Below is a rush transcript of this segment; it might contain errors.

Airing date: 04/20/2019

Home And Small Business Routers Hacked – NYC Wireless Down Due To Lack Of Updates – Fake Amazon Reviews Critical – Amazon Show The Feed Walking Dead Channing Powell

Craig Peterson 0:00
Hey, everybody. We are getting going here. Of course, Craig Peterson. We’re going to talk about some of the major tech stories. This week, we’re going to talk about the hacker groups been hijacking DNS traffic on D-Link routers for months. Now, what does that mean to you? What can you do about it? How can you detect it? Facebook, the privacy kings, right? What’s happening with Facebook and their really creepy portal? Yeah, it’s kind of interesting, that little camera they have. Tax info, of course, April 15, time to file the personal taxes. What is happening? What’s the cost? What’s the value of your tax information online and why would they steal it? The founder, the person who started this whole Walking Dead series has a brand new series that’s coming out. And she’s got some creepy things to say about technology. And we’ve got the New York City wireless network down, I warned you. Don’t say I didn’t warn you guys about that and what’s happening. So let’s get right into it here.

Craig 1:12
DNS has, of course, been one of the most important parts of our internet for very, very long time. Time was we had to maintain hosts tables, we had to know where everybody was, we had to do hop routing, we’d send it to somebody that knew more, they had a bigger map of the internet. So you know, we had upstream providers and we would send it to them, we were all connected together. And it was really quite a hodgepodge. So DNS came out. And the idea behind DNS isa dynamic name system was to allow us now to have one massive name database. Now it was designed in the times when the internet was a much more friendly place. We didn’t have bad guys out there running around, we didn’t have opposition parties who are trying to shut us down, denial of service attacks and and hijacking domains. Well, actually, we kind of did have hijacking domains. Had a couple stolen from me back in the day, but it was a much more genteel place. And DNS was designed for a cooperative system. So if you want to go to Google com, or http://CraigPeterson.com or anywhere online, you could use the name, it would go to this DNS system, who would then look up that name, it would come back with an Internet address, and then that address would be used to route your data. Does that make sense to you? I, you know, I hopefully I explained that right. And simply enough. The idea is that we can using DNS just use names because as humans aren’t great at remembering all of these multi multi digit numbers. And it’s gotten even worse now with IPV6, but we’re not going to get into that right now. So what’s been happening with our wonderful little hacker group here, while the modems here from D-Link, ARG, DS-LINK, SECUTECH, and TOTOLINK, and you can see them here on my screen. You’ll find them on my website, just go to http://CraigPeterson.com/YouTube. And you can watch along here, but for the last few months, they’ve really been hacking a lot, I have the list of known routers that have this vulnerability that had been hacked. And this is based on a one of the security companies that went and had up, poke around, Troy Mercer’s, the guy’s name, Bad Packets, his name of the company. And he’s saying there were three major waves, there is a wave, late December, early February, late March as well, in 2019. But these attacks are still going on, these hacks are still out there. And what they’re doing is they’re taking the DNS information that you would normally have in your router, and they are changing it to some of these malicious DNS servers. Now, I’ve got it up on my screen, I just pulled it up from this article, which you will also find on ZDNet, which is when we’re talking about or right there and http://CraigPeterson.com, that’s probably the easiest way to find it. And I send it out today in my show notes as well, my show notes email, but these are the addresses. So if you want to check right now to see if your router has been compromised, have a look for these addresses in your DNS settings. And the idea here is they change the settings on your router, it now provides those DNS addresses to your other equipment in your home or your office. So now when your other equipment tries to go somewhere online, they have the ability to intercept it, because they just say hey, yeah, Google isn’t at 123 Main Street in Merrimack. No, no, no, it’s at 1745 Lenin street in Moscow, and some how now your traffic in some going to Moscow? Well, in this case, right? This kind of looks like it’s some Brazilian people. They’re really trying to do this the most. But they’ve hijacked traffic that’s been meant for Netflix, Google, PayPal, and some Brazilian banks. So the idea here is you try and go to one of these sites. And what do they require you to do? They require you to log in. Or maybe there’s a cookie set in your browser that they can read and use to login. So they try and get you to login, get the information from you. And then now they’ve got your information, we already discussed why they want it. And we’ll get into in just a couple more minutes too when we’re talking about what’s happening right now with your tax information. But they are using what are called bulletproof hosting providers, in case you’re not familiar with that is these bulletproof hosting providers. And I’m going to stick their ASs here, up on the screen. If you’re a total geek, you will find right there. There we go.

