Don’t Trust the Cloud. New Announcements from Apple. The Liars and Cheats of Huawei. Radio Show- 2018-09-15
Announcements from Apple. Yea – I was a bit underwhelmed. I will discuss why I think that the announcement unveiled just incremental improvements.
Do you use Cloud products in your business? I will explain why you must not just trust that they all know what they are doing and what you need to do to protect the information they store for you.
Help me, Help you! I want to know what information you need to increase your security and protect your business.
It’s going to be free to Freeze your Credit! I will tell you about the bill President Trump signed to prevent these Credit Reporting Agencies from charging for this service.
Craig is putting up a new insider site (Yes, it is free, but you have to sign up) On it will have all his special reports that he puts out and you will be the first to get them.
- Are You Using A “Cloud Service” For Your Business?
- Huawei Has Been Fined $1.2B By The US
- Black Hat And Defcon Cybersecurity Experts Share Tips On How To Protect Yourself
- It Will Soon Be Free To Freeze (And Unfreeze) Your US Credit Report
- New Ransomware Arrives With A Hidden Feature That Hints At More Sophisticated Attacks To Come
- How To Protect Yourself Against A Sim Swap Attack
- CYBER-ATTACK! Would Your Firm Handle It Better Than This?
Airing date: 09/15/2018
New Announcements from Apple. Huawei Lies, Again, Free Credit Freezes. Don’t Trust the Cloud to be Secure.
Craig Peterson: [00:00:00] Hey, Good Morning, everybody. It is time for another session. here Tech Talk with Craig Peterson. You know, I was looking on my Amazon Echo for my radio show and I was able to find it. I found the podcast and then the next day I couldn’t, I don’t know what’s going on out there. But, hey if you are listening to my podcasts, please let me know. Let me know what you think! I’d absolutely love to know because I’m trying to figure out if I’m going to put more time into these radio shows. Maybe, we’ll go back to an hour. We’ll see how things end up going here on these same stations. But, anyhow, today we are going to talk about a couple of things. First of all a cyber attack. We’ll kind of run through the anatomy of a cyber attack. Would your company handle it better, than maybe what happened here? We have a real live company we’ll be talking about. We’re also going to be talking about Black Hat and DEFCON these are Cybersecurity experts. They’ve got some great tips on how to protect yourself. Freezing and unfreezing credit. You know that was a huge problem when we had a massive massive breach of all of our personal information over at Equifax. That breach about a year ago now. So, should we be able to do it for free and a whole lot more. By the way, if you are a company and you’re using Amazon to do processing or store data. We’ve got a massive leak to tell you about. Oh, I got to mention Huawei again, because somehow they seem to be making it to the news almost every week. So, here we go. You’re listening to Craig Peterson.
[00:01:44] Ok. So, first up let’s talk about Huawei, this is a company that has been hammered and nailed and nailed and hammered and hammered and hailed by the government, recently. In fact, they complained a lot about it, bitterly, for a good reason, I think. Although, you know, if I was in their position I’d complain too. Don’t get me wrong. They should have been hammered by the government with what they apparently were doing. The allegations are that while Huawei was actually sharing their data their information with the Chinese People’s Liberation Army government officials. So, they were sharing all of this stuff about locations of troops, conversations and e-mails and everything, which is just a terrible thing. And so we, of course, advise people don’t use Huawei. That the company, by the way, is spelled H U A W E I. So I’ve heard it pronounced all kinds of different ways but the correct pronunciation is a WAH WEI. Well. You’re going to love this one. They got caught again, Huawei. This time they were caught and this isn’t the first time they’ve been caught doing this. You know, this week Apple, of course, had their big announcement and they announced some new phones with some really, if you ask me, incremental features, nothing terribly exciting, nothing that’s going to make me want to run out and buy one of these phones.
