bad. So what you should be doing is using one password, and it allows you to put notes pretty much anything you want to in the record for that Website. So you go to the Website and you log in, create your account right. To log in. So you're going to give it your, probably your email address, which is a bad idea, but [00:39:30] that's, what's required use one password. To generate a strong password for you that you'll put in. You'll use one password. Hopefully they have multi factor authentication that allows you to use one of these code generators. Google has theirs is called Google authenticator, and one password is compatible with that. Microsoft has done. Own thing. And it's not compatible with almost any Website online. So don't use the [00:40:00] Microsoft authenticator other than for Microsoft products, like using the, a windows 365 thing that they have does use Microsoft authenticator, but you can also use the Google one and the one password one, and then in the notes section, make up answers to the questions. So it asks you, what was your mother's maiden name? And say something different insecurity, where, what is your high school? It was named [00:40:30] movie elementary school, make something up a stream. Okay. Use random answers. Record them in one password. You're going to have to look them up. If you ever on the phone with the bank or whomever, because you're not going to remember them, but that's good because they don't appear in your. Social media anywhere and they don't appear anywhere else other than your secured encrypted one password fault. [00:41:00] Thanks for being with us. I appreciate you guys listening, and you can find all of this. I'm going to turn all of these and did a little mini-courses here over the next few weeks, and there's only one way you're going to get it. And that is by being on my email list. Craig peterson.com/subscribe. Go there right now. Craig peterson.com/subscribe. As if this year and last year haven't been enough weirdness, [00:41:30] it looks like George Orwell is kind of lending some help here. You won't believe what the us department of Homeland security is planning on doing well, maybe it will. If you missed the last hour, it is absolutely must-listen radio. And so what I'm going to be doing is I will put it up online for you guys. You can get it by going to Craig [00:42:00] peterson.com/podcast. Hopefully, I'll get it up soon after the show today, but I went through and explained ways. That you can protect your privacy online. Absolutely protect it. So you don't get that kind of advice or most people, most people are trying to sell you a product that just doesn't really work that well. I I'm telling you what does work, what the experts do, what Edward Snowden would do. What I [00:42:30] have been doing for more than 30 years personally, in order to help keep my identity safe. So check it out again. Craig peterson.com/podcast. Now I want to point out too, that if it's not upon you, look, make sure you refresh your browser. So you're going to want to do what's called a cache clear refresh. So. And the browser by that URL bar, you'll see a little, it's usually a little circle [00:43:00] with an arrow on the end. That's your refresh, but you need to also reflect, refresh your cache. So you're going to hold down the shift. And hit that little circle with the arrow on the end, and then you'll be able to listen to all of that. And I'm thinking right now, I'm probably going to try and turn that into a series of emails so that you guys can just read. Through it over the course of a few weeks. Cause man, did I cover a [00:43:30] lot? And you can get that when those come out in. And even if I don't get around to this, I do do emails with training in them. And with of course the latest news. And you get that by subscribing again, Craig peterson.com. We've got to help you guys out. You need to know this. Okay. Absolutely. You, you personally need to know that. Well, this whole or wellbeing thing is scary, frankly. [00:44:00] I just finished going through reading George Orwell's 1984 again, and it was just so eyeopening. I read it many moons ago, and I learned a lot from it then, but now I see it out in the streets. I see it with what's been happening with government and even businesses. And we've complained about them many times here on the show. Haven't we, some of the deep [00:44:30] state, big tech ties that go between each other. It's no longer really the military-industrial complex. We're talking about the deep sea. High tech complex. It's a bad thing. It's a scary thing. Well, what they're doing right now, and this is a great article from news busters.org is they've got this Alliance between the department of Homeland security and private [00:45:00] companies that they're trying to put together. Now, news semesters, isn't saying. That it's already in place. They're saying this is what they're planning on, putting them place. However, I know what they have in place, and they're already doing a bunch of this. Again, it goes back to that app. Isn't really free that app that supposedly is free, is doing something it's gathering information, data on you, and then it's selling it. And the people that are buying it are data. Aggregators is what they're called. [00:45:30] 20 years ago, I had some of the top data aggregators on the show and I sat down with them and I said, well, let's look me up because they have information, public records, some private stuff, like obviously buying it from these app developers. And I said, let's look me up, find out what you have on me. So we looked me up, and I would say about three quarters of it was wrong. Which was really kind of interesting. And this is [00:46:00] data that was used back then, mainly for what's called skip tracing. So you have a bill to pay. You don't pay it. You move out of town. That's the process to find do is called skip tracing. And that's what they would do nowadays. It turns out that local. Federal police departments and other agencies are buying this data from the data brokers so that they can now track you. Now they're not allowed to, by [00:46:30] law track you, you know that, right. But the government is doing what one might call lawyering. That's what we called it in robotics. I was part of a us robotics team with kids, and they would always look at the rules, and they would get reprimanded. The teams would if they lawyered the rules. In other words, if they met the exact definition of what it was in the rules, but they didn't meet the spirit of the rule.[00:47:00] They would get reprimanded. They might even get kicked out. And that did happen a few times. However, if you're the government and you get to say which laws you want to follow, which court rulings you want to follow, think of what's been happening lately, right? We're not going to, yeah, I know. I know I can't do this. I can't do this. I can't do this. I can't do this. I have a pen and a phone. I'm going to do it anyway. Or just reverse all of the actions of the prior administration. [00:47:30] And even though the Supreme court says, Hey, you cannot do this, but we're not going to rule on it because the this policy is only in place for a couple more weeks. And then you do it again. Anyways, the government isn't, isn't even obeying the rules. Th the strict letter of the law. They're not even obeying, let alone the spirit of the law just drives me crazy. The wall street journal just reported, uh, about a week [00:48:00] ago here last Sunday that the department of Homeland security is considering hiring private companies to analyze public social media for warning signs of extremist violence, spurring debate within the agency over how to monitor for such threat while protecting American civil liberties. Now I'm glad they're at least giving you. Lip service to protecting our civil civil liberties, right. That I think is a very good [00:48:30] thing. They should be protecting them, but this just has the tendency to continue to inch forward again and again and again. So this effort has not received approval and has not been. But it's going to involve. According to the wall street journal is sifting through large flows of internet traffic to help identify online narratives that might provide leads on developing tax weather from home [00:49:00] or. Eh, this is, this is just amazing. Now I mentioned on the radio, uh, previously that I have personal experience with one of these large federal law enforcement agencies that has been doing what I considered to be completely unreasonable things with people's information and also completely unreasonable things [00:49:30] in defining. Where the thread is. You've probably heard it all over the news that, that it's all these conservative groups that are the real threat. Well, it's not the conservative groups that have been out there, burning down cities, demonstrating, beating people with clubs, pulling people out of cars, and BD. No, it's not. So where, where are these people coming from, and how do they define these [00:50:00] extremist actions? How do they define it? Right. Well, you can tell that there's obviously some extremism involved when there's a riot, but they will respond to a riot in Washington, DC after Trump rally, but they don't respond to riots all over the country and major cities. And in many cases they don't even do arrests. Oh, it's absolutely amazing what's going on. So I'm very, [00:50:30] very worried about this fusion of big tech and deep state government, because it's become really kind of a hallmark of the Biden administration. Senator Josh Holly's Republican from Missouri really went after the Biden administration for pressuring private companies to help spy on the techs of American citizens. This is back in July and he said that the big government, big corporation [00:51:00] Alliance is the real danger here. And. Absolutely have to agree. This is going to be a problem. And giving the government access to more personal data is going to be an even bigger problem in months and years to come. Particularly if we just let them do. Willy nilly and that's kinda what's happening. What kind of oversight is there really think about the Pfizer courts that are [00:51:30] supposed to be providing oversight for monitoring, uh, people who are not citizens. And yet it looks like. Our law enforcement agencies. We're targeting citizens specifically through the Pfizer courts who are playing games. So I absolutely don't want this to happen. I don't want any administration, Republican-Democrat, you name it. I don't want any of them to have access to [00:52:00] this type of deal. And I go right back on this and a, here's a great quote to explain why I'm going to use a quote from lever inti barrier. He was the most ruthless and longest-serving secret police chief in Joseph Stalin's reign of terror. He said, show me the man and I'll show you the crime. That should scare all of us, because even though the administration today, isn't doing that [00:52:30] types of things Stalin was doing, obviously we don't know what's going to happen in the future and we cannot let the hackers gain access to this information because believe me, they're going to be going after it as well. So don't collect it in the first place. Let's do think that surveillance on citizens, criminal and otherwise, is a rarity. We're going to talk about the New York police department [00:53:00] and their secret funds used for surveillance tools alone.  Here we go. This is from wired magazine, you know, definitely not a right wing entity. They have been reporting on a number of situations where the government has really overreached when it comes to our information and our privacy. And they have this report now that has been [00:53:30] released. And. Yeah, that and some other documents and Sydney fossil wrote this article, and he's saying that the documents are showing that police bot facial rec recognition, software vans, equipped with x-ray machines and stingers. Cell site simulators with no public oversight. And I'm going to explain what each one of these things is and what they are typically used [00:54:00] for. But this is amazing. No problem. Oversight now that's according to documents released last Tuesday. So when all these documents are showing that the New York police department spent at least $159 million over the last 15 or so years through this little known special expenses fund, the did not require [00:54:30] approval by the city council or any other municipal official. Frankly. I think one PP has something to answer for here. We'll have to ask Tom Selleck about it. Right? The documents are made public by two civil rights groups, the legal aid society and their surveillance technology oversight project would says that what the N Y P D was doing amounted to our surveillance slash fund. [00:55:00] It's just crazy, um, stops director, which is again, the, uh, surveillance technology oversight project stop. Their executive director said that the police are still blocking other records needed by the public to understand the way New York is being policed. This is just something out in 2018, the New York police department awarded almost $7 million to the [00:55:30] idea solutions company, which by the way, sells biometric tools, including facial recognition. So what they have done in essence now is set things up in New York. Kind of like they are over in China where they have cameras located all over the place. And those cameras are capturing pictures of pedestrians. How the only kind of saving grace nowadays is a lot of people are wearing [00:56:00] face mask, although, and because a lot of people were in face masks, there's new software that will recognize people, even if they're aware. A face mask obviously depends on the type of face mask, but you know, it's still doing that. So they have all of these cameras. They have this facial recognition software. And they can track you as you're walking around the city. In fact, they can do it in reverse, [00:56:30] which frankly is kind of cool that there are also these airplanes in the sky, over many of our big cities. Now, New York, they're concerned about it. Of course of what happened on nine 11. People get really nervous seeing airplanes over there. So they're using high flying drones that can't really be seen with the naked eye or heard, and they are taking continual video of the entire city [00:57:00] and of all of the streets. So let's say a bank gets robbed, they can try. Those robbers back in time using these drones or airplanes, along with the surveillance software in the cities, mash of cameras and find out where they came from. Okay. So it looks like this was the staging area for the bank robbers, and then they can go back further in time and see where the bank robbers came from. What were they [00:57:30] doing? Where did they go? That technology all exists. Now, it's not that good yet, but you know, it ended up, it will end up being that good. But this goes right back to what I was talking about a little earlier with, uh, show me the man, I'll show you the crime. What happens if those cameras pick you up on a street where a drug deal was going down? Now you've seen it on TV. You've seen it in the movies where they poem money back and forth a POM, [00:58:00] the drugs, you wouldn't even know that a drug deal was happening and now you get pulled into it. How about what happened on January six in Washington, DC? There was a riot. We all know that the Capitol building, but now the FBI and other law enforcement agencies are pulling people in who cell phones pinged in the general area. In Washington, DC. So if you were down there and you [00:58:30] were part of a school tour that day, and you went to maybe the Trump rally, maybe you didn't maybe just went to the reflection pond down there. They investigated you. If you were in our hotel, they investigated you. If you used a credit card in the area, they investigated. And that's being alleged right now by some of these people that were investigated and have had minor charges brought [00:59:00] against them that this was a total witch hunt. It was fabricating the crime. Again, show me the man. I'll show you the crime. I mean, under Stalin, the dictator over in the Soviet Union, you know, socialist government for those that aren't familiar with it. These contracts that were received through kind of a freedom of information request to buy these civil rights groups were heavily [00:59:30] redacted. And so I made it very difficult to understand how many single tool functions were purchased, how they could work together to create a surveillance Dragnet. Over people in New York City, this secrecy also blocks a more complete understanding of the relationship between the New York police department is vendors in the public. So again, it's a double-edged sword it's yet. You want to catch the bank robber. You [01:00:00] want to catch the murderer, but most of the time, those people know how to. Fool the system, don't they, uh, in 2014, the New York police department signed a five-year $800,000 contract with Elbit Systems, which is Israel's largest defense contractor. And by the way, they aren't just in Israel. They're also, they have a plant in New England. Uh, kind of all over [01:00:30] and Elbit provides a wide range of surveillance tools used by customs and border patrol on our borders, including cameras and sensors that make up this virtual border Raul wall that we have on our Southern border. It, this is not good. And I want to add one more thing. I said, I explained what these things are, you know what x-ray is. And some of these trucks are using millimeter-wave stuff and are our x-ray and people [01:01:00] walking down the street, supposedly to see if they have a weapon. Huh? Okay. So just walking past one of these vans expose you to health risks, no warning about that cancer risks from these mobile x-ray vans and these stingray devices are fake cell phone towers. So they capture your information. Who you're calling where you're calling and your text messages, whether you are a target [01:01:30] of an investigation under court order, or just someone walking around the streets in New York, check me out online. Craig peterson.com. Investment money is rolling into these high tech startups. That means if you're looking for a new job in high tech, it may be your lucky day, particularly if you want a job with a startup. So here we go. Jobs in tech have always been [01:02:00] pretty good. Generally speaking, technology is what drives the economy. It is what boosts productivity, and it is right now, a really hot job market there. More small businesses, startups are being funded by angels and venture capitalists than there have been for a few years. That means we've got money now pouring into [01:02:30] these little startups. There's a great little article in ARS Technica by Ariel pod dress. And she's talking about this company called revenue. This is a startup. They just closed their Series B, which means they had their second investment round. And this is a platform for managing in-app subscriptions. They just got $40 million in the idea behind this $40 million series [01:03:00] B series B is to grow the company and. To hire more people. And of course, it's hard to grow the company without hiring more people, even if you're in the software business. So we're talking about a 35 person. Startup that's getting $40 million. That's more than a million dollars per existing employee. They want to get another 50 employees by the end of the year and a hundred by the end of next year. [01:03:30] Now I've got to say, I, I had a startup, it was me and it was me and it was me. Right. I started it. I worked really hard, and I built it up to 50 employees. I didn't have a dime of investment money, but now this investment money is out there like crazy, but revenue, cat's having a hard time along with most of these other startups, hard time hiring people. So, what they've done now [01:04:00] is they've got a whole bunch of extra perks. Things like unlimited vacations. Yes, indeed. No more. Two weeks you earn an extra day for every year. You work there or a seven. These other rules that around for a very long time unlimited vacations. They'll give you a stipend. If you have an office at your home that you're working. Plus, they're also providing equity and salaries on par with some of [01:04:30] the big tech companies, regardless of where you live. Right now, Facebook is, and Google are both looking at saying, Hey, listen, you know, you live a hundred miles outside of Silicon Valley. You don't deserve to be paid as much as an employee that lives right here in San Jose. So now we're going to cut your pay by 10%, 15%, sometimes even more. So these little guys are saying, Hey, listen, you can [01:05:00] work for us. We don't care where you live. Timbuktu in Northern Africa just doesn't matter. As long as you can work from home, we'll pay you the same as if you're living right here in Silicon Valley in California. And we'll even give you extra money because we know it costs you money to be able to work from home because you're probably going to have to get a better internet line. You're going to have to have a phone that works so that we can call you. Maybe you have to call customers. [01:05:30] These types of offers really weren't around before the lock. But now we're seeing high-tech salaries, being driven, even higher benefits that are really being massively beached up, uh, beefed up, I should say. And companies that are offering incredible salaries and flexibility. So there you go. These companies are basically competing with Google, [01:06:00] Facebook, et cetera. So what does that mean? Well, these small startups like revenue cat are getting a lot of money, almost $300 billion invested in these startups worldwide. And it's really hurting the big guys because they're talking about cutting salaries, even though they don't need to. It's not as though they're suffering. They're these big companies, they're still sitting on [01:06:30] billions of dollars in cash. Isn't that something. And so they are starting to really hurt because the small guys are stealing employees, quote-unquote, from the dice, which is, has this industry career database is saying overall tech job postings are up 16% this year. We're seeing also, by the way, a whole [01:07:00] bunch cut backs because of the technology in how many people, these companies need to have a look at restaurants. Now they're doing QR codes for the menus QR codes to pay your bills. So there's even fewer people. That have to work in restaurants going forward. We've got meetings that are being held on WebEx or zoom. You don't go see the doctor anymore. You're using telehealth software programmers. [01:07:30] Engineers are being used more broadly between March and July. There are more than 300,000 openings for software and, uh, other types of computer high-tech engineers. It's 13% higher than even 2016. It is absolutely amazing. I had one person who responded. And when I offered, maybe it makes sense for me to do kind of a career [01:08:00] webinar on high-tech jobs. Right. What would it take to get into specifically the cyber security industry? Because it's something I know it's something I've been helping to drive the whole industry now for over 30 years. And I had only had one person respond. Uh, although I know of. I have a few listeners that have actually done that. They went and got themselves qualified in cyber security, but only one person makes me [01:08:30] think that, you know, what does one person represent maybe a hundred listeners. So there are some of you. I don't think I'm going to end up doing this little thing. Cause I was going to just do a free webinar and what it takes to become a cybersecurity analyst. Uh, but uh, we'll see what happens here kind of going forward, but there's a lot that can happen. There's tech co-workers out there who are leaving some of these high tech firms. There are also [01:09:00] lawsuits about the golden handcuffs, so that have been put on people, you know, that say, Hey, you can't compete with us or you can't even be in the same industry. Some of those. Contracts are being knocked down in some states. Uh, it's kind of interesting to see what happens. Um, there's a couple more things. Yeah. Here, different hedge funds, but it's a really great article. It's in ours. Double-check [01:09:30] your newsletter that I sent out or is going out this weekend. If you haven't received it yet, you should get it at some point this weekend. A very interesting one. If you're considering high tech jobs, ARS, Technica, Vicky. Now, if you want to track technology and cybersecurity, you know, already I go through thousands of articles every week. Now you can talk to my wife about it right in the evenings. And even sometimes you're in the day I'm [01:10:00] sitting there reviewing articles and all these sites, I put them together for you guys. So, you know, what's happened. And cyber security, what the latest breaches are, what you can do about it. I am going to continue with some of the trainings, pick them up again here within the next couple of weeks so that we can keep you guys up to date, but there's only one way you can find out about them. There's only one way that you can get involved, and that's, by making [01:10:30] sure you subscribe to my show notes newsletter, and you can get that by going to Craig Peter sohn.com/subscribe. You'll get all of these free trainings. You'll find out about what's going on, what you need to do in your. Small business door also in your home computers and environment, but everything from the CEO on down Craig peterson.com/subscribe. [01:11:00] I've been complaining about Facebook and what they have been doing to potential competitors for years, the same types of complaints I can make against Microsoft and Google to a lesser degree. While now the federal trade commission's coming out, agreeing with me. This is something that I think has been a long time coming. And this is the federal trade commission's lawsuit against Facebook. Now, lest you think that this is a Trump thing. [01:11:30] This is a Biden thing. Trump administration had filed suit, and then the suit was dropped, and now the federal trade commission has refiled the lawsuit against Facebook and has included some additional proof. That it hopes is going to Boyce bolster its case. The last one was rejected by the court. Great article by ARS Technica as Tim D chant. You'll find that in [01:12:00] my newsletters as well. Craig peterson.com/subscribe. You can get my show notes for absolutely free. Well, this refiling is in response to the federal trade commission's initial case thrown out in June by us district, judge James Boasberg, who didn't think that the agency provided enough information or a real strong definition, what you might call a bright line in [01:12:30] legal terms of Facebook's market in its first five. This is really kind of an interesting problem here because basically, the federal trade commission is alleging that Facebook lacked the business and human and technical talent to survive the transition to mobile. That's according to Holly Vedova, she's the acting director of the federal trade commission's bureau of [01:13:00] competition. She also said after failing to compete with the new innovators, Facebook illegally bought or buried them when the popularity became any sense. Or existential, she said threat. Now, this is the same type of thing we've seen Microsoft do for decades and worse, frankly. It's similar things that Google has done to competition. Although I think Google hasn't been as bad at this as [01:13:30] Microsoft or Facebook have been, but the federal trade commission filed this original lawsuit in December. And that was under Joseph's Simmons, who was appointed by former president Trump, of course. And he cast the Simmons, the deciding vote in the initial filing with the two Republican commissioners voting against it. Now that to me is surprising because I'm all for free trade. In this [01:14:00] case of Facebook has been doing all kinds of anti competitive things. And it's interesting to see the statement here from the federal trade commission that FAPE spoke, lacked the business acumen and technical talent to survive. So that again tells you that Facebook might have a lot of really great political people in there working and censoring and deleting posts and some great marketing [01:14:30] people, but they sure don't have it. The technical talent. I love that. I would love to see the judge ultimately rule that way, but here's the problem. Facebook acquired Instagram and WhatsApp. And I've talked about this on the show before. And the other thing that they did and the way they acquired them was a problem. We'll talk about that in a second. The other thing they did that I haven't talked about before is. The way they blocked [01:15:00] competitors from accessing the API APIs now API APIs or application programming interfaces. It's what all of us programmers use nowadays. So rather than that, developing. For where that does, what Facebook does. I just go ahead and use Facebook's published interfaces. So the idea is I call an API using some methodology, and I say, I want this post to go. [01:15:30] In my Craig Peterson account or in my tech talk channel, right. Our group is actually what Facebook calls it. And then Facebook says, okay, great. And it publishes it for me. And that saves me from having to have to go to every Website out there that I post my radio show that I post my blog, Kat, my blogs on too. The podcast. It saves me from having to go to every one of those places online and repost, everything [01:16:00] manually. Those are API APIs. So I actually use a service that does that for me, using API APIs from Facebook and other places. I use it to publish onto YouTube. I use it to publish onto some of the instep platforms, et cetera, et cetera. But what happened here is Facebook invited developers to start using these APS, the eyes that they had put together, and then later trained the API [01:16:30] policies to actually be an antique competitive weapon. Developers could only access Facebook's platform and its user base. If they agreed to not compete with Facebook or the other thing that they could not do, if they wanted to use API APIs from Facebook is they could not help facilitate. The growth of rivals. That is absolutely amazing. So the FTC lawsuit [01:17:00] says Facebook recognize that the transition to mobile posed an existential challenge and that Facebook had a brief window of time to stymie emerging. Threats. This is right in the lawsuit. Failing to compete on business talent. Facebook developed a plan to maintain its dominant position by acquiring companies that could emerge as or aid competitive threat by buying up these companies, Facebook [01:17:30] eliminated the possibility that rivals might harness the power of the mobile internet to challenge Facebook's dominance. So when we look at things like WhatsApp, for instance, here's a small company that they acquired. Okay. So let me see. This is from Investopedia online and the title is WhatsApp. The best Facebook purchase ever. Question mark. Okay. [01:18:00] Facebook acquired WhatsApp in 2014. Now, how much did they acquire for how much was WhatsApp really worth at the time? It's hard to say, but you can compare it with other companies of similar size and it was probably worth 20 million, maybe 50 million at most. Right. Um, initial bid from Facebook for WhatsApp was $16 [01:18:30] billion for a company that was probably worth $50. Okay. Yeah. Uh, it brought in 10 million in revenue. WhatsApp did at the time, and it lost 150, $38 million in that same period. So let me see. The company loses $138 million on revenues of $10 million. And Facebook buys it for 16 billion in their initial offering. Well, [01:19:00] that was the, that was the initial purchase price. You can read up all you want on this. There's lots of information. So why did Facebook do it? Because they wanted to buy it potential competitor to Facebook messenger. And that's exactly what they did. And they've done that again and again, paint far more than what the market would really dictate so that they could get rid of a competitor. Another one is [01:19:30] an ANOVA, O N a V O. This was a VPN service that tracked users activities that they bought back in 2013 and Facebook called the Novo. Cool. This is a quote from the lawsuit. Again, according Facebook execs that the acquisition of the VPN service would be really cool for identifying acquisition targets. With our acquisition of a Nova. We now have insight into the most popular apps. We should [01:20:00] use that to help us make strategic acquisition. So in other words, by having a VPN server, so what have I said about VPN. Don't use these public VPN services because no matter what, they're promising you, it's not true. I did a whole webinar on this. In fact, I did it like two or three times last year. Um, but they buy the VPN service. They get people using the VPN service. They're tracking everything that's going on [01:20:30] on that VPN service. And now they know what's popular out there and anything that's popped. Facebook buys. Why are they buying it? Well,


    Apple is Adding Tech to Look At Your Photos For Child Abuse

    Play Episode Listen Later Aug 21, 2021 11:59

    Apple is Adding Tech to Look At Your Photos For Child Abuse This is a tough one. Apple has decided that it will build into the next release of the iPhone and iPad operating systems, which monitors for child porn. [Automated transcript] Apple has now explained that they will be looking for child abuse images in specific ones. And I just am so uncomfortable talking about this, but the whole idea behind it is something we need to discuss. Apple said they're going to start scanning for these images and confirmed the plan. In fact, when people said, are you sure you're going to be doing that? [00:00:44] Here's what. IOS 15, which is the next major release of Apple's operating system for I-phones. And for I pad is going to use a tie to something called the national center for missing and exploited children. And the idea behind this is to help stop some of this child abuse. And some people traffic in children; it's just unimaginable. [00:01:14] What happens out there really is some people. It's just such evil. I, I just don't get it. Here's what they're going to be doing. There are ways of taking checksums of pictures and videos so that if there is a minor change in something that might occur because it was copied, it does not mess it up. [00:01:40] It still can give the valid checksum and. Iman, that technology is detailed, but basically, just think of it as a checksum. So if you have a credit card number, there is a checksum digit on that bank accounts have checked some digits. If you mess it up a little bit, okay, it's an invalid checksum, so that number's obviously wrong in this case. [00:02:04] What we're talking about is a checksum of a pitcher or oven. And these various child safety organizations have pictures of children who are abused or who are being abused, who are being exploited. And they have these checksums, which are also called hashes. So that is now going to be stored on your iOS device. [00:02:34] And yes, it's going to take some space on the device. I don't think it's going to take an enormous amount of space, considering how much space is on most of our iPhones and iPads that are out there. Apple gave this detection system is called CSam, an absolute thorough technical summary. It is available online, and I've got a to this article in this week's newsletter, but they released this just this month, August of 2021. [00:03:07] And they're saying that they're using a threshold, that is. Quote set to provide an extremely high level of accuracy and ensures the less than one in 1 trillion chance per year of incorrectly flagging a given account. So now I can say with some certainty in having had a basic look through some of the CSM detection documentation that they're probably right about that, that the odds are excellent. [00:03:40] Small that someone that might have a picture of their kids in a bathtub, the odds are almost so close to zero. It is zero that it will be flagged as some sort of child abuse because it's not looking at the content of the picture. It's not saying that this picture maybe a picture of child exploitation or a video of her child being exploited. [00:04:02] If it has not been seen before by the national center for missing exploited. It will not be flagged. So I don't want you guys to get worried that a picture at the beach of your little boy running around and just boxer trunks, but a lot of skin showing is going to get flagged. It's not going to happen. [00:04:25] However, a pitcher that is known to this national center for missing and exploited children is, in fact, going to be flagged, and your account will be flagged. Now it's hard to say precisely what they're going to do. I haven't seen anything about it, of the apples. Only say. That that they're going to deploy software. [00:04:51] That will analyze images in the messages application for a new system that will warn children and their parents from receiving or sending sexually explicit photos. So that's different. And that is where again, a child, you put parental settings on their iPhone. If they're taking these. Pictures, selfies, et cetera. [00:05:14] Girls sending it to a boyfriend, sending it to his girlfriend, whatever it might be. The parents will be warned, as are the children looking for things that might be of sexual content. Okay. It really is. It's really concerning. Now let's move on to the part that I'm concerned about. I think everyone can agree that both of those features are something good that will ultimately be very good, but here's a quote. [00:05:41] Apple is replacing its industry-standard end-to-end encrypted messaging system with an infrastructure for surveillance and censorship. Now, I should say this guy who's co-director for the center for democracy and technology security and surveillance product project. He's Greg, no, him, no Chaim, is saying this. He said Apple should abandon these changes and restore its users, faith in the security and integrity of apple devices and services. [00:06:15] And this is from an article over a tech. So this is now where we're getting. Because what are they doing? How far are they going? Are they going to break the end encryption in something like I messages? I don't think they are going to break it there. So they're not setting up, necessarily, an infrastructure for surveillance and censorship. But, still, Apple has been called on, as has every other manufacturer of the software. [00:06:45] I remember during the Clinton administration, this whole thing with eclipse. The federal government was going to require anyone who had any sort of security to use this chip developed by the federal government. And it turns out, of course, the NSA had a huge backdoor in it, and it was a real problem. [00:07:04] Look at Jupiter. That was another encryption chip, and it was being used by Saddam Hussein and his family to communicate. And it turns out, yeah, there's a back door there too. This was a British project and chip that was being used. So with apple, having resisted pressure. To break into phones by the US government. [00:07:28] But some of these other governments worldwide that have been very nasty have been spying on their citizens who torture people who don't do what apple are not happy, what the government wants them to do been trying to pressure Apple into revealing this. So now I have to say, I have been very disappointed in all of these major companies, including Apple. When it comes to China, they're just drooling at the opportunity to be there. [00:07:57] Apple does sell stuff there. All of these companies do. Yeah, Google moves their artificial intelligence lab to China, which just, I cannot believe they would do something like that. AI machine learning, those or technologies that will give the United States a real leg up technology-wise to our competitors worldwide. [00:08:18] They move to China, but they have complied with this great firewall of China thing where the Chinese people are being censored. They're being monitored. What's going to happen now because they've had pressure from these governments worldwide to install back doors in the encryption systems. [00:08:39] And apple said, no, we can't do that because that's going to undermine the security for all users, which is absolutely true. For example, if there is a door with a lock, eventually, that lock will get picked. And in this case, if there's a key, if there's a backdoor of some sort, the bad guys are going to fight. So now Apple has been praised by security experts for saying, Hey, listen, we don't want to undermine security for everybody, but this plan to do ploy, some software that uses the capabilities of your iPhone to scan. [00:09:16] Your pictures, your photos, videos that you're sharing with other people and sharing selected results with the authorities. Apple is really close to coming across that line to going across it. Apple is dangerously close to acting as a tool for government surveillance. And that's what John Hopkins university cryptography professor Matthew Greene said. [00:09:47] This is really a key ingredient to adding surveillance to encrypted messages. This is again, according to our professor over John Hopkins, green professor green, he's saying that would be a key in Greece and then adding surveillance, encrypted messaging, the ability to add scanning systems like this to end encrypted messaging systems has been a major ask by law enforcement, the world. [00:10:15] So they have it for detecting stuff about missing and exploited children. That's totally wonderful. And I'm okay with that. No problem. But that now means that Apple's platform can add other types of scanning. All right. We'll see what ends up happening next, which is warning children and their parents about sexually explicit photos is also a bit of a problem here. [00:10:47] Apples. Yeah, on this is messages uses on-device machine learning to analyze image attachments and determine if a photo is sexually explicit. The feature is designed so that Apple does not get access to the messages it's saying. If it detects it, they're going to blur the photo. The child will be warned, presented with helpful resources, and reassured it is okay if they do not want to view them. [00:11:17] And the system will let parents get a message. If children view a flagged photo, similar protections are available for child attempts to send sexually explicit images. Interesting. Isn't it. Interesting world. So I think what they're doing now is, okay, they're really close to that line, going over. [00:11:39] It could mean the loss of lives in many countries that totally abuse their citizens or subjects, depending on how they look at them. Hey, make sure you check me out online. Craig Peterson.com.

    The IRS Has Been Selling Bitcoin - Pay Up!

    Play Episode Listen Later Aug 20, 2021 8:55

    The IRS Has Been Selling Bitcoin - Pay Up! Bitcoin is all the rage. In fact, many people have considered investing in these cryptocurrencies or something. Of course, many have invested in it. I played around with them about a decade ago, and the IRS seized 1.2 billion worth of it. [Automated transcript] You might remember, we talked years ago about the IRS trying to tax things in the virtual world. So if you were in one of these real-life-type things and you owned property, as it were inside this virtual world, they wanted to tax it. So, of course, if you sold something with real hard money and. You sold it inside that real world with real hard cash, you would end up having to pay taxes. [00:00:43] Just if you sold a hammer to someone, that's the way it works. A lot of people have decided that, for some reason, cryptocurrency is entirely untracked. Now we know about cases. I've talked about them here where some of these coins, in this particular case, are talking about Bitcoin or have been used online. [00:01:11] And in fact, the government has found out who was using it and really stepped in, in a big way. Silk Road is the most significant example. This was an online black market for everything you can think of, from illegal drugs to firearms, to all kinds of illicit commodities for sale online. [00:01:36] Back in 2013, they used Bitcoin to buy and sell things in this free trade zone. I think they called themselves, and Silk Road was just thriving. But then, on comes the federal government and federal agents in the United States really cut their teeth in crypto search and seizure. With taking down the silk road, you might remember this was very unprecedented. [00:02:06] People had no idea. What they could do. How could the federal government monitor this? Can I buy and sell these Bitcoins? All of that sort of thing. And 20 years as the chief of money laundering and asset forfeiture. Yeah, us attorney's office for the Southern District of New York. Sharon Levin said that this whole takedown or silk road was utterly unprecedented, and it was new technology. [00:02:37] What do you do well because of people. Here cryptocurrency and crypto, of course, being short for cryptography, they figure that okay. While obviously, it is absolutely untraceable, untrackable. Tell that to the people that this year has tried to ransom money out of enough. US corporations, some of the major -- consider Colonial Pipeline and what happened with them and how at least half of their cryptocurrency was returned to them. [00:03:11] So don't think that this stuff is a way that you can get away with breaking in the law or not paying taxes. It is not the whole. Business, if you will, of crypto seizure and sale is growing incredibly fast. In fact, the federal government just enlisted the help of the private sector to manage and store these crypto tokens that have been seized. [00:03:43] Now, I mentioned that the IRS has seized about $1.2 billion worth of cryptocurrency this fiscal year. That is a whole lot of cryptocurrency. And what are they doing with it while it's the same thing? Remember the drug dealers back in the day. Miami, what was happening? I used to love the Miami Vice TV show. What happened there while they seized boats, they confiscated cars. [00:04:09] They seized cash. Obviously, they can just be put back into circulation, but what do they do everything else? Cores, they go ahead, and they sell it at auction. And that's what they've been doing. Then in June, they started auctioning off Litecoin and Bitcoin cash. They had 11 different lots on offer. [00:04:34] It was a four-day auction, and it included 150.2, 2 5 6 7 1 5 3 Litecoin. You like that. Remember, cryptocurrency is not necessarily a whole coin. It's like having a gold coin. That's worth 500 bucks. How are you going to use that to buy a loaf? But what happens with these cryptocurrencies is you can buy and sell fractions of a coin. [00:05:00] So that's why you get into the millions of a piece of a coin. So they sold 150 ish Litecoin and about 0.00022 in Bitcoin cash worth more than 21 grand. So that's one of the 11 lots that were out there. And this crypto property is what they're calling. It had been confiscated as part of a tax noncompliance case. [00:05:30] I'm looking right now at the public auction sale notice. And where it was, where you could go online. It was on https://gsaauctions.gov. Suppose you want to check these things out, as in the general services administration. In that case, auctions.gov, GSA, auctions.gov, and they were selling it, and it was a taxpayer, it tells you all kinds of information about them. [00:05:52] It's a. Crazy here, but you have to pay by cash to certified cashiers or treasures check drawn on different banks. And it's really cool to look at some of these things, but you can find them online. So if you're interested in buying them might be an excellent way to buy them, these various cryptocurrencies if you want to get into them. [00:06:15] But a lot can refer to almost anything could be, as I said, boats or cars like it was on Miami vice. It could be some number of crypto coins that are being auctioned. So they're going to be doing more and more of that. So then, apparently, the feds are saying that they have no plans to step back from being basically a crypto broker. [00:06:41] Here is the bottom line here because they're seizing and selling all of these assets. So keep an eye out for that. Remember what is going on? The silk road site that I mentioned had been shut down or operating on the dark web. It used Bitcoin exclusively nowadays are using various types of coins. [00:07:04] Most of them are ultimately traceable, and we're not going to get into all of the details behind it, but the bottom line is, so what do they do now? Think about this. Silk road had 30,000 Bitcoin that they were able to identify in CS. And it was probably the most significant Bitcoin seizure ever. And it sold for about $19 million. [00:07:32] So that was quite a few years ago. Somebody just pulls up a calculator here, say 30,000 times, and what's Bitcoin nowadays. I'm not quite sure. Let's say it's $15,000. So in today's money, it had half a billion dollars. Today's value, a half, a billion dollars worth of Bitcoin in there isn't that something, and that was all seized, and it was all auctioned off. [00:07:58] So keep an eye on that. They're following the money is the technique they're using. You can find out a lot more at us, marshals.gov, and that is how they found it. If you've got pictures. You're going to have to sell it. You're going to have to transfer. You have to do something with it. And that's where they're getting. [00:08:19] Bottom line, particularly if you take the Bitcoin and turn it into something else, but this would take a while to explain. And I was thrilled to be able to sit in on a presentation done by the treasury department on how they handle all of this. It's frankly very fascinating. So, hey, make sure you spend a couple of minutes and join me online. [00:08:44] Craig peterson.com. You can sign up for my newsletter. You can listen to my podcasts, and you can get some free, special reports just for signing up.

    The "Great Resignation" in Big Tech - Better Jobs, More Money

    Play Episode Listen Later Aug 20, 2021 9:06

    The "Great Resignation" in Big Tech - Better Jobs, More Money There seems to be a worker shortage. And many businesses are finding that, frankly, people involved in technology are resigning; they're calling it a great resignation of workers. We have a lot of problems as business people, filling jobs nowadays. [Automated transcript] [00:00:20] And one of the things I've thought about doing is maybe even starting a course for people who want to figure out if this whole cybersecurity thing is right for them. I think that might make a lot of sense for some people. And there are some of you listeners. I know, because I've talked to you who have gone out and. [00:00:40] Gotten into, is that a word who have changed careers into the cybersecurity realm? So does it make sense for you? I don't know. Do you think it would make sense for me to offer something? A cybersecurity course to give you guys the basics and help you understand it and see if it might be good for you. [00:01:00] Only, you know that, and if you're interested, make sure you drop me a note just to me, M E Craig peterson.com, and let me know what you think. Still, the big tech is suffering from this great resignation of workers and workers in the technology field right now. So it's a good time to leave. Now, this isn't the same as many workers who, for instance, were in the restaurant business for many years, were in food service. [00:01:31] You make money. Maybe you don't make money. Who knows those. And, of course, those jobs pretty much disappeared during the lockup. Big tech, it's different from big tech. Most of these people, most of us, frankly, retained our jobs. We were still able to work, still able to do the stuff we'd always been doing. Still, we were doing it from home, and many employees looked at the situation and said, I am not going to leave. [00:02:05] Because I don't know if I'll be able to get a new job. Does that make sense to you? So we have a bit of pent-up demand in the tech field of people who maybe didn't like the boss, didn't really like what they were doing but kept the job because at least it was a job. It paid some bills. And from the bottom-line standpoint, it didn't make sense to. [00:02:29] Now we see something else going on; people are leaving like crazy Facebook here. There's a quote in an article in MarketWatch. Lost this guy named Raymond Andres. Who's now the chief technology officer at the air table. Now I've used air table before I was a client of theirs for a while. It's really something. [00:02:52] If you need to do some essential project management or have a process for doing something. That needs to be tracked, and maybe something handed over to another person when it meets a particular stage. Check it out, air table.com online. Still, he left Facebook, and he said there's been a burst of activity of people leaving. [00:03:15] If anything. The lockdown delayed decisions. And that's exactly what I was saying. I've been saying that for a very long time, but there's another factor involved when it comes to technology. And that is the funding, which is just amazing. You might remember a couple of years ago we had this. Brakes on IPO's on initial public offerings. [00:03:40] These tech companies just were not going to go public at all. And because of that, many angel investors and venture capitalists said, forget about it. I'm not going to go ahead and make any sort of investment. So that is when many of these small companies just failed, and of course, incomes the lockdown, and even more of them died. [00:04:03] But now. But the investors are a spinner spending a lot of money so far this year. There have been 84 initial public offerings in the US alone. Isn't that amazing? 50 plus billion dollars in IPO's. Now that's up from about 38 billion. Last year. So there's obviously money in the IPO world. So that gets the venture capitalists interested. [00:04:36] So VC money is also at record highs. This year's track is to be the best year yet. According to PitchBook through June. This year 2021, $150 billion has been raised among about 7,000 deals. Now that's ahead of last year's record, a total of $164 billion for the year. So we're looking at some significant money going in. [00:05:10] And we have many people leaving from Google and Facebook and Amazon and Apple, maybe your company as well, who are saying, wow there's some real opportunity now I could get in on the ground floor. The VC money is a record high, so I can take at least some salary enough to make it heck I haven't had to pay rent for a year. [00:05:33] So I can afford to do that, to try and. Something with some of my friends, and that's precisely what they're doing. Robert half, a company I've had on my show before Robert half international, did a survey. They found that about one-third of the almost 3000 information technology professionals. [00:05:57] They surveyed said they planned to look for a new job in the next few months. They're also saying Robert half is that while employers posted more than 365,000 job openings in June alone, they're not getting filled; that's, by the way, the highest monthly. In about since September 2019, according to CompTIA, which is an industry trade group. [00:06:25] I'm a member of that. My company is a member of comp Tia as well. So there are a lot of things happening that are really driving people to startups. And there's a lot of advantages to that. So here's another guy. This is an engineering manager who left Facebook last year. And he quickly returned. [00:06:46] He said working at a startup, you have much more connection with employees, and things moved faster. So tiger graph, by the way, also hired ex-Googlers. And they're increasing the workforce this year too, about 300 from 90. So think about what they're doing. So that's not, yeah, technically, it's probably still a startup, but it's 300 employees. [00:07:10] That's not us. That is a lot of employees, and they've got a lot of money behind them. Here's another guy. And she's saying, I thought I would be a lifer at Amazon. But this was a tremendous opportunity. I can have a far more significant impact and more influence on the company's trajectory, which quite frankly was harder at Amazon. [00:07:33] And we're seeing more and more of particularly the younger employees looking at that. Her name's Anna fag fabric. Sorry about the names butchering here, but she's now at freshly. Officer. So many people are saying in this survey from Robert half international that having a chance to impact a smaller company was a significant reason for leaving. [00:08:01] And that's after years of massive growth at big tech companies. So again, IBM in the 1970s. They were the ruler; they were the king. It was impossible. If you work for IBM, man, they're going to be around forever. And, of course, they still are. And they have excellent products, especially the Z series mainframe, but they're not the company they were. [00:08:24] And I think we now are seeing. The next step in these big high-tech, but is no longer being the companies that they were innovation is going to leave with these employees, and they're going to really be hurt and hurt quite a bit. All right. So coming up, we're going to talk, of course, more about some of the more critical tech stuff you've got to. If you haven't already get on my email list, I'll send you a couple of special reports that we. [00:08:54] As well as, of course, every week, one or two newsletters, not sales documents, newsletters, Craig peterson.com.

