Craig Peterson: This is a concerning report. At least it is concerning to me and it should be to everyone, frankly, but despite Colonial Pipeline to attack the likelihood of utility sector hacks has increased as was evidenced just this week.
[00:00:15] I wish I had thought of this one because it’s just so simple and those are always the best, right? The simple ways to really work around a problem. And I’ve brought you a few before where we talked about some of the VPN stuff. We’ve talked about different types of security, this particular one, though, I think takes the cake.
[00:00:36] It’s absolutely amazing. If you get right down to it and think about Russian hackers, real Russian hackers, not the fake ones, not just the white house saying that’s Russia and it’s really China. And then it sometimes frankly, between you and me, it’s hard to tell because. The Russians can easily use
[00:00:58] They’re available to almost any hacker out there that bothers to go out of their way to grab them. And the Russian tools are much the same way. So the way you figure out whether or not it might’ve been China or Russia, Or a particular hacking group or another is to look how they behaved when you’re there in yeah.
[00:01:17] Your computer system. So let’s say you think your computer got hacked. You might look for different pieces of software or names of files or where they went, how long they were there and what kind of ransomware might they’ve used on yours, computer, all of those types of things. Give you a serious clue as to who it was and where they came from.
[00:01:42] You can’t really tell where they came from. You can look at the IP address and a lot of people say that. Why don’t you just look at the IP address? The reason you can’t obviously you can look at the IP address, but the reason you can’t depend on that in order to determine where someone’s coming from is just like they showed in the movies where.
[00:02:02] They’re trying to back trace a phone call or back trace something, and it shows up on this big world map on this huge screen. That’s bigger than. A 20 foot wall and it’s showing a little dot. Okay. Here’s OS and oh, and came in from Des Moines. Okay. Okay. Before that they were in London. Okay.
[00:02:22] Before that they’re in South Africa, they were in Russia and they were in Vancouver. You’ve seen that. And it shows the dots popping up and the lines being drawn between them. That is not possible. Certainly not in real time, but it’s really not possible at all. Because all you have to do is have a hacker take control of a few dozen computers around the world and use them to hack you.
[00:02:51] So that bad guy is now using dozens of people’s home computers, which have no real logging. No, one’s really paying attention to them. You’re using it for gaming or maybe a little bit of work, email, web browsing, all of that basic stuff. So you’re using it for all of those things, but you’re not securing that computer tightly.
[00:03:16] So they’ll just use it. If they want to attack from North Korea, they can easily hop through a few different computers and then end up on a computer in Russia. And now it was like, it’s coming from Russia. It’s really that simple. And they have these botnets to do that. Very thing. Yeah. That’s why I keep telling everybody, make sure your computer is up to date that it is in fact patched up and the bad guys are less likely to be able to use it because your computer can be used to hack somebody else.
[00:03:51] It can be used to bring a denial of service attack against someone. The distributed denial of service attacks are way up this last year. It can do a lot of things that frankly, it should not be doing. So that’s why I’m always warning you guys. Cause you don’t want your computer to be used in a crime. So we can’t tell where these hackers are necessarily coming from, but what Brian Krebs revealed this week, I thought was absolutely brilliant.
[00:04:24] Apparently many of these ransomware guys are in fact in the Commonwealth of independent states. And that includes a few different countries, Russia, Ukraine, Kazakhstan, Turkmenistan all of these stands over there. And some others
[00:04:40] Craig Peterson: it’s the former Soviet union countries. So they’re part of this Commonwealth of independent states.
[00:04:46] And if you’re living in there, let’s say you’re in Russia and you’re in Moscow. And you’re using computers. You’re sending out ransomware and you wanna make some bucks off of it by charging people a ransom. You need to be darn careful that you do not ransom any Russian computers or in fact, any of these Russian affiliate computers.
[00:05:11] Because if you do, you’re going to have the gremlin coming down on top of you. They do not take kindly to it. And I don’t know if you’ve seen any of these Russian. Prisons jails doesn’t seem like place. Most people would want to end up at some pretty bad places and you don’t stand a chance.
[00:05:29] Okay. So the bad guys are trying to be careful. So if you’re sending them ransomware, that’s indiscriminate, I’m not talking about a dark side going after colonial pipeline where they’re aiming at colonial pipeline. There. Aiming at one specific business. Cause they know that business has money to pay. And you got to ask yourself, why did they aim at colonial?
[00:05:54] Was it just because of the money? Because they knew they could pay. Because we’ve had water plants, ransomed police departments, Ranson. We just had meat, the largest meat processor in the world. Branson is this a pattern where they’re checking our critical infrastructure, the ability to put fuel in our vehicles.
[00:06:17] The ability to have electricity. I have food. Is that what’s going on? I really don’t know, but I can tell you almost all of the ransoms that are out there are indiscriminate. So you can’t just sit there and say I’m not going to get ransom because I’m not colonial pipeline or I’m not a meeting.
[00:06:33] Packer, et cetera, et cetera. It’s not gonna affect me. I’m too small. No one cares about me and I can get my business back online in a day, a week at the most. And you may be able to, okay, but you are still the target because almost all of this ransomware is random. Basically it’s distributed in emails, sent out to millions of people that have no idea where it’s gonna end up at.
[00:06:59] So let’s say that you get this ransomware and you open it up and it’s a business and all of a sudden you get ransomed. How does the ransomware know if you are in the Commonwealth of independent states? How does it know that your businesses in Russia or Kazakhstan or Armenia or one of these other countries.
[00:07:23]Basically it, it doesn’t. And I’m I know I’m going to get, let me just double check Armenia here, because I know I’m going to get all kinds of flack from people. Yeah. All camera and yet Armenia is part of it. It doesn’t know. Or at least it doesn’t know if it doesn’t check and that’s the beauty of this, but Brian Krebs did Brian Krebs came out and said, and I think he got it from someone else too, but he’s the one that really populated it, our populated popularized it.