[00:03:17] If you are almost a professional gamer using your iPhone, if you’re using it for all kinds of video games and maybe virtual reality and enhanced reality and all these different things, well then maybe you want to go and get one. Other than that, I’m not so excited about it. They have introduced, Apple did back and the iPhone 7 days for the plus phones a whole new camera subsystem that included a very, very cool chip that was just dedicated to figuring out pictures and Apple calls it machine learning. And, I think they’re overblowing that term. I certainly wouldn’t classify it as machine learning and, in fact, they got caught, Apple. I was sitting there watching them, at least, part of the presentation this week and they were just out and out and lying about stuff. Lying. For instance, the new camera allows you to change your depth of field, after you’ve taken the picture which is a phenomenal feature, in other words, you can change the background and how In Focus are out of focus it is. And they lied about it. They said this is the first camera ever to do this and I’m sitting there saying wait a minute I’ve got a camera that’s four years old. It’s called a light field camera.
[00:04:35] And I’ve been taking pictures like that for years and years where after the fact I can go in and I can change the depth of field. I can put everything in focus or certain things out of focus. I can even move the focus point around afterwards, which is more than it looks like this new iPhone can do. So, you guys quit your misrepresentation, and they did a couple of other things too that they said they were the first, and they just weren’t. I’m starting to wonder about Apple now in so many ways. So anyhow, one of the things that they announced the big deal there was this new lens system that they have on the new iPhone and the new intelligence, machine learning which, again is not machine learning. They’re using a very, very fast little chip in order to figure out things like where is a person’s face where their eyes are, get rid of the red eye, automatically, let’s do all these different things. And that’s really cool. I love it. OK, don’t get me wrong about that. If you want a phone that has a great camera then, wow. I don’t think you’re going to go wrong with this new iPhone and the camera that’s built into it. Huawei, however, was caught again, using a professional DSLR to take the pictures. And this is kind of cool, because the woman who was in these pictures, the actress who was supposed, you know, taking candid pictures, her boyfriend was there with his arms stretched out and taking a snap, snap.
[00:06:13] There you go. And it showed our little box around her face as the cameras recognizing her face and is focusing on it. Well, this actress’s social media posts revealed what was really going on. She posted a picture, that showed her sitting there with the other actor. So, the guy has his arm extended with nothing in his hand, right because he’s supposed to be holding this Huawei camera, nothing in his hand. She’s sitting there next to him posing like she’s supposed to be, posing and in front of them, is a guy with a professional camera. The whole idea behind the ad campaign is look at how great our Huawei camera’s are and we can’t make the background blurred just like Apple, would kind of basically, right. And, in fact, it wasn’t. It was a professional camera, he had set the depth of field. You know you adjust the aperture, you make sure the lights right, you do all of that sort of stuff. They were lying, Huawei out and out lying.
[00:07:13] Faking the picture, at least Apple isn’t faking the pictures that they’re showing us, including they showed us a picture that was on the cover of Time magazine taken with an iPhone, a beautiful picture. They had just done some amazing things. Now this is not the first time while way’s been caught faking a smartphone photo I’m sure it will be the last because they did it before and what was the reason that they gave. What did we always say? It wasn’t, Yeah, Yeah, Faked it. They’re not admit that, right. So, what Huawei says, this Chinese firm, is ah, we were just showing the type of picture you might want to take with the selfies on our Huawei smartphone, Yeah. Yeah, that’s it. I’m sure that you weren’t trying to convince people that your camera is as good as a three to four thousand dollar DSLR camera body. Yeah, that’s not what you doing. Yeah. Well, you know I’ve been complaining about Equifax and we’ve been producing a dark Web reports where we go when we do searches and stuff for people’s information. And we’ve been doing that for about six months now. We offered it to people right after the Equifax breach and we’re thinking about maybe doing something like that for businesses, which would be really nice, right. Wouldn’t it be nice to know if your business data, Has been stolen, right?