    Windows 11 Will Require a New Piece of Hardware

    Play Episode Listen Later Aug 20, 2021 11:00


      1126-01-windows_11_and_tpm [00:00:00] Microsoft has had some incredibly successful operating systems and some significant failures. Think of windows millennial edition. While now they're coming up with windows 11, and frankly, things just aren't looking that good. [00:00:16] If you know me, you know how I have had some issues with Microsoft here over the years; they are a company that has been, in my opinion, very dishonest have been doing all kinds of immoral things for a very long time by destroying. [00:00:36] Parts of the market that they considered being competitors of theirs, so they have used their position at the top of the market with billions of dollars in cash to really nail anybody that tries to challenge them. And it's incredible to me what has happened over the years. But, of course, you might know Microsoft did. [00:00:57] Putting an investment into Apple. And many people say that investment that bill gates authorized really saved apple from total collapse. And I can see how is this a reasonable audience or argument? But the bottom line, when we get down to it, is that Microsoft Windows has never been a great operating system. [00:01:21] It's always had issues. It's always had glitches, and we could go into a lot of reasons for that. But I think one of the main ones is that it has really tried to stay compatible with everything, all of the. When you were a kid, you certainly rode a bicycle. But, still, the bike you might be riding when you're in your thirties or forties will probably not have three wheels. [00:01:46] And it's probably not going to have a pedal connected to the front wheel. It will be a whole lot different, and Microsoft, over the years, has tried to make their more modern operating systems as time has gone on. Compatible with older operating systems of theirs. And that inevitably leads to problems. [00:02:06] If you're trying to fix a problem, Einstein said this, right? If you're trying to fix a problem, you cannot use the thinking that created the problem in that first place. So to fix a problem, you have to think at a different level. And when it comes to software and operating systems, you actually. To program at a different level. [00:02:29] And the entire structure of the programs has to be different than it is when you're starting. Microsoft has been doing that a little bit. And with Windows 11, they are really trying, they've gotten such black eyes over the years for security problems, and I think they deserve them for the most part. [00:02:50] Now they're forcing you to use what's called a TPM. Now, these TPMS have been around for quite a while. You see them built into your Macs, and they've been built into your apple Macs now for years, built-in frankly to your iOS devices for your iPhone also for years. But this is a trusted platform module TPM. [00:03:17] And the idea behind a TPM is that your computer hardware is locking. All of this information and the senior TPM. Now there are a lot of complicated implementations of TPMS. The implementation that apple uses stores, all kinds of stuff that makes sure you're booting properly, security, keys, et cetera. What Microsoft is doing now is for windows 11. [00:03:47] If you're going to. Your machine has to have a TPM and not just an older TPM 2.0. Now there are alpha images available right now for developers of Windows 11. And I have to absolutely encourage you if you are a software developer to get an alpha version of windows so that you can double-check, is my software is still going to be able to run in this. [00:04:13] And I also want to encourage you if you are relying on particular applications. Maybe they're a little older, perhaps they're not, but if your business requires you to use a piece of software, you really should get windows 11. Right now, get the alpha code, follow it through beta and test your software. [00:04:36] Make sure it works. If it isn't working, then talk to your software vendors, warn them that it's. Because Windows 11 requiring TPM support, although it doesn't need it right now in this alpha version that they're releasing, it does require it. Supposedly when they finally release Windows 11, the computers you have today probably don't have this chip. [00:05:07] We have a client who decided they would go out and buy their own server against our judgment. And what we told them they should be doing. So they went out, and they purchased an HP server from HP enterprise, and they did. And it did not have most of the security staff they needed, including it did not have a TPM. [00:05:27] It did not have one of these trusted platform modules on it. Now, in their case with this HP server, they could buy one after the fact and install it. Although the entire machine had to be destroyed entirely and reloaded, that's a minor price to pay versus purchasing a whole new server. [00:05:48] The TBM is not necessarily going to be compatible with the new version of windows. In fact, Microsoft surface tablets. I look this up to their highest-end surface tablets, Microsoft branding all over it. Microsoft certified $6,000 almost to buy this top-end surface tablet with all the bells and whistles you can get on it. [00:06:15] It will not work with windows 11. How's that? So the reason Microsoft is doing this, I think, is a good reason. They really want to lock down this system to no longer have as many security problems. And we're not going to get into all of the different types of security problems that TPM is not going to solve a lot of them, but it's going to solve. [00:06:40] Some of them, but the program manager over Microsoft, her name is Al area. I guess it is Carly. She said that the hardware floor of TPM 2.0 support will be in place for the final version. We'll see. I think a lot of people are going to push back. However, Microsoft really does and legitimately does want to make sure that everything is safe. [00:07:07] So keep that in mind. There are a lot of people complaining about it, the alpha version. And that is why you have an alpha version. They're complaining about it because of the TPM, but also because of some of the other things that are going on with windows 11, at least right now, some of the things Microsoft has announced they've got, for instance, group policy will not let you get around hardware enforcement for windows 11. [00:07:34] Microsoft is still going to block you from upgrading your device. To make sure your devices stay supported and secure. So that's good news, and it's good news because many times in the past, how many of us we've upgraded our machines and a new version of the operating system. And I use "upgrade" with air quotes around it, but we've upgraded our machines, and they won't work with the new version. [00:08:00] The audience here for her short statement, which was part of this, a Microsoft tech community user questions, was agitated. They did not like the answers that she was giving. And this is according to windows central, the videos, top comment, read, quote, a lot of these answers come off as super Tone Deaf. [00:08:22] It is looking like Windows 11 will be another problem. So for those of us, that know, yeah. Windows eight was really quite the flop member. They very quickly came out with windows eight one, and Microsoft is the only tone-deaf company out there. I've got to say, I think Apple has been remarkably tone-deaf in many different ways. [00:08:44] Now they seem to be waking up doing some things a little bit better, so kudos to them for that. But a lot of companies, really. Tone, deaf to what users want. And there's a lot of blog posts here. We'll have to see if what they're saying ultimately ends up in windows 11. If it does, things will be a bit of a problem. [00:09:08] But part of the reason we don't know. Because Microsoft disabled any more comments on the video, they were getting so many of them. And of course, there are trolls people who hate Microsoft. I'm certainly not one of them. They also, by the way, deleted all existing comments on the video here about windows 11 with their program manager in response to the negativity. The voting is still open on this video, and 2,700 dislikes and only 146 likes as of this last week. It's interesting. Microsofts are really rushing to these new hardware requirements. They're being very aggressive, and I think they're handling it. Sound familiar. We've heard these sorts of things before, but now we'll see here into the legitimacy of this. How much is it going to benefit is limited because where are we solving our biggest problems? [00:10:09] People cooking, links, things get installed, et cetera, that nothing to TPM will be able to handle. The TPM is going to make sure that you have a secure boot that's it's missing. The goal in life. So how was it? We will help with a lot of this other stuff we will see, and I'll definitely keep you up to date on this? [00:10:28] It's real. Hey, I want to remind you guys, go to Craig peterson.com. Hopefully, you got my newsletter last week. I gave you a private link to a webinar that I did about VPN because there's a lot of people selling VPNs. Unfortunately, most of them are misrepresenting what they can. And in fact, most of them make you less safe. [00:10:53] So don't miss another thing. Go to Craig peterson.com right now. And subscribe


    Weekly - Microsoft is planning on making you buy a new computer

    Play Episode Listen Later Aug 19, 2021 82:41


    [Automated transcript] Weekly - Microsoft is planning on making you buy a new computer [00:00:00] Microsoft has had some incredibly successful operating systems and some significant failures. Think of windows millennial edition. While now they're coming up with windows 11, and frankly, things just aren't looking that good. [00:00:16] If you know me, you know how I have had some issues with Microsoft here over the years. They are a company that has been, in my opinion, very dishonest have been doing all kinds of immoral things for a very long time by destroying. [00:00:36] Parts of the market that they considered being competitors of theirs, so they have used their position at the top of the market with billions of dollars in cash to really nail anybody that tries to challenge them. And it's incredible to me what has happened over the years. But, of course, you might know Microsoft did. [00:00:57] Putting investment into Apple. And many people say that investment that bill gates authorized really saved apple from total collapse. And I can see how is this a reasonable audience or argument? But the bottom line is that Microsoft Windows has never been a great operating system when we get down to it. [00:01:21] It's always had issues. It's always had glitches, and we could go into a lot of reasons for that. But I think one of the main ones is that it has really tried to stay compatible with everything, all of the. When you were a kid, you certainly rode a bicycle. But, still, the bike that you might be riding when you're in your thirties or forties is probably not going to have three wheels. [00:01:46] And it's probably not going to have a pedal connected to the front wheel. It is going to be a whole lot different, and Microsoft, over the years, has tried to make their more modern operating systems as time has gone on. Compatible with older operating systems of theirs. And that inevitably leads to problems. [00:02:06] If you're trying to fix a problem, Einstein said this, right? If you're trying to fix a problem, you cannot use the thinking that created the problem in that first place, in order to fix a problem, you have to think at a different level. And when it comes to software and operating systems, you actually. To program at a different level. [00:02:29] And the entire structure of the programs has to be different than it is when you're starting. Microsoft has been doing that a little bit. And with Windows 11, they are really trying, they've gotten such black eyes over the years for security problems, and I think they deserve them for the most part. [00:02:50] Now they're forcing you to use, what's called a TPM. Now these TPMS have been around for quite a while. You see them built into your Macs, and they've been built into your apple Macs now for years built-in frankly to your iOS devices for your iPhone also for years. But this is a trusted platform module TPM. [00:03:17] And the idea behind a TPM is that your computer hardware is locking. All of this information and the senior TPM. Now there are a lot of difficult implementations of TPMS. The implementation that apple uses stores, all kinds of stuff that makes sure you're booting properly security, keys, et cetera. What Microsoft is doing now is for windows 11. [00:03:47] If you're going to. Your machine has to have a TPM and not just a older TPM 2.0, now there are alpha images available right now for developers of Windows 11. And I have to absolutely encourage you if you are a software developer to get an alpha version of windows so that you can double-check, is my software still going to be able to run in this. [00:04:13] And I also want to encourage you if you are relying on certain applications and maybe they're a little bit older, maybe they're not, but if your business requires you to use a piece of software, you really should get windows 11. Right now, get the alpha code, follow it through beta and test your software. [00:04:36] Make sure it works. If it isn't working, then talk to your software vendors, warn them that it's. Because Windows 11 requiring TPM support, although it doesn't require right now in this alpha version that they're releasing, but it does require it. Supposedly when they finally release windows 11, your computers that you have today probably don't have this chip. [00:05:07] We have a client that decided they were going to go out and buy their own server against our judgment. And what we told them they should be doing. So they went out and they bought we're going to get an HP server from HP enterprise and they did. And it did not have most of the security staff that they needed, including it did not have a TPM. [00:05:27] It did not have one of these trusted platform modules on it. Now, in their case with this HP server, they could buy one after the fact and install it. Although the entire machine had to be completely destroyed and reloaded, that's a minor price to pay versus buying a whole new server. [00:05:48] The TBM is not necessarily going to be compatible with the new version of windows. In fact, Microsoft surface tablets. I look this up their highest end surface tablets, Microsoft branding all over it. Microsoft certified $6,000 almost to buy this, or, top end surface tablet with all of the bells and whistles you can get on it. [00:06:15] It will not work with windows 11. How's that? So the reason Microsoft is doing this, I think is a good reason. They really want to lock down this system so that we're no longer having as many security problems. And we're not going to get into all of the different types of security problems that TPM is not going to solve a lot of them, but it's going to solve. [00:06:40] Some of them, but the program manager over Microsoft, her name is Al area. I guess it is Carly. She said that the hardware floor of TPM 2.0 support is going to be in place for the final version. We'll see. I think a lot of people are going to push back. However, Microsoft really does and legitimately does want to make sure that everything is safe. [00:07:07] So keep that in mind. There are a lot of people complaining about it, the alpha version. And that is why you have an alpha version, they're complaining about it because of the TPM, but also because of some of the other things that are going on with windows 11, at least right now, some of the things Microsoft has announced they've got, for instance group policy will not let you get around hardware enforcement for windows 11. [00:07:34] Microsoft is still going to block you from upgrading your device. To make sure your devices stay supported and secure. So that's good news and it's good news because many times in the past, how many of us we've upgraded our machines and to a new version of the operating system. And I use upgrade with air quotes around it, but we've upgraded our machines and they won't work with the new version of it. [00:08:00] The audience here for her little statement, which was part of this, a Microsoft tech community user questions was very upset. They did not like the answers that she was giving. And this is according to windows central, the videos, top comment, read, quote, a lot of these answers come off as super tone. [00:08:22] Deaf is looking like Windows 11 will be another windows. So for those of us that know yeah. Windows eight was really quite the flop member. They very quickly came out with windows eight one and the Microsoft is, and the only tone-deaf company out there, I've got to say, I think Apple has been very tone-deaf in a lot of different ways. [00:08:44] Now they seem to be waking up doing some things a little bit better, so kudos to them for that. But a lot of companies really. Tone, deaf to what users want. And there's a lot of blog posts here. We'll have to see if what they're saying ultimately ends up in windows 11. If it does, things will be a bit of a problem. [00:09:08] But part of the reason we don't know. Is because Microsoft disabled, any more comments on the video, they were getting so many of them. And of course there's trolls people who hate Microsoft. I'm certainly not one of them. They also, by the way, deleted all existing comments on the video here about windows 11 with their program manager in response to the negativity, the voting is still upon this video and. [00:09:37] 2,700 dislikes and only 146 likes as of this last week. It's interesting. Microsofts are really rushing to these new hardware requirements. They're being very aggressive, and I think they're handling it. Sound familiar. We've heard these sorts of things before, but now we'll see here into the legitimacy of this, how much is it going to benefit is limited as well because where are we having our biggest problems? [00:10:09] People cooking, links, things get installed et cetera, that nothing to TPM is going to be able to handle. The TPM is going to make sure that you have a secure boot that's it's missing. Goal in life. So how was it we're going to help with a lot of this other stuff we will see, and I'll definitely keep you up to date on this. [00:10:28] It's a real. Hey, I want to remind you guys, go to Craig peterson.com. Hopefully you got my newsletter last week. I gave you a private link to a webinar that I did about VPN, because there's a lot of people selling VPNs. Most of them are misrepresenting what they can. And in fact, most of them make you less safe. [00:10:53] So don't miss another thing. Go to Craig peterson.com right now. And subscribe [00:10:59] There seems to be a worker shortage. And a lot of businesses are finding that frankly, people who are involved in technology are resigning, they're calling it a great resignation of workers. We have a lot of problems as business people, filling jobs nowadays. [00:11:20] And one of the things I've thought about doing is maybe even starting a course for people who want to figure out if this whole cybersecurity thing is right for them. I think that might make a lot of sense for some people. And there are some of you listeners. I know, because I've talked to you who have gone out and. [00:11:40] Gotten into, is that a word who have changed careers into the cybersecurity realm? So does it make sense for you? I don't know. Do you think it would make sense for me to offer something? A cybersecurity course to give you guys the basics and help you to understand it, to see if it might be good for you. [00:12:00] Only, you know that, and if you're interested, make sure you drop me a note just to me, M E Craig peterson.com and let me know what you think, but the big tech is suffering from this great resignation of workers and workers in the technology field right now. It's a good time to leave. Now, this isn't the same as many workers who, for instance, were in the restaurant business for many years, were in food service. [00:12:31] You make money. Maybe you don't make money. Who knows those. And of course, those jobs pretty much disappeared during the lockup. Big tech, it's different in big tech. Most of these people, most of us, frankly, we retained our jobs. We were still able to work, still able to do the stuff we'd always been doing, but we were doing it from home, and many employees looked at the situation and said, I am not going to leave. [00:13:04] Because I don't know if I'll be able to get a new job. Does that make sense to you? So we have a bit of a pent up demand in the tech field of people who maybe didn't like the boss didn't really like what they were doing, but kept the job because at least it was a job. It paid some bills. And from the bottom-line standpoint, it didn't make sense to. [00:13:28] Now we see something else going on, people are leaving like crazy Facebook here. There's a quote in an article in MarketWatch. Lost this guy named Raymond Andres. Who's now the chief technology officer at air table. Now I've used air table before I was a client of theirs for a while. It's really something. [00:13:51] If you need to do some basic project management, or if you have a process for doing something. That needs to be tracked and maybe something handed over to another person when it meets a certain stage, check it out, air table.com online, but he left Facebook and he said, there's been a burst of activity of people leaving. [00:14:15] If anything. The lockdown delayed decisions. And that's exactly what I was saying. I've been saying that for a very long time, but there's another factor involved when it comes to technology. And that is the funding, which is just amazing. You might remember a couple of years ago we had this. Brakes on IPO's on initial public offerings. [00:14:40] These tech companies just were not going to go public at all. And because of that, many angel investors and venture capitalists said, forget about it. I'm not going to go ahead and make any sort of investment. That is the time when a lot of these small companies just failed and of course, incomes the lockdown and even more of them failed. [00:15:03] But now. But the investors are a spinner spending a lot of money so far this year, there have been 84 initial public offerings in the U S alone. Isn't that amazing? 50 plus billion dollars in IPO's. Now that's up from about 38 billion. Last year. So there's obviously money in the IPO world. So that gets the venture capitalists interested. [00:15:36] So VC money is also a record hives. This year's track to be the best year yet. According to PitchBook through June. This year 2021, $150 billion has been raised among about 7,000 deals. Now that's ahead of last year's record, a total of $164 billion for the year. So we're looking at some major money going in. [00:16:09] And we're have a lot of people that are leaving from Google and Facebook and Amazon and Apple, maybe your company as well, who are saying, wow there's some real opportunity now I could get in on the ground floor. The VC money is a record high, so I can take at least some salary enough to make it heck I haven't had to pay rent for a year. [00:16:32] So I can afford to do that, to try and. Something with some of my friends and that's exactly what they're doing. Robert half, which is a company I've had on my show before Robert half international, they did a survey and they found that about one third of the almost 3000 information technology professionals. [00:16:56] They surveyed said they planned to look for a new job in the next few months. They're also saying Robert half is that while employers posted more than 365,000 job openings in June alone, they're not getting filled that's by the way, the highest monthly. In about since September, 2019, and that's according to comp Tia, which is a, an industry trade group. [00:17:24] I'm a member of that. My company is a member of comp Tia as well. So there are a lot of things happening that are really driving people to startups. And there's a lot of advantages to that. So here's another guy. This is an engineering manager who left Facebook last year. And he quickly returned. [00:17:45] He said working at a startup, you have much more connection with employees and things moved faster. So tiger graph, by the way, also hired ex-Googlers. And they're increasing the workforce this year too, about 300 from 90. So think about what they're doing. That's not, yeah, technically it's probably still a startup, but it's 300 employees. [00:18:10] That's not us. That is a lot of employees, and they've got a lot of money behind them. Here's another guy. And she's saying, I thought I would be a lifer at Amazon. But this was a tremendous opportunity. I can have a far greater impact and more influence on the company's trajectory, which quite frankly was harder at Amazon. [00:18:32] And we're seeing more and more of particularly the younger employees looking at that. Her name's Anna fag fabric, sorry about the names butchering here, but she's now at freshly she's their chief criminals commercialization. Officer. So a lot of people are saying in this survey from Robert half international that having a chance to have an impact at a smaller company was a major reason for leaving. [00:19:00] And that's after years of massive growth at big tech companies. So again, IBM in the 1970s. They were the ruler, they were the king. They was impossible. If you work for IBM, man, they're going to be around forever. And of course, they still are. And they have amazing products, especially the Z series mainframe, but they're not the company they were. [00:19:24] And I think we now are seeing. The next step in these big high-tech, but is no longer being the companies that they were innovation is going to leave with these employees, and they're going to really be hurt and hurt quite a bit. All right. So coming up, we're going to talk, of course, more about some of the more important tech stuff, you've got to, if you haven't already get on my email list, I'll send you a couple of special reports that we. [00:19:54] As well as of course, every week, one or two newsletters, not sales documents, newsletters, Craig peterson.com. [00:20:04] Bitcoin is all of the rage. In fact, these cryptocurrencies or something, a lot of people have considered investing in of course, many have invested in it. I played around with them about a decade ago, and the IRS seized 1.2 billion worth of it. [00:20:19] You might remember, we talked years ago about the IRS trying to tax things in the virtual world. So if you were in one of these real life type things and you owned property, as it were inside this virtual world, they wanted to tax it. Of course, if you sold something with real hard money and. You sold it inside that real world with real hard money, you would end up having to pay taxes. [00:20:47] Just if you sold a hammer to someone, that's the way it works. A lot of people have decided that, for some reason, cryptocurrency is completely untracked. Now we know about cases. I've talked about them here where some of these coins in this particular case, we're talking about Bitcoin or has been used online. [00:21:15] And in fact, the government has found out who was using it and really stepped in, in a big way. Silk road is the biggest example. This was an online black market for everything you can think of, from illegal drugs to firearms, to all kinds of illegal commodities that were for sale online. [00:21:40] This was back in 2013, they were using Bitcoin to buy and sell things on this free trade zone. I think they called themselves and silk growed was just thriving. On comes the federal government and federal agents in the United States really cut their teeth in crypto search and seizure. With taking down the silk road, you might remember this was very unprecedented. [00:22:10] People had no idea. What they could do. How could the federal government monitor this? Can I buy and sell these Bitcoins? All of that sort of thing. And 20 years as the chief of money laundering and asset forfeiture in. Yeah, us attorney's office for the Southern District of New York. Sharon Levin said that this whole takedown or silk road was completely unprecedented and it was new technology. [00:22:41] What do you do well because people. Here cryptocurrency and crypto, of course, being short for cryptography, they figure that okay. While obviously it is absolutely untraceable untrackable. Tell that to the people that this year have tried to ransom money out of enough. US corporation, some of the major consider for instance, colonial pipeline and what happened with them and how at least half of their cryptocurrency was returned to them. [00:23:15] So don't think that this stuff is a way that you can get away with breaking in the law or not paying taxes. It is not the whole. Business, if you will, of crypto seizure and sale is growing incredibly fast. In fact, the federal government just enlisted the help of the private sector to manage and store these crypto tokens that have been seized from. [00:23:47] Now I mentioned that the IRS has seized about $1.2 billion worth of cryptocurrency this fiscal year. That is a whole lot of cryptocurrency. And what are they doing with it while it's the same thing? Remember the drug dealers back in the day. Miami, what was happening? I used to love Miami vice TV show. What happened there while they seize boats, they seized cars. [00:24:13] They seized cash. Obviously, they can just put back into circulation, but everything else, what do they do? Cores, they go ahead and they sell it at auction. And that's what they've been doing. Then in June, they started auctioning off light coin and Bitcoin cash. They had 11 different lots on offer. [00:24:38] It was a four day auction and it included 150.2, 2 5 6 7 1 5 3 light coin. You like that. Remember cryptocurrency is not necessarily a whole coin. It's like having a gold coin. That's worth 500 bucks. How are you going to use that to buy a loaf? But what happens with these cryptocurrencies is you can buy and sell fractions of a coin. [00:25:04] So that's why you get into the millions of a piece of a coin. So they sold 150 ish like coin and. Above 0.00022 a Bitcoin cash worth more than 21 grand. So that's one of the 11 lots that was out there. And this crypto property is what they're calling. It had been confiscated as part of a tax noncompliance case. [00:25:34] I'm looking right now at the public auction sale notice. And where it was, where you could go online. It was a GS, a auctions.gov. If you want to check these things out, as in the general services administration, auctions.gov, GSA, auctions.gov, and they were selling it, and it was a taxpayer, it tells you all kinds of information about them. [00:25:56] It's a. Crazy here, but you have to pay by cash to certified cashiers or treasures check drawn on different whatever banks. And it's really cool to look at some of these things, but you can find them online. If you're interested in buying them might be a good way to buy them, to buy these various cryptocurrencies if you want to get into there. [00:26:20] But a lot can refer to almost anything could be, as I said, boats or cars like it was on Miami vice. It could be some number of crypto coins that are being auctioned. So they're going to be doing more and more of that. Then, apparently, the feds are saying that they have no plans to step back from being basically a crypto broker. [00:26:46] Here is the bottom line here because they're seizing and selling all of these assets. So keep an eye out for that. Remember what is going on? The silk road site that I mentioned had been shut down or operating on the dark web. It used Bitcoin exclusively nowadays are using various either types of coins. [00:27:09] Most of them are ultimately traceable, and we're not going to get into all of the details behind it, but the bottom line is so what do they do now? Think about this. Silk road had 30,000 Bitcoin that they were able to identify in CS. And it was probably the biggest Bitcoin seizure ever. And it sold for about $19 million. [00:27:37] So that was quite a few years ago. Somebody just pull up a calculator here, say 30,000 times, and what's Bitcoin nowadays. I'm not quite sure. Let's say it's $15,000. So in today's money, it had a half, a billion dollars. Today's value, a half, a billion dollars worth of Bitcoin in there isn't that something, and that was all seized and it was all auctioned off. [00:28:03] So keep an eye on that. They're following the money is the technique they're using. You can find out a lot more at us, marshals.gov, and that is how they found it. If you've got pictures. You're going to have to sell it. You're going to have to transfer. You have to do something with it. And that's where they're getting. [00:28:24] Bottom line, particularly if you take the Bitcoin and turn it into something else, but this would take a while to explain. And I was very happy to be able to sit in on a presentation that was done by the treasury department on how they handle all of this. It's frankly very fascinating. Hey, make sure you spend a couple of minutes and join me online. [00:28:49] Craig peterson.com. You can sign up for my newsletter. You can listen to my podcasts, and you can get some free, special reports just for signing up. [00:28:59] This is a tough one. Apple has decided that they are going to build in to the next release of the iPhone and iPad operating system. Something that monitors for child porn. [00:29:12] Apple has now explained that they are going to be looking for child abuse images in specific ones. And I just am so uncomfortable talking about this, but the whole idea behind it is something we need to discuss. Apple said, they're going to start scanning for these images and confirmed the plan. In fact, when people said, are you sure you're going to be doing that? [00:29:43] Here's what. IOS 15, which is the next major release of Apple's operating system for I-phones. And for I pad is going to use a tie to something called the national center for missing and exploited children. And the idea behind this is to help stop some of this child abuse and there's people who traffic in children, and it's just unimaginable. [00:30:13] What happens out there really is some people it's just such evil. I, it I just don't get it. Here's what they're going to be doing. There are ways of taking checksums of pictures and videos, so that if there is a minor change in something that might occur, because it was copied that it does not mess it up. [00:30:39] It still can give the valid checksum and. Iman, that technology is detailed, but basically just think of it as a checksum. So if you have a credit card number, there is a checksum digit on that bank accounts have checked some digits so that if you mess it up a little bit, okay, it's an invalid checksum, so that number's obviously wrong in this case. [00:31:03] What we're talking about is a checksum of a pitcher or oven. And these various child safety organizations have pictures of children who are abused or who are being abused, who are being exploited. And they have these checksums, which are also called hashes. That is now going to be stored on your iOS device. [00:31:33] And yes, it's going to take some space on the device. I don't think it's going to take an enormous amount of space considering how much space is on most of our iPhones and iPads that are out there. Apple gave this detection system is called C Sam, a real thorough technical summary. It is available online, and I've got a, to this article in this week's newsletter, but they released this in just this month, August of 2021. [00:32:06] And they're saying that they're using a threshold that is. Quote set to provide an extremely high level of accuracy and ensures the less than one in 1 trillion chance per year of incorrectly flagging a given account. Now I can say with some certainty in having had a basic look through some of the CSM detection documentation, that they're probably right about that, that the odds are very good. [00:32:39] Small that someone that might have a picture of their kids in a bathtub, the odds are like almost so close to zero. It is zero that it will be flagged as some sort of child abuse, because it's not looking at the content of the picture. It's not saying that this picture, maybe it is a picture of child exploitation or a video of her child being exploited. [00:33:01] If it is not one that has been seen before by the national center for missing exploited. It will not be flagged. So I don't want you guys to get worried that a picture at the beach of your little boy running around and just boxer trunks, but a lot of skin showing is going to get flagged. It's not going to happen. [00:33:24] However, a pitcher that is known to this national center for missing and exploited children is in fact going to be flagged and your account will be flagged. Now it's hard to say exactly what they're going to do. I haven't seen anything about it, of the apples. Only say. That that they're going to deploy software. [00:33:50] That's going to analyze images in the messages application for new system that will warn children and their parents from receiving or sending sexually explicit photos. So that's different. And that is where again, a child, you put parental settings on their iPhone. If they're taking these. Pictures, selfies, et cetera. [00:34:13] Girls sending it to a boyfriend, sending it to his girlfriend, whatever it might be. The parents are going to be warned, as are the children that is looking for things that might be of a sexual content. Okay. It really is. It's really concerning. Now let's move on to the part that I'm concerned about, because I think everyone can agree that both of those features are something good that are ultimately going to be very good, but here's a quote. [00:34:40] Apple is replacing it's industry standard end to end encrypted messaging system with an infrastructure for surveillance and censorship. Now, this is a guy who's co-director for the center for democracy and technology security and surveillance product project, I should say. He's Greg, no, him, no Chaim, is saying this, and he said apple should abandon these changes and restore its users, faith in the security and integrity of their data on apple devices and services. [00:35:14] And this is from an article over an tech. So this is now where we're getting. Because what are they doing? How far are they going? Are they going to break the end encryption in something like I messages? I don't think they are going to break it there. They're not setting up necessarily an infrastructure for surveillance and censorship, but apple has been called on as has every other manufacturer of software. [00:35:44] I remember during the Clinton administration, this whole thing with eclipse. Where the federal government was going to require anyone that had any sort of security to use this chip that was developed by the federal government. And it turns out, of course, the NSA had an very big backdoor in it, and it was a real problem. [00:36:04] Look at the Jupiter. That was another encryption chip and it was being used by Saddam Hussein and his family in order to communicate. And it turns out yeah, there's a back door there too. This was a British project and chip that was being used. So with apple, having resisted pressure. To break into phones by the US government. [00:36:27] But some of these other governments worldwide that have been very nasty, who've been spying on their citizens who torture people who don't do what apple are not happy, what the government wants them to do have been trying to pressure Apple into revealing this. Now I have to say, I have been very disappointed in all of these major companies, including apple, when it comes to China, they're just drooling at the opportunity to be there. [00:36:56] Apple does sell stuff there. All of these companies do. Yeah, Google move their artificial intelligence lab to China, which just, I cannot believe they would do something like that. AI machine learning, those or technologies that are going to give the United States a real leg up technology wise to our competitors worldwide. [00:37:17] And they move to China, but they have complied with this great firewall of China thing where the Chinese people are being censored. They're being monitored. What's going to happen now because they've had pressure from these governments worldwide to install back doors in the encryption systems. [00:37:38] And apple said, no, we can't do that because that's going to undermine the security for all users, which is absolutely true. If there is a door with a lock, eventually that lock will get picked. And in this case, if there's a key, if there's a backdoor of some sort, the bad guys are going to fight. Now Apple has been praised by security experts for saying, Hey, listen, we don't want to undermine security for everybody, but this plan to do ploy, some software that uses the capabilities of your iPhone to scan. [00:38:15] Your pictures, your photos, things that videos that you're sharing with other people and sharing selected results with the authorities. Apple is really close to coming across that line to going across it. Apple is dangerously close to acting as a tool for government surveillance. And that's what John Hopkins university cryptography professor Matthew Greene said on. [00:38:46] This is really a key ingredient to adding surveillance, to encrypted messages. This is again, according to our professor over John Hopkins, green professor green, he's saying that would be a key in Greece and then adding surveillance, encrypted messaging, the ability to add scanning systems like this to end encrypted messaging systems has been a major ask by law enforcement, the world. [00:39:14] So they have it for detecting stuff about missing and exploited children. That's totally wonderful. And I'm fine with that. No problem. But that now means that Apple's platform has the ability to add other types of scanning. All right. We'll see what ends up happening these the next thing, which is warning children and their parents about sexually explicit photos is also a bit of a problem here. [00:39:46] Apples. Yeah on this is messages uses on-device machine learning to analyze image attachments, and determine if a photo is sexually explicit. The feature is designed so that Apple does not get access to the messages it's saying, if it detects it, they're going to blur the photo. The child will be warned, presented with helpful resources and reassured it is okay if they do not want to view them. [00:40:16] And the system will let parents get a message. If children do view a flagged photo and similar protections are available for child attempts to send sexually explicit photos. Interesting. Isn't it. Interesting world. So I think what they're doing now is, okay, they're really close to that line, going over. [00:40:38] It could mean the loss of lives in many countries that really totally abuse their citizens or subjects, depending on how they look at them. Hey, make sure you check me out online. Craig peterson.com. Hey, sorry about having to talk about this, but man, this isn't. [00:40:57] It's time for a little bit of good news. We now have satellite internet performance. That's pretty much on par with fixed broadband, and it isn't just in the us. We're going to talk about that right now. What are the options? [00:41:13] You might remember the whole Sputnik thing and what happened there really drove the space race forward very rapidly, but we're using much fancier satellites than Sputnik, which of course, all it was doing was sending out a beep. [00:41:30] It was alive. And I remember I went over to a friend's house. I have an advanced class amateur radio license, and I went over to a friend's house, and he had some satellite equipment. He was also a ham, and we were able to tune his satellite in his satellite dish into a couple of the satellites up there. [00:41:52] Now the amateur radio community has one or more satellites. I'm not sure. We were really impressed with all of the stuff that's up there in the sky. There are satellites, of course, that we don't even know what they're doing because they're top-secret government satellites. And they're probably a decade ahead of the rest of the industry. [00:42:15] But he was pulling down images from some of these satellites that were open-source of what's happening on the earth and just all kinds of things back before heavy encryption. It was very cool to think that these satellites were miles up in space. No, I'm looking@somestatisticsherefromspeedtest.net. [00:42:37] I don't know if you've ever tried it. You should try and go to speed. Test one word.net on your web browser. And it'll open up a little window. It's a company called Uber. And that window will allow you to start a test. And the first thing it does is it tries to find, okay, where are you located? And who has the closest reflector that we can use for speed testing? [00:43:02] Usually there's something not too far away from you. If you are out in the Netherlands and of course, many of you listening, kind of our Netherlands, when it comes to internet access, you have pretty slow internet and speed test dot nettle. I'll put there's three numbers, you, or maybe four, you really have to pay attention to. [00:43:25] You've got the download number and that's telling you how fast the data comes down to your browser from that particular spot, which is typically, as I said, close to you, although nowadays something that's far away on the internet, isn't going to be that much. So download matters and then probably what matters the most for most people. [00:43:48] The next thing to look at is upload most of the time. If you have a regular consumer internet link, your upload speed is about 10, maybe as much as 20% of your download speed. So if you're getting megabit down, It's going to be 10% of that megabit down, maybe as much as 20%. So you're going to get about a hundred K up versus the megabit down it again, it varies. [00:44:21] A lot of places will have 50 megabits down and 10 megabits up so it can vary. Now the up speed, the uplink speed is what's going to affect you when you are trying to upload a file. So maybe you're trying to upload something to work, or you are trying to stream a video cause you're trying to run a webinar. [00:44:45] That's what that is. The next number that you have to pay attention to is the round trip time. So that's the time it takes from a packet to get from your computer to the server that you're connected to. And then back again. Usually that's measured in milliseconds. And I remember the very first time I was using the ethernet, it was thick wire, ethernet, and 10 megabits. [00:45:16] And wow. I was just so fast and very expensive to use. And the delay pinging another machine. In other words, sending a packet from my machine to another machine on the network. And then having that packet returned to me was anywhere from if it was like lightning fast, 10 milliseconds, and more likely it was 30, 40, 50, even a hundred milliseconds on the same day. [00:45:44] Nowadays, if you're looking@yournumbersonspeedtest.net, you are probably seen speeds that just blow away what I was using back then because things have just gotten so much faster. You've probably seen a few milliseconds in speed round trip, speed time again, depending on how good your link is. And then the fourth one you have to pay attention to is. [00:46:11] And jitter is where you are seeing inconsistent speeds in those round trip times. And that's going to affect live stuff, particularly live audio, which we'll notice a lot to that. Hey, the audio is just terrible. It's dropping out at me. Maybe sounds digitized. Usually. Parts dropout gamers care a lot about the jitter because that's going to affect their game and how they play their game. [00:46:42] So I just ran it here on my studio computer. Now we have fiber optics. We have a business line that goes directly to Comcast backbone and I'm seeing. From where I am to a server that's about 90 miles away, I would say my ping time round trip is three milliseconds. It's just, I'm still blown away by that. [00:47:08] Cause I remember using dial up modems that were 110 bits per second, 110. And that was just absolutely amazing. And then 300, can you believers? 300 bod and it's changed a lot, right? So three milliseconds round trip time for me. And I'm trying to brag or make you feel bad. I'm just telling you what it can be. [00:47:30] My download speed is 720. Megabits per second. And that's because right now we're downloading a few different things and my upload speed is a gigabit per second. So you can see in a commercial link, typically your download and your upload speeds are the same. It is not, it is in 10% obviously is exactly the same. [00:47:54] So those are the numbers you should look at. I don't see on my results. The jitter, maybe there's not reporting that anymore, or maybe they only reported on bad lines. I'm not sure, but again, speed test.net. So they have released this guys@speedtest.net, some stats on the satellite companies, because our friends over at startling, that's Elon Musk's company think Tesla and SpaceX, they are showing. [00:48:28] Amazing download speeds. They're showing 97 megabits a second download. Now that doesn't of course, I really approach the gigabit that I'm seeing, but this is from a satellite. It's just amazing. And they're going to see if more now all fixed all speeds of everyone. One in the United States that has gone to speed test.net and ran speed tests. [00:48:56] All speeds averaged out in the United States come to 115 megabits. So Starlink is almost as fast as the average broadband connection in the United States. Now here's a little, here's where they really shine to upload speed of about 14 megabits a second. So that's not bad that still fits within our model that we talked about latency. [00:49:24] 45 milliseconds. Now compare that with what I had, which was what three milliseconds it's slow, but it's again, remember it's a satellite. So it's going from the earth station while it's actually going from your computer to their satellite dish at your location is going up to the satellite is coming back down to an earth station is picking up the signals from the satellite, and then it's going to the server. [00:49:53] So 45 milliseconds is pretty good. I want to put that in perspective, though. The two biggest competitors right now, satellite internet are Hughes net and ViaSat Hughes net. This is again, according to speed, test.net. Download speed is averaging a little less than 20 megabits a second. So it's 20% of the speed of startling. [00:50:20] Yeah, pretty bad. A and star links latency. Remember, and this matters a lot. If you're trying to do live video or you're trying to run your phone over it, latency is 724 milliseconds. So that's three quarters of a second. From the time a packet goes out until it comes back. So that will affect any sort of phone calls that you're making on HughesNet and then ViaSat none, much better download speed of 18 megabits a second, which is worse, but the upload is slightly better than HughesNet and their latency is slightly. [00:50:56] What I'm saying is Starlink is really starting to shine. And Elon Musk is saying they are going to be even better. They're going to be much better. Give them a little bit of time. The reason that Charlene has the faster latency. Much, much faster latency than our friends at HughesNet or ViaSat is that they have low earth orbit satellite. [00:51:23] So they are sitting up there. They do have some drag from our atmosphere, so they will come down. There's things in place to take care of all of that sort of stuff. But Starlink it's going to be available pretty much everywhere. The country. India is very excited about this because they've had real problems with the internet in some of the rural areas. [00:51:48] But Hey, if you are out in the middle of nowhere in the United States, there is hope check out, Starlink online, lots of great stuff. Hey, stick around. We will be right back. You're listening to Craig Peterson. [00:52:05] The hackers are still going after with ransomware, they're still doing just blanket attacks. They're still doing massive fishing, but they have glommed on to something that is being much more effective. That's what we're going to be talking about. [00:52:21] This is a huge problem. We have seen some very high profile ransomware lately. Think of what happened with colonial pipeline, the whole solar winds attack, and much more the bad guys are trying to figure out a way to more inexpensive. Ransom money from us to more inexpensively, get all of our confidential information. [00:52:48] I have a client that before he was my client, all of his data was stolen and they run right to the Chinese. I have another client who's operating account was completely emptied. And the problem in both of these cases, Was really the client not doing what they should be doing, but supply chain problems, supply chains, the software, you have the hardware you have that you're relying on it. [00:53:19] One of the major types of businesses that are being attacked right now are our managed security services, company, security researchers who are trying to do, with all the effort they can maybe keep ourselves safe. But they're not doing what they should be doing. You've heard me complain for many years about programmers. [00:53:43] I'm saying that in air quotes, people who have learned how to do Microsoft C sharp or visual basic, whatever it might be. At a very high level in share. Yeah, they can put stuff together. It reminds me of when the spreadsheets first started hitting the boardrooms, all of a sudden, business people, managers all the way on up through the board were saying I don't need the it department anymore. [00:54:09] In order to get these numbers, I can just gather them in myself and put together a spreadsheet. I'll be safe. Everything will be great. I'm going to get that information now instead of having to wait for it, to get some programmers involved and get it done. The problem in all of these cases is exactly this. [00:54:29] These are non-professionals that are trying to do the job. Those spreadsheets, many of them had bad data on them. They compiled into even worse data because there were in many cases. Problems with the spreadsheet. I remember when I was a professor at Pepperdine University and I was teaching management information systems out there in the west coast and beautiful campus, by the way, if you've never been there out at Pepperdine, right on the coast. [00:54:59] But when I was working with those students, who were, it was his MIS 4 22 last year undergraduate. I ended up emphasizing spreadsheet. Because I realized most of them didn't really know how to do it. Yeah. Okay. They could go ahead and put a little thing in there that says, add up all of these columns and this row and multiply by that and cut out. [00:55:25] I've got a number coming out, but is that number correct? It's like a county. And that's why accountants use double entries in the accounting systems to make sure everything zeroes out. Make sure everything is correct. And by having someone who's a manager using this spreadsheet, you might get some great information and might get it quickly. [00:55:46] It might be absolutely correct, but it's very possible that it won't be. And from my experience and programmers are the worst of the worst, because many of them started when they were kids, very bright kids who were working on stuff and hacking it things. That's where the term hacker comes from. [00:56:05] Hacker wasn't necessarily a bad thing. They certainly. Bad guys. They were just hacking it. The computer's trying to figure out how to program, and if something went wrong, they would hack at the code a little bit more to try and fix it and figure it out. Non-professional they were just hacking that stuff. [00:56:23] And that's what we called them hackers. And so it was a derogatory term for someone that didn't really know what they were doing, but they were hacking their programming or hacking it. Some other part of it. Versus having people who are actually trained and experienced Microsoft got sued because of how bad windows millennial edition was and windows Vista. [00:56:49] And they found that the majority of the code had been written by interns, by kids, right out of school without the experience. What does that mean? Why am I really bashing the younger generations? It has to do with the ability to foresee problems and the best way to be able to foresee a problem is to have seen it before, for instance, that you've gotta be careful when you're allocating right. [00:57:15] And that it's not necessarily going to be cleared properly, or if at all, and that the return points can be changed in programs. That's one of the things that hackers do most nowadays. So if you have software that's written by people that don't realize all of the implications of what they're doing, you could be in trouble. [00:57:38] I like to use the analogy of a car. Back in the day, many of us are turned a wrench and we tinkered with the older cars. We had a whole lot of fun with them trying to figure out how can I improve this? And we'll do this to the carb and we'll change this and look at this airflow problem, pretty basic stuff. [00:57:56] But today, what we're dealing with is a car that is a whole bunch of major components. We went to replace an air intake because of a bad sensor in a Ford Crown Vic. And it was one of the last model years. And back in the day, you could pretty easily fix that. You just buy the little sensor and put it in there. [00:58:20] And you're all set. We had to buy the whole component, which included the air intake, manifold all the way on back to the sensor and everything that was behind it. It was absolutely crazy and cost a lot of money. So think of someone who is trying to build a car today, we might equate this to you by a transmitter. [00:58:43] You buy an engine, hopefully they fit together. If all right, have you ever tried to match a transmission to an engine and it's not right. Do you have to get a converter or make a converter that goes in the middle, or do you have to drill it out in order to make it Mount properly? All of those sorts of problems. [00:59:00] And then you've got all of the other components in the vehicle as well that are mix and match. That's what programmers are doing nowadays. Nowadays, a programmer grabs this library that does something. So, for instance, Apple has a library you can use that identifies faces, but you don't know how it works. [00:59:22] You don't know that transmission, how it works. Is it really going to work for you? It wasn't smart to combine that 600 horsepower engine with a Vega Chevy Vega transmission. For those of you old enough to remember what that is. But it didn't stop you from doing that either. And that's what we're seeing. [00:59:42] That's what these supply chain attacks are all based on that. So much software is written by people that have not had the experience to think through the potential problems. And Microsoft is to blame for making it really easy for anyone to write a program, just like you could blame VisiCalc back in the day for making it really easy for anyone to make a spread. [01:00:07] But those spreadsheets weren't accurate. The software that we're getting from our suppliers, which include Microsoft. This latest, huge hack came right through Microsoft exchange. It was a zero day bug. The same types of problems that we've had with some of the other software that's out there. Think about how we got the solar winds attack. [01:00:31] Think about some of these other ones that we've had that are just absolutely massive. It can kill us and kill us in a very big, when we're talking of course, about all of our systems and software. Hey, I want to remind you guys, just spend a couple of minutes. If you would go online, Craig peterson.com. [01:00:51] You're going to get the sort of thing. Last weekend. I sent out a video that I chaired with some friends, and I shared it with anybody on my list. Last weekend, it was just part of the newsletter on VPNs, who you can tell. Who you can't trust and the best ways and times to use a VPN. All right. Stick around. [01:01:12] We'll be right back. You're listening to Craig Peterson online@craigpeterson.com. [01:01:20] So now, a little bit about what supply chain attacks are. We're going to get into that a little bit more now, what can you do about it? And this European union-funded study that came in the wake of these two major cyber attacks. [01:01:36] The European Union has now forecasted that there's going to be four times more software supply chain attacks in 2021 than there were in 2010. That, my friend, is a very big deal. These cybercriminals are now shifting to larger cross border targets. [01:01:59] This is just an amazing report. You can look at it. It's called threat landscape for supply chain attacks. And they looked at 24 supply chain incidents that have occurred between January 20, 20 and July, 2021. The basics here are a supply chain attack is where a software provider or some sort of a trusted provider is hacked. [01:02:25] Usually they're are hacked in a way that they don't realize they've been hacked and then they pass off. The hacked software to you. I can remember a Microsoft product back when they used to ship them on DVDs or CDs. And we got that thing. One of the first steps was always to scan it for viruses, and we did. [01:02:48] And sure enough, Microsoft was shipping out software with a virus on it all. The same sorts of things have been happening with thumb drives some of these ones, particularly cheap ones that you buy online often have built right into them. Malware. Now with some of the reason for the malware is legitimately purposeful. [01:03:12] Okay. What they're trying to do is get you to have their little ransomware work for them so they can make some money off of you. In other cases, you have a thumb drive that a friend gave to you, and you're now using a little thumb drive and guests. Yeah, you are a little thumb drive has some nastiness on it. [01:03:32] Same, thing's true with Microsoft word documents that might have macro viruses, if you will, that are built into them. These little Trojans do the same thing with the Excel spreadsheets and on. But what they're finding right now is that these hackers are trying to get to the companies that provide services for the bigger companies. [01:03:55] And that's where it can hurt you and hurt you in a big way. I was just talking about how many programmers just aren't terribly professional. And some of that has to do with their lack of experience and those programmers might be using a library. So, for instance, get hub, which I use, and it's very common to be used out there online. [01:04:18] It has all kinds of source code called open-source code. So you can use it. You can model. That some of that software has been infected. And then there are people who are using languages that are nice and simple, like Python and others. And you write in this scripting language and pull in libraries that come from public sources that do things for you. [01:04:41] So they might do something like display something on this screen. They might go out and grab something from a URL online or connect to a database. And what the bad guys have found out is we're not, double-checking all of the sources of all of this software, and that is causing some huge security holes. [01:05:04] And what ends up happening is companies like solar wind are using some of this soft. And they then might be including it in the software they're providing you now, in the case of solar winds, it's a little bit different, but it's the same concept. Solar wind software was being used by a large number of companies in the U S. [01:05:29] Agencies were using solar wind software. And so we're regular old, small businesses because what happens is you hire a managed services provider and they don't have time to look at all of your computers all of the time. So they have software that they're using called a Ryan in this particular case. And I'll Ryan is installed on all of your computers. [01:05:55] So probably unbeknownst to you there's software on your computers. That is not being written by that managed services provider. But in this case was being written and provided by solar winds. Solar winds got hacked and the hackers put into solar wind software. Code that would eventually end up on your computer and your computer getting hacked. [01:06:18] So you just see how complicated this gets, right? You guys are the best and brightest, but you've probably got your eyes spinning a little bit here because we're talking about multiple layers of like again, direction, right? So these attacks, which mode, it looks like it began maybe in March 20, 20. [01:06:38] We're only detected in December last year, and they have been linked to this Russian organization called cozy bear, but we'll see what happens. We've got the more recent ones, which is the reveal. Ransomware got gang, this R E V I L reveal. And they exploited vulnerability. In Casias VSA, which again is another management platform that's used by many of these companies out there that are providing managed services. [01:07:09] Now I've got to say by means of full exposure here. We had to use both of these pieces of software before. And when we looked into them, we found that they. Insecure. In fact, it sounds like some of these companies had been warned by their own employees, that the entire architecture of their software was insecure. [01:07:33] Okay. So we ditched them all. We're using Cisco's software, they're advanced malware protection. The real high-end firewalls with special software, the backend that's running. So we're not getting into all of these crazy acronyms and names right now. So just so you know, that's what we use. That's what we use for our customers. [01:07:56] I even have that at my house. Okay. So a little bit more expensive, but it's a lot cheaper than having to hire a whole bunch of it. People to keep track of everything else now, because say. I had gotten, I had this ransomware that was distributed to Casa, his client. And potentially to kiss his clients, and this reveal gang demanded a $70 million ransomware payment say is denied that it paid it. [01:08:28] They may or may not have paid it. You might remember in the Trump years, they said, absolutely. Don't pay ransoms, or we may come after you because that is illegal to pay a ransom by. Because you are supporting a terrorist organization. So you gotta be careful with stuff like that. Don't pay ransoms, right? [01:08:48] Because it also tells them that you are a company that pays ransoms. So guess who they're going to come after again, you, because they know you'll pay. So a lot of incidents, I'm looking at a timeline of the attacks that were studied in this report coming out of the European. Yeah. And it is amazing here. [01:09:06] The unit max beans. That's one of those libraries. I was talking about the able desktop as Sydney. Was Vera excelling on VC or excuse me, VG, solar winds, big knocks, Mon pass Ukraine, SEI, click studios cast private stock investment manager goes on Fujitsu ledger. So this is a huge problem. And this is the sad part. [01:09:34] European union's predicting. It'll go up four fold this year. So what do you do? You have to audit your vendors. And that usually means you have to have an agreement plays. They accept the responsibility if you are hacked. So keep it up. Yeah. Let me know if you'd like more help with that. You can always email me M e@craigpeterson.com. [01:09:59] I think I got a couple of those contracts kicking around these vendor contracts. If you'd, I'll send one to, but you have to reach out to me. M E. At Craig peterson.com. All right, stick around. We've got one more segment today, and I want to make sure you spend a couple of minutes online. Craig peterson.com. [01:10:20] And go ahead and sign up. Sign up for my weekly newsletter. [01:10:28] We're going to do a little bit of wrap up right now, including talking about I message some of the changes that have come in Apple's messenger application, that many people are saying it shocking, and you should stop using it right now. [01:10:44] This is an article in Forbes by Zach Dorfman, where he's talking about why you should stop using iMessage after what he's calling the shock iPhone app. [01:10:58] Has had a number of major problems here recently that have been in the news. Of course they have about half of the smartphones in the country, right there. But things have become a little worse for apple here recently. And what we're worried about is, for instance, this whole Pegasus that we talked about a couple of weeks ago, where it is, what's called a zero-click piece of metal. [01:11:25] Where they can send you a text message, even if they're not a friend of yours and take over your phone. And we've seen things like that before. In fact, I think it was in Saudi Arabia, where was it? The crown prince received a video from somebody. He played it, and it exploited some vulnerabilities in the video player and allowed them to have full access to his phone. [01:11:49] And don't remember all of the details, but that part, I do remember. So the big question is, have all of these major security issues being fixed by apple is I messaged say for not, apple is saying it is encrypted end to end. They don't keep messages. There's some question about that because of a major incident back in 2018, where Apple was going to make sure it encrypted all of your backups and then. [01:12:18] FBI apparently spoke to apple and got them to change their opinion on the whole thing, which is another interesting problem. Isn't it. So what do you do, what do you do with that? And what do you do? Very good question. Earlier this year we had WhatsApp make a major change. They had course also said we've got end to end encryption with WhatsApp or wonderful. [01:12:41] And then people really questioned it because it was now owned by our friends over at Facebook. Is there privacy thereon WhatsApp? Is it legitimate? Is it just a bad PR move? What's going on WhatsApp, by the way, with 2 billion users worldwide and WhatsApp Facebook said, Hey, listen, we're gonna start giving you ads. [01:13:05] And basically people were worried about them examining the content of their messages in order to give them targeted ads, et cetera. So now apples just confirmed what Forbes is calling the most shocking and controversial update in the platforms. History. And here's what's going on. Pegasus, of course, as I mentioned, this click attack, Apple's got his new update now, right? [01:13:32] That is using machine learning. In order to see if a minor child might be sending a picture pornographic or otherwise they should not be sending or receiving. And we also have built into it. Now, this child sexual abuse. Check some set of people. That looks on your devices to see, do you have any photos that match, just check some part of the problem with this isn't that I'm not worried about these children that are being exploited. [01:14:06] Cause I am, I'm absolutely against that. But the bigger question here is, okay, so what's next is apple going to capitulate to the government and let them know if you have a certain picture of something rather the government doesn't like, where is this going to end? So in other words, Apple's phones being a lockbox. [01:14:30] The Apple iPad is being a lockbox is really. No longer going to be true. It is no longer going to be that encrypted lockbox that has been promised to us the electronic frontier foundation. As a little comment here, they say Apple's compromise on end to end encryption may appease government agencies in the U S and abroad, but it is a shocking about phase four users who have relied on the company's leadership in privacy. [01:15:00] And security, which is absolutely true. Now there's not much controversy, frankly, about limiting the spread of child sexual abuse material, but where we go on from there, that's where it starts getting a little more questioning here. Here's a, this is a Jake Moore over at east set. You said the initial. [01:15:21] Potential concern is that this new technology could drive CSM further underground. See Sam being this child abuse material, but at least it is likely to catch those at the early stages of their offending. The secondary concern, however, is that it highlights the power in which apple holds with the ability to read what is on devices and match any images to those known on a database. [01:15:47] This intrusion is grown with intensity and often packaged in a way that is for the greater good, right? Isn't that always the case. So we're doing it for the children. I talked about this extensively earlier. You can find it in my podcast, go to Craig peterson.com/podcast. Right now you can listen to it there. [01:16:08] Take a look in your emails from the newsletter. Pretty good about trying to send those out the last few weeks. I haven't been that great because of issues here, family issues and others. So it's been a little tough. So I apologize for that, but we all want to see technology develop. That's going to help tackle abuse. [01:16:27] It's going to stop the real bad guys that are out there. But what happens when China says we want access to this? We want to know when there's any pictures of a weaker symbol, for instance, or something else. What's Apple going to do they get, they can no longer say, oh, that's not taught. We don't have that technology. [01:16:45] There's nothing we can do. Just like Apple has done with the iPhones in the past, saying we don't have a back door. There is no backdoor key. We can't crack into that. That doesn't stand up when they say, okay, China comes to them or Iran or Saudi Arabia, or you name the country and says, Hey, we don't want people to see these particular messages. [01:17:08] Absolutely amazing. So timing on this dreadful. Okay. Part of iOS 15, apparently Pegasus raised two serious concerns that Apple's ecosystem, including I message has sti


    Are You One of More Than 700,000 On U.S. "Watch-Lists"?