Craig 6:01
There’s AS’s which are autonomous systems, part of the internet backbone. But bulletproof hosting providers will not provide information about their clients to law enforcement. And they try and prevent anybody from figuring out who their customers are. So these two hosting providers of the guys that are doing it, this has all happened before, there’s a massive, malvertising operation. Sometimes they’ll use these DNS attacks, in order to inject into the stream ads. We’ve had ISPs, legit ones here in the US who’ve been doing similar things. If you try and go to a site that doesn’t have a DNS entry, guess what they’re going to do?

Craig 6:44
Yeah, they’re going to send you to their site to their advertising.

Craig 6:49
So that’s what’s been going on. If you are using any one of these routers button up on the screen, again, which are basically the D-Links, ARG, DS-LINK, SECUTECH, and TOTOLINK, as well as many others. Make sure you update them, upgrading them or replace them. And I went over this in quite a bit of detail in my most recent master course, about what is happening out there and what you need to be aware of. All right.

Craig 7:21
So let’s move on to our next article. This is something I warned everybody about last year. And then again, I warned everybody about just about a month ago. And as it turns out our friends at New York City, they kind of knew about it, too, but they didn’t really do anything about it. And that is this New York City wireless network. And it is down due to a bug at least it has been down. They’ve been working on trying to get this thing back up online, which makes sense, right?

Craig 7:58
And this has to do with failure to update. How many times have we talked about that being a real problem out there. And the failure to update in this case is all of our wonderful data that they’re using to allow the police, fire departments and others to communicate. Now, the fire department is saying they got off of what’s called NYC WIN which is their wide area internet. They got off of it a couple of years ago, they switched over to Verizon mobile data. And they’re using that in order to communicate with the hospitals when they’re transporting patients and things. But the transit officials can’t remotely control 12,000 plus traffic lights, traffic cameras, NYPD license plate readers are down. This is according to the New York Post. It crashed on Saturday, April 6. Do you remember that date?

Craig 8:55
Yeah, I warned everybody, right. Remember that one guy quoted him saying I am not going to be anywhere near an airplane on April 6th? Well, the the Department of it there New York City is paying Northrop Grumman about $40 million a year to run this network that cost them a half a billion to put in place and has been in service in for 10 years. And they never updated some of the core components. Why would you use GPS? Here’s what’s happening.

Craig 9:28
The GPS, older GPS equipment had what’s called a rollover event. They were using Okay, there’s a little geeky but 32 bit counters, you remember the old 32 bit computers and you got upgrade you want 64 bit Windows and 32 bit Windows. Remember all that thing, while these older GPS units had 32 bit counters in them. And what that meant is come April 6th, they went from it’s 5pm on April 5th to it’s zero pm. It rolls back to zero, which goes back to the Epic, which I’m not sure what it wasn’t GPS, and the Unix world it was 1970. But everything got messed up. So now all of a sudden, their traffic cameras, security cameras are all saying that they are down for maintenance because they are down and they’re down hard. The same thing with license plate readers, not all of them, but the ones that were older, all are failing on them now. But they use GPS for the clocks. Now think about gridlock. Gridlock is a term that was invented in the city of New York. And what it meant was they have this grid laid out, right, it’s all beautiful grid straight lines. And gridlocked meant that traffic couldn’t move, because the lights weren’t properly synchronized. And it was there for decades. And they they came up with that term. So they decided they had to synchronize all of the light so that traffic could flow properly. Well, traffic isn’t flowing properly, because now the clocks that are in the light, the traffic lights that were using a clock coming from the satellites via the GPS signal. That GPS receivers not working, the clocks are now falling out of sync. Some of them I suspect pretty quickly falling out of sync. So now New York’s in for more gridlock, hopefully, they’ll get this fixed pretty quickly. But it’s a very, very big deal. Police have been sent to spots with vehicle mounted readers where the readers are failing. And I kind of find that interesting, too, because you’re talking about license plate readers really, that’s a critical piece of infrastructure. I guess it is if you’re trying to find people who owe money on parking tickets, but otherwise, and fire department and you New York with a patient care reports to hospitals, they’ve got that all fixed. They’re saying they’re all set and according to New York Post Northrop Grumman declined to comment is, is that a shocker? Is that a shocker to you as well?

Craig 12:09
Yeah, of course, they’re not going to comment on that sort of thing. Alright, so next up here, let’s go to our fake Amazon reviews stories. This is just crazy here. Have you gone to Amazon? Have you used some of their review stuff? I know I have. And it’s, it’s you know, it’s very handy. And I use it quite a bit, right. And that’s kind of the stars that are that are on top of the page, and they put this up on the screen for you.