[00:07:56] What this ransomware software parently does is it looks at your computer for something very simple. Now what could you look at if you were writing ransomware? What might you want to just check real quick? That’s a real quick check. You can see if you are probably within the Commonwealth of independent states or maybe you’re on a computer in a Russian embassy in the United States, which you also don’t want to hack while why don’t you just look at the keyboard?
[00:08:27] Apparently, that’s what they’re doing. They look at the keyboard of the computer when it gains control of the computer. And I’m not talking about the physical keyboard because many people worldwide use a us standard keyboard, but. What they’re looking for is a keyboard. And when I’m saying a keyboard in this case, I’m talking about a virtual keyboard in one of a few languages, including Russian isn’t that something.
[00:09:02] So they looked at this dark side, ransomware and cyber reason did some reverse engineering on it and he found. Which languages you can have virtual languages on your keyboard. Now you might already have them. I’ve got French on mine, as well as English. You might have Spanish. I don’t know.
[00:09:23] There’s the Chinese, there’s a lot of the Mandarin. If you have Russian Ukrainian, Armenian, or a number of these others, Romanian, any of those languages that are part of, again, this Commonwealth of independent states as former Soviet union on your computer as a virtual keyboard. Yeah, it doesn’t have to be a real keyboard, just a virtual keyboard.
[00:09:49] This particular piece of nastiness, this ransomware from dark side will immediately shut itself down. Isn’t that amazing? So simply put, there are countless versions types, strains of malware that check to see if you have one of these languages installed on your system. And if they’re detected, the malware will immediately exit and will not even install itself.
[00:10:20] Isn’t that something. Yeah. So whether or not we can absolutely tell if something’s from Russia or China or North Korea or someone somewhere else. We do know that having one of these Russian keyboards or again, one of the stands, et cetera, keyboards on your computer. Will short circuit, the ransomware and a won’t even install itself.
[00:10:47] Isn’t that just amazing. So look in your newsletter. That’s coming out this weekend and have a look and I’ve put together a whole thing about this, a little video. You have to watch Craig peterson.com.
[00:11:02]This particular app is called citizen and we’ve seen apps. There’s millions of them out there nowadays. The do almost anything. Absolutely. Anything, and this particular app, you can find online. I’m going right now to their website. It’s called citizen.com and it looks like their initial idea was that they would have an app that would allow kind of citizen reporters.
[00:11:31] So you could just go and you could be like a journalist and take videos and post them up. And other people could go and look at what’s happening with the house fire or, yeah. Fire hydrant that got crashed into rescues, all kinds of stuff. It’s really cool. I liked that idea, but they’re saying that they want you to connect and to be able to live more safely.
[00:11:58] This is a personal safety network that empowers you to protect yourself and the people and places you care about. It’s really cool. They added into it. Some COVID-19 contact tracing real-time nine 11 alert, instant help from crisis to reap crisis reporters and safety tracking for friends and families.
[00:12:19] Now we use a, an app as well for safety tracking called life 360. And it’ll know if you’re in a car accident. And in fact my wife and I, we were out driving and we had a carb or our car broke down the. Whole front assembly of the car, the electronics, and it stopped working for some reason. So the fan wasn’t blowing and it was fine though.
[00:12:47] We didn’t notice anything all winter long, and then here comes summer and we’re stopped in traffic and all of a sudden the car overheats. That’s why. And so we called. Had got a hold of a tow truck who came and told us. And ultimately we got that whole thing fixed, but what amazed me was that this life 360 app sent a text to the family, letting everybody know that we were okay.
[00:13:15] The car’s being towed. I’m not even sure how it knew the car was being towed, because we did not use the life 360 app in order to get a tow. It was really quite surprising because it’s included, towing’s included with this app. So there’s all kinds of cool ones. There’s lots of them out there that do this sort of thing.
[00:13:35] Of course, if you have apple gear or your family, you can automatically track them, see where they’re at and what’s going on. And. This particular app can do some of those same things, but they’re really focusing in on safety. They have a cool site. If you go and check it out email@example.com and on their site, they’re talking about you real time safety alerts for your neighborhood.
[00:14:03] So there’s a Burr burglar that’s just broken in and they’re showing a picture of New York city, which I think it makes a lot more sense there than it does in Podunk new England. Okay, where we’re yeah, things can happen, but they’re very rare. And it’s not as though you’re going to try and avoid it because you’re not in that area anyways.
[00:14:24] Anyways, they know it and they are saying, Hey know, the whole story faster. So that’s the basics of this particular app. But. Here’s where it has crossed that line with mission creep. Apparently they want to be in the police business. And this is from a website called tech dirt. They’ve got all kinds of great technology articles, Tim Cushing put it together, but he’s saying that the app developers have purchased at least one fake police patrol vehicle.
[00:14:58]They’re out in LA. They co-branded it with Los Angeles professionals security and they’ve been driving it around Los Angeles, California. Now take a firstname.lastname@example.org. I don’t know if it’s. If it’s a blogs to those citizen guides, it’s a nice site. So it might, they very heavy graphical site and showing their services.
[00:15:23] So I’m guessing it’s not, I think this is a third party, so that they’ve co-branded it with them. But the question is how far should private companies be able to go in the business of enforcing the law? Because in most cases, I think most people would say, no, that’s really not something private businesses should be getting into.
[00:15:47] Law enforcement is something a little tricky. And we know that now because of all of this stuff has been going on with law enforcement, should we, do you fund the police? Where should we put in our money? All that sort of other stuff? These guys are citizens. Apparently citizen apparently have always been willing to blur the lines between government employees police department and their app because it debuted as vigilante.
[00:16:18] That’s where it started. It was an app developed by this American technology incubator back in 2015. And they changed it from vigilante to citizen. But apparently some of the motivation behind this just hasn’t changed, which is scary when you get right into it. They are also one of these. Bug companies that is trying to have kind of an on-demand security force.
