I hosted Eye Chart Radio with Mike LaPlante. Rush Sherman sent us this link to Steve Jobs giving a talk in 1983 I’ve never heard before. CES interviews with Fisher Price, Ziro, ThinOPTICS and Nite Ize. I’ll give you a caution about Dashlane security manager. Then we’ve got Security Bits with Bart Busschots.
Hi this is Allison Sheridan of the NosillaCast Mac Podcast, hosted at Podfeet.com, a technology geek podcast with an EVER so slight Macintosh bias. Today is Sunday February 4, 2017 and this is show number 613.
Appearances
This week I made my 6-weekly host appearance on Eye Chart Radio with Mike LaPlante. We pondered what we learned about Apple’s Q1 2017 earnings. We talked about the impact the US President’s ban on immigration might have on tech companies. We compared the President’s desire for US companies to bring more jobs into the US while Apple is building a factory in Bangalore, India. I really enjoyed talking to Mike about all of the topics. It’s a much different show than the NosillaCast and that made it fun for me. Mike now has a rotating cast of co-host (hence me being on every six weeks) so the easiest way to find the shows is by going to your favorite podcatcher and subscribing to Eye Chart Radio.
Next week, I’ll be on Monday’s edition of Daily Tech News Show with Tom Merritt. I have such a blast talking tech news with him. Mostly because I learn so much from trying to keep up with him. Here’s something else fun. Chris Ashley of the SMR Podcast was on the show on Friday, so when Tom signed out, he said, “And completing the DTNS/SMR/Podfeet alliance, Allison Sheridan will be on the show on Monday!” I loved it. Definitely go check out Chris’ appearance on show 2960 and I’ll be on 2961. DTNS is at dailytechnewsshow.com.
Chit Chat Across the Pond
I’m having a blast in the Programming By Stealth series with Bart. This week I completed the entire homework assignment! Ok, so Bart had to help me for some of it but I really think it’s starting to sink in. This week Bart teaches us about another “bad smell” and shows us how to get rid of it. Then we learn about glyph icons which are scalable icons for the web instead of pixel-based icons. It’s great fun and I can’t wait till we get homework not hat! Subscribe to Chit Chat Across the Pond on your podcatcher of choice, or at podfeet.com/blog/category/programming-by-stealth/.
Steve Jobs in 1983
Friend of the show Rush Sherman sent me a link to something I never expected, an audio recording of a talk Steve Jobs gave that I’ve never heard before. The talk was on June 15th, 1983 at the International Design Conference in Aspen. It’s fascinating to hear his vision and his ideas about design, before the Mac was even born. At one point he tells them that we can have functional tools that look like crap or we can have them look beautiful, and he’d rather they look beautiful. Since he’s talking to designers he asks for their help. Maybe you’ve heard this one before but like I said it was all new to me.
Marcel Brown, who goes by MB Tech, posted the audio over on Soundcloud so I put a link to it in the shownotes. Enjoy!
Let’s kick into the show with an interview with two super fun women who showed us a smart tricycle at CES.
Blog Posts
CES 2017: Fisher Price Smart Cycle
You can tell we had great fun with Colleen and Julia, right? Maybe it’s a job requirement to be super fun if you work for a toy company!
This next interview is with Raja Just from Ziro and while his products aren’t nearly as ready for prime time as some of the others, his enthusiasm for how children can learn robotics was really inspiring.
CES 2017: Ziro Robotics Kit
Patreon and Amazon
want to take a break to thank all of you who help pay the cost of creating the podcast through using the Amazon Affiliate Links at podfeet.com. It’s a pretty easy way to support the show. If you want to buy something on Amazon anyway, if you start your search by clicking on the big Amazon logo on the left side of podfeet.com, anything you buy will have a small percentage go towards hosting fees and other podcast costs.
If you’d like a more direct method, do like John Haller did this week and go to podfeet.com/patreon and pledge a specific amount of money to go towards the show. The default is to do it by episode, and you can pretty much guarantee that if there are 4 weeks in a month, you’ll get billed for four NosillaCasts. Five weeks in a month, that’ll be five shows. I really appreciate all those who have chosen to support us through Pateon.
Be Careful When You Create a Dashlane Account
CES 2017: ThinOPTICS Compact Reading Glasses
Darren gave me a pair of the ThinOPTICS reading glasses and they really are quite remarkable. I have one problem with them though. When I was in high school, I broke my nose in track. Hurdles. Yeah, think about how that had to happen. Anyway, I have a bump on my nose that isn’t from my French ancestry! Because of that I have to wear the thinOPTICS above the bump and my eyelashes hit the lenses when I blink! But other than that, the lenses are super clear and I can read easily as well as I can with my prescription glasses. If you didn’t break your nose doing hurdles in high school, I would definitely check out thinOPTICS compact reading glasses at thinoptics.com.
CES 2017: Nite Ize Gear Ties & Lanterns
Can you tell I’m a fan of Nite Ize? After the show I bought two big packs of the smallest Gear Ties, one in fluorescent orange and one in black. My plan is to replace all of Steves’s with black and all of mine with orange. That way if he steals one of my cables, I’ll know! I also bought Nite Ize Radiant 300 Rechargeable 300 Lumen LED Lanternthe rechargeable camping lantern.
he talked about. It’s crazy bright and it’s only $34 on Amazon right now (link in the show notes of course). Now I just need to go camping!