[00:08:48] Wouldn’t it. Wouldn’t that be nice. I would think it would be nice. So, we may do that in the future. Keep an eye out. We’ve got a few things going on. And by the way make sure you check your e-mail from this morning because not only are all the articles from today in there, but I’m going to be sending out some e-mails. I really want your feedback. And you know the only way that I know what you want to is, via that feedback you can go way back in my history and I back in the 70s mid 70s was the first time I designed a computer. Actually, it was right around 1972 or three. And I designed and implemented a computer. I made a little computer that would play a simplified game of chess back there in 73 and then I went on to run data centers and be one of the first people on the internet quite literally helping to develop the protocols and implement them for them for a lot of companies. In fact, some of my code I wrote is probably still in use today. I know Apple used to use some of the code I wrote, as did Microsoft, in fact, I helped to develop the Microsoft operating system NT and I wrote to a lot of the audio subsystem and also some of the network subsystem for that.
[00:10:03] But, I’ve been very involved in the Internet, since the early 1980s and I’ve been well known for working with big companies and helping them to do large implementations. Frankly since about the early 90s, My business has all been about the networks that are necessary, the machines, the data centers and even the software necessary to run a big Internet installation. All right. I was well-known for developing Big Yellow. Do you remember that? Remember Superpages? Actually Superpages is still around, although I’m sure they’ve completely rewritten it by now. So, that’s where I’ve been well-known for. And then more recently since I was attacked in 93 and fell victim to hackers back in 1993 and it’s a while ago now, Wow. Twenty five years ago. Since then I’ve also been known for security because I started studying security very closely. Electronic security physical security up to the point where today I am providing webinars for the FBI Infragard program. So, I’m trying to disseminate this information. Like I’ve been trying to do on this radio show for a very long time. So I’ve been known for a lot of things over the years, and it’s kind of changed as the marketplace has changed and as people’s demands have changed. So, what I’m looking to find out from you guys is what else can I do for you? I’ve done all of this for big companies.
[00:11:36] I’ve done it for small firms, as small as you know typically about 20 employees. But I’ve done it for smaller, as well, right now I’m working with some accounting agencies that just have a handful of employees, including one that’s just mainly the accountant and his assistant. But, what can I do for you? You think about all the stuff that you know you’re dealing with everyday when it comes to security you can’t sleep you lose sleep at night over your business and you’re concerned about losing it all. You’re worried about what’s going to happen if I get Ransomware? And, that’s why I’ve got this great article about ransomware up on my site that came from ZDNet and I think you might want to have a look at that up at Craig Petterson dot com. But, what is it that I can do for you, Next? We talk about things every week. What is it that interests you? What can I do, that’s going to help you? Should I put together some mini classes? Some courses? What sort of thing is going to help you when it comes to computers and security. And you know I might even go a little wider than that because I talked for, a few years ago about developing another brand that we get information out on. And I was calling business edge back at the time and the idea behind business Edge was again like my customers demand. Where they wanted to know, how can I use iPad’s properly?
[00:13:09] How can I increase the efficiency of my employees? How can I tighten the communications channels with my vendors? with my suppliers? How can I make all of this stuff work. It’s a, you know it’s a problem, it’s a real problem for businesses. So, if that’s something that interests you, let me know. You know I’ve been doing this for a very, very long time and I’ve been helping a lot of people. Now I want to help the small businesses out there. Small businesses are the ones that are constantly being attacked. Small businesses are the ones that don’t have the resources to be able to deal with this. So, if you’re involved with a small business, send me an email. Just me at Craig Peterson dot com or you can text me as well straight to my phone 8 5 5 3 8 5 55 53. We’ll give those out again a little later. What can I do to help you? What can I help you with on this radio show, that’s going to take you to that next level? What’s going to help you to be able to sleep at night? What’s going to help stop those arguments with your spouse, over the business and all the time you’ve been putting in? Then heaven forbid you get hacked and your data is stolen and now you’re hung out to dry.