[00:16:49] Now, I don’t know how much history you guys know, particularly in this case, I’m thinking about fire departments and in many cases, in many areas of the us, the government did not run the fire department. So for instance, we’re talking about the You know your town, right? Nowadays your town probably runs the VAR department.
[00:17:11] You may have private or contracted ambulance services. But these guys are doing something that was done in New York city around the turn of the last century, where and before, where you would contract with a private organization that. You paid and they would provide you with fire department type services.
[00:17:37] So you’d put a medallion there on your front door or a door jam. And that medallion was for the fire department that you signed up with. Now, in some cases that fire department might be at the scene of a fire, but the place that’s burning. Was not contracted with them, so they didn’t bother doing anything.
[00:18:01] And the whole place burned to the ground. Interesting. Isn’t it? Because you, you have to ask, what are the motivations behind it? If it’s a public fire department that your town is running, they have one would assume an obligation towards all of the citizens of their town, but they would certainly go and help mutual aid.
[00:18:23] Another town. Same. Thing’s true with ambulance services. Cause I was involved with it. So a little bit about it, but leaked emails. This is according to vice.com are showing that this crime app citizen is testing on demand security force. What could happen is you’re using the app and you decide you want some security to show up just like he might rent private security, for an event that you’re holding at your home, you could say, ah, here’s an incident.
[00:18:57] Now think about the incidents that the police respond to. It’s everything from his dog took a Wu on my lawn all the way through she’s beating her husband. Okay. All kinds of things could be happening, but. We’ll see what happens. I think that this is mission creep. I think it’s gone a little too far.
[00:19:19] I don’t think our police departments are getting the support they need from some areas of our communities. And thank goodness we don’t live in the big cities or some of us live in the big cities that are listening, but most of us are in much more rural settings where we don’t have the same problems.
[00:19:39]We’ve got fact checkers that are more like opinion enforcers and Florida has had enough of it. Florida has just passed a law, a ban on band. We’re going to talk about that right now. And does it cross the line?
[00:19:55]Florida is pretty upset with what happened in this last election. And more importantly, they’re upset. At least the lawmakers with these bands that have been going on. Of course by now Facebook and Twitter and others have decided that they, and they alone are the arbitrators of what is right.
[00:20:20] What is wrong? What is true? What is false? What is fake news? What is not fake news? And they have appointed a number of people. Most of them pretty darn young, who get to decide whether it’s true now. They don’t have to these truth moderators, if you will, don’t have. To bother researching something.
[00:20:43] Oh, heaven, bad. Why would they want to research something that president Trump or some other conservative or libertarian would say? No, of course not. So they don’t even bother doing a basic duck. Duck, go search little on a Google search to try and figure out whether or not something is. True. These fact-finders aren’t finding fact and many people have had enough of it.
[00:21:15] So Florida had a Senate bill, 70, 72 that they passed and it provides several new checks. And balances on technology and social media companies. So I want to go through the top ones here. This is an article over on tech crunch, but they’re saying number one, among other things, platforms cannot ban or de prioritize candidates for state office.
[00:21:46] Now that’s a big one because they have been somewhat. Some of these districts, not just in Florida, but nationwide where it looked like the conservative was going to win all of a sudden a week or even a few days before the election. That’s when they usually do most of their ad buying and spending.
[00:22:05] When people are finally paying attention in those last few days of a campaign, they get banned. So they are say explicitly saying you cannot ban state office candidates. Number two platforms. And remember mark Zuckerberg said that he was never going to do that. I remember that quite clearly, as long as my memory is still working, platforms cannot ban or de prioritize any news outlet, meeting certain size requirements.
[00:22:37] In other words, Hey, you don’t have to report everything from Joe’s media, but you sure as heck have to from AP or Fox news or any of these others. Platforms number three must be transparent about moderation processes and give users notice of moderation acts actions. Now this is a very big deal. Because the moderation processes are anything but transparent.
[00:23:07] As I said, near, as we can tell, it’s a bunch of teenagers who don’t bother doing any actual research on the facts or the science, they just go for it and band people in band things. One of my daughters last week. Posted a little article w actually, I guess it was a repost of an article and she made a comment on it and it disappeared from her timeline.
[00:23:34] Now I asked her what it was about and she said then this is what it was dad. And not a big deal. I don’t know why they would ban it, but they did. And they did not notify her at all. So they didn’t tell her. And apparently they’re not telling, as we’ve heard from so many people, they’re not telling anybody who is in political office, why they’re being banned or that something was banned or quote unquote moderated.
[00:23:59] They, this is just getting crazy again. It has to do with companies getting to. Darn big. Now we’ll get into that in just a minute. And then the fourth thing is users and the state will have the right to Sue companies that violate the law. Statutory fines could be as high as $250,000 per day for some offenses.
[00:24:22] I think that part of it, frankly, is probably a pretty darn good idea. So I’m I just said they get too big. They’ve gotten too big and I’ve been complaining about a number of companies for a long time. Most of these companies got started using nefarious techniques. They really did, and it’s easily arguable.
[00:24:45] It has been argued in court and these bigger companies, they were talking about these tech companies, social media companies, they have lost their cases in court. Not every case, obviously, but they have lost in court. They do some pretty nasty things to get started. And then once they’ve got the momentum, they use the money in order to keep everybody else out of the business.
[00:25:13] It’s crazy. We’ve talked about that before these multi-billion dollar valuations for companies that are starting to threaten Facebook’s dominance. Now a company that should be worth maybe 10 or $20 million, Facebook pays over 1,000,000,004, just so that they can make sure they get their hands on it. So how do we deal with this?
[00:25:34]I don’t think government regulators usually help a lot here because all the regulations they put in place just to make it better for the big guys, is he, it goes back to a barber’s license. I want to go all the way back down to a barber’s license. If someone knows how to cut a hair, why do they need a barber’s license?