Craig 12:42
And a five star reviews, can you trust them? Well this particular reporter from the Hustle, went underground and spent two weeks there and found out what was really happening. So gives a, actually, I’m not even sure what the name of the author of this article is. They don’t mention their name, and they don’t have credit. Okay, maybe it’s Zachary Crockett, that might be it.

Craig 13:11
So, here’s what he said. He said he went to this private Facebook group, this underground Facebook group, and was chatting with this person named Lien Xi, an Amazon seller from Guangzhou China. And she offered him a deal. If he gave her a five star review. For her iPhone charger. Now he would need to buy the charger from Amazon. So that could be a verified purchase. And then what she would do is she would refund him via PayPal and pay him a $10 commission. So he was asking, Hey, isn’t this illegal? And her response was? Well, that she didn’t say no. She said what you will love is all she said right? So he looked up or product review. And you can see this on my screen here http://CraigPeterson.com/YouTube. http://CraigPeterson.com/YouTube. 

Craig 14:09
But he found her iPhone charger on Amazon. And it had almost 4000 5-star reviews.

Craig 14:19
Isn’t that just amazing?

Craig 14:21
Also got Amazon’s Choice Label, which is very, very valuable. I know I use that. So when I’m looking on something on Amazon, I’m looking at the stars. And I’m looking at the Amazon’s choice on the little black box that comes up. And then occasionally, depending on the price of the item, I’ll scroll down to read the reviews. Well, apparently I’m not alone. And if you do the same thing, you’re not alone, either. Because what it’s saying here is 65% of us trust online reviews. 82% of American adults check the product reviews before making a purchase. I think that’s low frankly, I think it’s almost 100%. If you’re an Amazon, right, it’s probably 100%. But just generally shopping online is probably more like 82 I can see that.

Craig 15:11
So research is showing that we’re more swayed by a simple star rating than what the reviewers actually write. And I’ve got to also go Let me see pop hit head a little bit here. Some of these reviews and you might have seen stuff like this. I know I have. And it really upset me. You see reviews and he’s saying this one product is looking at. this is another guy this guy named Tommy Noonan had 580 reviews, and every single one of them was five stars. But he recalls people would write things like I haven’t tried this product but and then leave a glowing review. Well, does that smell like it’s a setup, or what? It definitely does. Let me show you this here. Okay, on the screen again, http://CraigPeterson.com/YouTube. Facebook reviews are boosting a lot of products. And I’ve seen stats saying it’s 20% all the way up to 60% of these are fake. But look at this, headphones, it saying the fake reviews, the average star rating is 4.89 out of five. And the real reviews are 3.99. So that’s a difference for headphones. I’m almost a whole star.

Craig 16:28
Isn’t that amazing? So it’s showing up as five stars almost when it should be four stars. Then what happened is there’s a guy out there who’s doing some research. Fakespot is where you’ll find it. Fakespot.com. And they came up with some of these stats. And they are absolutely shocking. When you get right down to it here I’m going to bring this up. So it’s my absolute full desktop view here. So you can see this whole thing and in more detail. But there it is, right headphones, cell phone accessories, pest control, car control, sexual wellness, pet supplies, all of these things, vitamins and supplements, by the way, kind of the bottom of the list. They they only have a differential between fake and real stars of the quarter star here, bottom line. And then there’s another one I want to show you here too. This is the search on unreliable Amazon reviews. This is a chart again, that I’ve got up on, you’ll see it on YouTube. But they are hosting, Amazon’s hosting 1.8 million vendors and sellers who are selling nearly 600 million items that are generating about 9.6 million new product reviews every month. So really the the big deal here, the big question is, how can you tell when they are fake? How can Amazon tell? If you’re talking about 10 million reviews a month, how can they tell? Well, there’s some ways to do it. They’re kind of trying to do it. But I’ve got to say I think they have a negative motivation in trying to do it. I’m not sure it’s all it’s cracked up to be. Because by having these people shipping products directly from China to Amazon’s warehouses in bulk. So they ship 10,000, 100,000 of these things to Amazon warehouses, Amazon, then prepositions them in warehouses close to where they think there will be people that will be buying them. And then those people who are looking to buy them can get them very quickly, right? That’s the whole idea behind it.