[00:14:25] Right. Because it’s out there. What are you going to do about it? What can I do to help you? So, let me know I’m going to be sending out an e-mail with a brief little poll in there. You’re not going to take it 20 seconds. But I’m going to list some topics that people who listen to the radio show, people who listen to the podcast, have asked me about. So, that you can just kind of click which one you think might be best and then another question that just kind of a qualification would you prefer a short course that’s just straight to the point where you know hey Craig I know you know a ton about this way more than I do, I don’t want the background, I just want the steps. What should I do? Is that what you’re looking for? Is that what you’re looking for on the radio show? Or are you looking for more of course, You know I have to understand this little bit more. I know in my life I’ve had many times I’ve hired people and, of course, hundreds. But when I’m hiring those people I’ve found I’ve had in the back of my mind I don’t know enough really to evaluate this person. I don’t know enough about sales that was kind of the first thing and so I learned about sales I really studied up on sales before I could really confidently hire a salesperson because in my estimation I’ve been I’ve been screwed before, right where people came in and they sold me a bill of goods and then they didn’t deliver.
[00:15:50] Same thing with marketing. And I have been a student of security. I told you that already now a serious student for over 25 years. So, it’s a very, very big deal. And I want to your opinion. Where do you want to fall on that line? And I’ve had these free webinars before, I’m planning on doing more. In fact it’s my 25th anniversary I’m going to do a 25th anniversary series here, coming up probably in October. Twenty five years since I got hacked the first time I mean hacked not just a virus, I mean hacked. So. What? What can I do for you? So, keep an eye out for that. Let me know what you think and what’s going to be beneficial to you? That’s really, you know the most important thing. and you can always just e-mail me at Craig Peterson dot com. That’s of course P E T E R S O N dot com. So, on Peterson dot com or text me if you have your smartphone handy. Just 8 5 5 3 8 5 55. Fifty three. All right. Next up
[00:17:02] A little rockabilly, I guess you might call that, music. I love this we’ve had the same bumps now for over a decade here on the radio show.
[00:17:08] But, oh well. We’ve got some new ones coming and I’m already using a new one at the beginning of the show. If you were a victim of the Equifax hack, you know what a pain it was. Because this Equifax data breach that was over a year ago required you to start doing more serious credit monitoring. And Equifax themselves wanted to charge you for the credit monitoring. They still do. And they said, Do you remember this if you went to their Web site and said Yeah I want to know if I’ve been hacked and they say you’ve been hacked and they said hey we’ll give you free credit monitoring. But, in order to get the free credit monitoring from Equifax you had to agree to not sue them. To not be part of a class action suit. 145 million people’s personal information was stolen from them and they wanted to charge you to keep an eye out in case somebody out there stole your identity you know stole the money from your bank account, right. Nothing big, right, no big deal, no big deal. Well, credit freezes can be important if you know your data has just been stolen. And that’s one of the things that I tell the people that were doing the dark web searches for, right. If there is a change and we’ll tell you if there’s been a change if there has been a change in your data out there on the dark web. Now’s the time to look at a credit freeze, an important thing. So, it’s become harder for identity thieves to apply for loans or lines of credit.
[00:18:44] If you have put in place, a credit freeze. Well now, the Trump administration has put something into effect it’s called the Economic Growth regulatory relief and consumer protection act. It does many things, but starting September 21st consumers can freeze and unfreeze their credit without paying a fee. Isn’t that amazing. So, this is going to be really, really good. Only about 2 to 3 percent of Americans had a credit freeze in place at the time of the Equifax hack. Now, remember they stole pretty much all of the information about every person of, you know, adult age who had credit, they stole it. But just about everyone in the U.S. you know it’s like almost 100 percent of the population of the adult population. And after the theft occurred it was estimated that maybe 10 percent may be as much as 20 percent of American consumers actually put a credit freeze in place. So, removing these financial barriers which cost about five to 10 bucks every time you put a freeze in place or an unfreeze in place it was five to ten bucks maybe now that they have to give it to you for free. Consumers will start doing that. I think it’s important. I’m really glad that some of the crazy restrictions that were put in place back in 2008, are being removed as well. Again, I think mobility for consumers is important. Transparency is important. And hopefully we’ll end up with more of that, as we go forward.