[00:25:53]Really, buyer beware, but a barber’s license only does one thing. It’s like a medallion for a taxi in the city. It allows. The group, the union of taxi drivers or the barbers who are in a state to say, we don’t want any more barbers because that’s going to drive the price down. So we are going to make sure the state limits the number of barber licenses.
[00:26:20] So it isn’t really about we want to make sure that your taxi ride is safe in New York city. No, it’s about. That medallion, that license, that taxi driver has to drive a taxi in New York city. It’s about that medallion being worth $1.2 million. $1.2 million to have one cab in New York city. Tell me there isn’t corruption there.
[00:26:44] So I don’t like the idea of the government trying to regulate these huge tech companies, because the big companies can handle the regulation. It’s Amazon’s been out saying yeah, we need to tax the internet tax internet. And there are almost 10,000. Unique taxing entities in the United States of America.
[00:27:04] So how can you as an individual worry about all of these rules and regulations and withhold the right taxes and send them to the right people and fill out the right forms. You can’t. That’s why you have a store in Etsy, but Amazon can, and it keeps everybody else out of the market. A small company cannot compete because of the regulations that were put in place that Amazon supported and got put in place to keep all of the competitors out of the market.
[00:27:37] Absolutely. Very big deal. And so now we’ve got Florida saying. Hey guys, we’ve got to do something about this, but there are obviously some first amendment issues here. Although the first amendment is primarily for government. We do have a general right to free speech. I think a lot of conservatives get it wrong.
[00:27:59] It isn’t, the corporations don’t have to honor the first amendment because I think that is integral to everything we do
[00:28:08]Boy, Arizona has been in the news a lot. And I’m going to talk about another lawsuit that Arizona’s involved in, and this has to do with Google tracking you, even when you turn off tracking.
[00:28:22]Amazon has all kinds of great devices. I talk about them. Quite frequently, I have a couple of echos in my home and I tend to use Apple’s home kit based devices. When they’re available. Siri has a completely different. Approach to how to process languages than Amazon or Google do. So for instance, what apple does with Siri is it tries to process what it’s hearing locally.
[00:28:50] So when you’re talking, when you’re asking questions, et cetera, it’s really running right there on your apple watch or phone or pad, tablet, or computer, whatever it is, they try and do the processing locally on your device. And
[00:29:05] Craig Peterson: helps keep it private. Amazon and Google are quite the opposite. They want to know everything that’s going on.
[00:29:13] So when you say Alexa, or Hey, Google, they both start listening. They record the audio and they send it on up. To the internet and once it’s there and their servers, it turns it into of course text. And then it uses a kind of a machine language machine learning thing to figure out what it is you mean, and then give you the answer.
[00:29:37] And that’s why many times the answers you’ll get from either Google home or the Amazon Alexa family. Those answers tend to be a little better, much of the time than what you get from apple. Apple is continually improving their technology. But again, remember apple tries to keep our data private, which I think is very important to you.
[00:30:02] And to me, no question about it. So what is happening right now is Amazon says You’ve got a, an echo or whatever might be like one of those ring doorbells at Amazon now owns. And we’ve talked before about those being tied into police departments, thousands of them now across the country, where they can look at the video, coming from your doorbell to try and figure out who might be committing a crime in the neighborhood.
[00:30:31] And there’s good and there’s bad tobacco, just like most other things. So that doorbell. A ring doorbell has built into it, some wifi connectivity. So it will connect to the wifi in your home. So does obviously the echo device, we guess it doesn’t even have anything net port on it. You have to connect it via wifi.
[00:30:55] So if you’re connecting it via wifi, Amazon’s thinking maybe what we should do is share your wifi with other people. Now, this concept is called a mesh concept and it’s pretty common. It’s pretty popular.
[00:31:13] Craig Peterson: are many people who are thinking that the mesh is going to help ultimately with these automated cars driving around.
[00:31:20] But in reality, the whole mesh thing in this case is without your direct consent sharing, the data you have, not just with your own devices, but with anyone’s. Amazon devices. Amazon’s calling this Amazon sidewalk and this whole new mash network and service is going to share, a fairly small slice of your internet bandwidth with nearby neighbors who don’t have connectivity.
[00:31:53] Don’t have the connectivity you have. So obviously this is going to affect people more in dense. Urban areas or at least denser areas where there’s a lot of people around and you want to have your Amazon echo, but you don’t have internet service. No problem. You can just piggyback on somebody else’s internet service.
[00:32:14]I’m not sure I like that very much. So I went in and turned it off and I’ll tell you how to do that here in just a minute. So the other quest side of this is well, How helpful should you be? Could you be right? Aren’t we all socialists now is not the idea. You’ve got the AOC driving her high-end Tesla, the one with the extended range.
[00:32:38] And yet at the same time, she’s complaining about her mother in Puerto Rico who didn’t get government funding because of what Trump did. So instead of selling her Tesla, in other words, instead of helping her mother out nano, she’s just going to complain that the government didn’t right. I guess that’s your typical AOC, maybe your typical socialist, but here’s what we’re talking about here.
[00:33:00] All of the Amazon devices that includes the Alexa, the echo, the ring there’s security cameras, outdoor lights, motion, sensors, and tile trackers are going to enroll. Into this Amazon sidewalk system. And since very few people, I mean like a handful actually take the time to walk through the default settings.
[00:33:25] That means millions of people are going
[00:33:28] Craig Peterson: be automatically in this program, whether they know about it or not. It’s I guess it’s concerning, right? I think if it’s informed consent, that’s one thing. But I don’t know on the other side now let’s talk about the service itself here for a minute before we get into whether or not you should turn it off, but it is a shared network.
[00:33:51] And it does help. The various Amazon devices work better. Amazon’s not charging customers for it, but other people, Amazon customers might use your bandwidth and Amazon is not paying you or compensating you new in any way for that bandwidth that you are paying for. It’s going to extend the low bandwidth working range of all of these Amazon devices to help find pets, for instance, tile trackers, which is an interesting thing in and of itself because Amazon came out with the competitor to tile.