    Play Episode Listen Later Aug 5, 2021 11:44

    Are You One of More Than 700,000 On U.S. "Watch-Lists"? Craig Peterson: You've heard about the no-fly list, right? Yeah. How about the terrorist and other watch lists? It's impossible to get your name off, even when there was no reason to be there in the first place? Well, I got some news. The Department of Homeland security has been criticized for many things over the years. One of the things that they have been criticized quite a bit about is this watch list that they maintain. They have a watch list for no-fly. People get put on that watch list. It was initially intended to be, we know this guy's a terrorist, so we're going to put them on, right. [00:00:45] It's not always the way it goes. It starts out almost innocuous, and before you know it, there are all kinds of people getting caught in this big, big net. [00:00:55] That's what's been happening lately. But, unfortunately, it's going to worsen because the Department of Homeland security has decided to hire regular old companies to help develop this no-fly list and this terrorist watch list. [00:01:14]Apparently, these companies will be looking through all kinds of public data, maybe some private data, social media to provide information for this new domestic terror watch list. [00:01:28] So you look at that and say, okay, I can see that. [00:01:32] We've talked before the problem, man, 20 years ago. I think I was talking about these data aggregators and the issues they create. They're taking public records; they're putting them all together. They're figuring out how it all meshes together, and they come up with a pretty accurate picture of who you are. [00:01:53] Now, I've got to say when I've had them on my show here before, I was talking to them and said, okay, I want to look up my own records. So I looked them up on their platforms. I did not see a single one that was more than about 30% correct about me.  This was again, some years ago. I think it's probably been almost a decade since I last spoke with the data aggregators. They really are trying to blend into the background, [00:02:21] Nowadays, this data that's put together by these artificial intelligence systems is not necessarily that accurate, and that gets to be a real problem. [00:02:33] So who is DHS gonna hire? Well, from the description reported here by the Conservative Tree House, it is going to be big tech, specifically, Google, Facebook, YouTube, Instagram, Snapchat, Twitter, and more. [00:02:54] The DHS will put them under contracts to hire and organize internal monitoring teams to assist the government by sending information on citizens they deem dangerous. Again, what could go wrong? [00:03:10] Our government is not allowed to spy on us. How many times have we talked about this? You have, of course, the five eyes, and then they added more and more. These are governments that spy on each other's citizens for each other. [00:03:26] So, for instance, the US cannot spy on US citizens. So we have an arrangement with the United Kingdom, New Zealand, Australia, Canada to spy on the US citizens for us that makes sense to you. [00:03:44] Can you believe that? [00:03:46]We spy on their citizens for them, and they spy on our citizens for us. All is good. [00:03:57]What's happening here is The Department of Homeland security realizes it cannot spy on us directly. This is what they've been doing for a very long time, they go to the data aggregators, and they pull up the data that they want. [00:04:12]They want to see if this guy is maybe selling illicit drugs, and they pull up public records. [00:04:19]What cars does he have? How many homes do they own? Who's he dating? Has she all of a sudden been buying diamonds and mink coats? What's going on here? [00:04:31]Now we're seeing that the US intelligence apparatus. It's really going live quickly to put together lists of Americans who could be potential threats to the government and need to be watched. [00:04:49] Now it's all well and good. It's just like president Biden this week saying, Oh, we're going to have these red flag laws. We're going to stop the sale of certain types of firearms and things. It all sounds good. [00:05:04] The reality is we have known about some of these people before, right? So this is all just a red herring that the federal government is doing right now because the real problem is these terrorists, the domestic and otherwise that have shot up schools, have almost always been reported to law enforcement as dangerous people. Some have even been on lists that say they cannot buy firearms, yet they get guns. Bad guys. [00:05:39] It's like here in the US. Where does our fentanyl come from? We're not making a domestically. Our fentanyl is coming from China often through Mexico. It is killing people here in the US. [00:05:54]The whole George Floyd incident, and what's happening with fentanyl in his system, right. The question is, did the police operate properly? What killed him? According to the coroner's report? It was the fentanyl that killed him. [00:06:09]One way or the other that fentanyl got here from China and is being used on the streets, and people are dying from it. Fentanyl's illegal. How could they possibly get it? [00:06:24] It's illegal for a felon to be in possession of a firearm. So how did a criminal get the gun? [00:06:32] The police were warned about people in San Bernardino, California. They were warned. The people in that business told the police. We were calling. We're apprehensive about this guy, and nothing happened. [00:06:48] So now what are we going to do? We're going to cast an even wider net. We cannot take care of the reports that come in right now. We're going to get even more reports, and they're going to be coming from these AI systems. Again, what could possibly go wrong here? It's absolutely incredible. [00:07:12]They look at these reports. They try and determine these are actionable, the FBI or other law enforcement agencies. They've been deciding no, it's not actionable. They've been right sometimes, and they've been wrong other times. This is a real problem. [00:07:29]What shocked me is NBC news with Andrea Mitchell, NBC news. Not a centrist news organization, very far left. NBC News is even reporting on this. They realize the consequences. Here's a quote from NBC. "DHS planning to expand relationships with companies that scour public data for intelligent and to better harness the vast trove of data it already collects on Americans." "The department is also contemplating changes to its terrorist. Watch listing process." Absolutely amazing. [00:08:16] Two senior Biden administrative administration officials told NBC News that Homeland security whose intelligence division did not publish a warning of potential violence before the January sixth Capitol riots are seeking to improve its ability to collect and analyze data about domestic terrorism, including the sorts of public social media posts that threatened a potential attack on the Capitol." [00:08:44] "DHS is expanding its relationships with other companies that scour public data for intelligence. One of the senior officials said, and also to better harness the vast trove of data it already collects on Americans, including travel and commercial data through customs and border protection, immigration, customs enforcement, the coast guard, secret service, and other DHS components". There you go from NBC news. [00:09:11] So remind yourself what the FBI contractors with access to the NSA database already did in their quest for political opposition, research, and surveillance, and then get everything we were just talking about. [00:09:28]The director of national intelligence declassified a FISA judge's ruling. This is judge James Boasberg, 2018 ruling, where the FBI conducted tens of thousands of unauthorized NSA database queries. Do you remember that story? Very, very big deal. This judge is obviously passing these things out like candy and the FBI misusing its power and authority. Again, what could possibly go wrong? [00:10:00]By the way, President Obama apparently has been telling us that we should use the no-fly list to keep people from owning guns. [00:10:08]There's already a database maintained by the FBI. So this whole thing is, as I said, a red herring. Things are going to get really bad if law enforcement does this. Frankly, they're going to do it. There are no two ways about it. [00:10:25]We have to be more careful about keeping our information, our data private. [00:10:32] That's what my whole course: "Improving Your Windows Privacy and Security," is all about. Locking it down because the way Microsoft ships windows and how it installs and configures itself by default does not keep your data private. That's a problem. So that's what we're going through. [00:10:54]Remind yourself of this and just keep chanting, "nothing bad could happen here," right? Ah, the joys of all of these computers and databases and the way they work nowadays. [00:11:07] By the way, if your information is out there at all, even if you use fake names and numbers and addresses and things like I do when it's not required. Right. [00:11:20] I don't lie to the bank. I don't lie to the IRS. Nobody else needs to know the truth. Even if you have been, trying to keep it private. Good chance that they know who you are and where you are. Crazy. Crazy. [00:11:36] Hey, visit me online. Craig peterson.com. Make sure you subscribe to my weekly newsletter.

    Have Your Healthcare Records Have Been Stolen?

    Play Episode Listen Later Aug 5, 2021 8:32

    Have Your Healthcare Records Have Been Stolen? What can you do about it? Craig Peterson: We're talking about ransomware and what's the Conti gang and others doing nowadays. Hello everybody. Craig Peterson here. Thanks for joining us today. I appreciate you spending a little bit of time, and I enjoy helping bring you guys up to speed on what is happening. There's just so much of it. You wouldn't believe what I have to filter out. [00:00:23] The Conti gang has been very successful. Still, their money started to dry up recently when people figured out if they had a decent backup, they could just go ahead and ignore the ransom demand. So instead of paying that ransom, just go ahead and restore from backup. So they had to do something different. [00:00:47]What the Conti gang did, as well as pretty much everybody else in the ransomware business, is okay; what we're going to do now is we're going to find all of the other machines we can find on the network. Then we're even going to have real people get onto these computers remotely that they've compromised and had a poke about. See if there is patient healthcare information? Are the bank account numbers on this machine? Are there plans on what to do? Where to go? What's the business going to do next week? [00:01:25] But mainly stuff they can sell right away. If you take credit cards, you know that the payment card industry is all over you if credit card numbers are stolen. Those are nowhere near as valuable as patient health record information. As I mentioned a little bit earlier, we're talking about 2000% more than 20 times more value to your healthcare records. [00:01:55]Now what happens is Conti gang says, "Oh, looky. We've got patient information here. It has names, addresses, social security numbers. It has birth dates. It has diagnostic information," and then they upload it. [00:02:11]We had something like this happened with one of our clients. It wasn't a ransomware attack; ultimately, it may have been. They came in through an unsecured VPN and that they would not let us shut down. [00:02:25]We told them to shut it down, and they didn't. In come the bad guys, they actually were coming up via Mexico in this case. Although I doubt they were located in Mexico.  They took that VPN connection; they used it to get on to the computer and found something interesting. So they started to exfiltrate the data. In other words, Take that data and send it out. [00:02:52] That's precisely what the Conti gang and others are doing now. [00:02:55]We noticed, wait a minute, this is all automatic. Why is data going out from this host at that speed to this address at this time of day? It wasn't a typical pattern. So our hardware-software that's sitting there in their network automatically shut it down hard. [00:03:19]They were able to exfiltrate just a tad bit of data, and then it was stopped instantly. [00:03:26] The Conti gang gets your data, and then they try and say pay up from an extortion standpoint. Instead of just holding your data ransom, they're extorting you. Saying, if you do not pay us, we will release this data. [00:03:45]The Conti ransomware gang has its own website out there. It's called a leak site. There are many of them out there. [00:03:53]I'm not going to give you the URL; it's right there. There's their logo. Conti gang has a logo, and it says Conti news. It's talking about how you can make your payments to them and what data was released and that this person paid up, but it was too late. We don't have the data anymore, which means it was released and too bad. So sad. [00:04:18] I wouldn't want to be you. [00:04:19] Here's another ransomware gang, the Avedon ransomware gang. So again, they had stolen personal information. They had health information, and they had the ransom side and the extortion side built into it. This was about an attack on the Capitol medical center in Olympia, Washington. [00:04:42]They have leaked some of it they're threatening to reveal even more. If Washington Olympia capital medical center doesn't pay up. [00:04:52] First of all, ransomware results in data exfiltration 70% of the time now. In other words, 70% of the time, your data is stolen before the file encryption.  Pretty bad. Pretty bad. [00:05:08]Things can get particularly harmful because these ransomware attacks are a growing concern. They're disrupting patient care and healthcare, right? [00:05:17] Disabling critical systems because they have been even holding ransom some of the diagnostic equipment. [00:05:25] MRI machines that were connected to the network were running Windows. So who would use Windows in the machine that's healthcare critical? [00:05:36] Obviously interrupt revenue flow, and they had to now go get involved with real expensive remedies. So it really puts him in a horrible spot, very bad. [00:05:47]We've had almost double the number of healthcare institutions attacked this year versus last year. [00:05:53] I'm not going to go through all of these things here. I explained the difference between some of these real sites and fake sites and how you can get access to it. [00:06:04]By the way, if you're interested, I did record this. I'd be glad to send it out to just let me know; just email me@craigpeterson.com, and I can send you some of this healthcare stuff, the slide deck, or whatever you might like. [00:06:16]Phishing campaigns, way up. You probably heard about that. I gave some examples of that emailing patient information without encrypting it. [00:06:25] Wireless infusion pumps that are, of course, compromised because they're running an operating system that hasn't been patched. Usually Windows. Think of that there are Windows in that infusion pump, but it could be a version of Linux. It's not fixed. It's crazy. Vital sign equipment. Oh my gosh. [00:06:46]We're also seeing that this patient health information being stolen now is being used to create fake insurance claims. [00:06:55]I was talking about how much this is worth, and it's worth a lot while this is one of the reasons it's worth a lot, your personal, private patient health information. [00:07:08] If you have a diagnosis and that diagnosis has been stolen, and then they can file a health insurance claim. Yeah. You see where I'm going with your information, as though you received some treatment or some care for the diagnosis in your healthcare records. It's just that simple. [00:07:33] Average cost of a data breach right now, by the way, if you are a regular business, it's $158 per record for non-healthcare, and it's $408 per record. [00:07:47] If you are in healthcare at all. That's a doctor's office. That's not just hospitals; it's anybody. And by the way, mobile breaches are massive 43% of healthcare organizations who reported a mobile breach said the mobile breach caused long lasting repercussions. [00:08:09] Now, think about this. If you're a patient. How well are your records protected? I can tell you based on what I've seen and talked with healthcare people, seeing statistics. They're not protected very well at all. [00:08:25]People will start going to jail over this. People in the healthcare industry, that is.

    Have Your Healthcare Records Have Been Stolen, too?

    Play Episode Listen Later Aug 5, 2021 7:54

    Have Your Healthcare Records Have Been Stolen, too? Craig Peterson: We all have healthcare records, and they have some of our most personal information. That's what we're talking about today in follow-up to a webinar I did for the healthcare industry. So we're going to chat right now a little bit more about your privacy. Craig Peterson here.   The actual hard stats on our healthcare records, a lot of them have been stolen. It's just crazy to think about because, in reality, we have had millions of records stolen, 300 million healthcare records stolen to be exact since 2015; that is pretty bad. [00:00:38] I'm looking at a chart right now that I showed to this healthcare industry group that is showing that the hacking event has almost doubled over the last three years, year to year, every year. So in 2018, 164 powerful hacks 2019, 312. That's a good double. 2020, 430, which isn't quite a double. So we are seeing a lot of data being stolen. But, of course, stolen data means misused data, which is a huge problem. [00:01:14] Now, in the healthcare industry, they've got a different problem. That is these HIPAA rules. Now HIPAA has been in place for quite a while. It's supposed to have been provided Portability of our records. Does anybody have any real luck with that? I know there are some I haven't. [00:01:30] Portability, I don't even know where my health records have ended up. Frankly, cause my doctor ended up closing up shop, and I just have no idea. But it's supposed to be Portability and privacy. Well, the most common violations of these HIPAA regulations revolve around professional hackers. [00:01:50] Then you've got business associate disclosure. Remember I mentioned that. The cloud is not an excuse for not protecting your data. You cannot hand that off to a third party. There are many more that I go into in the presentation. [00:02:05]Then here's the next thing I wanted to talk with you guys about that is the amount of ransomware out there. I'm going to have a little bit of a ransomware offering. [00:02:15]If you're not a subscriber right now, go to craig peterson.com/subscribe. You'll actually see it on the site @craigpeterson.com. If you scroll around, do a few things on the site, it should pop up automatically for you. [00:02:31]Now we're just talking about healthcare, and of course, this is every business and every person out there. [00:02:37] I talked about this Conti gang. I don't know if you've heard of them. C ON T I. [00:02:42] Now, remember what I've said before about ransomware. It used to be that you'd get ransomware. Your computer would now have its data encrypted. Then it would pop up this big red screen up that said you've got ransomware to get to all of your data back because what the ransomware did was encrypt it. You need to go to this website. You need to pay this amount of Bitcoin to this Bitcoin wallet, and off it goes, right? That's the idea. [00:03:13]According to the FBI, you'll get all your data back half the time. That's even if you pay the ransom. Now, too, the state department and the FBI might come after you if you pay a ransom -- because now you are supporting terrorist organizations, not just criminal enterprises. Huge deal. [00:03:34] Now, the other side of ransomware, and this is what just hit with a few different medical providers here. I talked about the Rehobeth McKinney Christian health center services, New Mexico because now it's much more advanced instead of just getting on your computer, encrypting your files, demanding a ransom to get the decryption key. They even pre-install the decryptor for you. Isn't that handy?  What they are doing is they get onto a computer, and then they start East-West spreading. Now we've seen that for years. [00:04:08] I remember one of our clients, a car dealer, and this was five-seven years ago. They got some ransomware. Somebody clicked on something that they shouldn't have, and suddenly their machine gets ransomware. The device, of course, is hooked up to the network. It is, in fact, mounting drives from their file server. So his machine has access to all of these files. This guy was a manager over there at this car dealership. So he had access to all of the files. [00:04:47] Think about that for a minute. What his machine did back then is it said, Oh great, here are some network drives. So it started encrypting the S drive and the H drive, and the K drive. All of these different letters for these SMB mounted drives from the file server. [00:05:03]We were in there beforehand, and we installed our security stuff. [00:05:08]When his machine got this brand new strain of ransomware, and of course, he didn't want us looking at what was on his device. So we couldn't install all of the antivirus software because then we would have access to it. [00:05:22]We've got another client that's like that too, where the owner of the business doesn't want us installing software to really keep his machine clean. [00:05:29] I don't know why people do that. Are they just trying to play their cards close to the chest? Is that what they're trying to do? Are they looking at something they shouldn't be looking at at work? [00:05:43] Why do people do that? If you've got hints, let me know. Cause I would love to know me@craigpeterson.com. Why do people do that? [00:05:52]Anyhow, his machine got the ransomware. It tried to start spreading to the file server. Now, we had special hardware and software installed. So we saw that spread start. We immediately shut down. It was all automatic. It was just shut down because our systems shut down his network port. [00:06:13] His computer had the ransomware. We were able to just go ahead and restore from backup. The bad guys know that if all they're doing is encrypting your data, then who cares? You restore from backup. [00:06:29] Now, hopefully, you're following a three-two-one backup scheme. Most places don't. [00:06:36] Hopefully, you're testing it as well. We try every backup that we make for our customers every day. About once a week, we will spin up the servers in a virtual environment and make sure that it can boot to know we have a good backup.  I got to tell you guys that the backups are not working most of the time, and it gets to be a real problem. [00:06:57]What these guys have figured, including this Conti gang, is we're not going to be able to get as much money out of them by just encrypting their discs. We need to do something else. So while they're trying to spread East-West inside, what they're doing is okay, so they got a hold of this manager's computer. They start scanning for other computers and scanning for vulnerabilities scanning for ways it can gain access. [00:07:26] Unfortunately, the statistics show us that most of us have file shares turned on our windows machines. [00:07:34] That's one of the things I talk about in my Improving Windows Security course, what to do, how to do, how to turn that off because that is the second target of ransomware. Once it gets onto your machine. [00:07:49] You've got to turn off those file-sharing services.

    Are You Getting Dragged Into Dealing With Cybersecurity?

    Play Episode Listen Later Aug 5, 2021 10:06

    Are You Getting Dragged Into Dealing With Cybersecurity? Craig Peterson: You probably know I've been doing cybersecurity now for 30 years in the online world. Yeah, that long. I'm afraid I have some confessions to make about our relationships here, cybersecurity people, and employees. I got pulled into this whole business of cybersecurity quite literally, kicking and screaming. I had already been involved in the development of the internet and internet protocols for a decade before. In fact, one of the contracts that I had was with a major manufacturer of computer systems. [00:00:39]What I did there was design for Unix systems a way to check for malware and manage them remotely. Yes, indeed, I made one of the first RMM systems, as we call them nowadays. We also tied that RMM system, of course, into Windows and a few other operating systems. Unix was where I was working at the time. [00:01:05] I am what they called an OG in the industry. My gosh, my first job with computer networks was back in 75. Believe it or not, a long time ago. Back then, of course, it was mainframe to mainframe basically and some of the basic protocols, the RJE, and stuff. I know I've got many older people who are listening saying, yeah, I remember that. It brings back memories. [00:01:32] In fact, I got a note just this week from a listener who was saying his first computer was a Sinclair. Do you remember those things? Oh my gosh. It brought back so many memories for us older guys. But it was just such a great little device with the keys and much different than I'd ever seen before. The XZ81. I just looked it up online so I can remember what the model number was. Timex made that. Suppose you can believe that too. It's just. Wow. It had a Z 80 CPU, which of course, was like an 8080, which was Intel's big chip at the time, running at 3.25 megahertz. Yes, indeed. Very cool. I love that computer anyways. I digress. [00:02:22]The whole industry at the time was non-existent, yeah. You had antivirus software. We started seeing that in the eighties. We had some terrible operating systems that many people were running like Windows, just absolutely horrific. [00:02:40] Remember windows three-point 11 and XP and millennial edition just some of the most terrible software ever. That's what happens when you have interns? A lot of the code came out in one of the lawsuits for one of these versions of Windows. [00:02:55]It was a different world, and I had to figure out what was going on because I had some servers that were Unix servers. This was the early nineties, and I hosted email for companies and websites and filtered things with some precursor to SpamAssassin. It was really something. I had some DECservers, Digital Equipment Corporation. Remember those guys, and suddenly, customers started calling me because the email wasn't working. It turned out it was working, but it was extremely slow, and I had to figure out why. [00:03:37]I telneted to my server. I got on, started poking around the servers. [00:03:43] I had a computer room and the first floor of the building I owned, and I was on the second floor. So off we go looking around, trying to figure out what is going on. It was me, actually. I said we, but it was really me. Cause I knew the most about this stuff. [00:03:59] These processes just continued to fork, and I was trying to figure out why it is creating all these new processes. What's going on? What has happened here? Back then, The internet was a much different place. We trusted everybody. We had fun online. We would spam people who broke our almost unwritten internet rules about being kind to other people. What spam was, where the whole term comes from is you would send the script from Monty Python spam and eggs, spam and ham spam, spam, spam routine. [00:04:37]You send it to somebody that was breaking these unwritten rules, like trying to sell something on the internet. Absolutely verboten. What a change to today. [00:04:48]I saw some of this stuff going on. I was trying to figure out what it was, but we trusted everybody. So my mail server, which was Sendmail, at the time. We still maintain some instances of Sendmail for customers that need that. [00:05:04] Nowadays. It's usually more something like postfix in the backend. You might have Zimbra or something out front, but postfix in the backend. We allowed anybody on the internet to get on to our mail server and fix some configuration problems. They didn't have full access to everything. Firewalls weren't, then, what they are today. [00:05:29] In fact, one of our engineers just had to run out to a client who did something we told them not to do. They were using the SonicWall firewall on their network, as well as they had our stuff. So we had an excellent Cisco firepower firewall sitting there. So then they have this SonicWall so that they're people, remotely could connect to the SonicWall firewall because it's good enough. SonicWall says it's compliant. So the SonicWall firewall was being used to scan the network and load stuff. Does that sound familiar? Much to our chagrin. [00:06:08] So he had to run out and take care of that today. It sounds like we might have to do a rip and replace over there restore from backups. You have no idea what these bad guys might've done. We've seen Chinese into these networks before, Chinese malware. It's not been very good. [00:06:23]Boy, am I wandering all over the place? [00:06:24]Back to this, we would allow people to get onto our network to fix things. If something was wrong, if we were misconfigured, they could help us and get on and do it because the Sendmail configuration was not for the faint-hearted. [00:06:42]In the days before Google, right? Eventually, we had Archie and Veronica, and Jughead. They did basic searches across FTP servers. That's my kicking and screaming story. [00:06:56]I was trying to run a business where we hosted email for companies, which we still do to this day, and where we had some, back then we didn't have websites. The web didn't come in into play until a couple of years later, but we did host FTP sites for businesses so that they could share files back and forth. [00:07:22]That's what I wanted to do. That was my business. [00:07:26] Later on, I ended up helping 80% of my clients find the other web hosts after these $8 Gator hosting things. We just got a call on that this week. Somebody who'd been a client of ours 20 years ago went with a guy that charges $5 a month for web hosting. They have personally identifiable information on that site if you can believe it. He was complaining because it wasn't working. He was getting a C-panel error anytime he went to the site. We said, Hey, listen, this problem is the guy that you're hosting from. We did a little research, and we checked the IP address and how many sites we're at that IP address. This guy that was charging them $5 a month had 150 different websites at that one IP address. Now that's not bad. He hosted all of these 150 at a site that charges the eight to $10 a month for Webhosting.   [00:08:29] He had all of these sites on top of a server that already split up hundreds of ways. It's just amazing what people do. [00:08:38]Man alive.  We got rid of 80% of those customers, the ones that wanted cheap, that's fine, get greedy, and see what happens to you. But, some of them still maintain a good relationship with us, so we help them out from time to time, right? [00:08:52] What am I going to do? So somebody calls me, I gotta help them. That's precisely what we do now with this malware problem. [00:09:01] What's going on here? We talked already about the Great Suspender and how Google has said, Hey, this now has malware in it, so we're removing it from your web browsers. That, to me, makes a ton of sense. Why not do that? [00:09:18]This is another example of what happened with SolarWinds. This is an example of a supply chain infection. What happened with that? Somebody bought Great Suspender from the developer and then added this basic malware to the Great Suspender. Just it's a terrible thing. Very surprising, but one of the most significant exploits used by the bad guys right now is the security team's poor relationship with other employees within the organization. [00:09:56]What's going on, and it goes back to this customer that we just had to run out to. [00:10:01] Why did they do what we told them not to do?

    App Tracking Traps a Catholic Priest. How It Can Affect You, Too

    Play Episode Listen Later Jul 28, 2021 10:32

    App Tracking Traps a Catholic Priest. How It Can Affect You, Too Craig Peterson: I've got two hot topics for you this morning. One about this Catholic priest that ended up resigning and how that happened to tie into this Grindr account. And how it affects you because this type of technology used to convict him in the court of public opinion is something that. It could also easily be used against you. [00:00:25] And, by the way, it probably is. Now the next thing is this chip shortage. I've got a quote here from the Intel CEO. When is the chip shortage going to go away? When can we get out? Play stations and our new cars. So here we go. [00:00:43] Matt Gagnon: I'm going to start. With a story that I think I covered maybe a week or two ago, and I went on a pre prolonged grant. I know you may or may not have heard me do it, but it was about this Catholic priest issue. I know you know about this in some depth and detail, as I said before. But there is this issue here. [00:01:00] He was essentially outed as having visited gay bars and had done several other things. We'll just say using Grindr, right? All these types of things. And of course, being a high-ranking Catholic official, the accusations of hypocrisy and whatnot come and blah, blah, blah, et cetera. [00:01:18] What's interesting about the story, though, to me, Craig is, the media covered it as a hypocrite priest has been found out. But how that information was discovered is not only creepy but really scary. So I want you to tell me exactly how this happened and what implications do you think it has for our privacy going forward? [00:01:39] Because this is about a heck of a lot more than one Catholic priest. This is about Greg Peterson and what he's up to when I don't know. What does it do? [00:01:46] Craig Peterson: Yeah, it absolutely is everyone. Every one of you guys that are listening right now could affect you. Here are the basics of what happened. As Matt just explained, he was outed here because he was using an app. [00:02:00] Now it wasn't just because of this one. That was being used. And then, again, how many times do I know Matt? You said this. I've heard from you many times. "You are the product." There's something free. It's not free. So behind the scenes, what happened is some people thought that maybe. Bishop was doing something that you weren't supposed to be doing. [00:02:22] They figured they would look into it a little more, trying to figure out some more details. And so they went to some of these apps and bought information. Now Grindr is one of these hookup apps, and they went to Grindr and bought location data. And it's anonymized, right? That's what we're always telling everybody. [00:02:44] Oh yeah. Yeah. I [00:02:45] Matt Gagnon: [00:02:45] don't have your name, right? They don't. Yeah. They may give you some information to people who asked for that data, but it doesn't have things that would identify you. [00:02:52] Craig Peterson: [00:02:52] Like the NSA. Don't worry. It's just anonymized. They say this stuff all of the time. However, there are many studies you can find online on how to de-anonymize data. [00:03:05] One of the easiest ways, for instance, to find out where Matt lives is, if you know an app or you suspect a few apps you might be using, you just buy the data from those apps about their users. You can now narrow it down because this phone tends to sleep at the same place every day. And that's true for you too. [00:03:24] And in this particular case, this clergyman was using this app in various places. So at least the app went to some of these capital meetings, high-level meetings, et cetera. And so they put all of this data together and added two and two together and then confronted him saying, Hey, listen, we know it's you. [00:03:47] There was no indisputable evidence of it. There was evidence that he went to all of these different meetings, and he was in all of them, and he was the only person that was all of them. And then his, this must be there for his phone, and it must be him. So this is all legal data. Now I want to add one more layer to the top of this. [00:04:06] It's legal. You can buy it. I can buy it. And the federal government is buying it because they're not allowed to track it as supposedly helpful. But, still, there's a lot of evidence that they are. And because the feds, advertisers, and others have been buying all of this data and putting it together, they also track and de-anonymize them. [00:04:28] Matt Gagnon: That's, I think, an excellent explanation. Thank you for doing that, Craig, because it's such a technical thing. I think that's what many of these companies rely on because it's difficult to understand how this even works. So the public getting fired up about it is pretty tricky, right? [00:04:42]You got to understand it, to know what to be, even opposed to, and ultimately the selling of your data anonymized or not is occurring, and it's a problem. And The inevitable question really comes here. Craig, if you don't like this, what do you do about it? Is there any way to fight against this in some fashion? [00:05:01]There's certainly, I suppose, political changes that could be made, and maybe law is different, but maybe there are things in your life you could do right now that. Would Lakey make you less susceptible to this? [00:05:12]Craig Peterson: [00:05:12] This is really big. And the data also is being bought by advertisers, obviously roadside services. [00:05:21] And one of the creepiest things too is you go to a specific type of a clinic and all of a sudden you start seeing ads about a competitor or maybe how, what you shouldn't be doing there. So what do you do about it? Here's another problem. Our phone carriers were caught about two, three years ago selling your real-time location data to these data brokers. [00:05:45] And I've had a few of them on my show before, in years past, but it's just. Don't put apps on your phone that you don't need. The iOS, Apple phones, and Android phones can turn off tracking and turn it off on an individual app basis. Now that doesn't mean that your phone can't. [00:06:10] Because they can. All right. But what it does mean is that a specific app might not have access to your location just because you're playing Tetris. So apple has even gone further now. It has made it so that the apps cannot find out what other apps are on the phone and even go to a website on your computer or phone, even though you might have cookies turned off. [00:06:35] And you've done that. Some of the other things that I've advised people to do. Yeah. The computer can still report which apps are installed and to a website, to any website the same thing with your phone. Apple's taken some fundamental, extra steps to try and block all of that. So far in the Google ecosystem. It's still more open. [00:06:56] Yeah. Delete the apps you don't need. Turn off tracking in your settings for pretty much everything. Obviously, you need it for maps. And if you are using Google maps, talking about selling your data, [00:07:11] Matt Gagnon: [00:07:11] indeed. All right. Kirk Peterson, I have a couple other questions for you here. I'm not sure if we'll get a time for all of them. [00:07:16] However, I did want to talk a bit about the chip shortage here because I continually get frustrated by my inability to buy a PlayStation, which is now a. Five month-long problem for me that trying to buy one of these things. But it's so much more than that. I was talking to somebody else. Maybe last week it was talking about trying to buy a car and you can't even, they don't even have stock. [00:07:36] Like they don't even have the car at all. And manufacturers are now starting to make their cars differently. So that they don't require the chips that there's a shortage of so that they can actually produce the vehicles. Again, I'm hearing things about crank windows in cars, like just crazy stuff here because of this chip shortage. [00:07:51] And it might last into 2023. Is that [00:07:55] Craig Peterson: [00:07:55] right? Yeah. Yeah. And that's what the CEO over at Intel is saying. Now, this is going to last a while. Everybody made mistakes here during the lockdown. We had never had this before, where the government forced businesses to shut down. If you are in business, you are an important business, or you'd be out of it, of business. [00:08:14] That's just the way it goes. And that's true for the whole chip supplier, right? So we have a long way to go as well. He's saying right now, and they are rebuilding manufacturing capability. Now here's part of the problem with the capacity is the. As they're made up, the newer trips keep getting smaller and require different ship fabrication techniques and fabrication plants. [00:08:39] That's a huge deal when you get right down to it. And what it means is look at the apple with their M1 chip, and they have just this high-speed chip of Apple's, making its own fabrication, plants, et cetera. So the chips that they're wanting today cannot be made with older fabrication plants. [00:08:59] Now, some of them have been brought online, and some of those fabrication plants are making older chips. You are right about cars. I drive a 1980 Mercedes-Benz diesel. There, there are no electronics to speak of in this car. And my kids said, Hey, do you know your car's worth like $10,000? It was I. It was just amazing. [00:09:21] You're absolutely right. The car manufacturers are dropping things, and they are lowering the prices supposedly. But, still, they're lowering the prices based on what that costs them. So, for instance, in some of these higher-end cars where you might have a smart charger that you just put your phone on, you don't have to plug anything in, and it charges up. [00:09:42]They'll give you a $40 credit. But how are you going to install that later on? How are you going to install electric ones? That was when they put in 10 old ranks. So this is really a big problem. It's hitting everybody. It's tremendously hurting my business. I'm not getting compensated for it because it's taken us forever. We ordered a box of desks for our clients in November. [00:10:07] They showed up this last month. So we're going to have to live with this. Probably into 20, 23, and maybe even longer. It should start letting up sometime next year. But your PlayStation Matt is still a way off. [00:10:24] Matt Gagnon: Wonderful. Thanks a lot. Craig Peterson, our tech guru, joins us at this time every week. We will talk to you again, sir, next week.

    Intel Tells Us How Long the Shortage Will Last & Explosive Spyware Report

    Play Episode Listen Later Jul 26, 2021 9:49


    Intel Tells Us How Long the Shortage Will Last [automated transcript] We're looking at a big chip shortage. You probably heard a little bit about it, but how long is it going to last? And we've got this explosive report out right now about spyware and some of the cyber hacking and what's happening with Android versus iOS. What should you be using, 50% of Americans are using Android, and the rest is split up mostly with Apple. iOS. So what's going on there? This is a research group that says, my goodness. The media outlets just aren't reporting the truth. So here we go with Mr. Chris Ryan. [00:00:40] Chris Ryan: A couple of things we're going to get today with Craig Peterson are the host of tech talk first design, the chip shortage, and how long that may last. [00:00:47] The second is a fascinating report on spies where I think a lot of us feel that our phones, and even to a large extent, our laptops are safe because we maybe haven't experienced any overt issues with cybersecurity whether or not that's true. We'll talk about it in a second. Craig Peterson joins us right now. Craig, how are you? [00:01:08] Craig Peterson:  Good morning. I'm doing great this morning. [00:01:11] Chris Ryan:  So we get into a couple of not great stories, though. As into the Intel, CEO says the chip shortage could last until 2023, as we continue to hear about supply chain issues and how they lead to the inflation of consumer costs. What do you think of this particular story, and how do you think it will affect those issues that we see with various shortages. [00:01:36] Craig Peterson:  Yeah, this is a huge deal because, of course, when we're talking about chip shortages, we're talking about affecting everything. It's harder to get a car. For instance, that's driven up the price of used cars, as well as new cars. I mean your computers. We're trying to order them for some of our clients. [00:01:54] And we have seen some of the delivery times out six months, we just about two or three weeks ago. We just got it. Some discount in that we had ordered in November last year. So think about how long it is. And now we've got the wall street journal reporting after the Intel company posted second-quarter earnings on Thursday and the Intel CEO saying we have a long way to go yet. [00:02:22] And what they're trying to do. Rebuild infrastructure and build new infrastructure capacity. We have to remember that this is partially due to the lockdown, but the other side of this is competition. These chips keep getting faster at an order. Yeah. Faster. They have to get smaller internally. That's that nanometers thing that you keep hearing about with chip sizes and densities. [00:02:49] So these older fabrication plans that they couldn't bring back online and that they are, in some cases, bringing back online cannot make the newest chip. So it's a constant gain. So one of the biggest problems we have is. Building brand new chip fabrication plans over the whole lockdown thing. And most of them are in Taiwan. [00:03:11] So this could go until 2023, frankly. [00:03:15] Chris Ryan:  And it also shows how tied our productivity and our consumption-based economy are into what's taking place in other countries as well. We've talked a lot about COVID in this country, but there are. Countries that are out there where we see some meager rates of vaccination, China. [00:03:35] We obviously don't know much about them, but Japan, Taiwan vaccination rates are meager there. So we talk obviously a lot about the US side of things, but many of these supply chain issues are driven by the economic and health environments in a foreign country. [00:03:56] Craig Peterson:  Sure, we have a worldwide economy. [00:03:59] We've got Australia now completely locked down. There are parts from Australia that we need as well as all of these other countries. For example, India's vaccination rate is less than 3% right now. And we require a lot of support from India as well as part. So as we move forward continually the worldwide. [00:04:20] Source and really the source of everything I can know I can dock is going to be worldwide, and more and more of these countries are going to be playing a bigger part. That's Craig [00:04:28] Chris Ryan: Peterson, he's the host of tech talk on news radio six, 10, and 96, 7 Saturdays and Sundays at 11:30 AM. Interesting reports on Android and iOS. [00:04:39] Security. And, I think that many individuals who have not experienced identity theft have not experienced significant cyber attacks against them, they feel that they're safe, and they're not really. That's safe. So I want to get your thoughts on that and B what leads to even if you are vulnerable, what leads to that way, an extended period of time, which you don't experience anything, and the kind of that complacency set. [00:05:10]Craig Peterson:  Many of our devices have been hacked. So if you think it hasn't been you by not know, they're doing everything from not ransoming your phone or random your computer, but using your computer to mine. Coin. And that can be a real problem when it says mark phone and all of a sudden your battery keeps dying after half an hour. [00:05:33] It just keeps getting on. It might be used right now for Bitcoin mining, all the ways through, of course, some of the ransoms that are visible so much. Mean now; there is happening in the background. Your computer could be used for one of these botnets to attack others and do other major things. Now, what we're concerned about on the security or cybersecurity researcher side is being able to get into these devices and get into the systems to examine them. [00:06:07] We've got this Pegasus malware, right? Which apparently has been used against some 50,000 journalists and government people, agencies, and others. And they, all you had to do was open your phone, open a message, no cocaine involved. And your phone has been. IOS, which is Apple's operating system, has been relatively closed. [00:06:30] That's a pro in some ways, and it's a con and others, and we've had all kinds of security researchers over the years here complaining about that while apple made some major changes and has now provided security researchers—access to absolutely everything and also great logging Android. [00:06:51] Unfortunately, the assumption is if it's Android, anti-virus can not protect it because Android is really a hodgepodge that was thrown together. It's thrown on to thousands of different models of phones that are out there. So we are. Better than one with an apple, people assume an apple is going to be more secure. [00:07:13] So they're being held to a higher standard, and they are stepping up frankly, to the plate here, Chris, [00:07:20] Chris Ryan: [00:07:20] you, if you are a business owner, a public official, a person that holds a government position, something that is, would be very intriguing too. Packer or to an organization. And you have questions about your security and whether you are secure, and how do you go about creating an environment where you feel comfortable? [00:07:43]Particularly if you are not all that knowledgeable on the topic of cybersecurity. [00:07:49] Craig Peterson:  I read a great article yesterday. And it was talking about how we, as a whole, pretty much everyone thinks that you can't do anything about it. So we're just going to give up and [00:08:03] Chris Ryan: yeah, if I were to get targeted, I get targeted. [00:08:04] But I think that even when you think about somebody like throw Brad Pitt out there, right? Brad Pitt has to be the target of just about every single hacking organization imaginable. You would assume to want to get information, access to capital, ransomware, whatever. If you are the higher, you move up the food chain as a public official or a celebrity that you would be accustomed to being hacked by. [00:08:27] Everyone. What do you do if you are concerned about that? [00:08:31]Craig Peterson: some things can be done, but you cannot use the standard software. We already know that the Norton antivirus and all these other basic antiviruses do not work. They don't protect you against modern threats. In fact, more than 70%. [00:08:48] Of the threats this year on cannot be stopped by the wonderful little antivirus software we've had for years. So you have to move up to the next level. We're working right now with a small bank. Who's trying to really secure everything because of these sorts of problems. But I, If you are in a position where you are bigger targets than usual, you have to take extra steps. [00:09:15] You have to use advanced malware protection. In all of these years, I've been securing computers out for 30 years. We have never, ever, I had a client that had ransomware, and we're talking about multinational clients all the way on, down through your local dentist. So it can. Done, but you can't just rely on the technology that was invented 20 years ago. [00:09:39] Just top ad guys, but it is there, but you're going to have to Lord and get the right people involved. Craig. Thank you so much. Take care.


