Tech Friday


  • "Cut the cord":
    • "In broadcast television, cord-cutting refers to the pattern of viewers, referred to as cord-cutters, cancelling their subscriptions to multichannel subscription television services available over cable or satellite, dropping pay television channels or reducing the number of hours of subscription TV viewed in response to competition from rival media available over the Internet such as Amazon Prime, Crunchyroll, Hulu, Netflix, Philo, Sling TV and YouTube Premium. This Internet content is either free or significantly cheaper than the same content provided via cable." - Wikipedia
    • Cord cutting can help you eliminate a hefty cable bill while still accessing all your favorite movies, shows and events
    • In the second half of 2018, 1.1 million subscribers left satellite and cable
    • In the first quarter of 2019, cable and satellite lost nearly 1.5 million subscribers
    • I cut the cord roughly two years ago and couldn't be happier!
    • Here's what you need to do:
  • Facebook admits that contractors are listening to some conversations:
    • Facebook recently revealed that contractors were paid to listen to clips of audio captured by it's Messenger app
    • This comes on the heels of similar revelations from Apple, Google and Microsoft
    • Facebook used outsourced staff to listen to and transcribe audio to determine if their AI based algorithms were correctly interpreting the audio
    • The Facebook data-use policy (DUP) includes no mention of audio
    • The DUP does say Facebook can collect "content, communications and other information you provide" when users "message or communicate with others"
    • Facebook said only users who permitted voice chats to be transcribed were impacted, and that the voice clips were anonymized
    • Facebook began allowing Messenger users to have their audio transcribed in 2015. "We’re always working on ways to make Messenger more useful," said David Marcus, in charge of the service at that time
    • Clips relating to sexual activity, drug deals, and other sensitive content have been captured
    • Research has shown that personal digital assistants have activated even when the "wake" word was not spoken
    • Facebook has said "we paused human review of audio more than a week ago" in light of the controversy created by this admission and those from other tech titans
    • Check out this article by Geoffrey Fowler about fours years of his Alexa recordings:https://beta.washingtonpost.com/technology/2019/05/06/alexa-has-been-eavesdropping-you-this-whole-time/?noredirect=on
    • Don't assume that anything your say is private if you use these services
  • New Windows warning puts millions at risk:
    • Critical warnings for Windows emerged from DEFCON 27
    • Eclypsium researchers found an issue that applies "to all modern versions of Microsoft Windows"
    • The issue is a common design flaw in device drivers from multiple vendors including Intel, NVIDIA, and Toshiba
    • This includes 40 drivers from 20 vendors, including every major BIOS vendor
    • These are officially sanctioned drivers from trusted vendors, signed by trusted certificate authorities and certified by Microsoft
    • Eclypsium’s team was investigating using drivers to attack a device
    • They said "Drivers that provide access to system BIOS or system components for the purposes of updating firmware, running diagnostics, or customizing options on the component can allow attackers to turn the very tools used to manage a system into powerful threats that can escalate privileges and persist invisibly on the host"
    • Eclypsium stated there are "multiple examples of attacks in the wild that take advantage of this class of vulnerable drivers"
    • The Eclypsium research said "there is currently no universal mechanism to keep a Windows machine from loading one of these known bad drivers"
    • Microsoft said, "In order to exploit vulnerable drivers, an attacker would need to have already compromised the computer. To help mitigate this class of issues, Microsoft recommends that customers use Windows Defender Application Control to block known vulnerable software and drivers"
    • Microsoft also recommended enabling memory integrity for devices that support it in Windows Security
    • You should scan your devices and apply the patches as soon as possible
    • Read the full report here to see the list of vendors:https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/