[00:34:26] That’s going to be much, much more successful than tile ever was. I think this might be the main reason. Yeah. Behind this. It might be spurned it along. I have a friend who’s a video videographer professionally. So what he does it for news networks and he was heading over to Israel to be stationed over there for one of these networks for number of years.
[00:34:51] Yeah. And he asked me about Tyler. He says, oh, I don’t want to lose anything while I’m over there. So I get tile. The way tile works is it uses low power Bluetooth, and you attach this little device, it looks like a little tile. It’s a small rectangle. You attach it to something you don’t want to lose. And so the low powered Bluetooth.
[00:35:12] Is now used to connect to other devices that can talk to tiles. So if you have an iPhone and Android, whatever it might be, and you have the tile app on it and you walk by someone else’s tile, it will go ahead and inform the owner of the towel. We found it’s over here. That’s cool, isn’t it? But the problem is someone else with the tile app needs to walk by the tile that has been lost.
[00:35:45] Now, most of the time, we’re just looking for our keys in our houses, but in his case, he was thinking I’m going to be in Israel, who knows where I’m going to end up leaving stuff because I’m a videographer and I might drop things as I’m going. And it could be a bit of a. Problem while it’s not going to do you any good, unless someone that also uses tile walks by closely to your loss device.
[00:36:12] And that’s the same way that it works with apple, with their new little tile type devices, but in the apple case, it works because every iPhone in the world participates in this little network to find your lost devices. That’s a big plus tile doesn’t have that. So now with Amazon sidewalk, Being able to now detect tile devices from many millions of devices more than they could have before.
[00:36:44] I think it’s going to be a very big deal. So if you have a tile tracker, it’s going to be good. And a lot of people use them also to find their pets that might take off every once in a while. It’s going to help. Devices stay online, even if they’re outside the range of the home. Why fi they’re talking about having special sidewalk, enabled devices, like smart security and lighting and diagnostics, appliances and tools.
[00:37:11] So the biggest question I had when it came to sidewalk and whether or not I should turn it off really was is it secure and how much bandwidth is it going to use? The maximum bandwidth of a sidewalk bridge to the sidewalk server is 80 kilobits a second. So that’s hardly anything, frankly. That’s about a 40th of the bandwidth that you choose to stream a high Def television video.
[00:37:38] But remember too, that this bandwidth might be down. It also might be up and et cetera, but it’s still, it’s a very small amount. They also are capping the amount of bandwidth that’s used by sidewalk per account per month at 500 megabytes. So that’s streaming again, about 10 minutes of high definition video.
[00:38:00] It isn’t too bad. We’ll see. Now, as far as the security goes, that’s where it gets interesting. It doesn’t make things worse either. Amazon’s published this white paper that details that technical innards of this. The sidewalk service and it looks like it is designed to protect the privacy and security of Amazon sidewalk.
[00:38:26] So the paper’s pretty comprehensive. No, I haven’t seen anybody. I did some searching for it. I haven’t seen anybody complaining about encryption or other safeguards that may be were overlooked, but there’s enough theoretical risk to really give. Me pause. So that’s what I did. If you open your Alexa app on your mobile device, you can go into the settings and you’ll find sidewalk in there.
[00:38:55] So you’re going to go to the Alexa app. You’re going to open more and select settings and then your account settings and then Amazon sidewalk. And you’re going to be able to turn it off. That’s what I did. I think maybe that’s what you should do as well. And I’ve got that in this week’s newsletter. Make sure you sign up.
[00:39:15] Craig peterson.com/subscribe.
[00:39:21]This is amazing to me. I can’t resist these types of articles where we’re using technology to substantially help people. And we’ve talked about people who are locked in and what we’ve done, that we being the technology community to help them in various ways.
[00:39:39] Of course, you’re probably familiar with Stephen Hawking, just a great intellect in the science field. It doesn’t sound like he was such a great person otherwise, but that’s another story entirely. And what’s been done for him. We’ve been doing a whole lot of research on brains brainwave patterns.
[00:39:58] How can we interfere? What can we do? So for instance, it’s something you’re probably familiar with rush Limbaugh before he passed. You might remember he was losing his hearing. And that caused his voice to change because he no longer had the ability to hear himself speak. In fact, right now I’m sitting here talking into a microphone and I have headphones on so I can hear myself as well.
[00:40:26] I actually don’t feel comfortable not hearing myself. Isn’t that something right. Oh way back. When I first started doing video stuff back in college, I didn’t want to hear myself. And now I have to, so I can keep quality control right on volumes and home speaking, making sure I’m not popping the microphone.
[00:40:46] Okay. And you notice that it didn’t pop very well. That’s good. Or a hissing NASA’s and other things. So he had a harder time. Being understood because of this. And he got a cochlear implant. Now I’ve been paying a lot of attention to the inner ear lately because I’ve been having some issues with my inner ear.
[00:41:07] I even got one of those huge charts. Like you might seem the doctor’s office, naughty ologist office showing all of the working parts inside the ear. It’s fascinating. What happened with him? I’m not entirely sure, but I do know how a cochlear implant works and that is you have, in his case, I’ve surgically implanted behind his ear, actually behind and above his ear, a little receiver.
[00:41:37] And that receiver then sends electrical signals into ultimately the brain. So it does it through the cochlea, just like the normal world, but he had to learn how to hear again. He had to learn how to speak again, but he already knew how obviously, and so having that cochlear implant made a huge difference to him.
[00:42:01] And then what he did is he would hook up externally. On this receiver on, that was in his skull embedded in his skull a magnetic interface that tied into some external equipment that had the microphones and things. So he could hear very cool. I’m looking right now at an article from ARS Technica, John Timmer about this gentleman who was blind.
[00:42:27] Kind of still lives, but he was absolutely blind. He could tell that there was a little bit of light, but that’s all he could tell. He couldn’t make out anything. And they did a whole bunch of tests before. And after that, I’ll share with you that are just phenomenal, but they were able to do all of this using an engineered virus and some external equipment here.