    Google's Being Sued by the States -- And it doesn't look good for them

    Play Episode Listen Later Jul 21, 2021 12:06

    Google's Being Sued by the States -- And it doesn't look good for them Craig Peterson: We talked earlier about Amazon and how much trouble they're in right now, Google apparently is in a similar boat. We had just this week, dozens of state attorneys, general suing Google on antitrust grounds. [00:00:16] You can reach me online. Just me. M E Craig peterson.com or what most people do is they just hit reply to my newsletter. [00:00:25] Hopefully you're on my newsletter, right? That goes out every week. If you're on that newsletter you can just hit reply and ask me questions. Any questions you want? I'm more than glad to answer them. I know most of you guys, you're not business people. I am still glad to answer your questions for you to keep you on the right track. [00:00:42] The whole idea here is it's to keep you going. Safer. And if you're a business person, what the heck, maybe I can help you out as well while the here is a problem. And it's a very big problem. We have these absolutely huge companies that are using their market position in order to really control the entire world. [00:01:09] Now it's a very big problem because you have companies that are sitting on billions of dollars in cash who can and do keep their competition out of the market. Now, one of the ways that keep them out, and I've mentioned this before, Microsoft has done this multiple times as lost lawsuits about it, particularly over in Europe, but they find somebody who might be a competitor and they basically squeeze them out of them. [00:01:39] Even though they're not necessarily even a direct competitor. One of the things Facebook does is they buy companies for 10, a hundred times sometimes more. Then they're actually worth, would you take 50 million for your company? That's worth 50 million? You might not. [00:01:56] Would you take 500 million for the company? How about a billion dollars? That's where it starts becoming very questionable about what they're doing. One of the things that Google is allegedly doing right now is preemptively squashing com competing app stores. When you look at Google and the Google Android ecosystem, who sells the most Android devices out there, right? [00:02:24] The high-end devices, the number one seller of Android phones is of course, Sam. And Samsung started to put a store too. An app store. So you could buy Samsung, Sam sung apps now, apple and Google, both charge about the same rates as a general rule. It's 30% for these bigger companies that they have to pay the app store, okay. I'm okay with that. They both spent the time to build the platform, to monitor it, to try and keep the app store clean and guides. That's definitely worth something. But what if Samsung came along and said, okay, we're only going to charge 10% royalty. In our app store and the apps will run on all of our Samsung Android phones. [00:03:13] So it's still using the Google operating system. It's still Android. It will probably run on other than Samsung phones as well. That's the whole nature of, but that hasn't happened. And why hasn't it happened? These state attorneys general are saying that what has happened is the Samsung galaxy store got squashed by Google. [00:03:41] So it could maintain its monopoly on Android app distribution. So it says that Google engaged in a bunch of different anti-competitive practices. They offered large app developers, profit share, and agree. In exchange for exclusive exclusivity. Okay. I can see that the apple iPhone came out. Do you remember this exclusively on ATN T's network? [00:04:08] Is that a problem? They're saying also the Google created unnecessary hurdles for what's called sideloading. So sideloading is where you might go to another app store in order to install something. Or maybe it's something that you want to put on your site. It's not fully approved by the Google play store. [00:04:29] So that's the basics of what the side loaning is all about. So saying that they made that even harder. Okay. From Google standpoint, do we really want to. Allow anything to run on our phones. And here's the question, here's why, right? What do I do for living cyber security? What is one of the things you have to do for cybersecurity? [00:04:51]You've got to put in special routers, special firewalls and software on servers and computers. Whoever touches a computer last owns the next problem. That's been my mantra forever. So if we installed some software on a computer or we had the customer installed some software on a computer, and there's a problem who they get. [00:05:14] They're going to call me, right? Because I was the last one to touch their computer. And at that point now I have to show, okay, it wasn't me. It was this other piece of software. QuickBooks is a piece of junk, you know what, whatever it is, I'm going to have to justify it. And frankly, I'm probably going to have to fix it. [00:05:33] So Google is saying. We don't want all of these app stores that might have apps that are not secure apps, that crash apps that might cause problems with the Android ecosystem. I think that's perfectly legitimate. Apparently these state attorneys general don't think it is. And here's the last one. This is a. [00:05:56] Attempting to buy off Samsung to limit competition from the Samsung galaxy app store. Now, Google is saying that this lawsuit is merit lesson. I can see a whole bunch of legitimate argument on their part. They also said, quote, and this is an article from ARS Technica. It's a strange, it's strange that a group of state attorneys general. [00:06:21] Chose to file a lawsuit, attacking a system that provides more openness and choice than the others. In other words, are taking a jab at apple because apple is very closed for the reasons I just decided to hear that Google I'm sure is going to argue as to why they are closed. Okay. Apparently the state attorneys general are saying, quote, Google promised repeatedly that Android would be the basis for an open ecosystem in which industry participants could freely compete. [00:06:56] Google has not kept its word. Instead. Google has taken steps to close the ecosystem from competition and insert itself as the middleman between app developers. Consumers. Okay. Can, so can you see that they're also complaining this 30% commission. It's a monopoly rent that unfairly burdens consumers and developers, and K-12, you could argue that I don't fall for that one personally. [00:07:24] Now the buy-off is where I think that there's a lot. Yep. Teeth in this particular lawsuit. Cause they're saying that we've got the commission rate argument, right? We've got those. It's not as open as you said, it would be. But these attorneys general have spent a lot of time dissecting Google's alleged efforts to keep competing app stores at bay by, and they said Google was willing to offer Samsung myriad benefits and concessions in order to prevent Samsung's galaxy store from being built out. [00:08:00]Again, Is that a huge problem. If you've got a big customer or a potential partner coming to you and saying, okay, I want a few concessions here. I'm not going to pay 30%, or I want to have some of you, my developers in house with your people so that they can short circuit some of the problems that always develop those are. [00:08:25] In the business in business period. And when it comes to software development, right? People, businesses have we'll use apple again as an example jam, which is a really great set of software to help manage your devices. Jan PF, you might want to check it out. So jam had their engineers camp out at Apple's headquarters, apparently four months while they were working on. [00:08:52] Some of the, their software for the next release of Apple's iOS and Mac iOS. Is that unfair? Yeah, in a way it is right because here I am little Mr. Small developer and I'm not gaining access to Apple's top engineers and able to send mine out there to live with apple engineers and ask questions and help them debug my software. [00:09:18] But it happens every day. Makes sense. So it says though the galaxy store was not nearly as popular as the play store. Google feared that Samsung would develop into a strong competitor, especially since the company sells a majority of high-end Android phones in the us ARS Technica says Google was particularly concerned that Samsung would get an exclusive game. [00:09:43] For the store to attract more users, which Samsung did do in 2018, when it partnered with epic to launch fortnight exclusively on the galaxy store. And that one, move that one game. That one app. Costs Google millions of dollars in revenue. So we'll see what happens here. They make other claims in there. Apparently it even offered a Google offered to white label, the play stores, the galaxy store, so that Samsung could maintain its branding, all kinds of negotiations, the types of things I've seen before, the types of things that are. [00:10:23] Particularly uncommon, but a European commission is also going after them with an antitrust investigation. They've done that a few years ago with this is a problem. These companies are huge and we don't let them fail. Look at what happened. GM and Chrysler, both got bail and the federal government Chrysler got bailouts twice. [00:10:45] The free market. You never would have had that happen. The best part of Chrysler would still exist and those weak parts would have been gone. That's what bankruptcy law is all about GM. The same thing, the best parts of GM would have remained. We would have probably had better cars today. Then we have, if DM GM had been allowed to go bankrupt and yeah, it's going to hurt people, but guess what? [00:11:11] It's hurting people right now from the other side. And when I see this happening as well at Google and Amazon, of course they haven't gone bankrupt, but they both along with Facebook and a few others, they're both huge. Huge and they control so much of the market. So what's the best way forward. What do you think I'd love to hear from you? [00:11:32] Just drop me an email. me@craigpeterson.com. What is the solution to this? Hey, make sure you get my newsletter. We got all of this information, of course, a whole lot more comes out every week. May be semi-weekly here fairly soon. See how it goes, but go to Craig, Peter sohn.com/subscribe. You'll get my free newsletter and you'll keep up to date on what you need to do to keep yourself safe. [00:12:02] Craig peterson.com.

    Recommendations to Turn Off Your Printers - eCar Fire Warning

    Play Episode Listen Later Jul 21, 2021 9:06

    Recommendations to Turn Off Your Printers - eCar Fire Warning Craig Peterson: Hey, we got another emergency patch out from our friends at Microsoft. And in this case, it has to do with printers and remote printer access. Do you have employees working from home? Microsoft has their big monthly patches that they release. They also have weekly patches that they released that are for slightly more critical vulnerabilities. And then they have. Patches that are released because there is a severe problem going on right now while that's what we are staring down. There is a vulnerability called print nightmare, and this is located in the windows print. Spooler serve. Now the windows print spooler services, what it sounds like. This is the service that handles all of your print jobs. So if you are using this service, Turns out there's a serious bug and Microsoft tried to patch it once and failed. [00:01:10] And they've got another patch out right now seems to be working, but organizations are really urged to deploy these patches as soon as possible or deceased. Inbound remote printing until they can be applied. So that's why I said, if you have people who are working from home, because many of us turned on remote desktop and you better make sure that's properly patched up so that people could. [00:01:37] Then and get a desktop. Although Microsoft has an interesting solution that is going to be announced in early August about having your own windows machine there in their cloud. So it looks like you'll be able to have windows machine for about 35 bucks a month. Microsoft will have to keep it up to date. [00:01:56] I think that's a very cool thing, but they're coming out with that here very shortly. Within the next month or so, we'll see what happens, but this is a problem because if it's exposed to the internet, We're expecting to actually already be seeing active exploit. Now here's the problem Microsoft's trying to solve. [00:02:19] We have three different types of patches. You have the monthly patches that they release. You have your, which of the patch Tuesday. You also have patches that are released every week, which are more critical. And then these types of patches, these are patches for what are called. Zero day attacks. There is nothing normal out there, a regular stuff that would catch this and stop it. [00:02:46] Now, the advanced malware protection that we use from Cisco, it will catch this sort of thing, but it'll only catch it after it's been seen a few times and then identified, obviously by now it's been identified. So it's pretty darn cool. So Microsoft's monthly updates. Last month included a patch for another vulnerability in the windows print spooler service. [00:03:11] And it was initially called a local privilege ex escalation issue. That means that you had to be on that computer in order to gain access to these advanced privileges and features. Turns out that it wasn't entirely just local. And now there is a new one where it can be exploited to get remote code execution and not just privileged privilege, escalation. [00:03:39] That means that they can now run programs on your computer. And with privilege escalation, they can run those programs as whomever they might want to do. So this is pretty big Blackhat USA conference coming right up and they are going to be hosting one of their talks called diving into spooler and what they did to discover these local and remote. [00:04:09] Vulnerabilities in the windows print spooler Hey, it's definitely a problem. There is a proof of concept exploit out there, and that means that the bad guys are not too long from coming up with their own. So there you go. Again, patch it up close and remote access, at least for the time being. To your print spooler because it could be a very big deal. [00:04:34] Another thing you could do is disable the prince Pooler service. You can just use stop service dash name spooler dash force, and that will. Pop it right on down. Okay. And then by the way, in case your machine reboots, you probably wouldn't do a set service dash named spooler dash start-up type disabled in order to make sure it doesn't restart, but there'll a lot to worry about right now, a whole lot, frankly, to worry about right now because of the Russians are coming. [00:05:06] Here's another one. This is Chevy bolt. Now, I have had some major complaints about Tesla and the way Tesla has these door handles that recess in entirely and how it has happened that during an accident, those door handles don't pop out and people cannot be extracted from cars. And the biggest problem you have in an accident with a car full of batteries is. [00:05:34] Of course the high voltage and current that's stored in the batteries that now when they, it out, it starts a toxic fire. Very nasty. Just this week, the national highway traffic safety administration issued an alert for all 2017 to 2019 Chevy. Owners now I know a lot of these bolt owners are actually government agencies. [00:05:59] They're not individuals, but I thought I'd bring it up. Anyways. There was a fire in a Vermont state representatives. Car's name's Timothy Brown. And his Chevy bolt decided it was going to catch on fire. Now, there was a recall by GM of these Chevy volts that had this problem, and apparently it doesn't entirely. [00:06:26] Fix it, they are still plaguing GM. And man, in this particular case this rep of course in Vermont being a I don't know, leftist, I have to assume, but a fan of electric cars, his car. Sad they're burning, which is pretty bad, ironic, but this happened when was this? Oh, it looks like this happened just a couple of weeks ago. [00:06:52] He's the state chairman in Vermont of the house committee on energy and technology. I've been supporting electric vehicles go sponsor bills relating to electric. And plug-in. So now his 2019 Chevy bolt course caught in fire, caught on fire, and there are others out there. 68,000 cars. All right. So two phases to the recall first phase is a temporary solution. [00:07:20] The second one is a more permanent one. Apparently this has to do with the batteries spontaneous. Catching fire. So this isn't something that's related to a car accident. It's a spontaneous combustion problem. That's not too good. It's a defect in the LG chem battery packs that are in these cars. So here you go. [00:07:43] If you drive to work every day and you charge your Chevy bolt every night, the United States, federal government is telling you to stop doing that. Yes. If you have a Chevy bolt, they're advising you to not charge it at night. I'm not sure when you're going to charge it. Cause the idea is you charge it at night. [00:08:03] You drive in the day, right? So they're saying there's, you can't do that. If you have to charge it at night, make sure you park the car away from any structures and definitely do not park your Chevy volt. That might be part of this. Recall inside a garage. How's that for bad, the original recall, by the way, came out in November, 2020 for potential fire hazard in the, again, the high voltage battery pack, those cells could possibly heat up and ignite internally. [00:08:35] Yeah. And if that fire spreads of the rest of the car and spreads to the building it's parked in or nearby building. Yeah. So keep an eye out. If you have a Chevy bolt, this is the type of problem in a phase as we start more and more to move into the electric vehicle realm. Yeah. Eventually it'll all get worked out, but it isn't perfect today. [00:08:57] Hey, visit me online Craig peterson.com and keep up with the latest in what you have to do with technology.

    COVID's Biggest Victim? The Traditional Workplace

    Play Episode Listen Later Jul 21, 2021 9:01

    COVID's Biggest Victim? The Traditional Workplace Craig Peterson: Work from home is a huge deal, especially for a couple of segments of our society. And I want to talk a little bit about that now, as employees are returning to work, should they be returning to the office? There is a great article here this last week in Forbes magazine by Dana Brownley. And it was one of their editors' picks, and Forbes picked it, I think, for excellent reason. And that is so many of us have been working from home. And for many of us, it's been a godsend. I've worked from home now for over 20 years. And for me, it's been a godsend because my priority was helping to raise our eight children. And it's hard to do that, and it's hard to homeschool them if you are not at home. So that's what I had done. And I was very privileged to be able to do that. [00:00:54] And our kids have all turned out amazing. Many people are caregivers, and it isn't necessarily just kids. But right now, I'm looking at a survey that was conducted. It's called the Prudential May 2021 pulse of the American worker survey. And they're showing the 2000 respondents that 38% identified themselves as caregivers, with nearly 40% of those providing care. [00:01:25] For school-age children, when you are starting to look at benefits packages, many families need to be able to have some form of childcare. And what has snuck in because of the lockdown is that many of us can work from home. So many of us have been more productive at home. And then, on top of it, all we can take. [00:01:52] Of our family. So let's look at the stats. We told you about school-age children. That's about 40%, 32% are taking care of young children. And this is 40% of all workers. Okay. People 30% are caring for someone with a disability, some health issue. And 23% are taking care of older adults. [00:02:20] That's 40% of the workforce. That is a lot of people. A lot of people, 38% is the exact number. So there, many of these caregivers are returning. Really a traditional work environment where they're going to the office, but they have unique needs. And I think every last one of us has to consider that and look at it and figure out how we can make things work. [00:02:51] And when we look at the numbers again for the caregivers, 45% say that they've considered leaving the workforce entirely. Due to personal demands. And 53% are saying that they would retrain for a career in a different field or industry. If they had the opportunity, we have some of our best people out there that are taking care of the kids of our loved ones. [00:03:21] Our parents. And again, look at mine, a situation here where I was at home helping to take care of our kids along with my wife. Neither one of us could have carried on a regular job and homeschooled eight kids. Neither one of us could have done that. What kind of talent might we be losing? Squeezing these people out of our workforce, particularly when we've now proven that most businesses can allow their workers to work from home. [00:03:57] Now, they found in the survey that there were three primary types of support caregivers, and these types are looking for different types of flexibility. Number one, they're saying that 42% wanted increased workplace flexibility. No, that makes a whole lot of sense. So they can work from home. [00:04:20]Maybe some of your best employees or people who want to work in another part of the country. I have a friend; his brother-in-law is a real good programmer in this one particular type of programming. I think it's sales and he is living there now in a completely different country on the other side of the world. [00:04:42] And yet. He's still doing programming for these people here in the United States, talking about workplace flexibility. He is sitting over there not far from China and is enjoying himself. He loves it there. And of course, his costs are much lower, et cetera, et cetera. So consider that, not just that there might be working from home, but maybe they want to take the kids over to Europe, live there for six weeks. [00:05:10] There's a lot of things people want. So that's 42% of our people that are working. Okay. Increased workplace place. Flexibility. The number two increased paid time off by 38%. Again, something we got to consider seriously. Now I know how hard it is to be able to fill in for someone that's on vacation or. Maybe they're caring for a loved one. [00:05:38] Maybe they just had a baby, et cetera, but it's essential when you get right down to it. Because again, who's better for raising our children, us, or a stranger who's going to more or less warehouse them. You have to keep a look at that. There's a great article from the Harvard business school. [00:05:59] It's titled. COVID killed the traditional workplace. What should companies do now? That's an excellent question because now the lockdown is mostly behind us. Executives can't expect the offices to run the same way they did to come in and do the same things they always did. But in reality, Harvard business school faculty members are saying there are ways to keep our employees happy and productive. [00:06:32] And that is exactly what we're talking about. But, no, for many caretaker takers caregivers, I should say paid time off is more valuable than a pay increase. And that's particularly true for those who are at the higher end of the pay scale. It gives them a lot more flexibility. They can get away sometimes from all of their responsibilities and obligations, which is just so important. [00:06:57] There's here's another one. This is a job list survey from CNBC. The article entitled here's how much money workers would give up for better. Life balance. And they go in, in that particular article and say that the average worker who says they currently have work-life balance, it would take an extra $10,000 in pay per year for them to give up their personal time. [00:07:20] I'm not sure that's right. I think it would be a lot more than that. And it also says just 30% of workers said they'd give up part of their pay for a better work-life balance. And the threshold varies by the type of worker. So that's where we, I think, really get into it now. So those are the first two, the third one is 37%. [00:07:41] So these are all within 4% of each other—a greater commitment to health and wellbeing. Now I've seen studies before saying businesses that put in a gym and put in workout rooms, et cetera. They never actually see them use—the way they expect for them to be used. And I don't think that's what people are talking about here, but we really are thinking a lot more about health and wellbeing since so many of us have been scared because of the COVID outbreak, but maybe I should be paying more attention to our health. [00:08:17]But we also have the mental health look at all of the problems we've seen from so many mental health issues because of the. Down. So Harvard again came out and said for employers that we need to signal the health of facilities. It's crucial to attracting people back. So again, The right kinds of air filters, right? [00:08:39] Kinds of lighting, make sure people feel safe while they're in the office and maybe cut back the number of days they have to be there. Hey, stick around. We'll be right back. We got a lot more to cover. You're listening to Craig Peterson, of course, and visit me online. Craig peterson.com.

    The FBI Weaponized Google Pixel Phones!

    Play Episode Listen Later Jul 20, 2021 10:54

    The FBI Weaponized Google Pixel 4a Phones! If you look into buying a used Google Pixel 2a, I've got some news for you. The FBI has been very busy, and they've conned the con man. I love this story.  The FBI has been trying to track bad guys for a very long time, and there've been several ways they've done it. We know obviously about phone taps. We've seen those before the old days. I don't know if you've ever been to one of the original. Telephone switching stations were all not even original, but the types they had in the late sixties and early seventies. I remember going to see one, and all of these switches were going. [00:00:43] People were dialing the phones and everything. It was just so cool. And back then, to trace a phone call, what they had to do is find the original. Sore. So they would go to that row, that column, that exact little unit that was hooked up directly to your phone. And then they would see, okay, this is in position this, and then go to that next switch. [00:01:08] Okay. Position that next switch, position that, and go all the way through. That's the really older days, not the old days where you had somebody that was at a switchboard doing it. Nowadays, of course, it's all done by computers. The telephone company turns your voice into a digital signal, and it's usually done right in your local neighborhood. [00:01:29] It isn't even done at the central office anymore. So by the time your voice is outside the central office, it's digital. It's hauled on nowadays, even partially an internet protocol. Network. They used to use different protocols back in the day. And so, it makes it quite easy for them to tap your line. Now, of course, there's the legal side of this. [00:01:53] Do they have the legal right to do it to the need a court order or what kind of a court order? Do they need it, right? All of that stuff. But that is the side. It's effortless to find out where calls went, where they came from, and to listen in because it's just digital—Data's completely copyable with absolutely no particular problems at all in copying it. [00:02:17]Last month. The FBI and the Australian federal police acknowledged that they had indeed been working on this encrypted device. And the company was called a nom, which is a fake company and a nom sole. 12,000 smartphones to criminal syndicates around the world. That's the wording that the police used. [00:02:45] So these were being sold as secure devices. They did things like they removed the cell leader, modem functionality they'd changed the boot ROMs. They removed the GPS. So the idea was, Hey, you missed your badge. You can use one of our Anom phones, and it's using a special version of the Android operating system, and you can send messages back and forth. [00:03:10] It's a completely secure messenger service with end-to-end encryption, right? Like we're always being promised. And so what happened is bad guys started referring. Bad guys to this, right? Cause if they wanted to talk to the other guy, they both needed these Anom phones. Otherwise, they wouldn't be able to talk to each other. [00:03:31]And so they were recommending the use of these phones to their friends that were in the illegal businesses as well. So this I'm just chocolate is so great. So the FBI weaponized. Android phones, at least this particular model of it. And there's a whole community in the Android world. It doesn't exist in the iPhone world because this is much harder to do in the iPhone world, but they call themselves the model. [00:04:03] Community. And so they'll get a phone from some vendor. They'll make some changes to it that led to maybe change networks or do other fancy things. So they, after the FBI, used some of this technology. The modding community and did some just amazing things with this custom rom. Now you're going to love this part. [00:04:24] Okay. So when you boot this phone up, this is according to ARS Technica. The phone will have, of course, a little boot screen and. The highest custom from here is the boot loader and other things, but it showed an arcane, oh, S boot screen that's the name, arcane O S and every place, the normal Android distribution that comes from Google with the. [00:04:52] B I's arcane. Oh, west green. It's just phenomenal that these guys would do this and would fall for it. So the FBI told the criminals, Hey alleged criminals, Hey, these are secure devices, the really focused on security, and there is a pin scrambling fee. What would happen if on your phone? [00:05:14]You might enter pin some phones, you might use a fingerprint, or he might use a face ID. This was a security feature. And what happened is normally you've got what, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0. And you type in your pin, and off you go, what this did, is it scrambled it? So it might be nine too. [00:05:34]Just the scramble of the digits up so that when you enter your pin, you're not always touching the screen in the same place so that people could not guess your code from the fingerprints you're leaving behind. Now, this is also interesting. It, this is a great way to do it. If you're doing it for real, having to run an anonymous phone, they had two different interfaces on the phone, and a different one would pop up depending on. Pin you typed into the lock screen. So the first pin would show a bunch of non-functional apps that are pretty popular in the app store, like Tinder, Instagram, Facebook, Netflix, candy crush games. [00:06:18] So if somebody is checking out your phone, forcing you to unlock it, they're not going to find budge. And by the way, none of those things work. But. If I had designed it, I would have made them so that they would work. So you can fool some of us by trying to rob us and steal your phone. [00:06:32] The second pin you could enter tells you chose your pins, but it was supposed to be the secure section. She didn't have the phone. So it had a clock, a calculator, and the settings. But the calculator app actually opened a login screen to a nom as an anonymous. And that, again, the bad guys are told all that's a secure, encrypted way to chat. [00:06:57]This is just amazing. So they will do use that. So they go into the calculator app and now allowed them to chat with their friends. But what they did not realize. Is, it was actually sending all of the messages also un-encrypted to the FBI. Okay, absolutely amazing. Amazing. So now, some of these bad guys are selling their phones online. [00:07:28] I remember I warned you at the very beginning. If you're going to buy a pixel for a, you want to listen to this first because the bad guys are selling. Their phones are online. And so, several people have been trying to figure it out—some posts on Reddit and elsewhere. You guys know how to deal with this arcane. [00:07:48] S, how can I reset this? What should I do? Okay. A lot of confused people. How do I fix this thing? You're not going to be able to fix it. Okay. By the way, this thing I think is really cool because the guy who he bought it legit guy bought it use. You said the installed operating system is arcane O S 10. [00:08:06] The system updater says that Archana, YC 11 is available for download, but I don't want to do it in case it makes something even harder to fix. So maybe the FBI is bad. At sending out updates and fixes, most of the Google Android vendors are out there, and I'm just laughing all the way through here. [00:08:27]So, there are some things that a tech-savvy user should know. So I want you guys to pay attention to this, particularly if you're using an Android device. So the first thing is when you start up a newer Android phone when it's made in the last few years, The first thing that happened is that Google runs something called verified boot, which makes sure the operating system has not been modified. [00:08:58] So, the operating system from the device manufacturer will be signed using a cryptographically secured. What was happening here is these devices were failing verified boot, of course, because the FBI had modified the boot ROMs. And if your device fails, verified boot, your Android device either could be an unlocked boot loader or a relaunch boot loader with tampered software. [00:09:27] It's going to show a message. And, in this case, the FDA FBI devices have a message that says your device is loading a different operating system, complete with their yellow exclamation point icon and a link for Google support pages. Phenomenal. And by the way, the article I'm sending this out in my newsletter, but it says. [00:09:54] How resistance changes. Google has an order. So it sent them to the legitimate Google support. So there you go. There's a perfect little piece of advice right now. The FBI changed many Android operating systems and tripped out many Android settings that might've revealed something about the fact that it really was a spy device system settings for app storage, and accounts have been removed. [00:10:23] So pay attention, right? If your machine boots up, the plane's about the bootloader, you've got a problem, and it isn't just Android. Obviously, Apple will do that. The newer versions of windows are starting to do that as well with TPMS, and windows 11 is really going to bring a lot of that to the forum. [00:10:44] Hey, you're listening to Craig Peterson, and you can find me online. Craig peterson.com. Check it out and stick around.

    How Could Facebook Do a Better Job at Controlling Disinformation?

    Play Episode Listen Later Jul 19, 2021 10:21


    How Could Facebook Do a Better Job at Controlling Disinformation? Hello, everybody. Great discussion this morning about Facebook and what is going on with their monitoring and controlling some of the topics. Should they have something in place that really stops false information? How could they do that? And what's their real motivation behind all of this. With Mr. Christopher Ryan, we also got into how the general services administration has completely messed up. Again, it's authorization, this FedRAMP authorization. Why are our federal agencies using some tools like zoom that have been proven to be very insecure, and they're using them with the blessing of GSA, who says they're secure. [00:00:50] So here we go. [00:00:52] Chris Ryan: Craig Peterson is the host of tech talk on news radio 610, 96.7. You can check him out Saturdays and Sundays at 1130. Craig, how are you?. Hey, good morning. Doing great. Appreciate being with us. So one of the topics we did we've delved into today is social media giants and censorship of quote-unquote misinformation is. The white house weighed in on this last week and criticized Facebook as a purveyor of misinformation based upon allowing individuals platforms to push forward their opinions. [00:01:27] From a media standpoint, we have gatekeepers available and able to squelch misinformation and provide a great environment that can provide the most accurate information possible. Is there any way, shape, or form that a Facebook or a Twitter can? Have any sort of an algorithm or staffing or personnel; this is not even whether you should do it or shouldn't do it. [00:01:55] Is any way feasible or possible for them to strike down misinformation? [00:02:03] Craig Peterson: [00:02:03] Yeah. This is a tough one. It's easy enough. You've got, of course, Justin sitting there with the big button, and the Eaton cut us off at any point. But when it comes to Facebook or Twitter or any of these other big places you have, what is it now? [00:02:20] Billion active users per month, just on Facebook. So what you were asking about is there some algorithm. Obviously, people can't do this, and the answer is I have, yeah, a fascinating article. I'll be talking about it next Saturday. How about IBM's Watson? You probably remember Watson pretty well. [00:02:39] It was going to rule the world. It won jeopardy. It was absolutely amazing. And it really hasn't done much since then. One of the most advanced AIS we've had, and Microsoft and Google both have them; China's working on artificial intelligence to try and figure it out. But the biggest problem that we have is. [00:02:59] What is the sentiment there. How can you tell an article is criticizing something legitimately, or if they are endorsing something that might be a bad idea, then who gets to choose? What's a good idea. What's a bad idea. This isn't easy to do [00:03:16] Chris Ryan: [00:03:16] Chris. And there are no rules either. I said before; I don't think it was appropriate for social media to ban Trump. [00:03:24] I don't; I think that many individuals push forward misinformation and tr and lack truth and their intent is not good. And they're still allowed to do whatever they wish. So I think that you have to create a. A platform and an infrastructure to determine what the role should be. [00:03:45]And what, how many times do you get to push things forward that aren't true or et cetera? There are no rules. [00:03:51] Craig Peterson: [00:03:51] Yeah. I look at this and a profit motive on the part of Facebook, certainly in these others. And that is, they want your watch. The Facebook channel. They want you on that feed all day long. [00:04:05] So the more that you aren't interested in a topic or position, maybe a position is totally false. Maybe you are flat earth, or the more information they're going to feed you—the how the earth is flat and less about anything else. So what we've ended up with now with these social media sites is something that really polarizes us even more than we were polarized before because we see more and more information that confirms our suspicions and where we're at. [00:04:36] So I see that as an even bigger problem because we're frankly, Getting isolated. We don't have the editorial in the newspaper that might be left, might be right. It might be the center. As time goes on by these submitted authors, it's showing you what you want to see. And that's a big, [00:04:56] Chris Ryan: [00:04:56] right. And the Facebook feed has also changed over the years where initially it was just your friends, basically, and their information more and more, the feed has gotten filled. [00:05:07]Topics that they have determined that you're interested in and sources that may or may not be accurate that present that information. And this has happened to me, and I'm sure it happens to everybody else. Know, You may click on the art, one of those articles, and be interested in it. [00:05:22] And then the next thing 50% of your feed is similar articles or ads that are associated with things that you have looked up. So the Facebook feed has changed dramatically. Over the years to the point where it was initially, there weren't many ads, and you wonder how they made their money to the point of which now, where there are a lot of ads. [00:05:43] And they're also continually feeding you information on topics that you're interested in. [00:05:49] Craig Peterson: [00:05:49] Yeah. And topics that, again, might be correct, might be false. And what Facebook [00:05:54] Chris Ryan: [00:05:54] is doing you, in fact, giving you information that may not be accurate. So not just your friends, Facebook itself is providing you with information that may be false. [00:06:04] Craig Peterson: [00:06:04] Remember the days in Facebook, or again earlier on where if you followed someone, if you liked someone, you would see their posts, they would show up in your stream. Now Facebook realizes, oh my goodness, you've got hundreds of friends out there. They're all posting stuff. And Facebook decides what you want to see. [00:06:26] Many of the celebrities dropped off of Facebook because people that wanted to see their posts were no longer seeing them because. Facebook was moderating it. So we've come full circle under discussion. Facebook is doing moderation, and the moderation they're doing is, again, isolating us and dividing us even more. [00:06:46] That's a huge problem. What's the solution. I w was this day and age. I'm not exactly sure because they, the algorithms. They could be doing more moderation. Should they be doing it? And, of course, that's the whole discussion around section 320. [00:07:02] Chris Ryan: Exactly. So let's talk a little bit about zoom; an article has come out about zoom and its cybersecurity issues, and the GSA is blocked. [00:07:12] Senator Ron Wyden reviewed documents used to approve zoom for government use in government meetings. And that this is not just the federal level. It happens all the time at the local level as well. And there were initial concerns about cybersecurity and zoom, but a lot of those concerns and the topic of conversation about them seem to go away during the course of the pandemic; how safe is zoom, and obviously, you haven't. [00:07:39] Individuals, whether it's from a non-profit private sector or government perspective, who are discussing compassionate things on zoom. And they assume that no one is listening, but are they? [00:07:52] Craig Peterson: Yeah, that's a terrible assumption, particularly when it comes to zoom. The big concern here in this particular article that appeared in the tech crunch has to do with the investigation that's done by the fed. [00:08:06] So we know there's obviously information that needs to be kept secret other classified information, and then there's information that might be damaging. And what's happened here is the general services administration gave zoom their authorizations. FedRAMP authorization saying, yeah, go ahead and use it. [00:08:25] It's going to be fine. Everything's great. Turned out. Zoom was not encrypting these sessions from end to end. In fact, routing some of our conversations live through Chinese. They're using Chinese programmers to write this stuff. They installed back doors on Macs, just all kinds of incredible, terrible stuff that zoom hadn't been doing. [00:08:50] And some of it is alleged continuing to do. And yet, somehow, it received this authorization from the GSA. How that. Did that happen? Now, there are some secure ways to speak online. Really WebEx is the only one that is fully authorized, and then you have to have the right version of it. Microsoft teams have some stuff that is also authorized and. [00:09:19] Truly end to end. Zoom is not to be trusted, but what really concerns me is it looked like the federal government delving into any of these tools to verify whether or not they appear to be safe was terribly flawed. And that's exactly what the Senator has been trying to do and why and how, and they're just not providing the information. [00:09:43] Chris Ryan: [00:09:43] I have a basic theory. Applies, I think to tech and social media; if something is free, ask why and figure out why is this free? Why are you able to do it for free? What is in it for the company, and then decide whether or not you want to use it? But I think that people are all in, on giving their information, using. [00:10:06] These things and they don't really understand what the business platform is? How is this being used? And I think that is something that individuals should be cognizant of. Craig has always thanked you so much. Take care. That was Craig Peterson. He is the host of tech talk.


    Amazon Is In For a Rough Ride

    Play Episode Listen Later Jul 16, 2021 12:16


    Amazon Is In For a Rough Ride Did you know that Amazon has a new CEO? I remember back in the nineties; I pledge that I would never use Amazon again because they filed and were awarded a patent on technology everybody was using.  Jeff Bezos is out of a job. [00:00:19] This is a guy that grew a company that all they did initially really was book sales, and they had a warehouse the size of the Amazon, right? Because they wanted to represent everybody. They had every book ever published, and to a large degree. They did. They had a whole lot of bucks, and then I've expanded, of course, beyond that. [00:00:47]And beyond that, to the point today where they are doing some well, again, shady things I mentioned in the intro that I was concerned about what Amazon was doing with pat. They got a patent on this one-click purchase. Now I have been a fan of patents for a long time. I do not like the patent law as it exists today. [00:01:14] And in fact, I haven't liked it for quite some time, but this patent law where you don't have to show that there was no prior art and frankly, the prior art does not matter at all. I think that's huge. And I've had a number of patent attorneys on my show, talking about it and talking about what we may want to change. [00:01:37]Jeff Bezos grew it to today, where it really is the number one provider of online services is. You might, in fact, almost certainly are using Amazon's services, whether you realize it or not to go to most, any website, any of the big ones they're probably using Amazon's web services. They're probably using Amazon storage, and Amazon has dozens and dozens of different services. [00:02:09] So it's a very big deal. And Jeff Bezos, who's the guy that started all of that, sat down stepped on. I should say. Now it's rare that the founder of a company ends up taking the company public. Public, basically, that just doesn't really happen because all of a sudden, when you're public, your whole job changes, and no longer can you make a decision, a snap decision about something, and then go ahead and do it. [00:02:37] You've got to be very careful about what you do when you do it, how you do it, you have to announce it and everything, but just an amazing man being able to take it—all of that. And by the way, he have the largest settlement, a divorce settlement in history with his ex-wife. It's amazing, but he is still the world's richest human. [00:02:59] Now he has this company called blue origin, which is his rocket company. He's got the Bezos earth fund, and he's still chairman of Amazon's board. So he's not going anywhere. However, we've got this new guy, Andy Jassy, who has stepped in as the CEO of Amazon. He was the head of Amazon's online services, which is absolutely huge. It's their most profitable arm by far. So he's taking this whole thing over when Amazon, frankly, is in a lot of trouble. Now they're basics of, Hey, there, the money that they're making, their profits and everything, that's all well and good, but there are ongoing antitrust investigations. [00:03:52] There's a battle with labor. And we're talking about, of course, big labor here—the unions. There's increased competition in the cloud space. Just look at what happened with the US military in there. I think it was at least a billion dollar. I can't remember the exact number, a cloud contract because Amazon was battling Microsoft Azure and it was awarded. [00:04:20] And then just a couple of weeks ago it was pulled back again. They're also seeing increased competition in their online services from Google. And I use some of those Google services. In fact, if you go to Craig peterson.com, it's actually right now using some of those Google services. So they are really getting nailed from a whole bunch of different directions. [00:04:45] And this guy Jassy has worked there since 97. But he may be the perfect person to guide Amazon through. W really now we're talking about the middle-aged, that's the time when you're supposed to buy your convertible, buy your motorcycle, et cetera. The middle aged years. And in this case, there's some problems. [00:05:10] Here's a quote I want to read from this Yahoo article is actually I think AP yeah. Yahoo finance. This Yahoo article and it's from Harvard business school, because we've got regulators who are circling, and this may be the main reason Jeff stepped down. I don't know, but quote, you may want somebody who has the confidence of the chair. [00:05:35] And the board you want somebody who understands the strategy and was part of it and knows where the bodies are buried and the mistakes that have been made and how to move forward. This is from Harvard business school, professor of business administration. Rosabeth Moss Kanter, and I think she's right. [00:05:58] Absolutely because this road ahead for him is going to be tough. But the fact that he ran their most profitable division tells you something, it tells you a lot and he might be the exact right guy to be able to do that. Amazon's now got a market capitalization of about $2 trillion, which is huge. [00:06:20] And it's certainly enough to get some of these regulators. Paint a lot of attention to what's going on. We've got the Washington DC attorney general, who has accused them of violating the district of Columbia's antitrust act. And that has to do with, for bidding third-party resellers, from offering cheaper rates for their products on competing sites. [00:06:43] Cause remember what Amazon does. About half or more. In fact, I think now of their products are not actually sold by Amazon. They're certainly not Amazon products. They are products from resellers who are just selling on Amazon. They're using Amazon is their platform. And that way Amazon will manage the inventory. [00:07:06] It'll warehouse a little ship it out. It'll handle the returns. Yeah. What Amazon is doing is charging these sellers for the space in the warehouses, which is perfectly legitimate and taking a percentage of the deals. Are there other websites that might give these sellers or resellers or stuff they're importing from China or wherever. [00:07:31] Might there be other sites that give them better deals? Will you bet there are sites out there. So that's why she's suing them. Federal regulators look like they might be coming in as well. The federal trade commission's newly appointed chairman. She's a fierce critic of the. Amazon way of doing business and she made herself a name by publishing an article for Yale's law journal titled Amazon's antitrust paradox. [00:08:01] So before she was even appointed to the federal trade commission, she was already calling for changes in the current antitrust regulatory framework. And that might be widely invited administration has appointed her, but there's six antitrust bills. Targeting big tech right now that are working their way through the house of representatives. [00:08:24] And we've talked about some of those already, and, I do not like these huge tech companies that are making crazy profits and using those profits to keep other people out. And Amazon's one of the largest employers in the country. And after years of complaints from somewhere house workers, we've got the labor unions now in the mix trying to take action. [00:08:49] Now, I don't have a single problem with labor unions while at some of their tactics, I have problems with, I don't have a problem with the labor union. In the private space. I have a huge problem with I'm in government space. And we could talk about that at some point, but I don't have a problem with them trying to organize inside Amazon. [00:09:12] So the international brotherhood of Teamsters. Yeah. I remember the guys that drive the horses. They announced that they're going to begin working to organize Amazon workers. So that might succeed. There was another one in Alabama that had failed. So are you getting the hint here? This is huge. It's huge. [00:09:32]By the way, Amazon's offering warehouse workers starting pay at $15 per hour plus benefits. So that doesn't seem too bad. If you ask them. But again, with the pandemic, all of the stuff going on there been a lot of calls for Amazon to quote, treat its workers better. So we'll see. We'll see what happens. [00:09:53] Other problems with Amazon that we've talked about before are things like fake reviews. You and I, we look at the reviews, it's critical in us buying things. Isn't it. We look at the reviews and say, oh, wow. Jeepers. There's 500 reviews here and it's four and a half stars. Okay. So I can have confidence that this product is good. [00:10:17] It's going to work. And yet some of these sellers, what they're doing is bribing people to give a good review. So they'll say, Hey, you buy my product. And then they send the product in with, along with the product is a little note saying, Hey, if you give me a review and send me a link, I'll send you an extra battery or whatever it might be. [00:10:39] That has been a real problem for Amazon, even worse than that, because at least those people might give an honest review, right? Worse than that is that some of these reviews are paid for. So some of the sellers it's alleged are going out there. They are hiring. People and paying them to give reviews. Now, those ones are very obvious. [00:11:04] If you look at the reviews, so don't just look at there's 500 and the average is 4.5. Look at some of the reviews in the wording. So I've seen reviews where it was for a massager, and there was talking about what a great. A set of wheels that has on it. And they work really well. And it's very smooth when you're out, riding it on the trails. [00:11:27] Wait a minute wait, we're talking about a massager here. We're not talking about a bicycle, so that's one of the ways to tell if the reviews are fake, they're don't even talk about the product at all, or any of its real features. The other one is look at the wording because most of these fake reviews. [00:11:45] Don't use English, so good. All right. Okay. Thanks for being with me. I want to make sure you stick around and visit me online. In the meantime, go to Craig peterson.com. If you sign up for my free newsletter, you'll be getting that every week with all of the details. I'll try and catch you up and you can listen to my podcast, right from there. [00:12:09] CraigPeterson.com. That's Peterson with an O.


    Kaseya and the Problem with Managed Service Providers

    Play Episode Listen Later Jul 16, 2021 9:14

    Kaseya and the Problem with Managed Service Providers We have really in front of us, a critical warning. We're trying to figure out what should we do or to stop people from attacking us. That's a problem. What should we do? Many of us have gone out to managed services providers, and now they have let us down.  Did you hear about the Kaseya hack? It has had a huge impact on people. It's absolutely crazy. Or you heard about a thousand companies that got together and they have hired a negotiator in order to negotiate the ransom with the bad guys that have ransom there. It is huge. It's huge. But let's talk about why this happened, because I think there are many things that you and I have overlooked here over the years, this ransomware God guy, gang called REvil, R E V I L has targeted cause say, or customers through. [00:01:04] Say, but it isn't just kissy customers. It's really cause say, is customers for the most part. Now your head might be spinning a little bit, but here's, what's happening. I'm a business owner. You guys know that right now. Let's say that I don't do cybersecurity for businesses. That's what I do. [00:01:24] But let's say I make widget. I as a widget maker, do not have enough knowledge about computers to, to really do it myself. So let's say I've grown and I've got 20 employees. The odds are very good that my office manager is the one in charge of the computer. The office manager probably orders. [00:01:49] Computers probably tries to figure out what's going wrong. By the time of it at 50 computers or 50 employees, I've probably got a full-time it person who goes around and tries to take care of things. But before I've got that, full-time it person I'm probably going to outsource it. And by the way, a lot of companies, it's more like a hundred to 200 employees before they get someone who's really dedicated to it. [00:02:18] So then that awkward teenage stage between where the office managers trying to do it. And finally the office manager can try and hire an it professional. Is where they go and outsource it. You talk to various types of companies. What are in the industry called break, fix shops. That's usually the first stop which is calling them up saying I've got a broken computer. [00:02:44] Can you fix it? And maybe they can, maybe they can't. And then a lot of break fix shops have tried to level out their income so that they have predictable monthly income so that they can hire the right number of people for the number of customers that they have. Although I've got to say most of them are badly overbooked. [00:03:04]Now that they've hired those people, they this outsource break fix shop. They come in and say, okay here's what we can do for X amount per month per computer or employee, we will take care of those computers for you. One of the things that they'll promise to do is that they will take care of your cybersecurity for you. [00:03:25] Now, cybersecurity is frankly, a specialty. It is not something that everybody can do. Even if you're using some of the best stuff in the world, like what we do, we have Cisco hardware, we have Cisco software that we run advanced malware protection. So that's the best of the top of the line. [00:03:45] Most smaller businesses aren't going to want to pay for it, even though they might be able to afford it. Push those people out right now, because we're talking about, you were talking about a smaller business. So what does that outsourced it provider do for you? They might change their name and call themselves a managed services provider. [00:04:06] And that's all well and good, but they need help as well. So I'm making widgets. I have this break fix shop that came in and fixed my computers a few times. And now they're handling my cyber security. Isn't that wall well, and goods was wonderful. So now they're handling, supposedly my cybersecurity. But they know they can't do it themselves and it would be too expensive to do it because they went cheap. [00:04:33]You bought the least expensive option or, close to the least expensive option. So wait, and by the way, cheap in this case means that it's under $150 per. Person slash workstation per month. That's what it costs to get this stuff done. So you might be paying 25 or maybe even $50. They can't do it for that. [00:04:57] So what do they do? They go to a company like. Now they also have some others. They have what are called arm AMS that keep track of some basic stuff for you, but they go to Garcia and say, okay, Casia we want you to monitor the computers, keep them up to date, et cetera for. Now did I, the widget manufacturer go ahead and hire  to take care of stuff. [00:05:23] Did Kasiah even do it themselves or did they outsource it? Do I even know the Kaseya exists because it's really Kaseya that is managing my computers doing. We have, there has a software that doing the upgrade on my computers. This is a real problem because the widget maker, Nope, I didn't hire KSA. I didn't even know they existed. [00:05:49] I trusted my local. Your local guy is not taking care of your cybersecurity. Almost completely guaranteed. There's very few companies like mine out there that we actually do it ourselves because we have looked at Kaseya. We've looked at all of these platforms. Every last one of them has had major problems. [00:06:12] So here comes Casia with over a hundred thousand customers that gets hacked and distributes the hack to all of its customers that are running some of these on-premise devices that are trying to manage the networks for not Cassias clients, but for KSA as clients, client. Okay. Do you see how this is the level of indirection? [00:06:35] You see how this is going to affect? This is a huge problem. And Casia not only have we warned some of these companies, like Kaseya about major design flaws in their software, but cause say his own engineers apparently about three years ago, warned Cacia about major design flaws in the software that they were using. [00:07:01] So they knew about this. They were warned months, if not years in advance about it. So what does it say you do? They're concerned about profit and features, so they just keep adding features as alleged by their former employees instead of fixing the security problems. Cause it would be too hard to fix, take too long cost too much, and it isn't going to increase our revenue. [00:07:26] Are you sitting down? Can you believe this is one of the major operators out there, major operators that is, is behind your manager services provider and your break fix shop that's who's doing it out there. So there are probably far more than that this thousand Kaseya clients that have gathered together to try and negotiate the ranch. [00:07:57] And I got to say, I, I would be extremely disappointed if Kaseya customers didn't gather together and Sue them in a very big way. Curly sins, people claiming to be former Cacia employees are saying they warned the company about major flaws in their software. And that is what hit all of Cassias customers. [00:08:24] Customers. This is incredible here. This is a much different style of relationship that companies have typically, right? Yeah. Okay. Law firms they'll outsource stuff, right? So let's say there's some maritime law. They'll go to a maritime law firm. They'll outsource it. So yeah, there are some models where this is done, but this is done routinely. [00:08:49] In the cybersecurity space. It's not something we do. We stuck our toe toes into that pond and we didn't like it. We didn't want our customers to be hurt by this sort of thing. But anyway, there you have it. Okay. There, you have it all about profit and not about you. And by the way, it's also about how much you're willing to pay.