Security Bits
Important Security Updates
- Apple released security updates to all their current OSes: macOS 10.12.13, iOS 10.2.1, tvOS 10.1.1, watchOS 3.1.3 – tidbits.com/…
- Apple also released Safari 10.0.3 for OS X Yosemite & El Capitan – tidbits.com/…
- Apple automatically pushed a firmware update to their AirPods – tidbits.com/…
- WordPress pushed out an update through their autoupdate mechanism last week. At the time, it seemed an un-remarkable point release, but WordPress have now revealed that it was a critical update fixing a particularly nasty zero-day exploit – nakedsecurity.sophos.com/…
Important Security News
- A rare piece of good security news – an audit has found the most popular open source mail server, Dovecot, to be “near-impenetrable” – nakedsecurity.sophos.com/…
- The Court of Appeals for the second circuit has narrowly ruled not to revisit its decision against US DoJ and in favour of Microsoft over US government access to data in Irish data centres. This ends a case that could have set a very dangerous precedent granting the US government rights over data held in other countries (Editorial by Bart: this is really great news!) – nakedsecurity.sophos.com/…
- HummingWhale malware sneaks into the Google Play Store in 20 apps, is downloaded between 2 and 20 million times. The malware generates revenue by displaying fraudulent ads, and automatically installing apps. It uses VM technology to disguise itself. The malware also uses compromised Google Accounts to auto-generate fake reviews to drive its own ratings up in the Play Store – arstechnica.com/…
- Android users should be aware that security researchers have developed a tool that will allow them to break your pattern unlock in about 5 attempts. They need to capture video if you unlocking your device, but that video does not have to see any of your screen to produce just a handful of probable patterns. This would work in situations like coffee shops where the attacker could be sitting there sipping a coffee looking like they are playing a game on their phone, but actually videoing people as they unlock their devices – nakedsecurity.sophos.com/…
- Facebook adds support for Universal Second Factor (U2F) physical security devices (small inexpensive USB devices) – arstechnica.com/… & nakedsecurity.sophos.com/…
- Facebook launches Delegated Recovery – a mechanism 3rd party sites can use to make password recovery more secure. When delegated recovery is set up on a third party site, a recovery key is stored in a person’s Facebook profile, and if they forget their password on the third party site, they can authenticate against Facebook to recover their account. Assuming you properly protect your FaceBook account, this is much more secure than password recovery questions or password recovery emails. For now, only available on GitHub, but more sites are expected to be added – nakedsecurity.sophos.com/…
- President Trump’s controversial executive order on immigration has a much less widely reported clause about data privacy – US federal agencies must “ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information”. This casts a cloud of doubt over the future of the US/EU data sharing pack known as “Privacy Shield”. If Privacy Shield collapses, it will have a big impact on US companies with EU users. – nakedsecurity.sophos.com/…
- Apple have taken down their very useful activation lock checking service. Apple have not officially explained the removal of the tool, but a video online shows the tool being abused to get around activation lock on an iPad – www.macobserver.com/… & www.imore.com/…
- There is a zero-day exploit in the Windows file sharing protocol that affects all versions of Windows up to and including Windows 10. Thankfully, the real-world risk is probably low – the attack can only crash the affected server, and to be remotely exploited, you would need to expose Windows file sharing to the world, which almost no one does. – www.us-cert.gov/…
- RELATED – Microsoft’s PR response to the bug leaves a lot to be desired – arstechnica.com/…
- This week has been Tax Identity Theft Awareness Week in the US – www.consumer.ftc.gov/…
- RELATED – Brian Krebs looks at how easy it is to buy stolen W2 forms on the dark web – krebsonsecurity.com/…
- Editorial by Bart: the advice I’m seeing everywhere is to file as early as you can so your valid claim arrives before any fraudulent claims from the bad guys.
- Lego launches a social network that should be safe for kids – there is no free-text entry at all, and it is actively policed by Lego employees – nakedsecurity.sophos.com/…
Notable Breaches
- Yahoo suffers some consequences from their mega-beaches – Verizon have put their planned $4.8bn acquisition of the company on hold – nakedsecurity.sophos.com/…
- The ‘celeb gate’ hacker who leaked nude photos of many celebrities has been sentenced to 9 months in prison – nakedsecurity.sophos.com/…
Suggested Reading
- You’re the Fact Checker Now – medium.com/… (Stanford Alumni)
- Do I have to hand over bank and social media details at the US border? – nakedsecurity.sophos.com/…
- How Google Took on Mirai – krebsonsecurity.com/…
- Security researchers release new open source tool for testing Printer security, and find the state of printer security is disturbingly poor – nakedsecurity.sophos.com/…
- Why you shouldn’t trust baby health monitors – nakedsecurity.sophos.com/…
- Ransomeware app briefly infiltrates Google Play store and manages to infect at least one device – arstechnica.com/…
- Jeff Sessions (nominee for US Attorney General) says during his confirmation hearings that he wants to “overcome encryption” – nakedsecurity.sophos.com/…
- Hackers Post Cellebrite’s Smartphone Cracking Tools Online – www.macobserver.com/…
Suggested Bookmarks
That’s going to wind this up for this week. Don’t forget to send in your Dumb Questions, comments and suggestions by emailing me at [email protected], follow me on twitter @podfeet. Remember, everything good starts with podfeet.com/. podfeet.com/patreon, podfeet.com/facebook, podfeet.com/googleplus, podfeet.com/amazon! And if you want to join in the fun of the live show, head on over to podfeet.com/live on Sunday nights at 5pm Pacific Time and join the friendly and enthusiastic NosillaCastaways. Thanks for listening, and stay subscribed.