[00:42:53] So looking again at how our nerves work throughout the body, you might remember you’ve got these electrical impulses that are created through these ion channels, which let the ions flow in and out of the cells, but controlling the flow of these ions can really give us some more opportunity to do things.
[00:43:14] We couldn’t do any other way. There’s some channels by the way, that are made by bacteria and other organisms that don’t have nerves, but that’s not what we’re going to worry about right now, but they’ve discovered the channels that only allow ions to flow after being triggered. By light of specific wavelengths.
[00:43:35] What that means when we’re talking about light and wavelengths, we are talking about yellow or blue or red, right? Each color has its own frequency. It’s own wavelength. So when you’re talking about late wave length, you might be talking about meters. If you’re in the ham world all the way on, down through nanometers, if you’re in the computer world, but every light, every shade has a specific frequency.
[00:44:05] So finding these ions that were sensitive to specific frequencies was a huge win and light activated nerve activity. Of course is part of everybody’s normal biology and it’s being done in our eyes. And then it goes through the optic nerve to the center in the brain that processes all of that stuff.
[00:44:27] In fact, some of it’s even processed in that nerve and then the eyes itself, but they have used a life light, sensitive channel and some specialized goggles that allows someone who is otherwise blind to be able to locate objects. So we’re not talking about yeah, that is a yellow lab, but. As in an, a dog they’re talking about being able to.
[00:44:53] Identify where objects are and they did some tests on it, which is very cool. So this research team in France engineered a virus to carry this light sensitive channel and they marked the virus with a fluorescent protein. So researchers could figure out which cells the viruses were actually infected.
[00:45:13] Dean and they injected it into the volunteers. I of course, completely blind. So he didn’t mind were there. Some of these infected cells included the nerve cells that carried the information through the optic nerve and into the brain. So you see what’s happening here now. So basically what he’s doing is infecting some of these nerves so that they can become sensitive to this light where they weren’t sensitive before.
[00:45:43] Which again, just very cool what they’re doing. So these aren’t the same as these fancy cells, the rods and cones and things that we have in the back of our eyes to sense light, but it did convert these cells and delight sensitive nerve cells. And this particular channel, not too sensitive, too much light it’s primarily yellowish colors.
[00:46:06] So what they did then is they hooked up the computer to it. They compensated for it. So think about old movies, black and white movies, or maybe SEPA movies. And. They’re really, there’s very few colors involved in various shades of gray or various shades of way back when, so they use the computer to process the visual information from the goggles through the goggles to match the frequencies that he could see.
[00:46:38]Very cool. So when they were, when they sat this guy down and I’m looking at a picture of him with a one of those hats on, that measures all of your brain waves about when they sat him down, after some of his visual perception was restored. He was able to reach out and grab objects with a 92% success rate.
[00:47:03] Now, when there were multiple objects on the table, he was able to count them correctly over 60% of the time, which is phenomenal because you remember all they could do before was see, yeah, there is light out or there is no light out or it’s a very bright light, right? Or there’s no light. So it’s very cool.
[00:47:23] And the authors of this study are suggesting using the viruses fluorescent tag to really help explore this more. What other cells could they in fact, do they need to use a different type of virus? What are they doing? So even though I’m not into virus and manipulation and gain of function research, I think this is absolutely amazing.
[00:47:47]So speaking of technology, speaking about some of the problems that we have a very big reliant on electricity. Most of us don’t have big generators. I think frankly, most of us don’t have generators at all. I do. I’ve had generators since I moved back to new England.
[00:48:10] 35 years ago or so 30 plus years ago, because we do lose power here. We get these winter storms that get nasty, even in the summertime with these big thunderstorms, the big wind. Sometimes they’ll blow over trees they’ll cause nothing but headache for all of us. So it gets to be a real problem. Texas had a real bout of that.
[00:48:33] You might remember they had major problems with wind generation and even some of their other plants. Nuclear dropped a whole bunch of megawatt generation and they. Really we’re in a tough spot, but it’s now come out that they were in a tougher spot than any of us really fought their days long power outages during February or deep freeze, it could have easily stretched out into weeks or even months.
[00:49:07] Thanks to a failure of what’s called black start. Generators now, you and I, we have a generator. If we cut over to it, we’re obviously disconnecting ourselves from the street power. And now we are switching over to our generator and most of the time the generators are big enough to handle a few circuits in the house.
[00:49:29] So maybe it’s providing power to the pumps in your, and fans and your furnace. Maybe it’s providing power to a few light switches or TV or things. Most people don’t have huge generators. Like I do. I’ve got a hundred kilowatt, three phase generator here set up for the house, but I also have a lot of equipment at the house, a lot of equipment, but we won’t go into all the details, but I can run the whole house on the generator, which to me is an important thing to be able to do.
[00:50:04] How about when the grid loses power? How about when a plant goes down, whether it’s burning things like wood waste products nuclear or gas turbines. Even of course we lose power from water generation plants. And what happens if those go out? What happens if the power? Cause we get a lot of power down from the LG projects up in Quebec.
[00:50:33] What happens if that power goes away? How do we turn it back on it? Isn’t as simple as what we do in the house, because remember in the house, we’re actually interrupting the power as we switch back and forth. And if much about electricity, That there is this sign wave, right? That goes up and down.
[00:50:50] And that side sine wave runs at 60 cycles per second, 60 Hertz. And that 60 Hertz signal gets interrupted when we switched from our generator to the street, because those frequencies don’t line up. It has to be interrupted. There’s other reasons as well, but for the home stuff, but it has to be interrupted because we are not.
[00:51:14] Synchronous with the power grid. Think about the power grid itself. All of the places we’re getting power. We’re getting them now from people’s rooves, we’re getting them from small windmills to large windmills were getting them from Canada in the form of DC that we have to then change over to AC and sync up with our power grids.