    Predictions About Olympic Cyberattacks

    Play Episode Listen Later Jul 16, 2021 9:24

    Predictions About Olympic Cyberattacks We're all excited about the upcoming Olympic games. And so are the hackers. Oh my goodness. I just finished reading a report by the cyber threat Alliance about what they're expecting to happen at these Olympic Games in Tokyo.  The Olympics have always been a huge target when it comes to the bad guys. [00:00:23] You might remember there have been abductions at the Olympics before where some of the Olympic competitors were held at gunpoint. Of course, we're not going to forget that one anytime soon. And looking back through the last few Olympics, there have been many different types of attacks, some more successful than others, frankly, but looking at this report, they were talking about the 2008 Beijing Olympic. [00:00:51] The attacks then were relatively limited. There were about a 12 million cyber alerts per day. Now this is part of the problem with cyber security. You get so many alerts. What do you do? How do you. Bond and none of those 12 million cyber alerts per day resulted in a successful attack. Now that was back in 2008, there were some scams like ticket scams are always are, but nothing big. [00:01:23] The next one was the London Olympic. In 2012 and the London Olympic, they had pretty much low level attacks and they didn't result in any real high impact cyber security event. And the most significant event back in 2012 was evidence. Credible cyber threat against electrical infrastructure. That was of course in place for those Olympic games. [00:01:50] There was a distributed denial of service attack on the power systems. Nothing much really happened, no real impact. Then 2016 Rio de Janeiro. They were starting to pay more attention to cyber security for very good reasons. Frankly, there was a large scale denial of service attack that was carried out by this bot net. [00:02:16] Let me explain what that is. A denial of service attack is where you might have a website for instance. Providing service to your customers that might be going there to look at your catalog, maybe buy some things. It might be a government agency. It might be an important part of the Olympics in this case and their critical infrastructure. [00:02:37] So denied service means you either knock it off the air or so people can't get it. Or there's also the distributed denial of service attack. Now D dos are the distributed ones are where you have hundreds or thousands of computers out on the internet, all over the place that are trying to get to maybe the home page, maybe the purchase page. [00:03:04] And because the coming from all over the internet, they're very hard to shut. And that's where we have the botnets coming in, too. Botnets are groups of computers that have been compromised by the hackers. So what they do now is they command, for instance, you're a home computer that you don't even know is under the control of one of these bad guys, your home computer now, issues or requests. [00:03:33] Hey, yeah, give me the home page of Olympics 2020. And off it'll go dutifly and try and get the homepage. That's all well, and good. If the load on the server is what they're expecting. You've been to sites, right? You hear something mentioned on the radio and like Craig peterson.com. Now, because I mentioned my website, Craig Peterson, S O n.com. [00:03:58] And there are people listening. Some of you guys are going to go to my website. Now the normal traffic of having dozens of new people go to my website is not going to bring the site down. However, here's the other side of this? What happens if maybe two or three times as much traffic as I expect is going to come to the site? [00:04:22]I've compensated for that. We should be able to handle that just fine. But what happens if all of a sudden it's a thousand times what we're expecting because there's 20, 30, 40,000 cases. Peter is out there that are trying to get my homepage or in this case, the Olympic. Homepage. Obviously the server's not going to be able to respond and it's either going to crash or and I'm sure they set this up the right way. [00:04:49] It's going to deliver a message saying the servers over loaded right now. Try again a little bit. And by the way, if you get that message on a website saying, Hey, try it in a few minutes, please try it in a few minutes. Don't just hit reload because that's going to put even more load on that poor little overloaded server. [00:05:10] Now what they had here coming in 2016 at the Rio de Janeiro Olympics was a staggering 540 gigabytes. Per second worth of people requesting homepages. That is insane. That is a lot of bandwidth. And the fact that they apparently had that much bandwidth available coming in is also amazing, but also remember people are looking at videos. [00:05:41] Am I. To get the insider scoop, add some stuff happening behind the scenes. Now, many of the attacks in 2016 started before the Olympic games, even. And what they were doing is attacking different parts of the Olympics infrastructure operationally. So it's a problem. It's a very big problem. They survived that whole thing. [00:06:09] And by the way, the Brazilian government ended up trying to protect the world cup back in 2014 as well by spending a whole lot of money and time on this. But remember, Even back in 2008, we were talking about 12 million cyber alerts per day. How can you staff up for that back then? It was back then. [00:06:32] We're seeing some of our clients being hit with hundreds of cyber attacks a minute and multiple per second, sometimes 10 20, 30. Per second. It's just incredible. What happens? In fact, divide those numbers out 12 million divided by how many seconds in a day. It just shows you how amazingly huge it is. [00:06:56] Now we have seen time. Past where a country like North Korea, for instance, doesn't like what Sony pictures is doing. So North Korea then attacks Sony pictures. And in the case of Sony, they downloaded a bunch of confidential information. They released it. They embarrassed some people now, hardly anybody got fired. [00:07:16] It's absolutely amazing. But anyway, What's happening right now is Russia. Think about all of the Russian attacks against our businesses and our critical infrastructure as a country, they have been huge, massive attacks. We have now Russia at a point where they are getting massive amounts of.  built up. [00:07:45] Why? Because they submitted doped samples in 2019 to the Olympic committee. Yeah. So this was a, the McLaren report released by the world anti-doping agency. Describe what we're really systematic effort by the Russian government to really undermine the drug testing process. We've also seen the Russians in the past because they've been caught doing this. [00:08:14] And the Chinese as well, putting in some of the competitors, particularly into things like gymnastics that were too young to compete based on the Olympic rules that were in place. So we had all of this happen during, and after the 2014 Sochi winter Olympics. Guess what those restrictions on their athletes are still in place and in place in a very big way, they will not play the Russian national Anthem at the ceremonies at the Olympics. [00:08:48] And they will not allow the Russian flag to be carried. In fact, their athletes have to carry a neutral. Flag. So expect some serious attacks from Russia against the Olympics. And remember the Olympics. There are no spectators. Everybody's going to be watching this thing on a line. So it's going to be interesting. [00:09:14] We'll keep an eye and let you know how things go. Stick around. Visit me online. CraigPeterson.com.

    Facebook Confirms Its Asking People to Report "Extremists"

    Play Episode Listen Later Jul 16, 2021 11:05

    Facebook Confirms Its Asking People to Report "Extremists" Reporting on your neighbors is something you would expect from a socialist government, right? A communist government, a fascist government, any form of socialist government. Now Facebook is doing exactly that and it's going to interfere with our lives. Facebook has now confirmed what it's calling a test of its "do-you-know" an extremist prompt and that's got me really rather worried. And it has a lot of other people worried as well. I was talking to a friend of mine who was also in the media biz, who was saying just over the last couple of weeks. He's received this a bunch of times. And I mentioned this to another friend of mine who is not in the media business. And he said that he got it as well. [00:00:48] And he said his was: are YOU an extremist? Which I think is interesting. First of all, extremist is not defined. And of course, with these people who are monitoring accounts on Facebook, announce where their definition of extremist is going to be. The definition of an extremist by the government going to very political parties is going to Berry very, and we're talking about this anti-extremist promt, not just asking you if you are an extremist, like my friend said he got, but it's asking if you know someone else who is an extremist or who may become an extremist. [00:01:28] That is absolutely amazing to me. Amazing. It's bad enough that the government has picked winners. It has this whole section to 10, you've heard about before in the FCC rules that says we know if you're Facebook or Google, no one can Sue you for anything that you do. That is absolutely insane as far as I'm concerned, but there will be lawsuits on this they're already been filed. [00:01:58] Why would Facebook block thought that it didn't think was appropriate? The whole idea behind the first amendment? Isn't just that it applies to the federal government. It is a code of conduct for all of us. It's a code of conduct for these massive multimedia platforms. We should be allowing all kinds of speech and we should not allow people to hide because what they've done now is they've moved to other platforms. [00:02:29] The don't do this kind of monitoring and they are current carrying on their speed. If someone comes out and says something that is racist, that is violent, that is, is threatening to commit a crime. We know about it. If it's out there in the open, we all have the crazy neighbor that everybody in the neighborhood knows about because they are, and they're saying it, Facebook starting to block it. [00:02:55]We're just not going to know. And then what do they do? If you report someone who is saying some things that you think might be extreme, things like you should check voter ID at the voting booth. There are people that think that's extreme and they report you what's likely to happen. We know already that one of the things that many people who have been doing online is reporting people. [00:03:22] They don't like as someone who is posting things that are violent or extreme and getting their stuff blocked and demonetized in some cases, but just plain old blocked. It's a great little tool for people to shut up. Other people, just shut them down, shut them up. They can't say it anymore just because they disagree with the content that's already in place. [00:03:48] Now what's going to happen. If someone is reported as being, not an extremist or on the road to extremism, what liability is there on Facebook's side? What liability is there with, for instance, the FBI or local one force. There are obvious things that should be reported to law enforcement. If someone's saying they're going to harm themselves or harm someone else then we need to have a closer look at that. [00:04:14] If you actually have the belief that they will and can do that. I was as a mandated reporter for 10 years because I was in emergency medical services. If I thought someone was trying to commit harm to themselves or someone else, I was mandated to report, but I have to think that I can't just use the reporting tools as a way to shut up my political opponents. [00:04:43] So someone reports another person as being an extremist of Facebook, Facebook then sends it to who are they going to send it to the FBI? What's the FBI going to do well. The FBI is mandated to report again in their reports and investigate. So what are they going to do for the investigation? It needs to rise to a level of the FBI thinks that this might be an illegal activity so that they can investigate it. [00:05:11] They can hopefully stop something before it happens. Something violent, something nasty. But what does the investigation take ground? I'm taking you all the way down the road here. The investigation is going to include them having a look at what you said, looking at the people who are within your social network. [00:05:32] So who do you. Two. Who do you follow? Who follows you? They may start looking at your phone. Who are you calling? What SMS messages are you receiving? Where are you hanging out? Where's your phone going every day? Who goes to that bar that you like to hang out at? Oh my goodness. You went to a gun range. [00:05:50] Who's at that gun range and so very quick. The investigation is all of a sudden roping everybody and all of your family members, all of your closest friends, anybody that might've liked something that you had said recently, even though it might not have been extremist. And so now by having Facebook looking for extremists and people who might be on the road to extremism and counting on you to report them, they have opened up a can of worms. [00:06:22] Huge can of worms and remember too, with the FBI and with others, including the NSA and the CIA, they have this multi hop rule. I think it's three hops now. So if they suspect you of something and what is suspect you, is it the fact that someone reported you as being an extremist, just because they disagree with you politically, they disagree with your religion. [00:06:48] Is that enough for them to suspect it. So now they can monitor not just your stuff, but anyone that has talked to you or liked you and anyone that has talked to them or It doesn't take long. I think that whole Kevin bacon thing, right? Everybody in Hollywood's within five degrees of Kevin bacon. In fact, I think everybody in the United States is within five degrees of Kevin bacon. [00:07:12] In other words, they can hop through opt to five people and connect to anyone in the country. That is absolutely huge. Absolutely huge. According to the verge. Facebook is doing this in response to the Christ church call for action campaign Christchurch. Remember in New Zealand and there was an atrocity that was committed there. [00:07:41] These hate and dangerous organizations. That's what they're up to. They're trying to stop all of this. And it goes back to March in 2019. I think it was this attacking Christchurch. Obviously a terrible thing. People knew about this person and their radical approaches. The police have been informed, but nothing happened. [00:08:05] So now we want even more monitoring to go on. At least Facebook does. This is really a problem. There's all kinds of bad behavior online. We hide behind our supposedly anonymity. Look at the terrible thing. Some people say online about you name it, right? Different people, kids in high school, either people in other walks of life. [00:08:33] It is terrible. So Facebook has this support page titled what can I do to prevent rattling? Radek  radicalization. There we go. I knew I could say it. It's a really good question. Yeah. They've got links on that page to life after hate exit USA program, which Facebook says help people find a way out of hate and violence. [00:08:57] I'm all great with that. I think that's a good thing. It's not a bad thing, but now having them report people that someone. In their non-inferior wisdom decides might be hate speech or might be on a road to extremism because remember anybody that voted for Donald Trump is considered to be someone who's on the road to extremism, or is an extremist. [00:09:22] For voting for him, the worst president ever. How many times have you heard that sort of thing? It has happened all of the time. And so we've got to be very careful about these open reporting things that are online. We have to be careful about reporting. Other people, it brings to mind two things. [00:09:41] One is two TV shows. One is one. That apple produced and you can watch, and it's all about this guy. You were a reporter, a news anchor, and he was supposedly sexually harassing someone and yeah, he was to a degree, but the crime and the punishment was just totally out of whack. And one of my wife's favorite shows the It was the good wife and now it's a good fight. [00:10:12] That's what it is in season five, episode three. It is delving into this in a very big way. What happens when you report someone? Should they be reported? You've got to think twice about that. Even when, again, I was in EMS, what happens if I report someone potential neglect potential child abuse here, they can go through hell. [00:10:37] So be very careful. I don't like this move by. But you probably figured that out already, right? Hey, you stick around. We've got a lot more to talk about today and I also want to encourage you. If you haven't already go to my website, sign up for the newsletter. Craig peterson.com/subscribe and get all of the latest and most important technology news in your mailbox.

    Facebook - Olympics - Amazon - Managed Services

    Play Episode Listen Later Jul 16, 2021 83:03


    2021-07-17 1122 Craig Peterson (2): Reporting on your neighbors is something you would expect from a socialist government, right? A communist government, a fascist government, any form of a socialist government. Now Facebook is doing exactly that, and it's going to interfere with our lives. [00:00:16] Facebook has now confirmed what it's calling a test of its "do-you-know" an extremist prompt, and that's got me really rather worried. [00:00:28] And it has a lot of other people worried as well. I was talking to a friend of mine who was also in the media biz, who was saying just over the last couple of weeks. He's received this a bunch of times. And I mentioned this to another friend of mine who is not in the media business. And he said that he got it as well. [00:00:48] And he said it was: are YOU an extremist? Which I think is interesting. First of all, an extremist is not defined. And of course, with these people who are monitoring accounts on Facebook, announce where their definition of extremist is going to be. The definition of an extremist by the government going to very political parties is going to Berry very, and we're talking about this anti-extremist prom, not just asking you if you are an extremist, like my friend said he got, but it's asking if you know someone else who is an extremist or who may become an extremist. [00:01:28] That is absolutely amazing to me. Amazing. It's bad enough that the government has picked winners. It has this whole section to 10, you've heard about before in the FCC rules that say we know if you're Facebook or Google, no one can Sue you for anything that you do. That is absolutely insane as far as I'm concerned, but there will be lawsuits on this they've already been filed. [00:01:58] Why would Facebook block thought that it didn't think was appropriate? The whole idea behind the first amendment? It isn't just that it applies to the federal government. It is a code of conduct for all of us. It's a code of conduct for these massive multimedia platforms. We should be allowing all kinds of speech, and we should not allow people to hide because what they've done now is they've moved to other platforms. [00:02:29] They don't do this kind of monitoring, and they are currently carrying on their speed. If someone comes out and says something that is racist, that is violent, that is, is threatening to commit a crime. We know about it. If it's out there in the open, we all have the crazy neighbor that everybody in the neighborhood knows about because they are, and they're saying it, Facebook is starting to block it. [00:02:55]We're just not going to know. And then what do they do? If you report someone who is saying some things that you think might be extreme, things like you should check voter ID at the voting booth. There are people that think that's extreme, and they report to you what's likely to happen. We know already that one of the things that many people who have been doing online is reporting people. [00:03:22] They don't like someone who is posting things that are violent or extreme and getting their stuff blocked and demonetized in some cases, but just plain old blocked. It's a great little tool for people to shut up. Other people, just shut them down, shut them up. They can't say it anymore just because they disagree with the content that's already in place. [00:03:48] Now, what's going to happen. If someone is reported as being not an extremist or on the road to extremism, what liability is there on Facebook's side? What liability is there with, for instance, the FBI or local one force. There are obvious things that should be reported to law enforcement. If someone's saying they're going to harm themselves or harm someone else, then we need to have a closer look at that. [00:04:14] If you actually have the belief that they will and can do that. I was a mandated reporter for 10 years because I was in emergency medical services. If I thought someone was trying to commit harm to themselves or someone else, I was mandated to report, but I have to think that I can't just use the reporting tools as a way to shut up my political opponents. [00:04:43] So someone reports another person as being an extremist of Facebook; Facebook then sends it to who are they going to send it to the FBI? What's the FBI going to do well. The FBI is mandated to report again in their reports and investigate. So what are they going to do for the investigation? It needs to rise to a level of the FBI thinks that this might be an illegal activity so that they can investigate it. [00:05:11] They can hopefully stop something before it happens. Something violent, something nasty. But what does the investigation take ground? I'm taking you all the way down the road here. The investigation is going to include them having a look at what you said, looking at the people who are within your social network. [00:05:32] So who do you. Two. Who do you follow? Who follows you? They may start looking at your phone. Who are you calling? What SMS messages are you receiving? Where are you hanging out? Where's your phone going every day? Who goes to that bar that you like to hang out at? Oh my goodness. You went to a gun range. [00:05:50] Who's at that gun range and so very quick. The investigation is all of a sudden roping everybody and all of your family members, all of your closest friends, anybody that might've liked something that you had said recently, even though it might not have been extremist. And so now, by having Facebook looking for extremists and people who might be on the road to extremism and counting on you to report them, they have opened up a can of worms. [00:06:22] Huge can of worms and remember too, with the FBI and with others, including the NSA and the CIA, they have this multi-hop rule. I think it's three hops now. So if they suspect you of something and what is suspect you, is it the fact that someone reported you as being an extremist, just because they disagree with you politically, they disagree with your religion. [00:06:48] Is that enough for them to suspect it. So now they can monitor not just your stuff, but anyone that has talked to you or liked you and anyone that has talked to them or It doesn't take long. I think that whole Kevin bacon thing, right? Everybody in Hollywood's within five degrees of Kevin bacon. In fact, I think everybody in the United States is within five degrees of Kevin bacon. [00:07:12] In other words, they can hop through opt to five people and connect to anyone in the country. That is absolutely huge. Absolutely huge. According to the verge. Facebook is doing this in response to the Christ church call for action campaign Christchurch. Remember in New Zealand, and there was an atrocity that was committed there. [00:07:41] These hate and dangerous organizations. That's what they're up to. They're trying to stop all of this. And it went back to March 2019. I think it was this attacking Christchurch. Obviously a terrible thing. People knew about this person and their radical approaches. The police have been informed, but nothing happened. [00:08:05] So now we want even more monitoring to go on. At least Facebook does. This is really a problem. There are all kinds of bad behavior online. We hide behind our supposed anonymity. Look at the terrible thing. Some people say online about you name it, right? Different people, kids in high school, either people in other walks of life. [00:08:33] It is terrible. So Facebook has this support page titled what I can do to prevent rattling? Radek  radicalization. There we go. I knew I could say it. It's a really good question. Yeah. They've got links on that page to the life after hate exit USA program, which Facebook says help people find a way out of hate and violence. [00:08:57] I'm all great with that. I think that's a good thing. It's not a bad thing, but now having them report people that someone. In their non-inferior wisdom, decides might be hate speech or might be on the road to extremism because remember anybody that voted for Donald Trump is considered to be someone who's on the road to extremism or is an extremist. [00:09:22] For voting for him, the worst president ever. How many times have you heard that sort of thing? It has happened all of the time. And so we've got to be very careful about these open reporting things that are online. We have to be careful about reporting. Other people, it brings to mind two things. [00:09:41] One is two TV shows. One is one. That apple produced and you can watch, and it's all about this guy. You were a reporter, a news anchor, and he was supposedly sexually harassing someone, and yeah, he was to a degree, but the crime and the punishment were just totally out of whack. And one of my wife's favorite shows It was the good wife, and now it's a good fight. [00:10:12] That's what it is in season five, episode three. It is delving into this in a very big way. What happens when you report someone? Should they be reported? You've got to think twice about that. Even when, again, I was in EMS, what happens if I report someone potential neglect potential child abuse here, they can go through hell. [00:10:37] So be very careful. I don't like this move by. But you probably figured that out already, right? Hey, you stick around. We've got a lot more to talk about today, and I also want to encourage you. If you haven't already, go to my website, sign up for the newsletter. Craig peterson.com/subscribe and get all of the latest and most important technology news in your mailbox. [00:11:04]Craig Peterson: We're all excited about the upcoming Olympic games. And so are the hackers. Oh my goodness. I just finished reading a report by the cyber threat Alliance about what they're expecting to happen at these Olympic Games in Tokyo.  [00:11:22] The Olympics have always been a huge target when it comes to the bad guys. [00:11:28] You might remember there have been abductions at the Olympics before where some of the Olympic competitors were held at gunpoint. Of course, we're not going to forget that one anytime soon. And looking back through the last few Olympics, there have been many different types of attacks, some more successful than others, frankly, but looking at this report, they were talking about the 2008 Beijing Olympic. [00:11:56] The attacks then were relatively limited. There were about 12 million cyber alerts per day. Now, this is part of the problem with cybersecurity. You get so many alerts. What do you do? How do you? Bond and none of those 12 million cyber alerts per day resulted in a successful attack. Now that was back in 2008; there were some scams like ticket scams are always are, but nothing big. [00:12:27] The next one was the London Olympics. In 2012 and the London Olympics, they had pretty much low-level attacks, and they didn't result in any real high-impact cybersecurity event. And the most significant event back in 2012 was evidence. The credible cyber threat against electrical infrastructure. That was, of course, in place for those Olympic games. [00:12:55] There was a distributed denial-of service attack on the power systems. Nothing much really happened, no real impact. Then 2016 Rio de Janeiro. They were starting to pay more attention to cybersecurity for very good reasons. Frankly, there was a large-scale denial of service attack that was carried out by this botnet. [00:13:21] Let me explain what that is. A denial of service attack is where you might have a website, for instance. Providing service to your customers that might be going there to look at your catalog, maybe buy some things. It might be a government agency. It might be an important part of the Olympics in this case and their critical infrastructure. [00:13:42] So denied service means you either knock it off the air, or so people can't get it. Or there's also the distributed denial of service attack. Now DDOS are the distributed ones where you have hundreds or thousands of computers out on the internet, all over the place that are trying to get to maybe the home page, maybe the purchase page. [00:14:09] And because they coming from all over the internet, they're very hard to shut. And that's where we have the botnets coming in, too. Botnets are groups of computers that have been compromised by hackers. So what they do now is they command, for instance, you're a home computer that you don't even know is under the control of one of these bad guys, your home computer now, issues or requests. [00:14:37] Hey, yeah, give me the home page of Olympics 2020. And off it'll go dutifully and try and get the homepage. That's all well and good. Suppose the load on the server is what they're expecting. You've been to sites, right? You hear something mentioned on the radio and like Craig peterson.com now, because I mentioned my website, Craig Peterson, S O n.com. [00:15:03] And there are people listening. Some of you guys are going to go to my website. Now the normal traffic of having dozens of new people go to my website is not going to bring the site down. However, here's the other side of this? What happens if maybe two or three times as much traffic as I expect is going to come to the site? [00:15:27]I've compensated for that. We should be able to handle that just fine. But what happens if all of a sudden it's a thousand times what we're expecting because there are 20, 30, 40,000 cases. Peter is out there that are trying to get my homepage or, in this case, the Olympic. Homepage. Obviously, the server's not going to be able to respond, and it's either going to crash or and I'm sure they set this up the right way. [00:15:53] It's going to deliver a message saying the servers overloaded right now. Try a little bit again. And by the way, if you get that message on a website saying, Hey, try it in a few minutes, please try it in a few minutes. Don't just hit reload because that's going to put even more load on that poor little overloaded server. [00:16:15] Now what they had here coming in 2016 at the Rio de Janeiro Olympics was a staggering 540 gigabytes. Per second worth of people requesting homepages. That is insane. That is a lot of bandwidth. And the fact that they apparently had that much bandwidth available coming in is also amazing, but also remember people are looking at videos. [00:16:46] Am I. To get the insider scoop, add some stuff happening behind the scenes. Now, many of the attacks in 2016 started before the Olympic games even. And what they were doing is attacking different parts of the Olympics infrastructure operationally. So it's a problem. It's a very big problem. They survived that whole thing. [00:17:14] And by the way, the Brazilian government ended up trying to protect the world cup back in 2014 as well by spending a whole lot of money and time on this. But remember, Even back in 2008, we were talking about 12 million cyber alerts per day. How can you staff up for that back then? It was back then. [00:17:37] We're seeing some of our clients being hit with hundreds of cyber attacks a minute and multiple per second, sometimes 10, 20, 30 per second. It's just incredible. What happens? In fact, divide those numbers out 12 million divided by how many seconds in a day. It just shows you how amazingly huge it is. [00:18:01] Now we have seen time. Past where a country like North Korea, for instance, doesn't like what Sony pictures are doing. So North Korea then attacks Sony pictures. And in the case of Sony, they downloaded a bunch of confidential information. They released it. They embarrassed some people now; hardly anybody got fired. [00:18:21] It's absolutely amazing. But anyway, What's happening right now is Russia. Think about all of the Russian attacks against our businesses and our critical infrastructure as a country; they have been huge, massive attacks. We have now Russia at a point where they are getting massive amounts of.  built up. [00:18:50] Why? Because they submitted doped samples in 2019 to the Olympic committee. Yeah. So this was a the McLaren report released by the world anti-doping agency. Describe what we're really systematic effort by the Russian government to really undermine the drug testing process. We've also seen the Russians in the past because they've been caught doing this. [00:19:19] And the Chinese as well, putting in some of the competitors, particularly into things like gymnastics that were too young to compete based on the Olympic rules that were in place. So we had all of this happen during and after the 2014 Sochi winter Olympics. Guess what? Those restrictions on their athletes are still in place, and in place in a very big way; they will not play the Russian national Anthem at the ceremonies at the Olympics. [00:19:53] And they will not allow the Russian flag to be carried. In fact, their athletes have to carry a neutral. Flag. So expect some serious attacks from Russia against the Olympics. And remember the Olympics. There are no spectators. Everybody's going to be watching this thing on a line. So it's going to be interesting. [00:20:19] We'll keep an eye and let you know how things go. Stick around. Visit me online. Craig peterson.com. [00:20:27]We have really in front of us a critical warning. We're trying to figure out what we should do or to stop people from attacking us. That's a problem. What should we do? Many of us have gone out to managed services providers, and now they have let us down.  Did you hear about the Kaseya hack? [00:20:47] It has been a huge impact on people. It's absolutely crazy. Or you heard about a thousand companies that got together, and they have hired a negotiator in order to negotiate the ransom with the bad guys that have ransom there. It is huge. It's huge. But let's talk about why this happened, because I think there are many things that you and I have overlooked here over the years; this ransomware God guy, gang called REvil, R E V I L has targeted cause say, or customers through. [00:21:32] Say, but it isn't just kissy customers. It's really cause, say, it is customers for the most part. Now your head might be spinning a little bit, but here's what's happening. I'm a business owner. You guys know that right now. Let's say that I don't do cybersecurity for businesses. That's what I do. [00:21:52] But let's say I make a widget. I was a widget maker, do not have enough knowledge about computers, to really do it myself. So let's say I've grown and I've got 20 employees. The odds are very good that my office manager is the one in charge of the computer. The office manager probably orders. [00:22:17] Computers probably tries to figure out what's going wrong. By the time of it at 50 computers or 50 employees, I've probably got a full-time it person who goes around and tries to take care of things. But before I've got that full-time IT person I'm probably going to outsource it. And by the way, a lot of companies, it's more like a hundred to 200 employees before they get someone who's really dedicated to it. [00:22:46] So then that awkward teenage stage between where the office managers trying to do it. And finally the office manager can try and hire an it professional. Is where they go and outsource it. You talk to various types of companies. What are in the industry called break, fix shops. That's usually the first stop which is calling them up saying I've got a broken computer. [00:23:12] Can you fix it? And maybe they can, maybe they can't. And then a lot of break fix shops have tried to level out their income so that they have predictable monthly income so that they can hire the right number of people for the number of customers that they have. Although I've got to say most of them are badly overbooked. [00:23:32]Now that they've hired those people, they this outsource break fix shop. They come in and say, okay here's what we can do for X amount per month per computer or employee, we will take care of those computers for you. One of the things that they'll promise to do is that they will take care of your cybersecurity for you. [00:23:53] Now, cybersecurity is frankly, a specialty. It is not something that everybody can do. Even if you're using some of the best stuff in the world, like what we do, we have Cisco hardware, we have Cisco software that we run advanced malware protection. So that's the best of the top of the line. [00:24:13] Most smaller businesses aren't going to want to pay for it, even though they might be able to afford it. Push those people out right now, because we're talking about, you were talking about a smaller business. So what does that outsourced it provider do for you? They might change their name and call themselves a managed services provider. [00:24:34] And that's all well and good, but they need help as well. So I'm making widgets. I have this break fix shop that came in and fixed my computers a few times. And now they're handling my cyber security. Isn't that wall well, and goods was wonderful. So now they're handling, supposedly my cybersecurity. But they know they can't do it themselves and it would be too expensive to do it because they went cheap. [00:25:01]You bought the least expensive option or, close to the least expensive option. So wait, and by the way, cheap in this case means that it's under $150 per. Person slash workstation per month. That's what it costs to get this stuff done. So you might be paying 25 or maybe even $50. They can't do it for that. [00:25:25] So what do they do? They go to a company like. Now they also have some others. They have what are called arm AMS that keep track of some basic stuff for you, but they go to Garcia and say, okay, Casia we want you to monitor the computers, keep them up to date, et cetera for. Now did I, the widget manufacturer go ahead and hire  to take care of stuff. [00:25:51] Did Kasiah even do it themselves or did they outsource it? Do I even know the Kaseya exists because it's really Kaseya that is managing my computers doing. We have, there has a software that doing the upgrade on my computers. This is a real problem because the widget maker, Nope, I didn't hire KSA. I didn't even know they existed. [00:26:17] I trusted my local. Your local guy is not taking care of your cybersecurity. Almost completely guaranteed. There's very few companies like mine out there that we actually do it ourselves because we have looked at Kaseya. We've looked at all of these platforms. Every last one of them has had major problems. [00:26:40] So here comes Casia with over a hundred thousand customers that gets hacked and distributes the hack to all of its customers that are running some of these on-premise devices that are trying to manage the networks for not Cassias clients, but for KSA as clients, client. Okay. Do you see how this is the level of indirection? [00:27:03] You see how this is going to affect? This is a huge problem. And Casia not only have we warned some of these companies, like Kaseya about major design flaws in their software, but cause say his own engineers apparently about three years ago, warned Cacia about major design flaws in the software that they were using. [00:27:29] So they knew about this. They were warned months, if not years in advance about it. So what does it say you do? They're concerned about profit and features, so they just keep adding features as alleged by their former employees instead of fixing the security problems. Cause it would be too hard to fix, take too long cost too much, and it isn't going to increase our revenue. [00:27:54] Are you sitting down? Can you believe this is one of the major operators out there, major operators that is, is behind your manager services provider and your break fix shop that's who's doing it out there. So there are probably far more than that this thousand Kaseya clients that have gathered together to try and negotiate the ranch. [00:28:25] And I got to say, I, I would be extremely disappointed if Kaseya customers didn't gather together and Sue them in a very big way. Curly sins, people claiming to be former Cacia employees are saying they warned the company about major flaws in their software. And that is what hit all of Cassias customers. [00:28:52] Customers. This is incredible here. This is a much different style of relationship that companies have typically, right? Yeah. Okay. Law firms they'll outsource stuff, right? So let's say there's some maritime law. They'll go to a maritime law firm. They'll outsource it. So yeah, there are some models where this is done, but this is done routinely. [00:29:17] In the cybersecurity space. It's not something we do. We stuck our toe toes into that pond and we didn't like it. We didn't want our customers to be hurt by this sort of thing. But anyways, there you have it. Okay. There, you have it all about profit and not about you. And by the way, it's also about how much you're willing to pay. [00:29:41]Did you know that Amazon has a new CEO? I remember back in the nineties, I pledge that I would never use Amazon again because they filed and were awarded a patent on technology everybody was using.  Jeff Bezos is out of a job. [00:30:00] This is a guy that grew a company that all they did initially really was book sales and they had a warehouse the size of the Amazon, right? Because they wanted to represent everybody. They had every book ever published and to a large degree. They did. They had a whole lot of bucks and then I've expanded of course, beyond that. [00:30:28]And beyond that, to the point today where they are doing some well, again, shady things I mentioned in the intro that I was concerned about what Amazon was doing with pat. They got a patent on this one click purchase. Now I have been a fan of patents for a long time. I do not like the patent law as it exists today. [00:30:55] And in fact, I haven't liked it for quite some time, but this patent law where you don't have to show that there was no prior art and frankly, the prior art does not matter at all. I think that's a huge. And I've had a number of patent attorneys on my show, talking about it and talking about what we may want to change. [00:31:18]Jeff Bezos grew it to today where it really is the number one provider of online services is. You might in fact, almost certainly are using Amazon's services, whether you realize it or not to go to most, any website, any of the big ones they're probably using Amazon's web services. They're probably using Amazon storage and Amazon has dozens and dozens of different services. [00:31:50] So it's a very big deal. And Jeff Bezos, who's the guy that started all of that sat down stepped on. I should say. Now it's rare that the founder of a company ends up taking the company public. Public, basically, that just doesn't really happen because all of a sudden, when you're public, your whole job changes and no longer can you make a decision, a snap decision about something, and then go ahead and do it. [00:32:18] You've got to be very careful about what you do when you do it, how you do it, you have to announce it and everything, but just an amazing man being able to take it. All of that. And by the way, have the largest settlement, a divorce settlement in history with his ex wife. It's amazing, but he is still the world's richest human. [00:32:40] Now he has this company called blue origin, which is his rocket company. He's got the Bezos earth fund and he's still chairman of Amazon's board. So he's not going anywhere. However, we've got this new guy, Andy Jassy, who has stepped in as the CEO of Amazon. He was the the head of Amazon's. [00:33:06] Online services, which is absolutely huge. It's their most profitable arm by far. So he's taking this whole thing over when Amazon frankly, is in a lot of trouble. Now they're basics of, Hey, there, the money that they're making, their profits and everything, that's all well and good, but there's ongoing antitrust investigations. [00:33:33] There's battle with labor. And we're talking about, of course, big labor here. The unions. There's increased competition in the cloud space. Just look at what happened with the us military in there. I think it was at least a billion dollar. I can't remember the exact number, a cloud contract because Amazon was battling Microsoft Azure and it was awarded. [00:34:01] And then just a couple of weeks ago it was pulled back again. They're also seeing increased competition in their online services from Google. And I use some of those Google services. In fact, if you go to Craig peterson.com, it's actually right now using some of those Google services. So they are really getting nailed from a whole bunch of different directions. [00:34:26] And this guy Jassy has worked there since 97. But he may be the perfect person to guide Amazon through. W really now we're talking about the middle-aged, that's the time when you're supposed to buy your convertible, buy your motorcycle, et cetera. The middle aged years. And in this case, there's some problems. [00:34:51] Here's a quote I want to read from this Yahoo article is actually I think AP yeah. Yahoo finance. This Yahoo article and it's from Harvard business school, because we've got regulators who are circling, and this may be the main reason Jeff stepped down. I don't know, but quote, you may want somebody who has the confidence of the chair. [00:35:16] And the board you want somebody who understands the strategy and was part of it and knows where the bodies are buried and the mistakes that have been made and how to move forward. This is from Harvard business school, professor of business administration. Rosabeth Moss Kanter, and I think she's right. [00:35:39] Absolutely because this road ahead for him is going to be tough. But the fact that he ran their most profitable division tells you something, it tells you a lot and he might be the exact right guy to be able to do that. Amazon's now got a market capitalization of about $2 trillion, which is huge. [00:36:01] And it's certainly enough to get some of these regulators. Paint a lot of attention to what's going on. We've got the Washington DC attorney general, who has accused them of violating the district of Columbia's antitrust act. And that has to do with, for bidding third-party resellers, from offering cheaper rates for their products on competing sites. [00:36:24] Cause remember what Amazon does. About half or more. In fact, I think now of their products are not actually sold by Amazon. They're certainly not Amazon products. They are products from resellers who are just selling on Amazon. They're using Amazon is their platform. And that way Amazon will manage the inventory. [00:36:47] It'll warehouse a little ship it out. It'll handle the returns. Yeah. What Amazon is doing is charging these sellers for the space in the warehouses, which is perfectly legitimate and taking a percentage of the deals. Are there other websites that might give these sellers or resellers or stuff they're importing from China or wherever. [00:37:12] Might there be other sites that give them better deals? Will you bet there are sites out there. So that's why she's suing them. Federal regulators look like they might be coming in as well. The federal trade commission's newly appointed chairman. She's a fierce critic of the. Amazon way of doing business and she made herself a name by publishing an article for Yale's law journal titled Amazon's antitrust paradox. [00:37:42] So before she was even appointed to the federal trade commission, she was already calling for changes in the current antitrust regulatory framework. And that might be widely invited administration has appointed her, but there's six antitrust bills. Targeting big tech right now that are working their way through the house of representatives. [00:38:05] And we've talked about some of those already, and, I do not like these huge tech companies that are making crazy profits and using those profits to keep other people out. And Amazon's one of the largest employers in the country. And after years of complaints from somewhere house workers, we've got the labor unions now in the mix trying to take action. [00:38:30] Now, I don't have a single problem with labor unions while at some of their tactics, I have problems with, I don't have a problem with the labor union. In the private space. I have a huge problem with I'm in government space. And we could talk about that at some point, but I don't have a problem with them trying to organize inside Amazon. [00:38:53] So the international brotherhood of Teamsters. Yeah. I remember the guys that drive the horses. They announced that they're going to begin working to organize Amazon workers. So that might succeed. There was another one in Alabama that had failed. So are you getting the hint here? This is huge. It's huge. [00:39:13]By the way, Amazon's offering warehouse workers starting pay at $15 per hour plus benefits. So that doesn't seem too bad. If you ask them. But again, with the pandemic, all of the stuff going on there been a lot of calls for Amazon to quote, treat its workers better. So we'll see. We'll see what happens. [00:39:34] Other problems with Amazon that we've talked about before are things like fake reviews. You and I, we look at the reviews, it's critical in us buying things. Isn't it. We look at the reviews and say, oh, wow. Jeepers. There's 500 reviews here and it's four and a half stars. Okay. So I can have confidence that this product is good. [00:39:58] It's going to work. And yet some of these sellers, what they're doing is bribing people to give a good review. So they'll say, Hey, you buy my product. And then they send the product in with, along with the product is a little note saying, Hey, if you give me a review and send me a link, I'll send you an extra battery or whatever it might be. [00:40:20] That has been a real problem for Amazon, even worse than that, because at least those people might give an honest review, right? Worse than that is that some of these reviews are paid for. So some of the sellers it's alleged are going out there. They are hiring. People and paying them to give reviews. Now, those ones are very obvious. [00:40:45] If you look at the reviews, so don't just look at there's 500 and the average is 4.5. Look at some of the reviews in the wording. So I've seen reviews where it was for a massager, and there was talking about what a great. A set of wheels that has on it. And they work really well. And it's very smooth when you're out, riding it on the trails. [00:41:08] Wait a minute wait, we're talking about a massager here. We're not talking about a bicycle, so that's one of the ways to tell if the reviews are fake, they're don't even talk about the product at all, or any of its real features. The other one is look at the wording because most of these fake reviews. [00:41:26] Don't use English, so good. All right. Okay. Thanks for being with me. I want to make sure you stick around and visit me online. In the meantime, go to Craig peterson.com. If you sign up for my free newsletter, you'll be getting that every week with all of the details. I'll try and catch you up and you can listen to my podcast, right from there. [00:41:50] Craig peterson.com. That's Peterson with an O. [00:41:56]If you look into buy a used Google pixel for a I got some news for you. The FBI has been very busy and they've conned the con man. I love this story.  The FBI has, been trying to track bad guys for a very long time and there've been a number of ways they've done it. [00:42:19] We know obviously about phone taps, right? We've seen those before the old days. I don't know if you've ever been to one of the original. Telephone switching stations, all not even original, but the types they had in the late sixties, early seventies. I remember going to see one and all of these switches were just going [00:42:40] People were dialing the phones and everything. It was just so cool. And back then, in order to trace a phone call, what they had to do is find the original. Sore. So they would go to that row, that column, that exact little unit that was hooked up directly to your phone. And then they would see, okay, this is in position this, and then go to that next switch. [00:43:04] Okay. Position that next switch, position that and go all the way through. That's the really older days, not the old days where you had somebody that was at a switchboard doing it. Nowadays, of course, it's all done by computers. The telephone company turns your voice into a digital signal and it's usually done right in your local neighborhood. [00:43:26] It isn't even done at the central office anymore. So by the time your voice is outside the central office, it's digital it's hauled on nowadays, even partially an internet protocol. Network. They used to use different protocols back in the day. And so it makes it quite easy for them to tap your line. Now, of course, there's the legal side of this. [00:43:50] Do they have the legal right to do it to the need a court order or what kind of a court order? Do they need right. All of that stuff. But that is side. It's very easy to find out where call went, where it came from and to listen in because it's just digital. Data's completely completely copyable with absolutely no particular problems at all in copying it. [00:44:14]Last month. The FBI and the Australian federal police acknowledged that they had indeed been working on this encrypted device. And the company was called a nom, which is a fake company and a nom sole. 12,000 smartphones to criminal syndicates around the world. That's the wording that the police used. [00:44:42] So these were being sold as secure devices. They did things like they removed the cell leader, modem functionality they'd changed the boot ROMs. They removed the GPS. So the idea was, Hey, you missed your badge. You can use one of our Anom phones and it's using a special version of the Android operating system and you can send messages back and forth. [00:45:07] It's a completely secure messenger service end to end encryption, right? Like we're always being promised. And so what happened is bad guys started referring. Bad guys to this, right? Cause if they wanted to talk to the other guy, they both needed these Anom phones. Otherwise they wouldn't be able to talk to each other. [00:45:28]And so they were recommending the use of these phones, to their friends that were in the illegal businesses as well. So this I'm just chocolate is so great. So the FBI weaponized. Android phones, at least this particular model of it. And there's a whole community in the Android world. It doesn't exist in the iPhone world because this is much harder to do in the iPhone world, but they call themselves the model. [00:46:00] Community. And so they'll get a phone from some vendor. They'll make some changes to it that led to maybe change networks or do other fancy things. So they, after BI used some of this technology. The modding community and did some just amazing things with this custom rom. Now you're going to love this part. [00:46:21] Okay. So when you boot this phone up, this is according to ARS Technica. The phone will have of course, a little boot screen and. The highest custom rom here, which is the boot loader as well as other things, but it showed an arcane, oh, S boot screen that's the name, arcane O S and every place, the normal Android distribution that comes from Google with the. [00:46:48] B I's arcane. Oh, west green. It's just absolutely phenomenal that these guys would do this and would fall for it. So the FBI told the criminals, Hey alleged criminals, Hey, these are secure devices, the really focused on security and there is a pin scrambling fee. What would happen is on your phone? [00:47:11]You might enter pin some phones, you might use a fingerprint, or he might use a face ID. This was a security feature. And what happened is normally you've got what, 1, 2, 3, 4, 5, 6, 7, 8, 9, 0. And you type in your pin and off you go, what this did, is it scrambled it? So it might be nine to. [00:47:31]Just the scramble of the digits up so that when you enter your pin, you're not always touching the screen in the same place so that people could not guess your code from the fingerprints you're leaving behind. Now, this is also interesting. It, this is a great way to do it. If you're doing it for real, having to run an anonymous phone, they had two different interfaces on the phone and it a different one would pop up depending on. Pin you typed into the lock screen. So the first pin would show a bunch of non-functional apps that are pretty popular in the app store, like Tinder, Instagram, Facebook, Netflix, candy crush games. [00:48:15] So if somebody is checking out your phone, forcing you to unlock it, they're not going to find budge. And by the way, none of those things work. But. I would have, if I had designed it, I would have made them so that they would work. So you can fool some of us trying to Rob you and steal your phone. [00:48:28] The second pin that you could enter in, tell you chose your pins, but it was supposed to be the secure section. She didn't have the phone. So it had a clock, a calculator, and the settings. But the calculator app actually opened a login screen to a nom as an anonymous. And that, again, the bad guys are told all that's a secure, encrypted way to chat. [00:48:54]This is just amazing. So they will do use that. So they go into the calculator app and now allowed them to chat with their friends. But what they did not realize. Is, it was actually sending all of the messages also un-encrypted to the FBI. Okay, absolutely amazing. Amazing. So now some of these bad guys are selling their phones online. [00:49:25] I remember I warned you at the very beginning. If you're going to buy a pixel for a you want to listen to this first because the bad guys are selling. Their phones online. And so a number of people have been trying to figure it out. Some posts on Reddit and elsewhere. You guys know how to deal with this arcane. [00:49:44] S how can I reset this? What should I do? Okay. A lot of confused people. How do I fix this thing? You're not going to be able to fix it. Okay. By the way, this thing I think is really cool because the guy who he bought it legit guy bought it use. You said the installed operating system is arcane O S 10. [00:50:03] The system updater says that Archana, YC 11 is available for download, but I don't want to do it in case it makes something even harder to fix. So maybe the FBI is bad. At sending out updates and fixes, then most of the Google Android vendors that are out there and I'm just laughing all the way through here. [00:50:24]So there are some things that a tech savvy user should know. So I want you guys to pay attention to this, particularly if you're using an Android device. So the first thing is when you start up a newer Android phone, when it's made in the last few years, The first thing that happened is that Google runs something called verified boot, and that makes sure the operating system has not been modified. [00:50:55] So the operating system from the manufacturer of the device will be signed using a cryptographically secured. What was happening here is these devices were failing verified boot of course, because FBI had modified the boot ROMs. And if your device fails, verified boot, your Android device either could be an unlocked boot loader or a relaunch boot loader with tampered software. [00:51:24] It's going to show a message. And in, in this case, the FDA FBI devices just have a message that says your device is loading a different operating system, complete with their yellow exclamation point icon and a link for Google support pages. Absolutely phenomenal. And by the way, the article I'm sending this out in my newsletter, but it says. [00:51:51] How resistance changes. Google has an order. So it sent them to the legitimate Google support. So there you go. There's a really good little piece of advice right now. The FBI changed a lot of the Android operating systems, tripped out a whole bunch of Android settings that might've revealed something about the fact that it really was a spy device system settings for app storage and accounts have been removed. [00:52:19] So pay attention, right? If the machine, if your machine boots up, plane's about the bootloader, you've got a problem and it isn't just Android. Obviously apple will do that. The newer versions of windows are starting to do that as well with TPMS and windows 11 is really going to bring a lot of that to the forum. [00:52:41] Hey, you're listening to Craig Peterson and you can find me online. Craig peterson.com. Check it out and stick around. [00:52:50]Work from home is a very big deal, especially for a couple of segments of our society. And I want to talk a little bit about that now, as employees are returning to work, should they be returning to the office? [00:53:06] There is a great article here this last week in Forbes magazine by Dana Brownley. And it was one of their editors pick and it was picked I think for very good reason. And that is so many of us have been working from home. And for many of us. [00:53:24] Bennett godsend. I've worked from home now for over 20 years. And for me, it's been a godsend because my priority was helping to raise our eight children. And it's hard to do that, and it's hard to homeschool to them if you are not at home. So that's what I had done. And I was very privileged to be able to do that. [00:53:45] And our kids have all turned out amazingly. Many people are caregivers and it isn't necessarily just of kids. But right now I'm looking at a survey that was conducted. It's called the Prudential May, 2021 pulse of the American worker survey. And they're showing the 2000 respondents that 38% identified themselves as caregivers with nearly 40% of those providing care. [00:54:16] For school, age children when you are starting to look at benefit packages, it is important for many families to be able to have some form of childcare. And what has snuck in because of the lockdown is that many of us actually can work from home. Many of us have been more productive at home. And then on top of it, all we can take. [00:54:43] Of our family. So let's look at the stats. We told you about school age children. That's about 40%, 32% are taking care of young children. And this is the 40% of all workers. Okay. People 30% are caring for someone with a disability, some sort of a health issue. And 23% are taking care of an older adult. [00:55:10] That's 40% of the workforce. That is a lot of people. A lot of people, 38% is the exact number. So there, many of these care givers are returning. Really a traditional work environment where they're going to the office, but they have very unique needs. And I think every last one of us have to consider that and have to look at it and figure out how can we make things work. [00:55:41] And when we look at the numbers again for the caregivers, 45% say that they've considered leaving the workforce entirely. Due to personal demands. And 53% are saying that they would retrain for a career in a different field or industry. If they had the opportunity, we have some of our best people out there that are taking care of our kids of our loved ones. [00:56:12] Our parents. And again, look at mine, a situation here where I was at home helping to take care of our kids along with my wife. Neither one of us could have carried on a regular job and homeschooled, eight kids. Neither one of us could have done that. What kind of talent might we be losing? By squeezing these people out of our workforce, particularly when we've now proven that most businesses can allow their workers to work from home. [00:56:48] Now they found in the survey that there were three primary types of support caregivers and these types are looking for different types of flexibility. Number one, they're saying that 42% wanted increased workplace flexibility. No, that makes a whole lot of sense, right? So they can work from home. [00:57:11]Maybe some of your best employees or people who want to work in another part of the country. I have a friend, his brother-in-law is a real good programmer in this one particular type of programming. I think it's sales and he is living there now in a completely different country on the other side of the world. [00:57:33] And yet. He's still doing programming for these people here in the United States, talking about workplace flexibility. He is sitting over there not far from China and is enjoying himself. He loves it there. And of course his costs are much lower, et cetera, et cetera. So consider that, not just that there might be working from home, but maybe they want to take the kids over to Europe, live there for six weeks. [00:58:01] There's a lot of things people want. So that's 42% of our people that are working. Okay. Increased workplace place. Flexibility. The number two increased paid time off 38%. Again, something we got to seriously consider. Now I know how hard it is to be able to fill in for someone that's on vacation or. Maybe they're caring for a loved one. [00:58:28] Maybe they just had a baby, et cetera, but it's very important when you get right down to it. Because again, who's better for raising our children, us, or a stranger who's going to more or less warehouse them. You have to keep a look at that. There's a great article from the Harvard business school. [00:58:50] It's titled. COVID killed the traditional workplace. What should companies do now? That's a very good question because now the lockdown is mostly behind us. Executives can't expect the offices to run the same way they did people to come in and do the same things that they always did. But in reality, Harvard business school, faculty members are saying there are ways to keep our employees happy and productive. [00:59:22] And that is exactly what we're talking about. No for many caretaker takers caregivers, I should say paid time off is more valuable than a pay increase. And that's particularly true for those who are at the higher end of the pay scale. It gives them a lot more flexibility. They can get away sometimes from all of their responsibilities and obligations, which is just so important. [00:59:48] There's here's another one. This is a job list survey from CNBC. The articles entitled here's how much money workers would give up for better. Life balance. And they go in, in that particular article and say that the average worker who says they currently have work life balance, it would take an extra $10,000 in pay per year for them to give up their personal time. [01:00:11] I'm not sure that's right. I think it would be a lot more than that. And it also says just 30% of workers said, they'd give up part of their pay for better work-life balance. And the threshold varies by the type of worker that's where we, I think really get into it now. So those are the first two, the third one is 37%. [01:00:32] So these are all within 4% of each other. Greater commitment to health and wellbeing. Now I've seen studies before that are saying businesses that put in a gym and put in workout rooms, et cetera. They never actually see them use. The way they expect for them to be used. And I don't think that's what people are talking about here, but we really are thinking a lot more about health and wellbeing since so many of us have been scared because of the COVID outbreak, but maybe I should be paying more attention to our health. [01:01:07]But we also have the mental health look at all of the problems we've seen from so many mental health issues because of the. Down. So Harvard again, came out and said for employers, it means that we need to signal the health of facilities. It's crucial to attracting people back. So again, The right kinds of air filters, right? [01:01:30] Kinds of lighting, make sure people feel safe while they're in the office and maybe cut back the number of days that they have to be there. Hey, stick around. We'll be right back. We got a lot more to cover. You're listening to Craig Peterson, of course, and visit me online. Craig peterson.com. [01:01:50]Hey, we got another emergency patch out from our friends at Microsoft. And in this case, it has to do with printers and remote printer access. Do you have employees working from home? [01:02:05] Microsoft has their big monthly patches that they release. They also have weekly patches that they released that are for slightly more critical vulnerabilities. And then they have. Patches that are released because there is a severe problem going on right now while that's what we are staring down. [01:02:31] There is a vulnerability called print nightmare, and this is located in the windows print. Spooler serve. Now the windows print spooler services, what it sounds like. This is the service that handles all of your print jobs. So if you are using this service, Turns out there's a serious bug and Microsoft tried to patch it once and failed. [01:03:01] And they've got another patch out right now seems to be working, but organizations are really urged to deploy these patches as soon as possible or deceased. Inbound remote printing until they can be applied. So that's why I said, if you have people who are working from home, because many of us turned on remote desktop and you better make sure that's properly patched up so that people could. [01:03:28] Then and get a desktop. Although Microsoft has an interesting solution that is going to be announced in early August about having your own windows machine there in their cloud. So it looks like you'll be able to have windows machine for about 35 bucks a month. Microsoft will have to keep it up to date. [01:03:47] I think that's a very cool thing, but they're coming out with that here very shortly. Within the next month or so, we'll see what happens, but this is a problem because if it's exposed to the internet, We're expecting to actually already be seeing active exploit. Now here's the problem Microsoft's trying to solve. [01:04:10] We have three different types of patches. You have the monthly patches that they release. You have your, which of the patch Tuesday. You also have patches that are released every week, which are more critical. And then these types of patches, these are patches for what are called. Zero day attacks. There is nothing normal out there, a regular stuff that would catch this and stop it. [01:04:37] Now, the advanced malware protection that we use from Cisco, it will catch this sort of thing, but it'll only catch it after it's been seen a few times and then identified, obviously by now it's been identified. So it's pretty darn cool. So Microsoft's monthly updates. Last month included a patch for another vulnerability in the windows print spooler service. [01:05:02] And it was initially called a local privilege ex escalation issue. That means that you had to be on that computer in order to gain access to these advanced privileges and features. Turns out that it wasn't entirely just local. And now there is a new one where it can be exploited to get remote code execution and not just privileged privilege, escalation. [01:05:30] That means that they can now run programs on your computer. And with privilege escalation, they can run those programs as whomever they might want to do. So this is pretty big Blackhat USA conference coming right up and they are going to be hosting one of their talks called diving into spooler and what they did to discover these local and remote. [01:06:00] Vulnerabilities in the windows print spooler Hey, it's definitely a problem. There is a proof of concept exploit out there, and that means that the bad guys are not too long from coming up with their own. So there you go. Again, patch it up close and remote access, at least for the time being. To your print spooler because it could be a very big deal. [01:06:25] Another thing you could do is disable the prince Pooler service. You can just use stop service dash name spooler dash force, and that will. Pop it right on down. Okay. And then by the way, in case your machine reboots, you probably wouldn't do a set service dash named spooler dash start-up type disabled in order to make sure it doesn't restart, but there'll a lot to worry about right now, a whole lot, frankly, to worry about right now because of the Russians are coming. [01:06:57] Here's another one. This is Chevy bolt. Now, I have had some major complaints about Tesla and the way Tesla has these door handles that recess in entirely and how it has happened that during an accident, those door handles don't pop out and people cannot be extracted from cars. And the biggest problem you have in an accident with a car full of batteries is. [01:07:24] Of course the high voltage and current that's stored in the batteries that now when they, it out, it starts a toxic fire. Very nasty. Just this week, the national highway traffic safety administration issued an alert for all 2017 to 2019 Chevy. Owners now I know a lot of these bolt owners are actually government agencies. [01:07:50] They're not individuals, but I thought I'd bring it up. Anyways. There was a fire in a Vermont state representatives. Car's name's Timothy Brown. And his Chevy bolt decided it was going to catch on fire. Now, there was a recall by GM of these Chevy volts that had this problem, and apparently it doesn't entirely. [01:08:17] Fix it, they are still plaguing GM. And man, in this particular case this rep of course in Vermont being a I don't know, leftist, I have to assume, but a fan of electric cars, his car. Sad they're burning, which is pretty bad, ironic, but this happened when was this? Oh, it looks like this happened just a couple of weeks ago. [01:08:43] He's the state chairman in Vermont of the house committee on energy and technology. I've been supporting electric vehicles go sponsor bills relating to electric. And plug-in. So now his 2019 Chevy bolt course caught in fire, caught on fire, and there are others out there. 68,000 cars. All right. So two phases to the recall first phase is a temporary solution. [01:09:11] The second one is a more permanent one. Apparently this has to do with the batteries spontaneous. Catching fire. So this isn't something that's related to a car accident. It's a spontaneous combustion problem. That's not too good. It's a defect in the LG chem battery packs that are in these cars. So here you go. [01:09:34] If you drive to work every day and you charge your Chevy bolt every night, the United States, federal government is telling you to stop doing that. Yes. If you have a Chevy bolt, they're advising you to not charge it at night. I'm not sure when you're going to charge it. Cause the idea is you charge it at night. [01:09:54] You drive in the day, right? So they're saying there's, you can't do that. If you have to charge it at night, make sure you park the car away from any structures and definitely do not park your Chevy volt. That might be part of this. Recall inside a garage. How's that for bad, the original recall, by the way, came out in November, 2020 for potential fire hazard in the, again, the high voltage battery pack, those cells could possibly heat up and ignite internally. [01:10:26] Yeah. And if that fire spreads of the rest of the car and spreads to the building it's parked in or nearby building. Yeah. So keep an eye out. If you have a Chevy bolt, this is the type of problem in a phase as we start more and more to move into the electric vehicle realm. Yeah. Eventually it'll all get worked out, but it isn't perfect today. [01:10:48] Hey, visit me online Craig peterson.com and keep up with the latest in what you have to do with technology. [01:10:56]We talked earlier about Amazon and how much trouble they're in right now, Google apparently is in a similar boat. We had just this week, dozens of state attorneys, general suing Google on antitrust grounds. [01:11:13] You can reach me online. Just me. M E Craig peterson.com or what most people do is they just hit reply to my newsletter. [01:11:22] Hopefully you're on my newsletter, right? That goes out every week. If you're on that newsletter you can just hit reply and ask me questions. Any questions you want? I'm more than glad to answer them. I know most of you guys, you're not business people. I am still glad to answer your questions for you to keep you on the right track. [01:11:39] The whole idea here is it's to keep you going. Safer. And if you're a business person, what the heck, maybe I can help you out as well while the here is a problem. And it's a very big problem. We have these absolutely huge companies that are using their market position in order to really control the entire world. [01:12:06] Now it's a very big problem because you have companies that are sitting on billions of dollars in cash who can and do keep their competition out of the market. Now, one of the ways that keep them out, and I've mentioned this before, Microsoft has done this multiple times as lost lawsuits about it, particularly over in Europe, but they find somebody who might be a competitor and they basically squeeze them out of them. [01:12:35] Even though they're not necessarily even a direct competitor. One of the things Facebook does is they buy companies for 10, a hundred times sometimes more. Then they're actually worth, would you take 50 million for your company? That's worth 50 million? You might not. [01:12:53] Would you take 500 million for the company? How about a billion dollars? That's where it starts becoming very questionable about what they're doing. One of the things that Google is allegedly doing right now is preemptively squashing com competing app stores. When you look at Google and the Google Android ecosystem, who sells the most Android devices out there, right? [01:13:21] The high-end devices, the number one seller of Android phones is of course, Sam. And Samsung started to put a store too. An app store. So you could buy Samsung, Sam sung apps now, apple and Google, both charge about the same rates as a general rule. It's 30% for these bigger companies that they have to pay the app store, okay. I'm okay with that. They both spent the time to build the platform, to monitor it, to try and keep the app store clean and guides. That's definitely worth something. But what if Samsung came along and said, okay, we're only going to charge 10% royalty. In our app store and the apps will run on all of our Samsung Android phones. [01:14:10] So it's still using the Google operating system. It's still Android. It will probably run on other than Samsung phones as well. That's the whole nature of, but that hasn't happened. And why hasn't it happened? These state attorneys general are saying that what has happened is the Samsung galaxy store got squashed by Google. [01:14:38] So it could maintain its monopoly on Android app distribution. So it says that Google engaged in a bunch of different anti-competitive practices. They offered large app developers, profit share, and agree. In exchange for exclusive exclusivity. Okay. I can see that the apple iPhone came out. Do you remember this exclusively on ATN T's network? [01:15:05] Is that a problem? They're saying also the Google created unnecessary hurdles for what's called sideloading. So sideloading is where you might go to another app store in order to install something. Or maybe it's something that you want to put on your site. It's not fully approved by the Google play store. [01:15:26] So that's the basics of what the side loaning is all about. So saying that they made that even harder. Okay. From Google standpoint, do we really want to. Allow anything to run on our phones. And here's the question, here's why, right? What do I do for living cyber security? What is one of the things you have to do for cybersecurity? [01:15:48]You've got to put in special routers, special firewalls and software on servers and computers. Whoever touches a computer last owns the next problem. That's been my mantra forever. So if we installed some software on a computer or we had the customer installed some software on a computer, and there's a problem who they get. [01:16:11] They're going to call me, right? Because I was the last one to touch their computer. And at that point now I have to show, okay, it wasn't me. It was this other piece of software. QuickBooks is a piece of junk, you know what, whatever it is, I'm going to have to justify it. And frankly, I'm probably going to have to fix it. [01:16:30] So Google is saying. We don't want all of these app stores that might have apps that are not secure apps, that crash apps that might cause problems with the Android ecosystem. I think that's perfectly legitimate. Apparently these state attorneys general don't think it is. And here's the last one. This is a. [01:16:53] Attempting to buy off Samsung to limit competition from the Samsung galaxy app store. Now, Google is saying that this lawsuit is merit lesson. I can see a whole bunch of legitimate argument on their part. They also said, quote, and this is an article from ARS Technica. It's a strange, it's strange that a group of state attorneys general. [01:17:18] Chose to file a lawsuit, attacking a system that provides more openness and choice than the others. In other words, are taking a jab at apple because