[00:20:33] Now this next thing, this is kind of interesting if you’re a business person.
[00:20:41] Now, you know as a business person a lot of services are moving to the cloud and it shocks and amazes me how many times you go into a business and they’re using a cloud service they don’t realize there’s a cloud service, right. So, they’ve had accounting software from company X forever and now Company X instead of going to a local server you go to a web browser in order to be able to get the data from Company X. Well, that is a cloud service now. Now, Company X is probably not really good at running a data center. So, what is Company X do in most of the cases Company X goes to Amazon. Now, there’s other options it might go to Microsoft and Azur there. IBM has called services a lot of different places have called services that are out there and you know that’s all well and good but is saving them money really worth it.
[00:21:42] And here’s why. Here’s the problem I’m seeing. We go into a business and the first thing we typically do is what we call RI report. This is a risk intelligence report. So, we’ll go ahead and we’ll scan all of their computers for data that if it were stolen would cause them to get fined or even face criminal prosecution. That’s a big deal right. It’s a very big deal and now we have different types of risk intelligence reports will do this for HIPAA. We’ll do it for accounting. We have them available and we just ran some for GDPR which is the new European standards. So, we have all of these different types of risk intelligence reports because you need to know what data is on your machines that might be at risk. So, we just did one this week for a company and it’s an accounting firm. Now we found a few things that you might expect in accounting firms like Bank account information and other things. We found credit card numbers, we found personally identifiable information on their computers but they were using a cloud service and they were saying hey listen no, no, no, wait a minute we’re using the cloud service. We don’t have a server on site anymore running their database.
[00:23:05] We don’t have a server on site anymore where we’re holding on to this client information. It’s up in the cloud. It’s now the responsibility of that cloud service vendor. Let me straighten out a few things in everybody’s mind here. First of all it is not their responsibility, unless you have an explicit agreement with them that passes the liability onto them. And I’ve got to tell you most people don’t have them, if you want a copy of an agreement like that. Let me know, I’d be glad to send you one we have them. But any of your service providers, whether they be a managed services company taking care of your computers or break-fix shop or in this case a cloud service provider, you need to have these business contracts in place that helps make them liable. But that’s not where the problem was this week. The problem was we found that their Web browsers were using caches, which is true for almost everybody out there. So, when you go to a Web page have you noticed the second time you go to the Web page it loads that much faster? Have you noticed that with some of these web pages it loads a lot faster and in some web pages it’s almost instantaneous. Well, a lot of that is because of the cache your browser cache.
[00:24:32] So, in the browser cache at these businesses who were using cloud services we found personally identifiable information the caches were not being wiped. So, even though they thought they didn’t have the data there, it was on their local computers. They did not have the proper agreements in place with their cloud services provider and they got nailed. In fact, just this week a company left terabytes of data exposed on Amazon. They were providing a cloud service and they had no idea what they were doing. They didn’t know enough. They had no idea they had terabytes of clients personal information available online. So bottom line be careful, if you have questions if you like a copy of the contract, let me know. Be glad to just send it to you and then you can take it to your attorney and get it all worked out so that all the details are correct and let me know what can I help you with? Send me an email. I’ve been doing this for years.
[00:25:39] Decades literally. What should I do? What’s your my next product to be? What should I buy next coaching call be on? What are you interested in/ E-mail me at Craig Peterson dot com with any comments, any questions or just text me directly. 8 5 5 3 8 5 55 53. All right. Take care. Have a great week ahead. And we will be talking with you. And next week it’s going to be a best of. But you know these shows are all great. What can I say? Take care, bye-bye