[00:51:38] There’s still nuclear power coming from right out in the Portsmouth area, New Hampshire. We’ve got it all from a bunch of different sources and they all have to be. Absolutely in sync. If they’re not, you’re going to end up burning out some of these power generation systems and that’s really a bad thing, right?
[00:52:01] You could melt wires. You’re going to completely blow breakers and blow them in such a way that it’s going to have to be replaced. Not just you blew it. And a trip Texas, who was in a position where they were just minutes away from losing the grid. Minutes five minutes or less. That’s how close it came.
[00:52:24] Then their power. They were able to get some of it back and keep things going. But what happens when the grid fails and it does fail. Look at what happened in 2004 here in the Northeast, primarily affected New York city and New York state, but it did affect Connecticut as well as Rhode Island, parts of mass.
[00:52:46] We lost the grid. In order to get that grid back online, we have to synchronize everything. And that’s what these black start generators are. And we have them in new England, ISO new England is the name of the grid that covers all of new England and they have all kinds of. Plans in place, you can get approved to be a black star generator.
[00:53:11] No, you and I aren’t going to be approved. I’m pretty sure that cause the costs started about a million and a half and go up to about $30 million. But the idea here is these black start generators are extremely big generators and they are used to start synchronizing the grid. If the good word to go down, if it were to fail, we would start by having a black star generator that now is giving that 60 Hertz frequency that the next plant can start coming online and synchronize itself with that.
[00:53:49] And then the next one. And then the next one, that’s why Texas is saying if we were to actually lose the grid, it would take weeks, right? Maybe even months to come back online. And that’s because more than half of Texas is a 28 black start generators more than half of them. Which are absolutely crucial to bring a failed collapsed grid back online, more than half of them expected outage or experienced outages themselves.
[00:54:21] That’s according to a new report by the wall street journal. So of the 13 primary generators, nine encountered trouble as did six of the 15 secondary generators acting as backups in case the primary backups failed. Now, why did they have problems while some had trouble getting fuel to run? Think about diesel, right?
[00:54:44] It gels up in cold temperatures. I don’t know if they’re using number one or number two down there, but they had problems getting fuel to the generator. Others were damaged by the cold weather. Think about the cooling systems for these big honkin generators. And they really had some serious problems.
[00:55:05]Very big problems. Here’s a quote from Evan Wilner. He served as Delaware’s public advocate for utility customers. He said having had experience for almost two decades with utilities, it’s genuinely inconceivable to me, even in today’s re massively deregulated environment. I cannot imagine how any oversight got itself into this position.
[00:55:31] And I have to agree with that. It would be absolutely terrible. Think even about the utilities now they’re not generating money now. Of course they don’t really care because most of the time, these public utilities get to keep it percentage of their costs. So the higher the cost, the happier they are because they get to charge you.
[00:55:51] More. So just before 2:00 AM is a frequency drop to 59.4 Hertz where we’re supposed to be 60. And then to 59.3 Hertz grid operators began shedding load. In other words, they were cutting off power to portions of the grid, which reduced demand and brought the frequency back to the target. Of 60 Hertz. So if they’ve been unable to bring a back up power plants would have been forced offline to avoid damage to their equipment.
[00:56:21] As I had just mentioned, and I was speaking with someone who has some knowledge of this and new England, and apparently we are not much better off than Texas. We could have a massive failure of our grid.
[00:56:37]This is a concerning report. At least it is concerning to me and it should be to everyone, frankly, but despite colonial pipeline to attack the likelihood of utility sector hacks has increased as was evidenced just this week.
[00:56:53]Colonial pipeline was a huge wake up call to some companies. Now I got to say, most companies still aren’t doing enough. They don’t think it’s going. You’re going to hit them, not going to affect them. It’s just going to be too expensive to do it. We have one client who we have had now for more than 30 years and a big company.
[00:57:17] And we were protecting one of their divisions and their division here in the. U S was pretty profitable. In fact, it was one of their few profitable divisions for many years, and we had installed some really good cybersecurity equipment and software, and it worked so well that when the entire company worldwide got hit with ransomware, there was only one division.
[00:57:50] That was able to stay up and stay online. The rest of it, then they lost hundreds of millions of dollars because of it. The rest of the company went dark. They had to shut everything off. They had to try and recover just a total nightmare. And it’s a nightmare we’ve seen again and again and again, and remember.
[00:58:09] These bad guys. Yeah. They may target some specific businesses or industries, but the majority of the bad guys that are sending out ransomware are just doing it in a haphazard fashion. And according to the statistics here about a third of businesses can expect to get hit with ransomware this year. It’s really that bad, we’re just sitting here, crossing our fingers, saying, oh, backups are going to cover it for us.
[00:58:39] And they might. But you’ve got to detect these things early and you’ve got to be able to do something about it. Our friends at colonial were hacked by a group called dark side and they have since gone dark, their main control systems for their web server. We’re over on the dark web are apparently the seized by law enforcement, their money that was in their account and they made over $30 million is gone.
[00:59:11] It’s hard to say. Was it taken by law enforcement as well? Which they do using cryptocurrency doesn’t mean that no one knows what you’re doing because they do. So it might’ve been seized by the government. We’ve seen that happen before. We’ve seen the secret service seize funds before, or it might have been taken by the bad guys and put into other accounts, but.
[00:59:36] I think it’s almost needless to say those people from dark side may have shut down dark side, but they came from somewhere. All of them were expert ransomware people and they went somewhere. Just because they shut down dark side doesn’t mean that they’re not still out there trying to hack us. And I saw a 300% increase in ransomware last year and we saw about a doubling in payouts by businesses.
[01:00:04] It’s real people. It’s real. Yeah. And the same, thing’s true for you as an individual. I want to remind everyone that if you look in this week’s newsletter, I have instructions on what to do. This will stop almost all Russian malware. It’s just incredible. It’s fairly simple to do. And by doing it, it’s 15 minutes max worth of work.