    The New Anti-Robocall Technology is Coming Online

    Play Episode Listen Later Jul 16, 2021 9:02

    The New Anti-Robocall Technology is Coming Online I know everybody I talk to hates these robo calls. They're happening all of the time. What are we doing about it? The FCC has made some changes and they just went into place. So we're going to talk about STIR/SHAKEN, right? Of course the government has to come up with some really cute acronyms and that's what's turned, shaken are, but here is what's happened. We have the ability to over TCPI P send phone calls. In fact, in my phone, I have a phone that's hooked up to T-Mobile and it is using wifi. [00:00:38] So when I'm making a phone call, it is going over my wifi in the office or at my house or wherever. It doesn't even use the regular salad or network, unless it has to why? Because it's all TCP IP. And then on top of it, sometimes with LTE and now always with five G you are using TCP IP. So your voice is converted into a digital signal. [00:01:10] Right there on your phone. And it is handled as data, just like pretty much any other data would be handled. Now our cell phones, of course, for a long time have been digital and have been in coding it, but they have not been using it as regular TCPI peop. So what the federal communications realized is since most of the tracks. [00:01:35] That we have on our phone networks nowadays is actually internet traffic. It's TCP IP. Why don't we add a little bit to the protocol? And they came up with this whole new way of being able to track the originator of a phone call right now, if you have a landline, this is not going to benefit you at all. [00:02:02] And we're going to talk about the different carriers here, but they don't have to comply these landline operators for another couple of years. Although the FCC right now is circulating a petition and is trying to make it so they have to comply. More quickly, but the nation's largest phone companies have met this deadline that was set by the FCC to put this new anti robocall technology in place. [00:02:31] But I want to warn you guys that does not mean that it is going to stop all of these robo calls anytime. Soon where it's not going to stop, but you might have noticed that at the end of June, there was a noticeable cutback in some of these robocalls. Now these are the scammers that are calling us and are pretending that they are a local phone number, right? [00:02:59] Their biggest trick is, yeah, I've got the same area code and first three digits, I'll call it a prefix as you do. So you should answer that phone. They announced at the FCC last Wednesday that quote, the largest voice service providers are now using stir shaken caller ID authentication standards in their internet protocol networks in accordance with the June 30th deadline set by the FCC. [00:03:26] This widespread implementation helps protect consumers against malicious. Spoofed robo calls and helps law enforcement track the bad. So it, I think is a very good idea. It's a step in the right direction. It is going to help a whole lot at T and T Verizon T-Mobile and us cellular have all put these in place. [00:03:54] In March, the FCC denied petitions for deadline extension from Verizon and us cellular are saying that they didn't meet the high standard of undue hardship. I think that makes sense. You've got to force these guys. Sometimes Verizon was saying that they had a small area of their fiber based home phone network that would not be able to meet it. [00:04:17] So again, it's landline. Versus the home phone that work, many of us have it. Comcast provides it as well, but basically if it's it IP based, they didn't have any sort of exceptions. So Verizon is now exchanging the stir shaken enabled phone calls with wireless carer carriers. It represents about 80% of the U S wireless industry. [00:04:45] Verizon said this week, so 80%. Yeah, you should have seen a bit of a drop more than 135 million calls a day are currently being exchanged between Verizon and the other carriers with the number of calls that are being exchanged using this tracking technology grow. It's also been deployed on IP enabled wire line phone networks operated by Comcast charter at and T Verizon and many others. [00:05:17] So we're pretty happy about this. We'll see what ends up happening in general, but some care companies that carry a lot of robo calls are not yet required to follow the stir shaken technology and the rules around. Because there's an exemption for carriers with a hundred thousand or fewer customers. So that's going to be a bit of a problem, but think about how you have to roll out technology. [00:05:46] Rolling it out via these big carriers and doing that first is seeing where the holes are in the technology. What's not working properly. That's the way to handle it. And then by having the big carriers do it, they're going to bear the brunt of the expense. Because always right. Those big screen TVs used to be five to 10,000. [00:06:12] I remember $15,000. That's a very big deal. And then it goes down and down. Now you can buy them at Walmart for 300 bucks. So having the big guys do at first makes a lot of sense. It's going to prove the technology, improve the technology, drive the costs down, and then you can bet that these smaller carriers are also going to be required to do this fairly soon. [00:06:38] So the way the protocols are working is they are using tokens and to verify. The accuracy of the caller ID. So they're using public key cryptology. For those of you who know what that is using digital certificate, getting major us companies to adopt. It really was very big milestone. I'm very glad they finally did it by the way. [00:07:01] Stir, shaken. Ordered by Congress and FCC chairman as PI. You remember him? He did a lot of great things to help out communications, but he was only having voluntary compliance. And so it didn't lead to like widespread adoption. So this law really forced them into it. And they're now. So we'll see what happens. [00:07:28] Small carriers are exempt for now. Landlines. Aren't doing it. There's a lot of the TDM based stuff out there, but it's going to happen. There's also a gap in, at and T network right now. So we'll see. What ends up happening? Hey, I want to encourage you guys. If you have not already to sign up for my newsletter, I don't spam you, right? [00:07:50] I'm not one of these robo spammers that we see out there that are just sending all kinds of garbage all the time I put together. Usually six to eight, sometimes as many as 10 articles every week that I think you need to see. And when I put them together, make them available for you. It makes just a huge difference in people's lives. [00:08:13] I get thank you notes. Everybody. Not everybody, but I get thank you notes every week from people who read that newsletter and thing. They thank me for my time and all of the effort that we put into this. This is an effort of love by my wife and I, so do that. It will help. I give all kinds of great advice and warn you about things that are happening right now. [00:08:37] Just spend a minute, go to Craig peterson.com and you'll see right there in the home page, scroll down a little bit. There'll be a little red line at the top where you can put in your email address and I'll sign the app. And I will be sending you some special reports that are really going to help you out right away. [00:08:56] So do that right now. CraigPeterson.com/subscribe

    60% of Used Amazon Echos Can Be Compromised

    Play Episode Listen Later Jul 15, 2021 10:36

    60% of Used Amazon Echos Can Be Compromised Don't Sell Used Google Home, Nest, Echos, etc.! The majority of Americans, at least those of middle income and higher, have the smart devices in their homes. It's everything from the Amazon echo all the way up through our thermostats. Are these a good idea? And what do we do when we get rid of them?  IoT, you might've seen that before. And it stands for the internet of things, and these devices are actually computers on them. Have even more than one computer. Some of them have a lot of processing power. You look at some of these speakers, like the apple; the big apple speaker has some amazing processing belt right into it. Of course, it also has a number of different ways that you can use it with Siri and everything else that's in it. But if you're going to sell these things, if you're going to sell your echo dot or other things, what should you be looking at? How can you do this? I had a listener who reached out to me. [00:00:56] This was only a couple of weeks ago, and he had a problem. All of a sudden, he was getting charges from Amazon for things. Did not order. So he asked me what's the right way to go here. And, being the coach that I am, I pointed him in the right direction, which was pointed him at the Amazon security people. [00:01:20] So he got a hold of them and spoke with them. It turned out that his Amazon echo that he had was what was used to order all of these items. And guess what? He didn't have that Amazon echo; he had sold that Amazon echo, and when he sold it if somebody bought it right, a used echo online and was using it to order things and have them shipped, not to his house. [00:01:53] Elsewhere. So it is a really big potential problem that has been looked into, and there is a group of researchers on the Northeastern university who bought. 86 use devices. And this is an article from Ars Technica, Dan Gooden, who wrote this and what he, what they found over the 16 months is that 61% of these devices that they bought 61% had not been reset at all. [00:02:33] No, that to me is not terribly surprising, but it's horrific. If you're trying to keep your data safe because think of what these smart devices have in them. They've got your location; they've got your wifi networks and passwords. They may have account information; what did you go ahead and link it to which accounts are on. [00:03:00] There are a whole bunch of things that can be gleaned from them. Now he, this listener, said that he had reset his device, and you can and should do that if you're going to give it to someone in the family, which is what I would recommend as opposed to selling it. And I'll tell you why. These devices have inside of them a particular type of memory it's called NAND flash memory. [00:03:32] And the memory is you can think of it in similar ways to your solid-state desk drive. Back in the old days, the operating system would say, go ahead and write this block of data. This 512 byte block out to Track 17 sector one, and it would go ahead and write it to track 17 sector. But the problem with NAND devices and most SSDs all of them, frankly, is that you can only write so many times before the memory goes bad and it can be 10,000 to a hundred thousand times. [00:04:13] And if you've ever wondered, why is this solid state disc so much more expensive than the other ones? Usually it's because it's using better memory that can take more. Cycles read cycles, do it all you want all day long, cycles is the problem. So they have come up with some technology that they build into these that does a level. [00:04:36] And what that means is track 17 sector. One is really located here at position X. And then if you right track 17 sector one, again, it's really located at a completely different position. Y so that the right now get leveled across the entire division. Okay. You don't really have to understand that in great detail, but I know there's a few of you guys being the best and brightest that really want to understand that a little bit better. [00:05:05] So that's why certain flash memory, certain SSDs are more expensive than others. Now here's the problem. When we're talking about these smart home devices, they're using this type of memory and NAND flash memory has a problem in Ohio has a few problems, but the biggest problem is it's not terribly reliable. [00:05:30] Especially the type of Nan flash they use in these inexpensive devices. So it's not terribly reliable. So it builds in check sums, right? So those out at the same time, so that when a treat him back, he can say, whoa, wait a minute. This is block is bad. And then it can recreate the block on that flash memory, which is really great. [00:05:52] Now, when you erase your device, It doesn't really, excuse me. When you reset your device, it doesn't really erase your device. I want you to think of windows as an example. You might know that if you delete a file from your windows computer, it's not actually deleted. It's actually still there. It just reallocates the space that file was using. [00:06:18] So it can use it for yet. Another file. So you you delete something it's still there. So when you're getting rid of that computer, what you used to do with a spinning hard disk is you would run multiple rights on that desk, solving entire desk. You'd drive zeros, you'd write ones, you'd write random patterns and you'd be. [00:06:43] And there are fancier ways to do it, the government, and it, many of the government contractors actually shred the desks. They have shredding machines, you can feed a whole computer into these things are just amazing. And then they send it off for recycling. What we do is we remove the platters inside the desk, the aluminum platters, and we melt them down in a furnace that we. [00:07:10] I still had furnace. Now there's nothing readable on it. Cause all comes out as a big blob of aluminum. One word. Resetting your device just like deleting a file on your windows. Computer does not actually remove it. And nowadays we're reusing this leveling technology in these SSDs and NAND chips. [00:07:34] We are really not getting rid of it. It might not be rewritten for a very long time. Because again of the leveling technology. So there's another process you can do known as off chip, which will require you to completely just assemble a desalt or the flash memory, and then mess around with it a little bit more. [00:07:57] But here's the problem. Even though the listener said that he had reset factory reset his device before he sold it. It still had all of his information on the device. So all of the bad guys had to do is remove those chips and. And right inside, there was his Amazon account information, password, everything, it needed, the key to make orders with Amazon. [00:08:29] Now that is a problem. If you ask me and it isn't just Amazon, this isn't just echo devices. We're talking about. The same thing can be true for that smart thermostat that you bought that Google thermostat, that smart. Doorbell that you have on the front of your house, though, those all contain this type of memory. [00:08:51] So what I tend to do is take a hammer to. If you don't have a, what do you call it now where you can melt it down a furnace where you can melt them down, specifically designed for doing this type of thing. Then here's what I advise you to do. Get a drill with L fairly large bit. You want at least a three-quarter inch metal bit that you can put on to that drill. [00:09:16] I used to use a drill press that we have and drill three. Large holes into the platter. So you don't have to open up the disc drive at all, but you'll notice there's a round section of the drive. That's where you want to drill into that round section of the drive, three big holes. And that disc is for all intents and purposes unrecoverable. [00:09:40] So the bad guys can't get your bank information. They ha they can't get it. That spreadsheet that you have with all your passwords, you not in person Best and brightest come on guys. And they can't get anything off of that. So when I'm talking about IOT devices, what do we do? What do we do? [00:09:59]Basically, I would say don't sell them. They're cheap enough. You can get an accurate. For well, under 50 bucks, 80 bucks at the high end for the ones with the video and everything built into them. When you're done with it personally, I would destroy it, physically destroy it. Cause that's the only way to make sure your data is not going to be. [00:10:25] Hey, stick around. You're listening to Craig Peter son. Make sure you get my newsletter. The free one is at CraigPeterson.com/subscribe.

    FBI Using a "Honeypot" for a Massive Sting Operation & Olympic Cybersecurity

    Play Episode Listen Later Jul 14, 2021 11:04

    FBI Using a "Honeypot" for a Massive Sting Operation & Olympic Cybersecurity This time, the FBI didn't just set up a sting, they set up a honeypot. And I talked about it with Mr. Matt Gagnon coming right up. Along with a couple of other major points this week, including what has been happening with the Olympics and cybersecurity. So here we go. [00:00:22] Matt Gagnon: Craig. Let's get into some of these topics, if you can. I had an interesting conversation yesterday with some folks about tech policy what's been going on censorship, et cetera. It's obviously a pretty common topic when you talk to especially conservative minded folk they're pretty upset about what's going on there there. And one of the, one of the people I was talking to who said to me that that's, somebody must have dimed them out that they had a Facebook post that was blocked because Facebook. [00:00:48] Was maybe notified that they did something and it was pulled down here that does that brings to mind this story about the, do you know an extremist prompt at Facebook? Are they testing something like that where you basically are diming out your neighbors and seeing stuff. And then all of a sudden you're reporting to the authorities at Facebook, that somebody has a opinion that is just not okay. [00:01:08] Craig Peterson: [00:01:08] Yeah, this, where could this possibly lead? This is a crazy, they are doing that. Facebook has admitted it and you know what shocked me the most about this isn't that? Hey, the two known extremist, or are you an extremist? And the Alicia. People C N until you reported on this, which just shocked talk to me, frankly, but they say this is part of a, what they're calling a redirect initiative. [00:01:35] So if you're looking at for something, they'll send you somewhere else. If they don't think what you're looking for is appropriate. And then they're asking you, are you an extreme Mister? True. Oh my gosh. People don't you read history? Where is this going to take us? I don't [00:01:54] Matt Gagnon: [00:01:54] know. It's a good question, Craig. [00:01:56]Clearly this is part of the evolving narrative here of exactly how social media companies are trying to moderate content and deal with their perception of what extremism is and whatnot. I, to me though, I have this question, maybe you can answer it. Is a market, just not at play here. With Facebook, continuing to do things like this and alienating like half the country, ha and beyond our country, right? [00:02:21] I This is happening all over the world, right? Is there not a market for a company that doesn't do things like this, that doesn't moderate it's its content like that? Can we not have something out there? That clearly, takes out violent content and real threats and just like sick, disgusting racism or whatever, but more or less is a free speech zone. [00:02:39] Otherwise you're telling me that couldn't survive. In today's world. What's wrong with that? Why can't it happen? Where's the market. [00:02:46] Craig Peterson: [00:02:46] If you're going to survive something like that as a startup, you need, first of all, the seed information, you need people to start signing up and you need money coming in. [00:02:56] And Facebook is doing everything that can anybody that's a startup that looks promising, whether it's WhatsApp or Instagram, they will be purchased. They'll be bought out. Now, these guys might be saying I'm going to have a free speech platform. It's going to be absolutely fantastic. We know what's happened with a couple of those already, but what Facebook does is they come along and say your company is worth about $50 million. [00:03:23] How about, I give you a billion for it and wildly over overvalued. Then Microsoft does much the same thing with potential competitors and drives them out of business or buys them out of business. So the Facebook is in a very interesting spot. Plus then there's the whole section two 10. And w you can shoo newspaper out of existence, but if a newspaper publishes a story and that story is not factually accurate, they go out of business. [00:03:55] So newspaper takes some time, tries to do some investigation, gets multiple sources to confirm, and then publishes in story. Facebook doesn't have to worry about any of that stuff. So why are they doing this in the first place? And they are wildly profitable to the terms of hundreds of billions of dollars. [00:04:14] And they just don't care. They have what they have morals, is what they called. And they're saying we cannot allow this to happen. And they are leading the country down the Primrose path. Although the numbers seem to be showing a lot of people ditching Facebook, and there are some other platforms that are trying to get charted, trying to go. [00:04:39] But it just isn't happening there. This is not a free market system and we don't have one in this country. We haven't had full free markets for over a hundred years now, entirely regulated. They pick the winners and specifically the government has picked Facebook and Google is to have those winners by providing them with legal cover. [00:05:02] I think we've got to pull back the kimono and looked at what's really happening. [00:05:07] Matt Gagnon: [00:05:07] Greg Peters on joining us as he always does on Wednesdays at this time, talking over tech topics, Craig, one of the other things that's happening in the world soon here is the Olympics. I've been watching a lot of Olympic trials, a lot of things on TV as we prepare for this, I'm an Olympics nerd. [00:05:22] So I love this stuff and there's obviously a lot of competition at the Olympics, but there's a different darker background of competition out there. And it's the cybersecurity experts trying to protect the infrastructure at the Olympics. Again. The bad guys, as you might say. And how does that play out? [00:05:36] Because this is, nobody's really reporting on it. Nobody talks about this much, but this is a really big part of this gigantic event. [00:05:42]Craig Peterson: [00:05:42] Think about what's happening in Japan right now. They are having these Olympic kind of, trials things. If you will, where we're losing. Four out of five of the basketball games. [00:05:53] I can't believe that part, but here's the bottom line. No rule be no spectators. Everyone in the world. That's interested in seeing the Olympics have to watch it online. Somehow all of the major news networks are getting their feeds and a lot of that going over the internet. There's a lot of exposure. We have all of the people who are competing, who are using special apps who have special electronic controls. [00:06:22] We had a huge problem last time around in 2018 with the Olympic winter Olympics, because there were some cybercriminals that managed to bring the whole thing down. So we are really on our toes worldwide. Now, including here in the U S what a target. It's a beautiful place for the bad guys to go make a name for themselves, ransom, et cetera, et cetera. [00:06:46] So there are whole teams. I've got a little bit of insight information here, but there's whole teams of people around the world that are monitoring. What's going on, are looking into everything that looks like they're being probed. Everyone. So 10 show hat. They are really staying on top of it. And these teams, Matt are some of the best in the world or teams I've worked with before. [00:07:11] So knock on wood. It'll be okay. But the Olympics, they are a huge hacking targets. [00:07:16]Matt Gagnon: [00:07:16] Finally, I want to also ask you about speaking of the bad guys and trying to take them on here. There's ways of trapping them and the FBI created an interesting one here. Google pixel is involved in this very interesting story here. [00:07:26]Did they use a honeypot to basically entice some of these people in and then trap them and then get them out of this work? [00:07:36] Craig Peterson: [00:07:36] It's Winnie the Pooh is such his head in there. He got the stock. The FBI came up with a real interesting concept that is a bad guys. Want to be able to communicate privately? [00:07:47] So they modified some pixels now and they did it in such a way that they turn off the cellular. They turn off, they remove cellular, they remove the GPS trackers, they removed a bunch of things. And then they sold these phones on the black market or out on the dark web saying, no, these phones are going to keep you safe because of this, that, and the other thing. [00:08:12] And we've got a special operating system. They called these devices and arm and the bad guys started using, and they didn't really do any research talking to them and they were recommending it to each other. These hacker groups, these criminal organizations that were smuggling people, right? Kidnapping people was selling arms on the dark web, et cetera. [00:08:35] They started using it for Nona miscommunications. What they didn't know. Is everything that was sent on these devices, everything that was done with them was sent to the FBI. So what some of us went to Interpol and others. So the concept is great. Let's turn off the cell. Let's turn off the GPS that's to remove them from the device. [00:08:58] The problem was they didn't know good law enforcement. Was in fact monitoring everything that was being said there more than 12,000 smartphones like this that were out in circulation and heavy use by the bad guys. And now you can buy one of your very own FBI monitored phones on eBay. People started to buy them because they are based on a Google pixel foray. [00:09:22] Custom firmware in them, which is a bit of a problem. And they do have arcane OOS as well, but people are trying to figure out why can't I get my phone to work? I just bought on eBay, but they have been shutting down major criminal organizations worldwide. Because of this honey pot, they really got stuck. [00:09:44] They got [00:09:44] Matt Gagnon: [00:09:44] them. It makes it basically, it's a way of, it's a way of trying to learn from it and it works ultimately. So Craig Peterson, our tech guru joins us on Wednesdays at this time. Unfortunately, Greg we're out of time, so we have to stop here, but again, you can hear them on Saturdays. Thanks a lot, Craig. [00:09:57] And we will talk to you again. Next [00:09:59] Craig Peterson: [00:09:59] week. All right. Take care. There's nothing that helps this show get out better than having you subscribe to the podcast. I appreciate you guys listening. I can't tell you how much, because it does help get the word out. And that's what I'm trying to do is help everybody understand what's going on. [00:10:16] Please, whatever platform you're listening on. Go ahead and subscribe. And if you wouldn't mind, give me a five-star rating. And the 800 pound gorilla is still our friends over at apple iTunes. Believe it or not when it comes to the ratings of these different podcasts. So if you could go there the easy. [00:10:38] Craig peterson.com/itunes. That'll automatically redirect you to my page on iTunes. Craig peterson.com/itunes. Oh, by the way, in case you didn't know, I'm also on YouTube now posting a lot of these podcasts as little videos. Yeah you'll see when you get there and that's at CraigPeterson.com/youtube. [00:11:01] Take care everybody. Bye bye.

    Facebook's Extremist Prompt Leads To... - What to Do About Ransomware?

    Play Episode Listen Later Jul 13, 2021 10:58


    Facebook's Extremist Prompt Leads To... What to Do About Ransomware? We got hacked again as a country and what's being done about it. What's the Biden administration doing? They sent us special Envoy over to Russia. Yeah, Senator former Senator John Kerry. But what's he talking about? The climate deal. This is hurting us badly here in the United States. It's hurting at least a third of our businesses every year. Just this year alone. Ransomware payments have gone up threefold. It is incredible. What's happening and he's doing nothing about it. And then we, so we've got to talk about this Facebook protest prompt that they've come up with now. Hey, do you know someone. Might be an extremist or it might be, become an extremist. Do you realize what's going to happen? If everybody's starts to reporting on everybody else? We already know that we've got these trolls out there that report people, that report posts just because they don't like the person. Now, what are we going to do? Start FBI investigations. Every time someone says someone is an extremist, just cause they don't like them. What is an extremist? Anyways, we get into that. So here we go with Mr. Jim Polito. [00:01:14]Jim Polito: Two things. I want to two things. I want to talk about one the weak and feckless response of Joe Biden to the latest hack by the Russians. But before we get into that, So Facebook really was asking you to rat out your neighbors like 1984, like George Orwell's, 1984, Facebook. [00:01:39] Admitted that they were asking people to identify extremists using the social media website. [00:01:47] Craig Peterson: [00:01:47] Yeah, they did. And you know what, Jim, this is shocking to me. We've looked at Google before and compared it to duck, duck go, and how Google just doesn't, it blocks things. CNN has been one of those similar, I don't even want to call it a news source. [00:02:02] But even CNN business reported this, but some Facebook users here in the us were getting prompts. If they were worried about someone that they might know might be coming an extremist. This is shocking to me. Absolutely shocked. And show them my wife likes to watch the good fight where, which is these are the lawyers. [00:02:28] And they tend to be very leftist. The latest episode, season five, episode three, she called me in, and then I had to look at this. They were dealing. This situation where we have now people reporting on other people and because someone who might've done something, and maybe you help them out a bit at one point in your life, all of a sudden the FBI is in your life to try to figure out what's happening. [00:02:54] They are asking you now to report on other people. This is crazy what this is going to lead to. And yeah, Facebook's doing it. And even CNN reporter. [00:03:05] Jim Polito: [00:03:05] Wow. We're talking with tech talk guru, Craig Peterson. So because people sent me screen grabs of it and things like that, that they were being asked if they knew I knew an extremist, and please define extra what's the definition of extremist. [00:03:22]I just talked about Joe Biden and the DNC, wanting to team up with a phone carrier. To monitor and correct anti-vaccination messages. Did you hear this one? I'm sure you did actually. I'll send it to you. I'll send it to you. This is it was from political. And that's why it wasn't from a Craig Peterson type website. [00:03:46] It was from Politico was Fred was running the websites. It dumb people like myself read. Okay. But anyway, Politico said that the DNC, the the Biden administration they want to scrutinize phone and social media messages for misinformation. And they're asking what do they call them? SMS short message service carriers. [00:04:13] They want them to they wanna have fact-checkers more aggressively work with SMS carriers to dispel misinformation about vaccines. That's a quite, that's quite a little propaganda outfit you got going there. Remember [00:04:28] Craig Peterson: [00:04:28] if you're sending a text message, that message is stored. Remember a Strzok and Paige, right? [00:04:34] The whole thing with the FBI lovers and their text messages showing up. If you're using your apple phone. And you're using messages to send messages to other apple users. If it's blue, it means it's encrypted end to end and they cannot monitor. They cannot report to. If it's green, which is an unfortunate choice of colors, that means it's sending it by this old protocol. [00:04:58] That was actually a hack of, for the cell phone industry. It's a green means it's in the clear, but the fact Tim there, they're going to monitor that. And then what are they going to do? Start prying into your life and everybody, it's. Wow. [00:05:15] Jim Polito: [00:05:15] Yeah. This is not good between that, the messages, all of this I'm fine with. [00:05:20]If the administration wants to get their message out there about vaccinations and this and that's fine but don't do it. Don't do it the way you're doing it. That's Orwellian truly is our Wellington. [00:05:33]Craig Peterson: [00:05:33] It's. It sets things up. For, if let's say you love Biden and we've got the all have the stab of then okay, fine. [00:05:44] What's so what happens if another Trump it's an, that you absolutely hate you want the next administration or the one after that to have this kind of information? [00:05:53] Jim Polito: [00:05:53] I don't. Yeah. I know. All right, let's get to, let's get to the latest with Vladimir Putin and with Joe Biden. I don't know if you saw the clip. [00:06:03] I don't have it here handy. Joe Biden. The other day, someone asked him a reporter, asked him about the latest cyber attacks and he tried to pull a card from his pocket, said, oh, I just got briefed on that. He was all over the place. Didn't know what to say. I'll have more to say about it later. That's. [00:06:21] Twofold one, it speaks to his cognitive ability, but two, it speaks to what is the response been from this government? He had the summit with him and said, here's 14 things. I don't want you to touch. And yet Putin turns around and touches [00:06:37] Craig Peterson: [00:06:37] them. Yeah, he sure does. The response. [00:06:42] And we, of course, Biden just sends an Envoy over to Russia meeting with Putin. John Barry, he's talking about climate change. [00:06:55] He's [00:06:55] not [00:06:56] Jim Polito: [00:06:56] talking about cyber attacks. He's talking about climate change. [00:07:02] Craig Peterson: [00:07:02] We, yeah. And we now have as many, I've seen numbers as high as a hundred thousand businesses that were part of this latest attack that came from Russia. This cyber attack, this ransomware. In fact, I know of a thousand businesses that got together and they hired an attorney in order to try and negotiate. [00:07:26] This is an attorney that negotiates with ransomwares right. We started the United States Navy to deal with ransoms coming in, out of the middle. Yeah, 200 years ago, the Marine Corps and the Navy, this is in saying what is happening. Trump of course put some pretty severe restrictions on Moscow in Russia to try and crack down on this. [00:07:51] And we had to remember, again, the old Biden administration saying things like, oh, I told him to stop it right. We have to respond. [00:08:06] Jim Polito: [00:08:06] I don't know. I'd like to think. Craig that there's some back channel stuff that your people, the guys like you understand and know about, and it's being done to slap him on the hand as the hand tries to reach over and grab again, I'd like to think that the really smart people on our side are doing that and send it the message without being public about it. [00:08:29] Cause I would have not have a problem with that, but I don't even feel like I don't even feel like that's how. I don't even [00:08:36] Craig Peterson: [00:08:36] feel like. We are a kind of slot them back at them. There, there aren't too many automated systems that'll do that. We're being hacked to hack back. The big problem with this is we're pretty darn insurers coming from Russia, but let's say that you're in the battle. [00:08:55] And someone's shooting that too. First of all, someone shooting at you, where it's coming from inside of BAE systems has systems that are put onto our helicopters that notice exactly where the fire is coming from and return fire automatically. Okay. And wouldn't that be great. The problem is Jim that somebody hacked your home computer. [00:09:17] It's now part of what's called a bot net. Somebody had somebody else's computer, same bot, and there may be a different one on and on. There are hundreds of thousands of computers worldwide that have been hacked. So the Russians go into a computer in Vancouver, BC, which is then connects to a computer in Vancouver, Washington that connects to Washington DC. [00:09:38] And it took trying to hack. If you returned fire, you're going at somebody's home computer in Washington. And you get it. And then that home in Washington state, of course now let's say the FBI shows up and says, okay, something's coming from here. We've got to see your computer. They get on the computer. [00:09:56]Guess what? It's now in Vancouver, BC, which is now an international problem. And who knows, maybe they went to China first. Maybe they went somewhere else. The only way we can do this is serious economic pressure. We have. Fight back that way, because this is the exact same type of thing that happens in a war with skirmishes going on. [00:10:19] And they are winning by taking money. We're trying to negotiate with them right now and say, okay, we'll just pay you $70 million. If you unlock all of these computers, it's insanity. We keep doing the same. [00:10:34] Jim Polito: [00:10:34] Over and over again, Craig I got to run. How can folks get more information from you? And I know that you talk about these things on the weekend show. [00:10:42] Exactly. [00:10:42] Craig Peterson: [00:10:42] Just visit Craig peterson.com. "Peterson", S O N. [00:10:47] Jim Polito: [00:10:47] Craig and I guarantee you, I will celebrate Canada day next year. We won't let it. We won't let it be past Greg. Thanks so much for your time, buddy. [00:10:56] Craig Peterson: [00:10:56] Thanks.


    How the "Billionaire" Space Race Will Affect You

    Play Episode Listen Later Jul 12, 2021 8:42


    What Does the "Billionaire" Space Race Mean to You? We have Sir Richard Branson up in space.  The race of the billionaires, Jeff Bezos, of course being another one. What does this mean to us? Does this mean that space is solely for the rich? Is it going to help our businesses, our economy, what's behind all of this, and where are we going? That's exactly what I discussed this morning with Mr. Christopher Ryan. Let's find out how it's going to affect you and me. [00:00:29] Chris Ryan: Yeah, Richard Branson is in the news day, Sir Richard Branson to you, Craig, as he reached the outer space and was able to bring individuals up there and do in your view, is this going to be a thing where commercial space travel is going to be something that we see and have access to. No average Americans. [00:00:52] To me, I feel like it's taken decades for even this type of space flight to take place. And I feel we are still so far away from an average Joe, like you, or I will be able to afford to go into. The areas almost to outer space. [00:01:12] Craig Peterson (2): [00:01:12] Yeah, the black-blue yonder, as it were.  First of all, let's get something straight here. Sir Richard Branson made it almost into space, correct? They were 80 kilometers out. A hundred is generally considered. But where we're headed here is not really getting into space, which I think is totally cool. Where we're headed is being able to get up to those sorts of altitudes and then travel around the world. [00:01:39] So we could see a trip from Boston to Tokyo taking just a few hours, rather than thinking the better part of a day. [00:01:48] Chris Ryan: [00:01:48] Yeah. And very often, when we see these types of things, I mentioned this earlier, it leads to thoughts of what else is possible. And you may look at this and be like, oh, okay, it's these fancy-free billionaires trying to say they wanted outer space when they're actually, in the. [00:02:04] Area between the black and the blue and achieving levels of weightlessness, et cetera. But the time that traveled took place and the propulsion of the flight indicates that higher speed. So travel is right around the corner. And to many, that may be as attractive as the actual joy ride aspect of it. [00:02:25]You're going to be going at a great, at a greater speed. So some people that's not going to be what they want, maybe there'll be able to achieve elements within the aircraft in which people don't feel as though they're traveling at the speeds that they are certainly in this particular. [00:02:40] A joy ride. That is exactly what they wanted. They want you to feel the propulsion. They want to feel the waitlist. They want all those elements. As we know, most commercial airline folks don't want to feel like they're dry; they're going 500 miles an hour. They want to feel. [00:02:55] Relaxed during that. [00:02:57] Craig Peterson: [00:02:57] And you have the problem of having the Sonic boom when you're lower in the atmosphere going those higher speeds you don't hear. But I think what we're ultimately looking at is as a whole change where our speeds really get into higher altitudes. And if we look at the history. [00:03:15] In the tech business, we will remember when these flat-screen TVs, oh my gosh. 48 inches, only $15,000. And, of course, they'd never be achievable. We'd never be able to own those things, but people bought them. The people that had the money. Now you go to Walmart, and you can buy one of those for 150 bucks. [00:03:35] That's where this is all going. All of these people competing with the billionaires in space. They are funding the research and development for the types of flights. You and I, Chris, will be able to afford it. It's not going to be as expensive as the Concord was. It's not going to be cheap, but it is going to provide real. [00:03:57] And I think that's a fantastic thing. Yeah. Now [00:04:00] Chris Ryan: [00:04:00] the 90 inch TV is something that is not out of the realm of possibility for individuals creating basically their own movie theaters to view sporting events, political shows, and movies, as they wish to in their home. And you're absolutely right. I The there, and as I mentioned before, this. [00:04:16]Creates an environment where we start to think further about exploration and what is next; very often, people will look at the current state of technology and say this is where we're going to be. What more could we possibly do, but to scientists and inventors, it's always wondering what is next and what is possible, looking at the optimal, and figuring out a path to get here. [00:04:42] Yeah. [00:04:42] Craig Peterson: [00:04:42] And w where we're looking right now, NASA is working on this as are others, is having a space station in orbit that is designed for refueling and trips. So if a Virgin can get you up into lower space as work or one of these others, and then from there now you get onto another ship to go to Mars, or maybe the moon colony. [00:05:06] The biggest problem we have in the largest expenditure of fuel is getting to. So point that at that edge. So we're going to be able to see tourism in space that normal people could afford. And that's going to allow us to colonize other planets, which of course, has been a wish of Elon Musk and many others for generations. [00:05:28]What happens if we have another catastrophic event here that we. With the dinosaurs that wipes out everything, we're gone, but this is really the next step. And it's absolutely amazing. I'm so excited about what's ahead. [00:05:46] Chris Ryan: [00:05:46] Do you think we are from that? Cause you mentioned this had been the talk of generations now at this point and decade after decade, even this type of space travel to lower space has been talked about. [00:05:57] And two commercial flights have been talked about for decades. At this point, I feel like we're still really far away from anything of that nature taking place. And I'd be surprised to see colonization until the latter portion of my lifetime. [00:06:13] Craig Peterson: [00:06:13] Yeah, you're probably right about that. However, as far as the moon goes, I think we will see. [00:06:20] Stop starting, but it's not going to be your regular person. As you had mentioned, it's going to be the scientist. It's going to be the real explorers who are going there. But the original plan for the moon launch in the sixties was to have a refueling station in orbit around them. And that's been in the back of everybody's mind for a long time. [00:06:38] I think that within the next 20 years, we will have that station up in space. That is the halfway point of here. That you can go to, and from there, continue onto the moon. And Elon Musk is really into Mars. And I don't know; he might just jump past everybody else who was there. There's a massive rocket that he's building to truly colonize Mars. [00:07:03] He's thinking he's going to be doing this. You ask him, and it's within the next year or two, but the scientists are saying within the next five years, So we might be surprised because technology can jump just like [00:07:15] Chris Ryan: [00:07:15] that. Yeah. Then, in conclusion, I think that this goes to a broader message about where we are at as Americans. [00:07:24] And we spend all this time fighting over the political scraps instead of having a vision. Towards the future and the things that we can achieve together as Americans and whether it's a disease, whether it's expiration underwater into outer space the new inventions like we need to get back to a place where we're not focused on the little things that divide us as human beings but focused on what we want to achieve and talking about that. [00:07:54] And not. Figuring out which Mame is the best to mock Trump or Biden, but to focus upon our society's mutual and shared goals. And to me, this type of stuff, that's talk about tech, the topic about inventions, the talk about what we could do, what we could optimize, optimize moving forward. [00:08:14] That needs to be at the forefront. And that's what people are looking for in politicians too. They want somebody that's going to say; this is what we want to do. This is what we're going to do. And this is how we're going. I think we've [00:08:25] Craig Peterson: [00:08:25] got to move towards looking to that future. Being excited about it rather than having the parties digging up. [00:08:32] Tribalism. [00:08:33] Chris Ryan: [00:08:33] I agree that Craig has always thank you so much. Take care. Craig Peterson host of tech talk on news radio six, 10 and 96, 7 Saturday and Sundays at 1130.


