My Weekly RoundUp #76
The subjects of my reads in the last week?
Qubits, Collection#1, AS400, Lisp and….Game of Thrones!
HBO revealed Game of Thrones season 8’s premiere date
As expected, HBO used Sunday Night’s premiere of the third season of True Detective to finally reveal the exact date when the eighth and final season of Game of Thrones will arrive. It’s official — we’re all returning to Westeros April 14.https://bgr.com/2019/01/13/game-of-thrones-season-8-release-date-april-14/
Building a Spotify player for Mac SE/30
The app is called MacPlayer and works thanks to the magic of Spotify Connect. The speaker itself streams and plays the music, and the Mac simply tells the speaker which song to play (as well as volume, current playlist, shuffle mode and other settings).https://68kmla.org/forums/index.php?/topic/55998-building-a-spotify-player-for-my-mac-se30/
The Lisp Badge, a computer programmed in Lisp with a self-contained keyboard and display
…is a self-contained computer with its own display and keyboard, based on an ATmega1284, that you can program in the high-level language Lisp.
You can use it to run programs that interface to components such as LEDs and push-buttons via the I/O pins, read the analogue inputs, and operate external devices via the I2C and SPI interfaces. It has a greyscale OLED display that gives 8 lines of 42 characters, and an integrated 45-key keyboard optimised for Lisp.http://www.technoblogy.com/show?2AEE
Are you sure those WhatsApp messages are meant for you?
Senior Amazon technical expert Abby Fuller had a bit of a shock when she logged into WhatsApp using a new telephone number earlier this month. She found someone else’s messages waiting for her.https://nakedsecurity.sophos.com/2019/01/16/whatsapp-messages-may-not-be-for-you-just-ask-this-software-engineer/
There’s a simple reason why your new smart TV was so affordable: It’s collecting and selling your data
If you want a 65-inch 4K smart TV with HDR capability, one can be purchased for below $500 — a surprisingly low price for such a massive piece of technology, nonetheless one that’s likely to live in your home for years before you upgrade.https://www.businessinsider.com/smart-tv-data-collection-advertising-2019-1
But that low price comes with a caveat most people don’t realize: Some manufacturers collect data about users, then sell that data to third-parties. That data can include what type of shows you watch, which ads you watch, your approximate location, and more.
People start to wake up to the pervasive third-party tracking that comes with 90% of Android apps
The operator of the Weather Channel mobile app misled users who agreed to share their location information in exchange for personalized forecasts and alerts, and they instead unwittingly surrendered personal privacy when the company sold their data to third parties, the city attorney, Michael Feuer, said.
Getting an IBM AS/400 Midrange computer on the internet
Recently I’ve gotten a hold of an old IBM mid-range computer, an AS/400 150.https://justanotherelectronicsblog.com/?p=503
This is an 1997 server very much aimed at businesses, pay-rolling, inventory management and such. It can be used as a multi user system, with users logging in via a terminal.
The operating system it runs is OS/400 and that is also the only OS it can run, no Linux available for this system.
The 773 Million Record “Collection #1” Data Breach
Security researcher Troy Hunt reported a massive leak consisting of 773 million unique email IDs and 21 million unique passwords, which he refers to as Collection #1.
Collection #1 is a set of email addresses and passwords totalling 2,692,818,238 rows. It’s made up of many different individual data breaches from literally thousands of different sources. (And yes, fellow techies, that’s a sizeable amount more than a 32-bit integer can hold.)https://www.troyhunt.com/the-773-million-record-collection-1-data-reach/
In total, there are 1,160,253,228 unique combinations of email addresses and passwords. This is when treating the password as case sensitive but the email address as not case sensitive. This also includes some junk because hackers being hackers, they don’t always neatly format their data dumps into an easily consumable fashion.
How the government shutdown is influencing cybersecurity jobs
At time of writing, the Department of Homeland Security has furloughed 20 percent of its staff dedicated to “main cyber operations,” as well as administrative and supporting roles. But when you look at the entire cybersecurity apparatus of the federal government, the total potential loss of talent is far greater than the DHS alone. According to a planning document, 43 percent of the entire US cybersecurity workforce is currently furloughed.https://blog.malwarebytes.com/security-world/2019/01/government-shutdown-influencing-cybersecurity-jobs/
Unprotected Government Server Exposes 3 terabytes of data containing millions of sensitive files
The unsecured storage server, discovered by Greg Pollock, a researcher with cybersecurity firm UpGuard, also contained decades worth of confidential case files from the Oklahoma Securities Commission and many sensitive FBI investigations—all wide open and accessible to anyone without any password.https://thehackernews.com/2019/01/oklahoma-fbi-data-leak.html
Other severe files exposed included emails, social security numbers, names, and addresses of 10,000 brokers, credentials for remote access to ODS workstations, and communications meant for the Oklahoma Securities Commission, along with a list of identifiable information related to AIDS patients.
New Android Malware Apps Use Motion Sensor to Evade Detection
These apps don’t just use traditional evasion techniques; they also try to use the user and device’s motions to hide their activities.https://blog.trendmicro.com/trendlabs-security-intelligence/google-play-apps-drop-anubis-banking-malware-use-motion-based-evasion-tactics/
As a user moves, their device usually generates some amount of motion sensor data. The malware developer is assuming that the sandbox for scanning malware is an emulator with no motion sensors, and as such will not create that type of data. If that is the case, the developer can determine if the app is running in a sandbox environment by simply checking for sensor data.
The malicious app monitors the user’s steps through the device motion sensor. If it senses that the user and the device are not moving (if it lacks sensor data and thus, might be running in a sandbox environment), then the malicious code will not run.
Physicists Record Temporal Coherence of a Graphene Qubit
Researchers from MIT and elsewhere have recorded the “temporal coherence” of a graphene qubit — how long it maintains a special state that lets it represent two logical states simultaneously — marking a critical step forward for practical quantum computing.https://scitechdaily.com/physicists-record-temporal-coherence-of-a-graphene-qubit/
Researchers from MIT and elsewhere have recorded, for the first time, the “temporal coherence” of a graphene qubit — meaning how long it can maintain a special state that allows it to represent two logical states simultaneously. The demonstration, which used a new kind of graphene-based qubit, represents a critical step forward for practical quantum computing, the researchers say.
To save the sound of a Stradivarius, the whole tows of Cremone must keep quiet
The people of Cremona are unusually sensitive to noise right now. The police have cordoned off streets in the usually bustling city center and traffic has been diverted. During a recent news conference, the city’s mayor, Gianluca Galimberti, implored Cremona’s citizens to avoid any sudden and unnecessary sounds.https://www.nytimes.com/2019/01/17/arts/music/stradivarius-sound-bank-recording-cremona.html