[01:00:30] Any ransomware that gets onto your computer. Will not install. It’s really that simple. All right. So the key metrics that we’re looking at when we’re talking about cyber attacks have to do with the window of exposure, and that is a key metric that indicates. The exposure to cyber breaches for software applications, and specifically, they were looking in this white hat security, you report at the utilities sector.
[01:01:04] And they’re showing that the utilities sector, the window of exposure increased since the start of the year. What does that all mean? Bottom line, it said that the colonial pipeline ransomware attack also expose the risks for vulnerable software and quick quote here from white hat application.
[01:01:27] Specific attacks are equally, if not more likely than ransomware. What they’re talking about here is people attacking a specific application. One of the ones that we’ve seen a lot that Microsoft keeps warning people about is Microsoft’s very own remote desktop. That’s an application. It has had a lot of security problems and they are continuing to release patches and people aren’t paying attention to it.
[01:01:54] And we, we see that all the time where there’s. Patches that are out there. And yet companies aren’t installing them. I get it. I, this week I took my own medicine. I have a Macintosh. That is my main computers from 2013. Yeah. It’s that old it’s coming up on. What we won’t be long. It’s going to be a decade old and I have not upgraded the software on that Mac now to the latest release.
[01:02:23]Apple came up with big Sur and I hadn’t upgraded it. So I bit the bullet. Cause I’ve been complaining about Microsoft. You might’ve seen it if he listened to my podcast, which you can get by going to Craig peterson.com/itunes or. Craig peterson.com/podcast. So I posted a podcast this week, where I was blaming Microsoft for these hacks and the reason I’m blaming Microsoft, isn’t so much that they have bugs in their software that bad guys use.
[01:02:56] Consistently use. That’s not why I was blaming Microsoft. Although I’d love to see them pull up their socks, spend some of those billions of dollars in cash that they have spend it on tightening things up a little more than they have been, but they have been doing some tightening up. Kudos to them for trying to do the right thing at last.
[01:03:16] So they’ve been trying to tighten it up, but here’s why blame them. People are afraid to do upgrades and updates. And I can’t blame people for being afraid of it. When you get right down to it, you look at it and say, wow, if I upgrade my windows machine, is it going to break my machine? In other words, will my computer become useless and I’m going to have to re-install and re-install all my software, right?
[01:03:44] That’s always a pain or hopefully I have a backup and try and re-install from the backup. And that’s why, when we’re doing backups for businesses, And we actually have a backup that we can spin up in a virtual environment. So it’s part of that ultimate business recovery that you need to be able to do to be able to survive something like a fire in the business or a major hack, et cetera.
[01:04:11] So that’s part of what you have to be looking at. And people are looking at it saying, oh my gosh, the last time I did an upgrade, everything just went to pot and I can’t blame them. Cause that happens. So I said, forget it. Big Sur is a big guy grade for the Mac. I’m going to do it. And I did it and I’ve got one problem.
[01:04:33] I just finished doing, I got one problem and got her resolve after the show today. But I ate. What does that make my own advice there? Go and did an upgrade. But I understand why you don’t want to do an upgrade when they’re talking about here, these white hat guys, application specific attacks.
[01:04:54] Think about it. How many of us, I’m sure. Every one of us, you could raise your hand right now and say, yeah, I don’t want to upgrade windows because I’m using this program I’ve been using for years. And if I upgrade that program’s no longer going to work. Who couldn’t raise their hands. To that.
[01:05:13] And I can’t blame you for that. And in many cases, if you’re going to do an upgrade to new version of windows, you have to buy a new version of that software. You’ve been using whatever it is, right? Yeah. We have a customer who just this week we had to come in emergency do upgrade. So QuickBooks because their QuickBooks license was up and they could no longer licensed this older version of QuickBooks.
[01:05:41] So we had to come in and do emergency upgrades on their desktop machines and on their QuickBooks server to get it all done in time because somebody had been sitting on the license and all the information about it, but that’s the truth. Isn’t it. And the problem that Microsoft has created is we’re all afraid to do updates or upgrades.
[01:06:05] And Microsoft of course, has been charging for them. At least apple hasn’t been, some of them it’s been charging for Microsoft has been judged for some of them. They haven’t, but it’s a real problem. So again, this report saying at least 67% of utility sector software has at least one.
[01:06:24] Serious exploitable vulnerability. That’s up from 55% of the beginning of 2021. Solid. See that’s five months. And the last five months. That is crazy. Yeah, two thirds of utilities. Software is vulnerable, serious exploitable vulnerability. So I really want to encourage everybody, whether you’re a home user or utility, we fear public sector, private sector.
[01:06:56] Do what I did this week. Bite the bullet. And get a good backup of your computer and upgraded to the latest version of everything, of the operating system of all of the software that you typically use. And please go to the next step. Upgrade your firewall, upgrade your switches, but at the very least the firewall get something that’s truly next generation.
[01:07:25] Get a top of the line as much money as you can afford and keep it up to date. I like the Cisco stuff, but there’s some other pretty good stuff out there. Some people use Aruba networks. I’m not a huge fan, but they’re okay. Some people on the low end. And we’ll use a number of different just cheap firewalls, but get the ones that will keep themselves up to date.
[01:07:48] I’d like the Muraki go. I made an offer on that last year. It was a thousand bucks for a firewall. That did segmentation a switch that could do the segmentation and wifi that gave you guests networks and segmentation, everything for grant. And I can figure the whole thing for them and help them get it installed.
[01:08:09] So something to consider. Get it done by somebody or do it yourself. This is the week to leave vulnerabilities behind. At least the vulnerabilities you can afford to miss, which is do the upgrades, do them right away and visit me online. Sign up for the newsletters you get all of the latest in technology, security, tips and tricks, et cetera.
[01:08:35] Craigpeterson.com/subscribe. Take care, everybody. Bye-bye.