    Being Green Now Includes New Nuclear Plants - It's The Only Solution

    Play Episode Listen Later Jul 9, 2021 12:02

    Being Green Now Includes New Nuclear Plants - It's The Only Solution Whether or not, you believe there is a climate crisis or this man caused the only thing that's been constant here on earth has been change. And particularly the weather it's been much hotter and much colder than it is right now. I do believe that we have climate crises from time to time. [00:00:24]We know that there were cavemen and women living during the ice age. And I think they might call that a crisis. We've also had times where people. We're going and having a great life, the garden of Eden, you might think where the carbon dioxide levels were much higher than they are today. And that means the plants were greener. [00:00:49] They grew more verdun to everything else. Okay. So there is a whole lot of change and it's been going on for. Now the statistics I've seen that make a lot of sense to me, show that there is warming going on. Now that doesn't mean that we're not going to about to drop into an ice age or mini ice age. Heck we had one of those back in the day. [00:01:14]In the 18 hundreds or 17 hundreds over in England, a little mini ice age. So it happens and it swings both ways, but I remember very well back in the seventies, everyone was saying, oh, we're about to go into an ice age. We've got to do something about it. And we had science telling us that we needed to spread oil on the polar ice caps and on the Sahara desert in order to. [00:01:42] Get more heat to stay here on the earth. Or we were about to enter a major ice age. Look it up. It's there. You might not want to use the Google because they do sensors stuff pretty heavily that they don't want you to see. So use duck go, but even Google. Has articles on this. I guess they're not all bad. [00:02:04] So we've got to be very careful when we're looking at solutions that maybe are less than 1% our fault. In fact, it looks like it's far less than 1%. Our fault global warming is usually from the sun and the sun goes through cycles. So you have to be careful about those cycles and what you know, what's going on. [00:02:29] So what I don't want to see us do is severely hurt ourselves. Hurting our economy is hurting people. People end up just struggling and in major depression and committing suicide. Look at what happened with the lockdowns that we just had and the year 2020. It was a bad thing. So do we really want to need jerk and cause serious harm to a lot of people. [00:02:58] Now I am an environmentalist, the original type of environmentalist, right? Duck hunters were probably the most original of all of them and hunters in general, where duck hunters bought thousands of acres of land and put it into production. So that it could be left in its pristine state. So I'm really into all of that stuff. [00:03:22] I'm think that makes sense. I don't think it makes sense for government to do it, but I think it makes sense. So here's what I'm struggling with right now. We've got people who used to drive Prius's who are now driving electric cars. Electric cars are highly toxic. They're using minerals that are mined in toxic places. [00:03:48] They're using processes to process those minerals that are toxic as well. And it's been done in countries that are not controlling their toxic waste. No, even the plastic in the oceans, it's coming from seven rivers, none of them in the United States, but all of them, India, China, those are the primary ones. [00:04:13] So what are we supposed to do with these cars? It's not only toxic in manufacturing, the cars and their batteries. It's toxic to dispose of them. We have no good way to dispose of the Carter, the batteries from your test. No good way to do it. Highly toxic, much, much worse, much, much worse than a diesel Humvee. [00:04:37] So if we want electric cars and I can see why, I love the idea of electric cars. Absolutely love them. They're faster. They're comfortable. They're quiet. And they don't have tailpipe emissions. Now, remember that it's tail pipe emissions. It's not they're green because they're anything but green don't let anyone fool you into thinking that they are. [00:05:01] How do we make the electricity? We've got a lot of people running around, out there who are saying when it comes to electricity and electrical generation, nuclear is terrible. It's going to kill us all. And they're thinking about Jane Fonda running around there, the China syndrome movie from the seventies, and they think of Chernobyl. [00:05:20] That is technology in both of those cases. That's 50 to 70 years old. The new nuclear technology can no more have a meltdown than a ball that set at the bottom of a mountain is going to roll uphill. The new nuclear technology that we have today is not in widespread use because the regulations that are in place from the federal government still require 1950s to 1970s technology. [00:05:55] They don't take into account this new technology, six generation nuclear. They cannot melt down because they use basic physics to keep control. Of the nuclear reactions and what happens afterwards? Look at Chernobyl. Look at the China syndrome stuff. Look at what happened at three mile island and all of those cases, they had systems that had to be active systems. [00:06:20] They had pumps to pump cooling water in. What happens then when you don't have power like Fukushima, they have their generators so low that any sort of a flood. Would make those diesel generators shut down and then you have the meltdown, like they had it Fukushima, reactor. None of that is possible with the modern reactor. [00:06:45] On April 30th, the Indian point nuclear plant in New York. This is an article from a Yahoo news was shut down 30 miles north of New York city. So it had provided electricity. The in fact, the overwhelming majority of New York city's carbon free electricity for decades, union jobs for a thousand people, federal regulators said the plant was perfectly safe, but Andrew Cuomo. [00:07:14] The brilliant man running the state of New York is a key figure behind this. He said that the shuttering of this nuclear plan brought us a big step closer to achieving our aggressive, clean energy goals. These new nuclear plants, aren't going to melt down. And by the way, these new nuclear plants generate almost no way. [00:07:38] After 20 years, the nuclear material is replaced and recycled. It is recycled back into other nuclear power generators. It, this stuff is absolutely amazing. So what happened after Cuomo shut down the Indian point nuclear power plant? The first full month, according to again, AP associated press the full and they are no conservative. [00:08:06] The first full month without the plant has seen a 46% increase in the average carbon intensity of statewide electric and generation Y while they had to switch over to natural gas, they burning natural gas. They had to switch over to coal in some cases, right? What are they going to do? New York generated 9.3 terawatt hours, electricity and average carbon intensity of 174 kilograms per megawatt hour may was the first month after two year process of shutting down Indian points to one gigawatt reactor. [00:08:47] Okay. So one gigawatt out of 9.3 terawatts okay. That's 9,300 gigawatts. Okay. So it's a small percentage of the actual electricity that was generated. And yet it accounted for so much clean energy that it ended up changing the amount and the amount of carbon emissions by 46%. When you look at it from a clean energy generation standpoint, it's absolutely amazing nightmares should have seen coming and German nuclear power. [00:09:21] In Germany provided about a third of the country's power in 2000, and then they had this green party thing, it says, oh, we're all against, this is terrible. And so they can get a lot good. And they managed to close plans, citing health and safety concerns. So they went from a third of their electrical power coming from nuclear to 11%. [00:09:45] We have two. Smart, not people we absolutely do. There's a recent paper that showed over the last two decades where we've been closing nuclear plants slowly but surely led to our carbon dioxide increase of 36 mega tons a year with increased air pollution predicted to kill 1100 people annually. Does that make sense to you guys? [00:10:11] What's going on. So giving the stakes of global warming that these same people are constantly talking about why are we doing what we are doing? Why is there so much hostility to it? I've found a really interesting quote in here and it's from someone you might've heard. Yeah. Alexandria, Ocasio, Cortez. [00:10:38] Remember her green new deal that would end up costing every American family, $120,000 plus after some initial hesitation now AP is reporting that AOC has said her green new deal leaves the door open for nuclear power. Jeremy Corbyn over in the UK. You've heard of him, his labor party and the former Brazilian president Luis de Salva. [00:11:02] And Bolivia's ecosocialist former president evil. Miralis have all said that nuclear is an idea whose time may well have. So let's pay attention here. Let's wake up. Okay. We've got to make sure that we are doing the right thing. Oh, and the writer of this AP story. Yeah. He's the author of the socialist manifesto, the case for radical politics in an era of extreme inequality. [00:11:35] So I have some hope. This guy is a radical socialist slash communist, frankly, fascist. And even he thinks we need to give the new nuclear another chance. [00:11:48] Hey, check me out online. Subscribe right now to my newsletter. Get it every week. Doesn't cost you a dime. I have a free newsletter. Craig peterson.com/subscribe.

    Microsoft Windows 11 vs Apple Cybersecurity - Which Should You Use?

    Play Episode Listen Later Jul 9, 2021 9:30

    We've talked about a lot of the cybersecurity problems. I'm going to talk now about what Microsoft is doing with Windows 11, a lot of hardware out there right now, anyways, will not run windows 11. So what is Microsoft doing to solve this problem? Microsoft has been blamed for many of the problems we've had with computers and computer security for a long time. And between us, they're doing these things that caused security problems because of us, because of the users of windows. Microsoft seems to continually try and support the older software and older hardware till very recently, you could still run windows XP 95, 98 programs on your windows machine, on your new windows. [00:01:05] Back then Microsoft. I had shoe horned in the internet protocols and tried to, make it secure. They ended up buying. I'm trying to remember now, cause I worked on this code. Way back when I think it was the spider implementation of TCPI P out of Ireland, that Microsoft ended up using as a base. [00:01:25] And I fixed quite a few bugs in that, and there were many more to come, but I wasn't focused on cybersecurity back then on the software. And frankly, most people weren't Microsoft just wanted. Out and they wanted to make sure they were compatible with the older software. So where we, you and I are part of the problem. [00:01:47] We complain when Microsoft comes up with something that's not compatible. And as a programmer, I complain every time. But not just Microsoft, but apple or Linux or whatever it is, comes up with a new interface, a new quote, better way of doing things unquote with their systems, whatever it might be. And, I guess it's nice to bellyache, but in most of these cases, they're making changes to help make the systems better and often better means more secure. [00:02:23] And that's what they're doing right now with Microsoft windows 11. So they had an announcement here this last week, talking about. A requirement for a TPM chip. Now TPM means trusted platform module, and the basics of a trusted platform module are to have on the chip and most. So the case is the modern Intel chips. [00:02:53] So ones that have been out for four years or so, as well as some of them more modern AMD chips have this TPM built in. And what the TPM is as trusted platform module is a small amount of storage that gives you the ability to store keys and to do basic cryptography. Now they're requiring the TPM 2.0 implementation for windows 11, which makes sense. [00:03:27] It has a little bit stronger encryption in it, but in the windows world, what this is going to do is make sure that the brute force attacks that can happen at boot time don't work. So they're trying to brute force the way into that trusted platform module and to make sure that the rest of the boot is not interfered. [00:03:54] So that's all Microsoft is going to be doing with it. It that's a good thing, frankly. I think it's a very good thing for them to start using this. Many of us have computers already that have TPMS built in and the TPM 2.0, and with MTPM sitting there, it isn't doing us any good. So Microsoft is going to take care of that. [00:04:16] So I'm happy about that. It's going to help with secure. But it's not very good, frankly. That is only a small part of the security problem you and I have because our security problem extends to all kinds of things. So let's talk about what apple has done because. Yeah. You know what I'm about to say, right? [00:04:39] I'm about to say that apple has done it correctly. The TPMS wish they could be. They dream of being an apple T2 because this T2 processor that apple has had for awhile has a lot more functionality. It has what apple calls, their secure enclave processor. So if you have an iPhone, for instance, that does face ID or fingerprint ID. [00:05:06] All of that information is stored in this secure enclave. That means it is not sending your face up to apple. It is not sending your fingerprint up to apple is not sending it anywhere. It keeps it locally on the desk. In fact, this apple T2 chip also processes all of your disc activity. So your solid state storage that's on your device. [00:05:34] Goes through this T2 chip audio, video image, signal processing, SSD controller, the secure enclave, AEs cryptography engine and the system management controller all live inside this T2 chip. Okay. So a TPM, like what Microsoft is going to be using is kindergarten compared to what apple is. Which doesn't mean there aren't bugs or haven't been bugs in the T2 chip, but it is designed for security and it's a really cool, and it has this other function that the enclave micro with the Encore, the microphone is always disabled. [00:06:16] Whenever the lid is shut on that laptop. Because again, it goes through this T two chip. So it's helping to preserve your privacy. Even if the phone were to be hacked, it couldn't get at it because the electrical signals for again, audio video the disc controller, all go through the apple T2 chip, and apple has tried very hard to try and make sure that they are secure. [00:06:47] So maybe Apple's slipped a little bit recently, but their T2 chip is absolutely. I'm going to quote here professor Buchanan he calls it a work of art compared with this loan. TPM chip is what he says. Oh, absolutely amazing. It is a problem. In fact, do you remember this whole list, Sonya and hack? [00:07:11] A couple of years back where Estonia had issued ID cards to everybody and they could be used for financial transactions, et cetera. And about half of them were completely hackable. Again, it was a T2 chip flaw because they were not generating proper random keys when they were making these codes. So it's interesting. [00:07:37] We could really get into that and the history of it and the NSA and what they did, blah, blah, blah. But it's really a good thing to follow. This is the TPM chip. Thank goodness. Microsoft is raising the bar again, and that means that the leader. Microsoft surface tablet, the high-end one, the $5,000 tablet. [00:07:59] Which does not have a TPM 2.0 chip will not work with windows 11. So keep an eye on this. I'll keep an eye on it for you as well. The, this means basically that app, that not apple, that Microsoft is going to have to change up his game a little bit, and they might decide to not require TPM 2.0 because even hardware Microsoft has been selling does not support this very baseline. [00:08:28] Primitive cybersecurity that basically only protects your booting. Okay. So again, apple wins whole hands down now. You're I think you're starting to get the idea of why I recommend apple over anything, Microsoft and now apple making their own chips makes me really happy. They'll be able to be even more secure. [00:08:50] I'm using an M1 based apple mini right now, and I am just amazed at how good. This little device is very fast and quite secure. All right, everybody stick around. There's a whole lot more to talk about and we're going to get into it in some detail all here, but if we really want to fight the climate crisis, we've absolutely got to embrace nuclear power. [00:09:19] Hey, make sure you are on my newsletter list. I have a free newsletter. Go to Craig peterson.com/subscribe and get that every week.  

    Do You Use Outsourced I.T.? Odds Are You're at Risk of Ransomware

    Play Episode Listen Later Jul 9, 2021 9:07

    You might've heard me talk about this already, or you heard about it elsewhere. This US technology firm is called Kaseya. They're headquartered in Miami and they are used by businesses and governments around the world. And they're spreading ransom. A week ago on Friday, a flood of ransomware hit hundreds of companies around the world. [00:00:25] We're thinking now it may have been thousands. We don't have good numbers yet, but we're talking about grocery stores, public broadcasting schools, national railway system. They were all here. With ransomware. Now this is the modern ransomware, we think which encrypts your files, but also poles your data. So that later on, it can extort money from you. [00:00:55] Okay. Very bad stuff. It really caused disruption in Sweden. They was incredible and forced hundreds of businesses to close. Now, every one of these victims had something in common. They had network management and remote controls, software developed by casinos. Now cause say it is used by, I think their their counters like a hundred thousand customers. [00:01:25] So it's used by a lot of companies worldwide and they make software that allows other companies. So a third party there's yet another company here allows them to monitor that third party companies computer. So let me just lay this out for you. Here's how this works. You're a small business. You have it people, but they're busy just trying to keep windows up to date. [00:01:55] And they're also trying to help your people understand how best to use computers, evaluate new software. Doing things, the, it, people should be doing, cyber security is a major specialty nowadays. It's something that you have to focus heavily on. And as you focus, you're still getting behind. [00:02:16] So as that small business with a couple of people, maybe there's one person that has to deal with computers, right? It's often the office manager, that person. Now needs help when it comes to cyber security. In fact, that person needs help when it comes to keeping these computers up to date, because there's patches from Microsoft, for the operating system, for all of the Microsoft 365 stuff, there's patches for all of the Adobe software there's patches for you. [00:02:49] You've probably gotten QuickBooks or some other accounting software that needs patches. It's just difficult. If not impossible, to keep up with all of this. And then, your users are probably using Google Chrome. They might be using safari or some other browser, those off to be kept up to date. So one that small business person does is they go to a managed services provider and they say, Mr managed services provider would you take care of all of my computer problems for me? [00:03:20]And off they go, right? The managed services provider, maybe they have a few different ways of working, but maybe they go ahead and they say here's what we'll do for a fixed amount per month per computer or per employee. We will take care of your computers for you. So we'll go ahead and patch them, keep them up to date. [00:03:40] If they fail, we'll fix them. We'll replace parts in them, all of that sort of stuff. That makes sense to you. So they contact this managed services provider who takes over their network. How does that manage services provider? Run the network. They don't do it the same way that small business used to do it. [00:04:01] They can't afford to, if they're going to charge you cheap money, they are using what's called an RMS. And the RMM in this case, we'll go ahead and it will remotely manage all of these computers for the managed services provider for that it outsourcing company. So it'll check the releases of software to let them know, okay, here's what we need to upgrade, et cetera. [00:04:31] In fact, it'll even do the upgrades most of the time. And then when you call in or you file a ticket, that also goes into the RMM. So they have a full history of what's happened. What's going on over there and they can hire cheap people that don't understand computers. And for most businesses, they think that's just fine, by the way, this is my nemesis. [00:04:52]We don't use Kaseya, but that MSP is using cassette. It might be using solar winds for some of this stuff. It might be using some of these other products. Now, the reason we don't use them is because all of them have failed our security test. So my company is called mainstream and we. Are a managed services provider, a managed security services provider to be more exact. [00:05:22] And we've been doing managed services work since the early 1990s for other companies. And so we've tried every major player in the game out there. We've used them. We tried them. We tried to figure out, okay, is this going to work? And we've looked for flaws in their design, major flaws, major security flaws. [00:05:44] And every one that we have found major flaws with, obviously we canceled. So we done basically a 30 day trial and we canceled them. Connect wise you name it. Okay. Major flaws and this company, cause  also has major flaws, but you, the small business owner, you, the small business office manager, you did not choose. [00:06:10] You had nothing to do that you hired an it outsourcing firm and, seemed to make sense at the time. And it probably does make sense, but that it outsourcing firm is in what we in the industry call a race to the bottom. They have to get their costs down to a couple of bucks a month per person. [00:06:30] That works for you. Do you think they can really do a good job for a couple of bucks a month? No, obviously they can't. So you get companies like mine that we use people that are well-educated that all have. All of our people have major cybersecurity training. All of our people know. How to fix the problems. [00:06:53] And we run scans daily on all of our customers to check and see what's up, what needs to be upgraded or what needs to be fixed, what needs to be changed. Does that make sense to you guys? So that's what we do. And that's why there are nemesis, right? It costs us. Or what we charge basically is $125 a month per. [00:07:15] Person and we'll keep the computers secure. Nothing's perfect. But we have yet to be breached in those 30 years. So we'll keep them up-to-date and we'll have the special advanced malware protection stuff on them and every yeah. Thing else. But these other guys that are out there, our nemesis, they're not charging 125 bucks per person. [00:07:37] Or per computer or it's more for server? No. They're charging 25 bucks or 50 bucks a person there. And they can do that because they can afford to do that. They don't have what's necessary in the backend to keep their customers secure. So these probably thousands of companies we know of at least hundreds have been hacked. [00:08:05] With ransomware because of a decision they made about a company, this it outsource provider that they just didn't know enough about to be able to even evaluate that in a nutshell is the problem with cyber security today. Even if you were to try and hire people to work for you and build out your cyber security infrastructure at your business and running it. [00:08:35] How could you evaluate those people or the tools they use in 10 real quick. And Casia told all of their direct customers to immediately turn off all of the systems that had anything to do with Kaseya. Okay. This is going to happen again, people, and it's going to happen again and again, and I get it. [00:08:58] A lot of small businesses can't afford people like me. I don't know what the best answer is, but we're going to talk about Microsoft and their answer.

    The IRS Was Hacked? Was Your Data Stolen?

    Play Episode Listen Later Jul 9, 2021 11:04

    Hey, do you trust that all of the information you share with the IRS is being kept safe? As a general rule, it probably has been, but what we're finding right now is maybe it hasn't, maybe there's been a leak.  There is a lot to talk about when we're talking about the IRS. [00:00:19] They of course have all of the information that they can get their hands on. They're already overloaded and we've got the Biden administration now looking for even more data to go to the IRS. You probably already know that if you do a transaction at a bank above $10,000, that it gets reported to the IRS and probably the FBI, the CIA, the NSA, and any other three-letter agency that you can think of course, that doesn't include the BATF. [00:00:52] Because they're not a three-letter agency as much as they want to meet, but the IRS has records on everything, already that they know what your social security number is, what your name is, what your address is. They also have information about. The business you work for or businesses you work for, they know what you do for a living. [00:01:13] They know that you have debt and what that debt is. They know your business relationships, your family status, who you're married to, who your children are, if you have disabilities, because of course you put that on your tax forms and. Bunch of other personal data. Why do the bad guys, Rob banks, or at least they used to because that's where the money is. [00:01:38]So where are the bad guys going right now? We're going to talk more about that a little bit later on today. And if you miss it, you can catch my podcast as well at Craig peterson.com/podcast. But they're going after businesses that take care of cybersecurity. Businesses. So this is a very big deal, but nearly every American has complied voluntarily with paying our taxes, that there's a whole idea behind this system and with the Biden administration now looking at all of this and saying what we want to do now is not the $10,000 limit. That's for wimps. We want to know. Any money that goes into, or out of all taxpayers savings checking or any other accounts or the value of more than just $500. [00:02:31] So what the Biden administration is looking to do is turn every financial institution into a full-time IRS agent, basically providing them with all of this additional data. And then there's also plans that have been drawn up in Washington, DC. To move us away from the dollar and move us to a virtual dollar. [00:02:55] And there's even planned. This is just unbelievable. If I had said this stuff a few years back, no one would have believed me. There's also plans to say if you have more than a certain amount of money in your bank, we're only going to give you like a 0.6 equivalent. So they're going to take away 40% of the value of your. [00:03:13] And if you don't have much money heck we'll just go ahead and give you one and a half to two times as much money as you have in your account. It is incredible here. And with the privacy breaches we have seen in the federal government announced. This really isn't something we can put up with. We can't have them going after everything all of the time, because it just becomes too big, a target. [00:03:40] And I'm not just talking about a target for the typical bad guys. I'm talking about a target as well for. Bureaucrats that have gone out of control. That used to be that if you were going to be prosecuted, they would have heard a story from someone. So it's yeah. Janie just cared. Jenny just killed her husband. [00:04:03] So the police hear about it because there's a rumor floating around town. They go to talk to Janie, trying to look for her husband and they don't find her. Huh? And so now suspicion rises and they start investigating, they'll pull Jamie's credit card records. Look at what told booze she drove through. [00:04:23] They'll look at anything that they can to try and put it together. Who did Jamie call her phone records and talk to those people, try and put together a picture of what happened. But if we devolve into one of these just terrible socialist state that have popped up and failed every time around the world, then what can happen. [00:04:46] And what always happens is yeah. Yeah. The laws are there, but they're only enforced against people that they don't like. And that's a bad thing. So people that they don't like, I don't know, political people is usually what happened. Here in this country, think of what happened with Al Capone. They went after him under tax laws. [00:05:08]And in both cases, they're trying to go after a person or people, not crime. So Al Capone. Okay. You could argue, he was doing all of these crimes, getting money through extortion and murder and everything else. So they're investigating that and they found out, oh, he didn't pay his taxes. [00:05:27] Let's go after him for that. Okay. You could argue that. But what we can see with the government, having all of this information, think about all of our smartphones and our Alexa's and our Google homes and our cars. They all. Everything all of the time. And if the government wants to come after you, they can. [00:05:48] I remember 30 years ago reading an article saying before he get out of bed in the morning, you've probably broken about 20 law. It nowadays, it's probably more like 50 laws. There's so many of them. There's 20,000 laws. At least there was back then 30 years ago, there were 20,000 laws just on gun control. [00:06:09] Okay. It's insane. You cannot live your day without breaking a law. So what did they do while they selectively enforce? They selectively prosecute. So what happens here while the IRS. Perhaps selectively leaked information. Yeah. This is a story I'm looking at right now that came from Fox news. [00:06:30] And they're saying that ProPublica published a story that this is just incredible. Okay. That had information in it. That was apparently from the IRS. Now, this is bad because this is information that wasn't available anywhere else than the IRS. This is information that was private. The IRS, none of this information is supposed to get out, they, you can go after president Donald Trump for tax evasion. Come on guys. First of all, that you can't Sue the president. It's crazy. Everybody would be suing the president that they didn't like a president Biden would have thousands of lawsuits against him right now. And he'd never be able to get a thing done that he was elected to do because he'd have to constantly be responding to lawsuits. [00:07:21] That's how things were established initially here in this country. And I made a lot of. Pretty close to initially in this country, it made a whole lot of sense. If the IRS has given all this information, that's a real big problem. So the IRS security systems or procedures might've been severely compromised and all those data stolen, right? [00:07:41] You might've had one or more IRS employees committing felonies by providing what is legally protected, private, taxpayer information to outside. Or a ProPublica could have just made it up entirely. Who knows this story and ProPublica, I don't really want you guys to go there. You can, if you want to do a little research, obviously, but I don't want them to get the hits and clicks and everything else, but these apparently are trolls. [00:08:11] I've never before seen taxpayer information. June 8th that published this protected taxpayer data in a highly partisan yeah. Surprises, ProPublica, centralized, and misleading. Our article targeting people by name. This is all from this Fox news story. We don't know the scale of this was obviously a breach of some sort. [00:08:36] Was it a cybersecurity breach or not? I don't like any government agency having any information that absolutely doesn't have to have. And on the case of the IRS, they are, it's easy to argue. They need access to. Records, at least the ones we send them. If they think there's a discrepancy, we'll then have a look at the discrepancy, figure out what went wrong, but they don't need to have everything. [00:09:06] This reminds me of what happened with the national security agency. Just sucking in all of the data. It could possibly find it. Denying it and then ultimately saying we're just collecting general information. No one's identified in any of this and think of what happened, Mike Flynn, think of what happened with some of these other people in government, where they were identified and there's games that they're playing. [00:09:34] No, we just don't have time to talk about this today but basically what happens is they can monitor communications that go outside of the country. So apparently they are purposely routing, targeted it data out of the United States. And then back in, so you could sending an email to someone in Washington, DC, or making a phone call and you. [00:10:00] Phone call your email is purposely being routed by government out of the country. And there's some evidence that this is happening. There's certainly a lot of accusations. I get it. Okay. We need to crack down on people who are evading paying taxes that are owed under the law, but forcing these financial institutions to provide the IRS even more private financial information is going to embolden IRS P. [00:10:28] To do what just happened with ProPublica. It's going to also in Bolden the hackers, and we've got a story coming up too, about the value of Bitcoin going up and the hacks, ransomware hacks going up along with it because of the value. So we'll be talking about all of this stuff today. There's a whole lot to talk about, I want to make sure you are on my email list. [00:10:51] CraigPeterson.com.  You can subscribe right there and you can get all of these articles I had talked about and more every week. Stick around. I'll be right back.

    Destroy, Don't Resell, Your Amazon Echo or Google Home

    Play Episode Listen Later Jul 7, 2021 11:32

    [As heard on WGAN 2021-07-07] Good morning, everybody. We've got this massive attack underway. It's hitting businesses, and they're using supply chain attacks just like they did with Solar Winds. However, this one might actually be a little more fatal. A lot of businesses out there. So we talked about that this morning—this Kaseya hack. [00:00:21] We also talked about selling your smart device. Is it a good thing? I got a report from a listener about a whole bunch of Amazon orders that they had not made. So I'll tell you a little bit about that. And also, IRS looks like there might've been a data breach of what's going on. And frankly, what is the Biden administration proposing? [00:00:47] That's going to make things way worse when it comes to data breaches at the I R S in the future. So here we go with Mr. Matt Gagnon. [00:00:57] Matt Gagnon: And we're back 7:36 WGAN morning news. A pleasure to have you on this fine Wednesday morning. Thanks for listening. Craig Peterson, our tech guru joins us every Wednesday at this time. [00:01:07] And of course you also hear them on this very station on Saturdays at one o'clock Craig, Welcome back to the program. Good to talk to you as well. [00:01:14] Craig Peterson: [00:01:14] Hey, thanks. Glad to be here. Have a great independence day with the family. They all came in from literally all over the world. So it was cool. Yes, indeed. [00:01:24]Matt Gagnon: [00:01:24] I hope you had a good one and and thanks for joining us now on this July 7th. So Craig, I know that we have, obviously every week we have a, some, topics that we want to chat about, but I did want to bring up this big gigantic. That happened as well. If you don't mind going off script a little bit here and talking about what what what we're learning about this stuff. [00:01:41] I was just checking out some stuff this morning about how it still remains unclear how many businesses were actually hit by this gigantic ransomware attack. And and of course now, Demands for $70 million and everything else. It's all very reminiscent of earlier tax in the year where we paid ransom. [00:01:59] And then you got, keys to decode things and it didn't even really work. And then they had to do it their own way. It's just part of this evolving story that is ransomware attacks. It seems to be getting worse and worse. And I just wanted to maybe get your thoughts on the effect of this. [00:02:12] And is it getting worse? Is, are we going to see more? Yeah. [00:02:15]What we're looking at is called a supply chain attack. So think of maybe a company that makes boxes for instance, and they, of course they need stuff from the supply chain. They're going to have glue. They're going to have staples are going to have various other things. [00:02:31] And they trust the, the incoming staples and glue, et cetera, are going to hold the boxes together. That's what we're seeing here. We're seeing a company in this case, it's a technology firm called  they're based down in Florida that provides services for businesses and governments, world wide. [00:02:52] And the beautiful thinking about this from the hacker standpoint is they don't have to hack a hundred thousand companies. All they have to do is hack. Company and that's cause say, yeah. So cause they provide services for managed services providers. These are the, it shops, the businesses that you're using to manage your computers, your networks, your security, and the software. [00:03:22] This can say a thought. Has full administrative rights to these networks. So if you can compromise one piece of software, you now have the ability to compromise a hundred thousand businesses and install ransomware steal information. Ever you want to do so we're still not sure as you pointed out what the actual ultimate problems are going to be for businesses because not only managed services providers use cause say, but so do government agencies, we. [00:04:00] Major problems in Sweden were major. Portions of their economy were completely shut down, including mass transit. We've seen these problems before. And what happened really is people are putting their trust in these managed services provider, which I'm one, that's what we do for businesses. We do it for everything from doctor's office. [00:04:25] All the way through government contractors, DOD contractors, but we do not use these tools because they are not safe. We have some of our own that are completely isolated. We've got to really change what we're doing because. Is absolutely huge. And we really just don't know what the ultimate problem or, the results of this damage is going to be. [00:04:54] It's very scary stuff. Obviously a brave new world. We live in Craig Peterson, our tech guru joins us on Wednesdays at this time. Craig, moving on to other stories here. Been frustrating for me to wait for the tax man, the IRS to actually get me back my refund. I still don't have it. I'm one of, one of those people that still has been a Saturday sitting here waiting and delaying and blah, blah, blah, et cetera. [00:05:16]But our tax system, really works on trust, right? Trust that your data and information will be more or less secure with the IRS trust that the IRS is actually going to give you back the money you deserve when you file your taxes correctly, lots of trust involved in the system. But what happens then when the IRS itself has a data breach, all that information, all that stuff, I keep handing them every year is now basically open it's open season on that. [00:05:40]That's not a good thing. [00:05:42] Craig Peterson: [00:05:42] No, it's not, they know your family status. You're filing joint married or separate, whatever might be of what businesses you do business with, because that has to be disclosed. When you're saying this is where the income comes from, what debt you have. Medical or disability status and just a whole bunch of other things this year, including whether or not you have been toying and you've made money off of Bitcoin. [00:06:07] So all of that goes into databases and we're really concerned right now because president Biden has said that he is going to have the IRS. Force disclosure of even more sensitive information on almost every American taxpayer. So this is part of the government gathering, everything going in and out of our accounts. [00:06:34] In fact, the Biden administration is now trying to get the banks to report any transaction that anyone makes a more than $600. Which is turning our banks and financial institutions into full time, basically IRS agents, which is a real problem. So ProPublica published a story that had information that was only a bit. [00:07:00] Through the tax records and named a number of people and some private information. So we're not exactly sure what's happened here. Obviously, if the IRS might have been breached, it might be some insiders that are releasing information to her political opponents, which is not what the IRS is supposed to be doing, but we have all of this data. [00:07:26] You can. The IRS is a major target of Russia and China already has all of the background checks for secret clearance and above of every federal government employee and military member as of a couple of years ago. So it's a huge target. I don't like the idea of the government requiring even more information going to them because it's going to become a huge or. [00:07:54] Matt Gagnon: [00:07:54] And finally, Greg, I also want to ask about this this story that I was reading about selling your Amazon echo, your Google home any sort of device like this. I know a lot of people have privacy concerns, you go to sell it, right? Does your information go with it? [00:08:10]Should you be. Doing something special factory wipes or something beyond that, maybe hitting it with a sledgehammer. What should I be doing in order to make sure that my information is not handed on to the next group of people that have my stuff? [00:08:22]Craig Peterson: [00:08:22] There was a little bit of a study that was just done where this group went online and bought a number of these devices. [00:08:29] The Amazon echo was, you mentioned. Google home devices and a few others. This is at Northeastern university and they got almost a hundred of them from E-bay and the flea market. And then they started to have a look at them. The first thing you should do, if you are going to resell them is do a factory reset. [00:08:50] And that makes it a lot harder for people to get information off of them. But it is frankly, between you and me. It's very easy. Even after a factory reset to pull off information like the wifi information, the location that the device was used at the, even the account information of the person that had the. [00:09:15] Device. And I have actually had a listener that contacted me saying my Amazon account now has been hacked and has been used to order stuff. And so they worked with the fraud department at Amazon to figure out what had happened. And according to this listener, the front department reported back that they had ordered things from their Amazon echo device. [00:09:39] They had sold online app. A factory wipe. So you mentioned the sledgehammer trick and that is very effective at that, but I'm worried about these. I don't think I would resell mine. I think I would destroy them. But the big thing that you have to worry about are the hard desks and storage devices that are on our computers. [00:10:07] Take a drink. Drill three holes safely into the disc area, the round area on a desk, and pretty much anywhere in the center, if it's an SSD, if it's one of these solid state desks and make some nice big holes in it and throw it out in the trash, we actually remove the platters from the desk and we melt them down. [00:10:30] We have a furnace, we melt them in for our client. That's the only thing. That's a hundred percent, but the. Put a nice drill through those hard disks or SSDs and a sledgehammer to these smart drives are not smart. Drive smart devices and you'll feel much better as long as you do it safely. Get a little aggression out too. [00:10:51] Matt Gagnon: [00:10:51] Indeed. All right. Craig Peterson never have aggressive feelings when you joined the program. Always good to talk to you and get the lowdown on technological stories. Appreciate it. Good luck on Saturday, of course. And we'll talk to you again next week, sir.

    Nuclear Power Is Now Clean Power - Massive Breach Affecting I.T. Outsourcing

    Play Episode Listen Later Jul 6, 2021 12:33

    [As heard on WTAG, WHJJ, WHYN on 2021-07-06] Good morning, everybody. This morning, I got to talk about this IRS data breach. We're supposed to trust them what happened here. We're actually not quite sure. And apparently, neither does the IRS. We also got into a climate battle. Should we be doing something more with nuclear power? So we got into that in some detail as well. [00:00:24] So here we go. [00:00:25] Pat Desmarais: [00:00:25] Craig Peterson joins us. Craig is the Jim Polito show tech expert and has some great stories to talk about Craig. Good morning. [00:00:34] Craig Peterson: [00:00:34] Hey, good morning Pat. [00:00:36] Pat Desmarais: [00:00:36] Sorry, we can't meet in person, my friend, but it is what it is. The phone will have to do. Hey, you got some great stuff for us to go back and forth about one of these stories I have now. [00:00:47] Part of, and it has to do with our tax system and sensitive information that you and I give these people, the IRS, and you're referencing a story that published sensitive information from people. And they got it from the IRS information that people file because they were filing their taxes. [00:01:09]Craig, what's up. [00:01:10] Craig Peterson: [00:01:10] Yeah, that's exactly what's happened. We have so much information at the federal government level, including people who have had secret background clearances, top-secret clearances, any clearances, and all of this data has been stolen, at least from the office of management and budget. [00:01:31] They've lost. Data the guys that control all of the information about all of the employees, all of that was stolen by China. And now we're finding that the IRS something happened there, it was either hacked, or there were some major leaks from the IRS. Now what we have to do as citizens. [00:01:53] Isn't file our taxes. It's called a voluntary system, but that doesn't mean that they won't come after you if you don't pay. But it's voluntary in that. We have to give them that information. Now, this is two-sided. We have private information, princess things like our social security numbers that have gotten out. [00:02:13] Probably every person in the country's social security number, at least almost everybody's has already gotten into that habit of the bad guys, but can we trust the IRS? Can we trust the feds with handling some of our most sensitive information? And because, as you pointed out, some of this information was given to the IRS. [00:02:36] Has it been published online? Pro Publica has a story that puts this information out there. And we can only assume one of a few things they've been hacked or maybe one or more IRS employees committed felonies by putting this information out there. And by the way, it's legally protected. They're not allowed to do that. [00:02:57] Maybe within pro-public Publica story is false and alleged information's manufactured. We're not sure exactly what's happened here, pat; I don't hold out a lot of hope. I think that maybe they're yet another victim of the hat. And [00:03:13] Pat Desmarais: [00:03:13] Craig, correct me if I'm wrong, but this is something that has been reported now for a few days. [00:03:18] I know that smaller companies, many had been reported being hacked. Is that true? And what is going on technologically here? It seems like it increasingly is not wise. Like I hate it, Craig, when I'm asked to give my social security number online, I hate it. I hate it. I hate it. I don't like doing that. [00:03:40]This is the stuff secure or not. [00:03:43] Craig Peterson: [00:03:43] Yeah. Yeah. W one of the bad things worse is if your social security number is stolen and is misused, it can take you up to 300 hours to recover your information, your good credit, et cetera. And that 300 hours is usually during working hours because you've got to call the banks. [00:04:02] You've maybe have to call a car manufacturer, finance agents, whatever it might be. It's crazy. And the IRS. Will the social security administration will not give you a new social security number. Now, what you're talking about is this, Kasaya hack. We had solar winds hack here just a few months ago, which was devastating to many federal agencies and businesses nationwide. [00:04:29] And now we've got you. Say it is a company that provides tools that are used by many what are called managed services providers. So these MSPs will want to keep their prices down their costs down. So they have this automated system that kind of takes care of everything. But what we see now is, again, a supply chain hack. [00:04:54] In other words, you are a business and you would like a little bit of security and you'd like your machines to be updated. So you hire a managed services provider that MSP uses another service provider in this case,  to actually do the grunt work for them. So that is the supply chain to you as a small business. [00:05:16] But this hat now is showing that it's been pretty darn deep. We don't even know how far it goes yet. Sweden basically got shut down their banks their transit systems here in the U S there are hundreds of companies that have now received ransomware. And it's in place. And by the way, also that leads to extortions after the fact. [00:05:42] But they have this in place because of their supply chain, because their managed services provider was using software that as it turns out was not safe. And now they're in trouble. As a regular businesses. So to answer your question, pat, where we are not safe, we can not push off our responsibility to keep our businesses safe or to keep us as individuals safe. [00:06:11] We can't push it off to someone else and we certainly can't push it off to the federal government. We're in a tight spot here. And Microsoft is responding in much the same way. Apple responded almost 10 years ago. And Microsoft is tightening up things dramatically in windows 11. They're using special chips that are going to be on boards and computers that now will. [00:06:35] Down your secrets, your passwords and things, which is a good thing, but we're still looking at ply chain attacks. You as a business are trying to trust someone else to take care of your computers and pat, they're just not taking care of them. Yeah. [00:06:51] Pat Desmarais: [00:06:51] Good information. And it's almost like we're being victimized by modern day. [00:06:55]Technological, Bonnie and Clyde's correct. All right. Correct. Craig Peterson joins us here. The Jim Polito show tech expert. Let's switch gears. I'm a big nuclear power proponent. I know it's not the in thing people seem to want to decommission them. More than anything else. I don't even know if we build any new nuclear power plants, but you had a story up there about the nuclear power plant in New York. [00:07:19] And there's evidence that, Hey, look at, you want to reduce the carbon footprint. You took this nuclear power plant offline, and you actually increased carbon emissions at the same time. Talk to us about that. [00:07:33] Craig Peterson: [00:07:33] Yeah, 46 per cent increase in the average carbon intensity of electrical generation, because nuclear is safe, particularly the new nuclear plants. [00:07:46] Now we're still regulating our nuclear plants as though it's 92. This deed, if you can believe that 70 year old regulations in place, we now are up to about the seventh generation of nuclear power and the way these are set up, don't think Jane. Don't think of the China syndrome, right? Where are you going to have this meltdown? [00:08:08] And everyone's going to die. That is impossible. Now these nuclear designs, and there are designs that are being put in place. Pat. They're not all out there yet. A lot of people haven't really. There's 70 years behind up to date, but these nuclear plants are designed that if there is a failure of part of a system, the basic physics of it will not allow it to get out of control. [00:08:38] So you can consider these nuclear plants like a ball. You have a big ball. It's nice and round. And you've got a flat hill. That ball is not about to roll up there. Tell because of physics and that's what they've done with these new designs and when people, so they didn't, they just, him. Down the physics of them, it cannot happen. [00:09:01] And people have been worried about, oh my gosh, all this nuclear waste is just terrible. That was 70 years ago. People that newest designs, if we can change these regulations are such that the nuclear waste is crazy. Minimally. And it's nowhere near as concentrated, and it can be recycled back into these newest generations of nuclear plants. [00:09:25] So the [00:09:25] Pat Desmarais: [00:09:25] story that you have, Craig. The story that you have is the Indian point nuclear power plant, which is 30 miles north of New York city. Are there any in America at all? Craig knew these technologically advanced ones that you're referencing is any new nuclear plants being built in a way. [00:09:46] Craig Peterson: [00:09:46] Only very small scale ones. [00:09:48] The us military now is taking some of these designs and they've got in fact right now, a bunch of bids out because they want small nuclear plants that fit into the back of a trailer from just a regular tractor trailer that they can bring out to different areas to provide power for them. So on that, Gail, the answer's. [00:10:10] Yes. There are a couple of companies that are making them on a similar scale where they will run a small town from a nuclear plant that is buried in the ground. And doesn't have to be touched for 20 years. So yes, but the large-scale ones. No, they it's just, it's crazy. If he asked me, they're just shutting them down. [00:10:32] They're not building the new ones, even though the new tech pat is amazing. [00:10:36] Pat Desmarais: [00:10:36] Yeah, that my criticism is not, I live on Cape Cod, so they shut the one down in Plymouth. Craig, as you probably know, I didn't have a problem with that, but my thing was, are you going to build a new one? Oh God. No, but it's but the technology is so improved. [00:10:50] No no. So I think you're right. A lot of this is, your horse and buggy thinking on nuclear power. You're thinking of technology from 50, 70 years. [00:10:58]Craig Peterson: [00:10:58] Yeah. You're absolutely right. Dan, so many people got scared by that China's syndrome movie, and they're just not understanding what's happening out there, [00:11:07] Pat Desmarais: [00:11:07] It's like mirror in a crate, people saw reefer madness and they think that's what pot is all about. You know what I'm saying? People see movies and it screws them all up. I've always thought that. All right, I enjoyed this. I don't know what made me think of that. Craig, Peter son, [00:11:24] Craig Peterson: [00:11:24] very much Alexandria Ocassio Cortez is onboard with you and me. She said her green new deal leaves the door open for this new nuclear power. [00:11:35] Pat Desmarais: [00:11:35] Yeah. There's no carbon print or you still have the the radioactive stuff you have to deal with. You still have to, you have to take care of that and store it. I'm a big proponent of you spend all this money on Yucca mountain. Use Yucca mountain. [00:11:47]It's controversial and I realize that, but I love what you're saying and it makes perfect sense that we ought to, we want to deal with global warming, carbon footprint. [00:11:57] Let's embrace nuclear power. It's clean other countries do it. Craig Peterson. I wish I had a little bit more time with you. I've very much enjoyed this conversation and I can see why they they bring you around. Great information. I appreciate it, sir. I hope that we do. Thanks now, Craig Peterson, the tech expert on the Jim Pollito show. [00:12:17] Great information there wholeheartedly agree about what he was saying about nuclear power. And we ought to expand our minds a little bit folks on the new technology, the new type of nuclear power plant, just sayin'.

