Welcome to the Nov 16, 2014 issue of
CompuNerds.Net-News (←home page)
Google's new Nexus 6 "phablet" made by Motorola has finally hit the scene... if you can find it. Google and other retailers released this six-inch phone/tablet on October 15, but the websites selling it are out of inventory: it must be a hot item! See Best And Worst Things About The Nexus 6 for a balanced review. The Nexus 9, a nine-inch tablet made by HTC, is available in some but not all configurations: it comes with 32GB or 64GB of RAM, in a white, black or beige case, and with WiFi only or WiFi+LTE connections. Both are quality-made "flagship" devices that set new standards, slightly lower in price than similarly-featured devices from Samsung or Apple.
The Nexus 6 and 9 are running Google's new Android 5.0 "Lollipop" operating system that brings the "Material Design" user interface providing a smoother tactile and visual feedback. It also has a low-power mode that promises an extra 75 minutes of battery life, and a "Turbo Charger" that charges up the battery in 15 minutes giving six hours of play. Here's a good review: Android 5.0 Lollipop Review: Smartphone Edition. Google is also rolling out Android 5.0 "Lollipop" to owners of older Nexus phones and tablets, but this may take a week or two before everyone's Nexus devices are updated. Owners of non-Nexus Android devices will have to wait longer for those manufacturers to incorporate Lollipop into their customized versions of Android.
THOUGHT FOR THE DAY
Not everything that counts can be counted, and not everything that can be counted counts. - Einstein
Here's my take on these new devices and the new OS: so what! As I read the articles, blog posts and sweaty "Gotta get it!" comments, I'm struck by the way Each New Thing elicits lustful cravings. Remember when a phone was a phone, a thing you called human beings with and actually talked to them? But now we can IM, TXT, SMS, Video and Play on whatever the Next New Thing is, so we "gotta get it" if we want to be "in." I'm impressed by how many highly-paid professionals don't walk around with their smartphones glued to their ears or their eyes glued to the screen. Instead, it's the up-and-coming "wanna-bes" or even the poor who ape these behaviors, so that observers will supposedly believe they are "in." Truly successful people when in public places put other people first, not technology. They limit the use of technology to private workplaces.
The Security Blurbs:
In our last issue we commented on the newly-discovered USB infection threat, the fact that not just the RAM on a thumb drive can be infected (this has been going on for several years), but now we've learned that also the EPROM (Electronically Programmable Read-Only Memory) containing the software driver of any device with a USB plugin can be "flashed" to contain malware. Here's the good news / bad news: Only Half of USB Devices Have an Unpatchable Flaw, But No One Knows Which Half. Isn't that a comforting thought?
A new Kaspersky Labs article The Darkhotel APT (Advanced Persistent Threat) tells about a high-level, probably government-sponsored hacker team that uses "spearfishing" to go after targeted business executives, sales and R&D people, and representatives of other governments and their military as they travel around the world staying in hotels, mainly in the Asia-Pacific area.
For at least the past four years, the Darkhotel team has been insinuating itself into hotels' WiFi networks, often using a fake "software update" notification to plant spyware on the PC of the targeted individual, then quickly removing all traces of its intrusion from the hotel's WiFi network. The way to protect oneself when travelling is to always use a VPN and never do software updates.
Here we learn that The Feds Are Now Using "Stingrays" in Planes to Spy on Our Phone Calls. The "Stingray" device, also known as a "Dirtbox," is two-foot square and simulates a cell tower, collecting data on potentially tens of thousands of phones during a single flight. These boxes have been used in vans for over a decade, but now have gone airborne and can collect data on far more people. Of course, they say they'll retain only the data of crooks or spies they're tracking, and discard the rest.
Here's a snippet, 2nd Russian Hacker Group Accused of Targeting NATO, from The Moscow Times about a group of hackers called APT28 - "But evidence of a wide-ranging cyber espionage campaign is mounting. Earlier in October, another U.S. cyber security firm said that a group of Russian hackers with suspected government backing had used a previously unknown backdoor in Microsoft Windows operating systems to spy on NATO and several Western governments.
"APT28 does not appear to be stealing intellectual property or directly profiting from stolen financial information, as is characteristic of China-based actors tracked by FireEye, the report said. Instead, the hackers focus on defense and geopolitical intelligence-gathering. The sophistication of APT28's malware indicates that the group is state-sponsored, the report said. Samples of the group's coding show that work on the group's cyber weapons corresponds to a normal working week in the St. Petersburg and Moscow time zone almost 90 percent of the time."
Were the Russian hackers the first to discover this "previously unknown backdoor," or did the NSA force Microsoft to place it there? It could be "baked in" the operating system so deep that it took a team of highly-qualified hackers a long time to decompile the Windows OS machine code back into Assembler language, and then painstakingly document what each subroutine was intended to do. I've had to debug Assembler language before, and it's not an easy task, but that's is how it's done.
This illustrates the problem of entities such as the NSA forcing software companies to provide a "backdoor" access to customers' information: once you create a "backdoor," there is no failsafe way to prevent the "bad guys" from discovering and using it against you. "Security through obscurity" is no real security at all.
The goal of our CN.Net-News is to share information that we think you'll find helpful as you wrestle with that little monster on your desk or at your side, your computer, tablet or phone. And we aim to present this information from a Christian worldview. Thanks for your time!
"Dr. Bob the CompuNerd"
Robert D hoskEN
See the "nerd" in my name? (It helps if you're a little dyslexic!)
Visit our website: CompuNerds.Net
And check out: Quality website hosting and email