    One in Five Manufacturing Companies Targeted by Hackers - And It's Hurting You

    Play Episode Listen Later Jul 1, 2021 9:11

    We've got a new study out, and its showing that one in five manufacturing companies are not only targeted by cyber attacks, but are getting nailed and getting nailed badly. [00:00:19]This is a bigger problem, than I think most of us realize, and I have a few manufacturing clients who have been nailed badly by cyber attacks. Very badly. There is a new study out that looked at this it's called the manufacturing cybersecurity. Index. And this is a report that has the results of surveys of 567 manufacturing employees. [00:00:50] Now that is quite a few and most of these people were in fact, in the it side of things, some of them were specifically in the cyber securities. That one was most interesting about this. Isn't the fact that just that one out of five manufacturing companies is targeted by cyber attacks, but what the response, what the thoughts of these people that run the companies are. [00:01:18] And I say that because I am just constantly amazed at how businesses just are not paying attention to this, and this is proof again, and here's what it is. Information stealing malware makes up about a third of attacks, but companies are worried about what ransomware, the worried about ransomware shutting down production. [00:01:46] That is a very big deal because of course it does, but what is going to hurt you more? And that's what you got to figure out. That's what companies have to really look. These numbers that we're looking at are according to this article I'm reading at a dark reading, which is a great site. If you haven't been there before, and you'd like to follow some of these things in the cybersecurity world, definitely check it out. [00:02:15] Dark reading, very easy to very easy to look at lots of good stuff. But Robert limos is a contributing writer over there. And he's the guy that wrote that. And so he is saying that more than one third of all manufacturing firms are attacked every month. That's absolutely amazing. Now, of course not all manufacturing employees really know when a company is being attacked, but ransomware attacks that they know, because usually that means much of the company is shut down when it happens. [00:02:54]Because ransomware attacks have this major impact on the business and the other types of attacks.  information most of the time companies never find out unless it's too late again, it's usually ransom or extortion. They're two sides of the same coin. So an extortion attack might be where they get onto a network. [00:03:19] Exfiltrate data. And then they say, Hey, listen, we've got all of this data. Do you want us to post your bank, account numbers, customer information, your intellectual property, your plans, whatever it is, you want us to post them online? Huh? And if not pay out. Okay. So this is, I think a very big problem. [00:03:39] There are major blocks between it information technology and security teams. And I also have to point out that most it decisions nowadays most what would normally be an information technology decision is actually being handled by a line of business matters. Who chose the software you're using to track your customers? [00:04:06] It was probably the sales guy, right? There's the, it's not, the CEO is not the it director. It's the director of sales or marketing or the accounting people who decided to use QuickBooks online as opposed to using something else. All of these types of decisions are out of the hands of it and are way out of the hands of the cybersecurity. [00:04:34] That's because of this massive changing landscape out there. It's absolutely huge. Now there's a survey also of 250 information technology workers, and they found that 61% of the companies experienced a cybersecurity incident affecting their factories. 61%. Of manufacturers had a cybersecurity incident that affected the factories and three quarters of those incidences took production offline. [00:05:07] That's according to another report that came out in March, just mindblowing. Isn't it. So ransomware accounts for only 13% of these attempted attacks on devices. But the information thieves account for 31% of the attacks and file us attacks account for 28%. So here's a quote from morphous sec. These are the guys that produced the first report. [00:05:37] I mentioned, although these sobering threats are certainly not limited to the manufacturing industry, cyber attackers are acutely aware of the data manufacturing facilities have on hand, right? Think about all of that data, think about all of the intellectual property. So it goes on. In fact, some cyber crime groups have even been using ransomware as a smoke screen for cyber attacks, designed to steal intellectual property, increasing the damage they can inflict in the long run as they bully victims. [00:06:12] By threatening to leak data if they don't pay. Now, I've warned about that before. If you've got something that looks like a ransomware attack happening, pops up on your screen, it's got that classic red screen ransomware page. That may just be a smoke screen. You may not have ransomware. [00:06:31] Your files may not be encrypted because what most of these guys nowadays are doing is making additional money offers, stealing your files solid. It depends on the group and this isn't what dark side does, but some other groups do and they can really socket. Ever since the authorities disrupted the emo tech network in January, we've seen attacks split into and smaller groups are increasingly working together in new ways. [00:07:00] And these highly targeted groups are very dangerous because they can execute multi-faceted attacks, giving the collective expertise. Again, it's just like business. If you're trying to sell something, you need to narrow down and you need to get as narrow as possible. And that means the cyber groups are specializing in a specific industry and they're specializing in a specific way. [00:07:29] To attack. This is really fascinating. And there's a few reports that come out every year. Verizon has a very good one on cyber attacks. Statistics. IBM has one gardener of course always does their little thing on the side. Those tend to be, and more narrowly focused, but this is the first time we've seen this report. [00:07:51] So we don't have any sort of comparative data from prior years. But what the, what these guys are saying is that in that the pandemic has shifted attack trends and ransomware has grown from single digit percentages to 13%. As I mentioned already, almost two thirds of surveyed employees believe that the chance of a breach increased because of remote work. [00:08:19] And we know that's true. BI has been warning about that. We've seen it again and again. So be very careful. Okay. Most of these manufacturing companies have had people working from home during the lockdown, nearly two thirds said that it has increased the risk of a breach. And let me tell you, it really has. [00:08:40] And so keep all of that in mind, if you are in manufacturing or if you're concerned about our manufacturing base here in the us man, is there something to be worried about? And that's a shame. How do we conduct business? How do we keep our economy going? If our manufacturers are getting knocked down or getting knocked out of the game, Hey, visit me online. [00:09:04] CraigPeterson.com. You'll find all of this all on my podcast and much more.

    Using Bootleg Software? It May Have Come With Vigilante Malware

    Play Episode Listen Later Jun 30, 2021 9:26

    Well, you probably know again here, because you're the best and brightest, what a vigilante is. Well, I bet you haven't really heard about this type of vigilante before, and it is causing havoc for as many as 40% of computers. [00:00:17]Well, vigilantes have throughout history decided that they were going to take the launch of their own hands. [00:00:24] Now, way back when there wasn't law enforcement, et cetera, that's just what you did. And then we ended up with the tribes and our tribes would decide, okay, what's going to happen to this person. And you know, one of the worst things that could possibly happen way back. Caveman days. And after frankly, the worst thing that could happen to you is getting banished because having a group of people who are living together, cooperating together, working together makes all of the difference when it comes to survive. [00:01:00] And being kicked out of that tribe out of that group meant you had a very low chance of long-term survival. And if you went into another group, they'd really be suspicious about you because where did you come from? Did somebody kick you out because you did something really, really bad? You know, I kind of wonder if that's not deeply ingrained inside of us from all of those. [00:01:26] Centuries millennia with that whole type of process in place where we see someone that's different than us. And we kind of wonder, right. If you think that's where that might've come from. Interesting thought. I don't know that I've ever seen any studies about that. So vigilantes, nowadays are people who they're not going to the chieftain. [00:01:47] They're not going to the local police department or the prosecutor who a, whoever it might be. They are taking the law as it were into their own hands. Now it's not necessarily even the law, they just decide that they want something to happen in a particular way. And by having that happen in that particular way, they now have control. [00:02:13] Right. They're making the law as it were not just enforcing it. We have a lot of malware out there and there's a lot of different types. You might remember what Sony did, Sony. Decided they didn't like people ripping their CDs. And so they went ahead and installed an automatic installer for windows computers. [00:02:36] So if you tried to play your favorite Sony CD, right. Audio CD, listen to some music, it would automatically install some what. You and I would call malware on your computer and it would look at everything you were doing on your computer. To try and make sure that you were not trying to make a copy of the desk, not just a copy, but what we call ripping it. [00:03:07] In other words, you have a CD and you have an MP3 player. How do you get the CD on the MP3 player? Cause you can't just stick it into an MP3 player, so you have to rip it and that converts it from the CD format into an MP3 format. So it's all digital. You can take it away. And I have really griped about the music industry before, because they make way more money off of CDs than they ever did off of records. [00:03:36] Just because of how cheap it is. It costs them like 10 cents, not even to make a CD. And it costs them a couple of bucks to make a record back in the. So they decided they would do digital without thinking twice about while digital means you can a perfect copy, perfect coffee copy of that desk. And so it's only, he said, I'll go, well, here's what we're going to do. [00:04:00] We're going to make this. And so it installed itself. Way down deep inside the operating system. It watched as you loaded up desks and watched what you did that is malware. And that was Sony being frankly, a vigilant. Yeah. They said, Hey, it's for copyright protection, but there was no encryption on CDs. [00:04:24] There still isn't on compact discs. When we're talking about music desks, there is encryption on DVDs and that's what they did in order to say, well, you can't rip it because it's an encryption. Past the digital communications millennial act. And then from that act, they were able to now have controls. Hey, listen, if it's something's encrypted, you can't even try to dig. [00:04:47] Okay. Pretty, pretty big deal. So there's a whole lot to this whole vigilante thing. And someone is added again, in this case, we found a researcher who has found something you just don't really see very often, you know, outside that sone thing, but it's booby trapped file. Yeah, there's these files that are out there on the internet on a bunch of torrent sites and others that are pirated software and they have a booby trap inside. [00:05:25] Now the pirated software is typically things like a Microsoft windows or all of their different software, right word. And you name it all the way across the line. They also, by the way, have put some of this malware into games because there's a lot of people that run games and they grabbed these cracked games from the inside. [00:05:52] So we're talking about boob bootleg talk. And so what this person or people, or whoever it is, is doing according to Sofos labs, principal researcher, his name is Andrew Brandt is get getting these people to install this software that has. A booby trap and that what it does is you think you're just installing the game or whatever it might be. [00:06:22] But in reality, you're installing software that sends. The file name that was executed to an attacker controlled server. So it knows, oh, you're trying to run Microsoft word and it sends along your IP address of your computers. And then what it does is this vigilante software. It tries to modify the victim's computers so they can no longer. [00:06:50] Access some, 1000 other pirate sites, like the pirate bay.com, which is a very popular site out. Oh, out there. So this is obviously not your typical malware, not at all. And they are doing this same type of thing. That's so needed way back in the day, modifying your computer so that you can not do something that may be illegal. [00:07:19] It may be mostly, most of the time, he illegal, hard to say, but in reality, they're modifying it without you knowing. It's a very, very big deal. So people are using software, kind of like this vigilante software to steal stuff. Usually it's passwords, or maybe your keystrokes or cookies or your intellectual property access Eve, the people are even using ad networks, advertising networks to deliver software. [00:07:51] But that will mind cryptocurrency for them. Okay. But those are all theft. That's what the motive is, but not in this case. These samples really only did a few things and none of them follow the motive for malware criminals. It's fascinating. He had a thing that he posted over there on Twitter, kind of talking about it, but once the victims executed this Trojan file, it gets sent out to a server and I'm sure the FBI is tracking down this server. [00:08:24]It's one flourish. She drew.com in pronounceable. And it's it's not the one fee share, which is the name of a Cod storage provider, but it's pretty close to it. And it sends it out. I'm looking at the list of all of these websites that it tries to block by going into your hosts file. But it's an interesting way to approach it. [00:08:48] Isn't it, frankly, by mapping the domains for all of these torrent sites and pirate site. To your local host, the malware is making sure that your computer, I can't access those websites. Okay. Anyways, if it happens to you just go in and edit the host file. It's really quite that simple. All right. Stick around everybody. [00:09:10] But while you're waiting, go ahead, go online, go to CraigPeterson.com. Once you're there. You can easily subscribe to my newsletter and keep up-to-date on everything. CraigPeterson.com.  

    How Will the Next Power Failure Affect Your Life? Hackers, or Nature. Both Will Result in Death.

    Play Episode Listen Later Jun 30, 2021 9:26

    [As heard on WGAN 2021-06-30] From man-caused like hackers through the environmental causes, like the sun, we could lose power. We've got a heat waves. We've got cold weather. We've got everything in between. What happens if we lose power, what do we need to do? That's what I discussed this morning with Mr. Matt Gagnon [00:00:24] Matt Gagnon: [00:00:24] Craig Peterson joins us every Wednesday at this time to go over what's happening in the world of technology. [00:00:29] He also joins this very station on Saturday. And talks about many of these very same issues in more depth of detail. Craig, welcome back to the program. Nice to have you as always, sir. [00:00:39]Craig Peterson: [00:00:39] Hey, thanks. Glad to be here in such a nice or arm day, you said this tongue in his cheek. [00:00:45] Matt Gagnon: [00:00:45] I believe oppressive heat is the word you press. [00:00:47]Craig Peterson: [00:00:47] I grew up in in Canada and part of it was Northern Canada and the 70 degree day was like summertime. So my blood, I don't know my hips historically. I did the whole thing with the, the DNA in tracing ancestry. It's all from Northern. But you've Norwegian, et cetera. I think I am one of those minorities that is really heavily oppressed and should probably be getting free air conditioning. [00:01:17] Cause my blood is just too, I don't know, sick, I guess for this. [00:01:20] Matt Gagnon: [00:01:20] Yeah. I'm very sympathetic to you, Greg. And I think it does. I would say dovetail nicely into the question I was planning to ask you about. During heat waves here, that we've had so many different infrastructure attacks, hackers are getting into our energy. [00:01:33] Great. And whatnot. That could be a bit of a deadly combination in the middle of a heat wave. Could it not? I would be concerned. I learned about that if I had your stick blood. So what should we all be concerned about as it relates to our security, as in, in terms of our energy grid end. [00:01:47]Craig Peterson: [00:01:47] We need to spend some serious money. [00:01:50] Think of that collapse that has happened down in Florida of that condo building. And the fact is that they had to spend millions to fix that building. In fact, it was like $120,000 per rev. Our grid, our electric grid, our water stations need the same type of investment. We have to tighten this stuff up because as you pointed out, we're seeing people dying right now because of the heat and the lack of air conditioning. [00:02:23] Look at our grid. How many times has been attacked? And the problems that have come from it. Plus of course the whole nature thing which could destroy our grid would just one nasty solar flare. And we really have a combination of things that could cause serious damage. So if our enemies decide what they want to do is just. [00:02:46] All kinds of confusion, people dying from the heat and in the wintertime, of course, also from the cold, they have the ability to shut down our grids. We really need to focus in on this. The price of electricity is going to go up even more if they do this, but it's an absolute necessity. Cause remember. [00:03:09] Harrington event, which happened in the mid 18 hundreds, where there was a massive solar flare and it hit us here in the United States in a very bad way. But back then, it was just the, the Telegraph machines, one of those events, like the Harrington event happening now would put us back in the 18 hundreds for months and possibly years for some parts of this country, because we can't. [00:03:36] Protect ourselves adequately from even that let alone the hackers out. There [00:03:41] Matt Gagnon: [00:03:41] it is. Craig Peterson who joins us, he's our tech guru. And we hear from him every single Wednesday at this very time to talk over the world of technology. Another thing I've noticed too, spinning off into a totally different direction. [00:03:53] Craig has obviously the criticism of, and hatred of. The big tech companies continues to grow. I think, and what's interesting about it is that there's a lot of distrust and dislike of them in a bipartisan way, right? There's a there's Republicans that don't like them, obviously because of the free speech issue. [00:04:09] And there's a lot of left wing folks who also don't like them for entirely unrelated issues and reasons. But now there's a house committee which has approved a bill that could potentially break up Amazon, apple, Google, et cetera. What is [00:04:22] Craig Peterson: [00:04:22] this all about? Yeah, this is a very big deal because these big tech companies keep getting bigger and they use techniques. [00:04:31] The key competitors out of the marketplace and the techniques include buying companies that are worth tens of millions of dollars for a billion dollars, just so they don't have any competition. So we have this bill that was approved called the ending platform. Monopolies. Which came out with true bipartisan support came out of that committee. [00:04:56] And the question is, what do you do, Matt? These companies are really doing things that are not technically against the antitrust act, so that we have act here in the S. But in reality, are it certainly by the spirit of that law because they are keeping competition out. Now, I would like to say that the free market would take care of this, but again, we don't really have a free market. [00:05:26] And also the amount of control these people have is such that their profit margins are insane. Every one of these. Tech companies we're talking about. And then I include apple, Google, Facebook, Amazon. Every one of them has billions of dollars in cash sitting there in the bank to keep them. In that position. [00:05:50] So it reminds me of the robber barons way back when the late 18 hundreds, early 19 hundreds, the controlled so many of our industries here in the United States, they cause the antitrust laws to be put into place. Something has to be done. And yeah. I just don't know, Matt I'm not somebody who really trusts government any more than I trust to any of these big tech companies. [00:06:15]Matt Gagnon: [00:06:15] It's a question of who do you hate more right in the end of the day. All right. Final question for you, Greg. I'd like to go in this direction because we heard about John McAfee, recently passed away under not at all suspicious circumstances. Epstein didn't kill himself by the way. [00:06:29]McAfee of course is the Titan nor was the Titan, the originator of a big antivirus software company, which many of us have had installed on our computers against our will and had to deal with in some way. Antivirus software is in and of itself interesting. Cause I was just reading somewhere that a lot of antivirus software actually misses. [00:06:48] A gigantic amount of malware that ends up being on computers. Is this a problem? And if it is what do you do about this? There's just going to have to make your peace with the fact that your computer is infested with malware now or are there other options? [00:07:01] Craig Peterson: [00:07:01] Yeah, McAfee of course had tattooed on his body. [00:07:05] Find me dead. I did not kill myself. We know that he was not suicide. In Spain, the Spanish jail, your questions are really good. One because we're seeing as 70%. Mentoree antivirus software this year has missed 77 0% of the attacks that have been coming this year and McAfee himself came out and said that the McAfee antivirus software is useless against today's threats. [00:07:39] One of the senior executives at Symantec, which of course has Norton and other antivirus products, all. Came out and said our software's useless against modern threats. So to answer your question, there are some things you can do. And I'm going to go into this in more detail this weekend. I think it's an important thing here on our July 4th weekend independence day. [00:08:03] The bottom line is antivirus software no longer can protect you is using outdated technology. It's using signatures. So what happens is you can just like with a virus, you can get the virus and the body now knows those. T-cells remember how to fight that virus in the future. Antivirus software is much the same. [00:08:30] It's looking for. Things that have been seen before. That's not what's happening anymore. We're seeing all new threats, just constantly. We're seeing phishing attacks and the, it gets around the antivirus software. There are some solutions or some things you can do. And frankly, if you're running windows, There's some pre things you can do. [00:08:53] And I'm going to also, it's part of the series I've been doing. I'm going to be releasing this to people on my newsletter. I made a video last week, in fact about some things you can do. All right. But you have to sign up. You have to go to Craig peterson.com/subscribe. And you have to listen on Saturday from one till three, because we will be talking more about this as well. [00:09:15] Matt Gagnon: [00:09:15] And there you go. Promoting the show on the weekend. I love doing it. Craig Peterson, our tech guru always joins us on Wednesdays at this time. I appreciate it, Craig. Thanks so much. And we'll talk to you again very soon, sir. [00:09:24] Craig Peterson: [00:09:24] Take care, Matt.

    Our loss of privacy is bigger than you think - and what to start doing about it

    Play Episode Listen Later Jun 30, 2021 11:58

    [As heard on WTAG, WHYN, WHJJ on 2021-06] You might have an idea of how much privacy has been lost. I went through a lot of the details today. The idea is to help you understand what you're doing to yourself by using all of these different new technologies and what can you do right now to start getting your privacy under control? So here we go with Mr. Polito. [00:00:29] Jim Polito: Our good friend tech talk guru Craig Peterson has talked about this before. When you click that, "I accept" in the terms and conditions for something online, he is always explained what's going on there. And how, in many instances, as you are the product for that app, the app is in the product. [00:00:48]Now there are more concerns about just clicking "I accept." Joining us now. We accept our good friend here every week at this time, Craig Peterson the tech talk guru. Good morning, sir. [00:01:02] Craig Peterson: [00:01:02] Hey, good morning. Click away. It's quite a thing. Isn't it. Where does this article come from? We're talking about, did you notice this? [00:01:10] The daily mail came out of the UK, not in America. [00:01:15] Jim Polito: [00:01:15] Yeah, I know. Very interesting. And I just happened to have the daily mail app on my phone because it's one of the stops I make in show prep. So there's a warning. And of course, Greg, this doesn't come as any surprise probably to regular listeners because you've been talking about all the things that are included in there. [00:01:36] And but what's the latest concern. [00:01:38]Craig Peterson: [00:01:38] What they did is they put it all together and it's rare that you see this. So they started Dawn. What's the first thing you do while you check at your phone, I would actually put it back even a few hours. What do you do at night with your smartphone? You plug it in and it's sitting right there next to you. [00:01:57]So now you've got all of these busy bodies that the tech companies cause remember. Apps, many of these are tracking use. They're not free. They're gathering information about you. So they know every night Jim puts his phone here and oh, buys the ways. So does this woman and this guy. Oh, okay. That's where Jim Pollito lives, right? [00:02:21] So it's your smartphone manufacturer, particularly if it's Google, but it's true for apple app developers or mobile phone company, intelligence agencies. If they're watching you, which happens all the time. But all they're doing is collecting metadata. [00:02:43] Yeah. That's exactly what it's used for, what time you're waking up where, who you're sharing your Baird bed with? Where are you going when you go to work? If you're speeding, when you're going to work, right? It's anybody's guess where all of this stuff is ending up at now. We're adding ring doorbells that we have on the front of our home. [00:03:04] Please more than I think it's 1500 right now. Police departments are taking these feeds from ring. So now they have cameras in all of the neighborhoods. We have facial recognition from those ring cameras and from all the other cameras are putting around our home. So they know where we are, who we are. [00:03:23] Vizio. A TV manufacturer has been caught. Watching us through a camera, hidden camera and the TV, listening to what we're saying. And even if the company isn't doing now, like your Samsung TV, they are tracking exactly what you're watching, where it's going. Facebook has been accused with. They're a wonderful little portal device, which is a, something that allows you to talk to someone. [00:03:50] Face time. They've been accused of listening in on everything you're saying, because people including my son last week, he was at his girlfriend's house. She has the two of these Facebook portals. They started talking about maybe getting a hammock. Talking about it, not on a conversation on the portal at all. [00:04:09] And all of a sudden what starts happening, their feeds are showing ads for hammocks, even though they hadn't looked for them before. So our cars are logging the places we're going. They're tracking how fast we're going. We have legislators right here in mass who are looking at it saying these electric cars, oh my gosh, we're not getting our gas taxes, which we don't bother using to fix the roads. [00:04:34] That would be a terrible. It was electric cars. Aren't paying gas taxes. We want the cars to report on you and tell them how many miles you drove in math. And from that, they will send you a bill every year. If you want to, re-register your electric car. We were doing DNA testing kits for health reasons. [00:04:55] Maybe we were trying to find out if we truly are Italian or. That genetic information is up for grabs anybody who's willing to pay for it. This is a surveillance state at something even the Staci weren't able to do. They only had files on about a third of the population of east Germany intelligence agencies today here in the us. [00:05:17] Remember. Our information that was being kept by the federal government, including all the background check information for people that have secret top secret and other clearances, all of that information was stolen by China. We're giving this away. We are not keeping it safe. We're on top of all of this, Jim, we're telling people we're going on social media. [00:05:40] Oh yeah. I'm going away for a week. We're going to a w wherever on vacation, it's going to be a great time. So now even the bad guys know this is amazing. We have right now started to enter the days of artificial intelligence. Yeah. And it's not like you and I, the way we think it's putting pieces of a puzzle together, that's what computer artificial intelligence is all about. [00:06:06] And all of this stuff that we're allowing to be tracked from the national health service all the way on down in the UK and in the UK. This is really something we've got to start pulling our wings. And we're talking [00:06:20] Jim Polito: [00:06:20] with our good friend tech talk guru, Craig Peterson, Craig here's the thing. [00:06:25] So the reason that Facebook and these other places can offer all these services for free is because we are the customer and then they sell that information. You've just laid out the scenario about how those things get stolen, but they sell that information. Is this something where the government steps in with better regulation? [00:06:47] Or is this something where the marketplace says, Hey, do you want something like Facebook? Okay. Pay me $5 a month and you can have it, and then we won't try to do all this stuff, you've got to pay you to have this service. [00:07:01]Craig Peterson: [00:07:01] Facebook did try that at one point they were floating the idea. [00:07:05] But I want you to consider one other thing here, Jim, when you're talking about this, when has government ever decided they needed less information about the people? [00:07:21] Jim Polito: [00:07:21] Yeah. Yeah. You're rife. They don't, they want to know everything. Cause then they want to tax it. They want to regulate it. They want to, whatever. And here I am just bringing up regulation, but yeah. [00:07:33] Craig Peterson: [00:07:33] That's exactly what they're going to do. That's what they do. The job of a bureaucrat data. [00:07:38] I have Ribeiro grad in this country, whether they're working for the town of pod talk at Rhode Island, or they're working for the federal government, every bureaucrat in the country has one job don't get fired. And then the second job is grow my faith. Yeah. And that means that even if they were to pass laws, you remember, we already had laws about the federal government not watching us. [00:08:04] And then we found out, oh, wait a minute, eight T and T had been feeding the federal government, all of the information about all of the phone calls in the country since 1950. Yeah, there were laws against it. Okay. It, even if they say, okay, you can't use this information, you're gathering from marketing is what I'm more at about, frankly, because if I'm looking to buy an F-150 truck, I'd love to see offers on F150 trucks. [00:08:32] Okay. So being able to track me in my searches make sense. I'm extremely worried about. Everything else. And I'm very worried about this artificial intelligence being used, frankly, for evil. And it already is with some of these phishing attacks. It's this is just something it's something Facebook, by the way, even teams shadow profiles on people who don't even have accounts, because when you join Facebook, Facebook says, Hey, you want me to find your friends so you can link into them? [00:09:05] Yeah. Just upload your contacts to. Who did [00:09:11] Jim Polito: [00:09:11] so Craig, in the short time we have left what do you do? What do you do. [00:09:16] Craig Peterson: [00:09:16] I'm having a meeting about that today. In fact, there's some friends, I have a couple of attorney friends, and some other friends who are looking at this and saying, this is nuts. [00:09:25] What do we do? Apple is the only one. So you've found manufacturers out there that really does have your privacy in mind to a large degree. They have mostly been keeping us safe. That is generally speaking the best thing that you can do, but don't volunteer information, post himself up on Facebook. [00:09:47] You're posting pictures that have the GPS coordinates of where it was taken. Facebook has based. So recognition don't do that. Get away from doing that sort of thing. Also be careful with the information that you're sharing with any other company out there, Google some of these free photo services, et cetera, et cetera, that pulling it all together. [00:10:10] Facebook's given Microsoft search engine, the ability to see Facebook friends without their consent. It gave Netflix and Spotify the ability to read and even delete Facebook users. Private messages. Don't use these companies, mark Zuckerberg, the allegations are all out there that Facebook was started using illegal methods. [00:10:32]Crazy illegal methods scraping the the horrible. Book, if you will, of students and having people rate how good looking that woman is. Okay. All well and good, I guess if you were a teenager, but come on, this is not an ethical company. Google is not, they've even removed this slope. [00:10:52] Don't be evil from their website, stop using them things like duck, go for your searches posted up there. Don't make sure you turn off GPS tracking on everything you can paying attention. Apple now has this new feature that will tell you every app. Exactly what that app is supposedly doing in collecting data and doing with your data and make intelligent choices. [00:11:19] Jim Polito: [00:11:19] I got it. Craig, how do folks get more information? [00:11:23]Craig Peterson: [00:11:23] The easiest way is just go to Craig peterson.com. That's Frank Peterson with an o.com and you can subscribe to my newsletter. You'll get all of this stuff. You'll get also links to all of them like podcasts and nerves about I do about a dozen a week. [00:11:39] Believe it or not. Wow. And you'll be able to listen to those and you can listen to them on the iHeart radio app. Just go to Craig peterson.com/iheart or click on the iHeart logo. On my homepage, [00:11:51] Jim Polito: [00:11:51] Craig Peterson, everybody. He's the man, Craig. Thanks so much. We'll talk with you next week.

    Why Hydrogen Fuel Cells Won't Be Like the Hindenburg

    Play Episode Listen Later Jun 28, 2021 10:53

    We've got some really cool news that some people have interpreted as bad news. And this has to do with general motors and their hydrogen fuel cell. This is a very interesting story. I've always been fascinated with the Hindenburg and what happened there. And I did a lot of investigations. And of course, there was the initial investigation that happened back in 1937. When the Hindenburg actually crashed, I found online, you can buy pieces of the Hindenburg online. [00:00:35] There's this kind of an auction house. You can get a small square of the fab. Of the Hindenburgs outer shell for 99 bucks. I found them online. I didn't buy any, although I was thinking, that might actually be cool, but what am I going to do with it? Rights to get on a wall then what w what was interesting about it and about the fabric was what the German engineers had. [00:01:01] Now we know that you can use helium and helium is a great little gas it's inert. It's not going to catch fire. It is also lighter than air. There's a lunch, a lot of others, great properties that has, you can use it for super cooling things that you can't with. Most other gases, helium is much better for super cooling than oxygen is. [00:01:23] And hydrogen is Excel. Helium is getting hard to find the United States had a strategic reserve of helium. Now, to me, that makes sense because we did at one point need helium. We had dirge bubbles. We still do. We still use helium to send weather balloon. Been various other things, but then the federal government decided ELA. [00:01:48] We don't need to keep this reserve anymore. So they sold it off. As of next year, there won't be anything left in that strategic reserve. So where do we get helium? We get it from regular old oil mine. So they drill a hole it's created by the breakdown of various elements in the soil, primarily some of the hard rocks. [00:02:14] And as they break down and decay, they produce helium as one of the byproducts. Now what's been happening in the reason we are in. A helium shortage. Number three in fact, is that we are now fracking. Fracking Lutz is extract a lot more natural gas and a lot more , which is what we're really trying to do and keep some of those costs down. [00:02:44] But it also does not create as much helium and that's. And it's a really big problem when you get right down to it and you're trying to figure out if we're going to fill up a balloon, that's going to go up. What are we going to do now? Approximately a quarter of all of the helium that's news out there goes into these birthday balloons. [00:03:09] Okay. So yeah, it's it's kinda cool, but it's not an absolutely necessary thing, frankly, but it is used in all kinds of other things, including experiments. You remember? I said that helium is used to super cool thing. Think of these massive hydraulic colliders, some of the other experiments that are going on, where we have a magnet. [00:03:37] Now, one of the biggest, most important things we're doing with magnets right now is trying to create a container for nuclear fusion. Now nuclear fusion doesn't have the byproducts of nuclear fusion. Although we've solved most of those vision problems, you don't have this highly radioactive stuff anymore that we used to have in the old reactors. [00:04:01] Although we haven't been building new ones for what, 40 years now. But those particular types of containers, if you will, are built by these big magnets. So these magnets hold it in place. And in order to get the amount of power we need to, to these magnet, we have to super cool them. We have to super cool, the power supplies, and that is typically using helium. [00:04:27] So we've had to shut down some of these experiments. Because we don't have enough helium so much for the strategic reserve, that is almost completely depleted. And by the way, the federal government in its infinite wisdom sold that helium off at a fraction of fair market value. That's a problem because it just went crazy. [00:04:52] People were using it for things that just weren't that important. And now many of our experiments are getting shut down, but in the world war two era and pre-World war II era Germany had a problem trying to get helium itself. Germany doesn't have a whole lot of oil reserves and it had to buy everything. [00:05:12] And the United States really didn't want to sell here. To Germany. So what Germany did and you guys probably all know this from your history lessons, cause you are the best and brightest hydrogen was used. And because hydrogen was used it was a flammable gas. And when there was a spark, when it was trying to land. [00:05:36] It went up, it caught fire. Now what's really interesting is if you look at the pictures that were taken of it burning, there were obviously elements other than hydrogen, because hydrogen burns beautifully pure. You can't really even see it. And what would normally happen is you wouldn't have. Poof. [00:05:58] And the whole thing just burns up. You'd have a hole and that hole be shooting a flame out as it was ignited, right as the hydrogen was ignited and the whole, my discontinue to get a a little bigger until there's no pressurized hydrogen anymore. And the fire's over, but that's not what happened with the Hindenburg. [00:06:18] She caught fire. Because of that spark and it had that spark because of the weather conditions at the time, they just weren't being cautious enough. In fact, that was the very last large dirigible Airship. Ever made, frankly it's crazy, yeah. We got the Goodyear blimp, we got some of these others and they need the helium to fill them up. [00:06:43] And then over time it was kinda like a swimming pool. You filled it up and you, all you have to do is just add a little bit more now, and then you don't have to, because of leakage, you don't have to completely refill it all of the time. So what ended up happening is they had hydrogen on board. [00:07:02] Had the spark started a flame and then the cloth material that coated this massive container holding all of the hydrogen caught fire, but it didn't just catch fire. What happened was it caught fire and. It burned very quickly because effectively the entire outside surface of the Hindenburg was coated with rocket fuel. [00:07:30] Some of the same components that go into gunpowder aluminum powder, which gave it that kind of silver shine. They really messed up. So people are looking at what is happening now with general motors. Tech fuel cell technology and other a little bit worried because this technology was developed for cars. [00:07:51] It is being used in some parts of the world, in some parts of the country. I know California has some hydrogen cars on the road with a fuel cell. Now they're not burning hydrogen. In order to transport the car, they're actually allowing a chemical process to occur. So the hydrogen atom is attracted to the oxygen atom and they use a membrane so that they're trying to get together. [00:08:18] And that's what produces electricity. And then what is the result when you have two hydrogen atoms and an oxygen atom and they combine H two O so the only. Final end product here coming out of that car is pure. Which is cool. So GM says wait a minute. Now we have this technology, why don't we try and make airplanes a little bit more efficient? [00:08:45] And so they're saying you don't, you're taking off with two tons of water on board. How about we put a hydrogen fuel cell in there. You will be well to generate electricity. Now that's a very big deal because now that electricity doesn't have to be generated by the turbines of the gas engine. And on top of it all, you don't have to take off with two tons of water on board because we can generate water as your. [00:09:16] And of course, they're not going to coat it with a rocket fuel. They are going to put it in one of these really cool containers that is considered to be very safe. So it's very cool. So the litmus test, according to our friends over at general motors, he this is a GM executive. Director Charlie frees. [00:09:36] He says our technology can address customer needs in a wide range of uses on land, sea, air, or rail. And this collaboration we could open up new possibilities for aircraft transitioning to alternative energy, power sources. Now I don't expect a plane to be actually flying on this any time soon. [00:09:58]Hydrogen is a great little fuel, but it doesn't provide enough energy to get that jet off the ground at all, but it does provide enough energy to supplement it so good for them. I think this is a good use frankly, of the hydrogen fuel cells, as long as we can avoid it leaking and causing other major problems. [00:10:21] But I think that can be solved. Look at what we've been able to do now. These containers for the pretty much everything that can be hit by a train at full speed and not. So I think we got this covered. All right, everybody stick around. We'll be right back. And we're going to talk about it. A new type of vigilante that you may not have heard of before. [00:10:46] Of course, you're listening to Craig Peterson. Check me out online. CraigPeterson.com.

    You're not going to want to click "I Agree" anymore

    Play Episode Listen Later Jun 28, 2021 8:55


    [ As heard on WGIR, WQSO, and WKXL on 2021-06-28] Privacy is gone. We started talking this morning with Mr. Christopher Ryan, and we got into our privacy. There's a great article that I'll have this weekend in my newsletter from the Daily Mail about about this whole thing. And it's titled "Read This and You Won't Click 'I Agree' Ever Again". So we got into that and also into this new bill here, it's called the ending platform monopoly, please act, can we split up these huge companies, these social media companies, et cetera, that are providing various platforms. Should we split them up? [00:00:37] This is a real interesting topic and one that's going to affect every last one of us. And of course, Chris and I both had opinions. [00:00:46] Chris Ryan: [00:00:46] I am Chris Ryan. Craig Peterson is the host tech talk on news radio six, 10 and 96. 7 Saturdays and Sundays at 11:30 AM. [00:00:54] One of the more fascinating things about the tech environment is how. Either we don't care or it's unbeknownst to us that we allow for tech companies to spy on us and to have an inner track basically to our minds and to our souls were for many years, we always wondered why other people were thinking, right? [00:01:19] Like what does that person thinking? And there was no way to ever really. But now there are ways to know, because we look into things on Google. We look into things via searches and we like certain things. We agree on certain things. And as a result of that we at some points in time are just giving the money, the giving information to tech companies, but at other points in time, We're actually showing via social media, who we are in ways that we never would have done in the past and employers, friends, everybody get a completely different view of a person's true inner feelings and how their mind works via social media that we never had before. [00:02:02] Craig Peterson: [00:02:02] It is potentially a huge problem. We've got these busy bodies, if you will, that are listening to basically all of the signals we're sending out. We tell them where we live. You may not have given them your address, but if you have apps on your phone that you guaranteed that smartphone now who stays in the same house every night, they know where you. [00:02:26] They know what you're like because of what you're searching for online, the website you're going to, they know what you say with some of these devices. My son I had was over his girlfriend's house and had a conversation with her about getting a hammock in front of one of these little portals from our friends at Facebook. [00:02:46]Immediately ad started showing up for all of us. So we're telling these tech companies, everything that we're doing, we have microphones in our rooms, our television visions, Vizio, which is one of the major manufacturers was caught watching us. Who is looking at the TV when they're looking at it so they can get better ratings. [00:03:09] Microphones are being used. The spy agencies worldwide now have direct access to us. It's a real problem. And it's a problem for you and me, not just for someone that's a high tech. High value target. It's a problem for you and me because now all of this information is also available to the regular bad guys. [00:03:30] That's what they're using for fishing. They're getting you to do things on marketers are getting you to do things. Obviously the PI getting all this information and showing you the right information at the right time, the bad guys are getting you to do things by clicking on it. So links going to websites that are actually going to cause you harm. [00:03:51] And we're seeing huge increases in all of this, Chris. Right? [00:03:56] Chris Ryan: [00:03:56] And it's the, those types of things are happening behind the scenes, but it's also a lot of the outward things. What do you post about, what do you say? How do you interact with other people? All of these types of things are accessible to the public at times, and also accessible, behind the scenes as well. [00:04:13] And it allows for a catalog to be built on you as an individual. And we are. Insight into our inner thinkings and our process that we would never have thought about that our parents would have never thought about doing before. And as a result of that there is a lot of things that take place out in society that, may we may not understand, or we may not completely comprehend, but a lot of it has to do with. [00:04:46] Behavior on social media and our inability to know when to say things and when not to say things, and that is a huge problem. [00:04:56] Craig Peterson: [00:04:56] It is knowing when to shut up. It's right there in politics as well. The Obama campaign was the first to mine. Incredible amounts of data from Facebook. Incredible. [00:05:09] Far more access than anyone had ever had before Facebook just literally gave it to them. And then you had the Trump campaign come along and the higher, the Cambridge Analytica guys who had access to much less data than the Obama campaign had. But in both cases you were saying. Ads that were so tightly targeted at people and individuals that you really were being manipulated because they know what you're saying. [00:05:37] They know what you're doing, they know who your friends are, and they put it all together now to lead you down that Primrose path, whatever. See, that's where I really get concerned. We are absolutely being manipulated. And as you pointed out, Chris we're being manipulated voluntarily. We're telling them everything we possibly can about us when we're posting on these various sites. [00:06:04] Chris Ryan: [00:06:04] That's a really good point. How's judiciary committee approved antitrust legislation that could prohibit platform operators like Amazon, apple, Google, and Facebook from favoring, their own products and services. And the legislation could even break up industry giants by forcing them to eliminate or sell certain divisions. [00:06:21] I don't see any way shape or form that this becomes law. That being said there is a public desire. For law to come to fruition that creates a more even playing field breaks up big tech breaks up these corporate giants and creates an environment where there is more shared prosperity. And. I'm curious as to what your thoughts are on this and what direction this goes and does do these companies need to be broken up in your view, a and B given how tightly they're able to control political figures via donations and power and things of that nature. [00:07:06] Is there any way that these big tech companies get back? [00:07:10]Craig Peterson: [00:07:10] It's a great question. And I would love to say that let the marketplace take care of it, but these companies are so incredibly profitable. The odds of them going under are very slim. Look at how long now we've had Facebook and Google out there. [00:07:27] I'm sure their predecessors died. Their predecessors, trying to have went that way. My space out, et cetera. But these people have had so much control, so much money, so much profit that the opposite they are going to be corrected by the marketplace are slim. Because part of the problem, Chris, with these huge guys is they keep everybody else out of the market. [00:07:52] Get Instagram, a company that was worth maybe $50 million. Facebook has been out there paying a billion dollars to buy their perspective competition. And they've done it multiple times. Google has done it multiple times. We're talking about a hundred times what the company is worth, just so they don't have to face competition. [00:08:16] So now that brings in this ending platform monopolies, right? That you just mentioned will that help? Yeah, but yeah, I don't know. How do you break them up? There's obvious ways you can slice them up, but is there the stomach for the federal government to get involved in this? And we're just giving it all to these companies with margins, proper margins that are insane. [00:08:41]Chris Ryan: [00:08:41] As always. [00:08:41] Craig, thank you so much. Appreciate your time. Hey, take care. Craig Peterson, joining us here on Hampshire day. Host of tech talk on news radio 610 and 96.7 Saturdays and Sundays at 11:30.


    Vigilante Malware affecting 40% of software - Google and Apple Improving Your Privacy

    Play Episode Listen Later Jun 26, 2021 82:34

    [Weekly Show #1119 2021-06-26] We've got some really cool news that some people have interpreted as bad news. And this has to do with general motors and their hydrogen fuel cell. This is a very interesting story. [00:00:13] I've always been fascinated with the Hindenburg and what happened there. And I did a lot of investigations. And of course the, there was the initial investigation that happened back in 1937. When the Hindenburg actually crash, I found online, you can buy pieces of the Hindenburg online. [00:00:35] There's this kind of an auction house. You can get a small square of the fab. Of the Hindenburgs outer shell for 99 bucks. I found them online. I didn't buy any, although I was thinking, that might actually be cool, but what am I going to do with it? Rights to get on a wall then what w what was interesting about it and about the fabric was what the German engineers had. [00:01:01] Now we know that you can use helium and helium is a great little gas it's inert. It's not going to catch fire. It is also lighter than air. There's a lunch, a lot of others, great properties that has, you can use it for super cooling things that you can't with. Most other gases, helium is much better for super cooling than oxygen is. [00:01:23] And hydrogen is Excel. Helium is getting hard to find the United States had a strategic reserve of helium. Now, to me, that makes sense because we did at one point need helium. We had dirge bubbles. We still do. We still use helium to send weather balloon. Been various other things, but then the federal government decided ELA. [00:01:48] We don't need to keep this reserve anymore. So they sold it off. As of next year, there won't be anything left in that strategic reserve. So where do we get helium? We get it from regular old oil mine. So they drill a hole it's created by the breakdown of various elements in the soil, primarily some of the hard rocks. [00:02:14] And as they break down and decay, they produce helium as one of the byproducts. Now what's been happening in the reason we are in. A helium shortage. Number three in fact, is that we are now fracking. Fracking Lutz is extract a lot more natural gas and a lot more , which is what we're really trying to do and keep some of those costs down. [00:02:44] But it also does not create as much helium and that's. And it's a really big problem when you get right down to it and you're trying to figure out if we're going to fill up a balloon, that's going to go up. What are we going to do now? Approximately a quarter of all of the helium that's news out there goes into these birthday balloons. [00:03:09] Okay. So yeah, it's it's kinda cool, but it's not an absolutely necessary thing, frankly, but it is used in all kinds of other things, including experiments. You remember? I said that helium is used to super cool thing. Think of these massive hydraulic colliders, some of the other experiments that are going on, where we have a magnet. [00:03:37] Now, one of the biggest, most important things we're doing with magnets right now is trying to create a container for nuclear fusion. Now nuclear fusion doesn't have the byproducts of nuclear fusion. Although we've solved most of those vision problems, you don't have this highly radioactive stuff anymore that we used to have in the old reactors. [00:04:01] Although we haven't been building new ones for what, 40 years now. But those particular types of containers, if you will, are built by these big magnets. So these magnets hold it in place. And in order to get the amount of power we need to, to these magnet, we have to super cool them. We have to super cool, the power supplies, and that is typically using helium. [00:04:27] So we've had to shut down some of these experiments. Because we don't have enough helium so much for the strategic reserve, that is almost completely depleted. And by the way, the federal government in its infinite wisdom sold that helium off at a fraction of fair market value. That's a problem because it just went crazy. [00:04:52] People were using it for things that just weren't that important. And now many of our experiments are getting shut down, but in the world war two era and pre-World war II era Germany had a problem trying to get helium itself. Germany doesn't have a whole lot of oil reserves and it had to buy everything. [00:05:12] And the United States really didn't want to sell here. To Germany. So what Germany did and you guys probably all know this from your history lessons, cause you are the best and brightest hydrogen was used. And because hydrogen was used it was a flammable gas. And when there was a spark, when it was trying to land. [00:05:36] It went up, it caught fire. Now what's really interesting is if you look at the pictures that were taken of it burning, there were obviously elements other than hydrogen, because hydrogen burns beautifully pure. You can't really even see it. And what would normally happen is you wouldn't have. Poof. [00:05:58] And the whole thing just burns up. You'd have a hole and that hole be shooting a flame out as it was ignited, right as the hydrogen was ignited and the whole, my discontinue to get a a little bigger until there's no pressurized hydrogen anymore. And the fire's over, but that's not what happened with the Hindenburg. [00:06:18] She caught fire. Because of that spark and it had that spark because of the weather conditions at the time, they just weren't being cautious enough. In fact, that was the very last large dirigible Airship. Ever made, frankly it's crazy, yeah. We got the Goodyear blimp, we got some of these others and they need the helium to fill them up. [00:06:43] And then over time it was kinda like a swimming pool. You filled it up and you, all you have to do is just add a little bit more now, and then you don't have to, because of leakage, you don't have to completely refill it all of the time. So what ended up happening is they had hydrogen on board. [00:07:02] Had the spark started a flame and then the cloth material that coated this massive container holding all of the hydrogen caught fire, but it didn't just catch fire. What happened was it caught fire and. It burned very quickly because effectively the entire outside surface of the Hindenburg was coated with rocket fuel. [00:07:30] Some of the same components that go into gunpowder aluminum powder, which gave it that kind of silver shine. They really messed up. So people are looking at what is happening now with general motors. Tech fuel cell technology and other a little bit worried because this technology was developed for cars. [00:07:51] It is being used in some parts of the world, in some parts of the country. I know California has some hydrogen cars on the road with a fuel cell. Now they're not burning hydrogen. In order to transport the car, they're actually allowing a chemical process to occur. So the hydrogen atom is attracted to the oxygen atom and they use a membrane so that they're trying to get together. [00:08:18] And that's what produces electricity. And then what is the result when you have two hydrogen atoms and an oxygen atom and they combine H two O so the only. Final end product here coming out of that car is pure. Which is cool. So GM says wait a minute. Now we have this technology, why don't we try and make airplanes a little bit more efficient? [00:08:45] And so they're saying you don't, you're taking off with two tons of water on board. How about we put a hydrogen fuel cell in there. You will be well to generate electricity. Now that's a very big deal because now that electricity doesn't have to be generated by the turbines of the gas engine. And on top of it all, you don't have to take off with two tons of water on board because we can generate water as your. [00:09:16] And of course, they're not going to coat it with a rocket fuel. They are going to put it in one of these really cool containers that is considered to be very safe. So it's very cool. So the litmus test, according to our friends over at general motors, he this is a GM executive. Director Charlie frees. [00:09:36] He says our technology can address customer needs in a wide range of uses on land, sea, air, or rail. And this collaboration we could open up new possibilities for aircraft transitioning to alternative energy, power sources. Now I don't expect a plane to be actually flying on this any time soon. [00:09:58]Hydrogen is a great little fuel, but it doesn't provide enough energy to get that jet off the ground at all, but it does provide enough energy to supplement it so good for them. I think this is a good use frankly, of the hydrogen fuel cells, as long as we can avoid it leaking and causing other major problems. [00:10:21] But I think that can be solved. Look at what we've been able to do now. These containers for the pretty much everything that can be hit by a train at full speed and not. So I think we got this covered. All right, everybody stick around. We'll be right back. And we're going to talk about it. A new type of vigilante that you may not have heard of before. [00:10:46] Of course, you're listening to Craig Peterson. Check me out online. CraigPeterson.com. [00:10:52]Well, you probably know again here, because you're the best and brightest, what a vigilante is. Well, I bet you haven't really heard about this type of vigilante before, and it is causing havoc for as many as 40% of computers. [00:11:10]Well, vigilantes have throughout history decided that they were going to take the launch of their own hands. [00:11:16] Now, way back when there wasn't law enforcement, et cetera, that's just what you did. And then we ended up with the tribes and our tribes would decide, okay, what's going to happen to this person. And you know, one of the worst things that could possibly happen way back. Caveman days. And after frankly, the worst thing that could happen to you is getting banished because having a group of people who are living together, cooperating together, working together makes all of the difference when it comes to survive. [00:11:53] And being kicked out of that tribe out of that group meant you had a very low chance of long-term survival. And if you went into another group, they'd really be suspicious about you because where did you come from? Did somebody kick you out because you did something really, really bad? You know, I kind of wonder if that's not deeply ingrained inside of us from all of those. [00:12:19] Centuries millennia with that whole type of process in place where we see someone that's different than us. And we kind of wonder, right. If you think that's where that might've come from. Interesting thought. I don't know that I've ever seen any studies about that. So vigilantes