Craig 18:38
Well, you’re cutting out the middleman, instead of having somebody buy it from China, ship it to the US and then ship them in with smaller quantity used to Amazon, the Chinese manufacturers effectively are shipping it right to Amazon, who ships that right to you. So that’s saving you a lot of money, which I would prefer recently called a disincentive. Right? I don’t think Amazon’s purposely trying to be, you know, hiding things from us. But be very careful out there. Because there’s been a huge rush in the marketplace, there are dozens of products that are almost indistinguishable from each other. And frankly, that’s exactly what what they’re taking advantage of right now. With these fake reviews, how do they get their product well known while they just make themselves a fake little review, right? That makes it easy enough.

Craig 19:30
So let me pull up our next little article. And this is fascinating. And I am totally looking forward to seeing this when it comes out. And this is from Yahoo, and right now they just had a film festival over in Cannes over in southern France. And Channing Powell, you might have heard that name before. She’s the lady who founded, who started Walking Dead. And she’s been thinking about what’s happening with technology now and what’s happening with technology in the future. And this is an article from Yahoo News that they picked up from AFP Wire. But she says she is terrified of what big tech might be up to. She has a new show called The Feed. And it’s premiering in Cannes. And that’s the just this week, by the way. And my birthday, by the way this week as well. It’s premiering and Cannes this week, and it’s all about a dystopian future now who hasn’t heard about dystopian futures? Right? That’s it’s all normal. Well, what she’s saying is Elon Musk, and Facebook are both trying to develop technology that can allow you to remotely control things. But The Feed, this new Amazon series goes a step further. Not only can you control things with your mind, but people you can send your feelings, what you’re seeing, what you’re smelling, everything you can send it to someone else in social media. So someone else can live your life. Well, what happens if someone’s in the middle of that, a company, like a Facebook or whomever. And let’s say they’re malicious, and they modify that, or they they play with your mind and your emotions, because now they can send emotions to you. And the cells, the smells, and the the eyesight, everything to make it seem real well, that’s what this is all about. And she says that Elon Musk right now is developing a neural lace computer that covers the entire brain that you would control with thought, okay. She also goes in and talks about what’s been happening at MIT, they have something that clips on your ear, and will do some remote control stuff for you. She’s saying she’s 39 years old, by the way, so she’s not quite a millennial. But she’s very concerned, you know, we got our iPhones with us all the time, and people just can’t leave them behind. They’re checking Instagram constantly. So what’s going to end up happening here? There’s some companies already in Belgium, in Sweden that are implanting chips into people. When here’s a direct quote from here to that I totally agree with, when somebody like Elon Musk, who’s a radical libertarian, who’s inside all of this development and understanding of it. When someone like Elon Musk is telling government that you need to regulate us and stop us from doing what we are doing, that is absolutely terrifying, absolutely terrifying. And frankly, we’re at a tipping point now. The Chinese government has already started a social credit score, where they will now we reward you or punish you, based on social credit that starts January 1, 2020.

Craig 23:10
That’s the tipping point. I talked last week on my show about what has happened in Venezuela, they have purchased the Chinese social credit system, where now you have a national ID card that you sir, everything from banking through voting, they know how you voted, they know where your money’s coming from. And if you’re getting any money from the government, they can, will and do control it. So maybe we’re already past the tipping point, she doesn’t say that she says, you know, we’re really close. But maybe we are already passed it. And and frankly, that’s scary. That really scares me the bottom line.

Craig 23:49
Alright, so we’ve got a couple more articles. And we’ve only got a couple more minutes. So let’s get to those pretty quickly here.

Craig 23:57
Let’s get that up on my screen. And I’m going to let’s see. So let’s talk about this really quick. And this has to do with your taxes. You have of course been paying taxes for years, right? Just one of the two things that that is certain than life, death and taxes. So this is an article from Fox Business and I got it up on my screen, YouTube or excuse me http://CraigPeterson.com/YouTube. But we have our taxes out there. IRS is said to have the largest database in the world. And that doesn’t surprise me. But here’s how much it’s worth. We filed W2s and 1040s. There’s the business stuff that’s out there. They are all available for purchase online. And you’ve heard these tips before use multi-factor authentication with your bank, right? Use a password manager, don’t say passwords in your browser, file your taxes as soon as possible. So that with the bad guys file of false tax reporting your name, it’s not going it’s going to pop up a flag it’s not going to go through. Don’t give away personal information as you have to never transfer money based on an email, right? All the basic stuff. Well, here’s how much your information is worth. I’m going to pull us up on the screen. Here we go right now. So basically, for $1,000, a hacker can purchase access to a US based bank account, file a fake return, claim the IRS refund and cash out through cryptocurrency exchange. And they will make more not 100% return on their thousand dollar investment. That’s the bottom line here. So they’re really are trying to do it. IRS is saying that there’s 1.4 billion breach attempts every year, many of them are coming from nation states, which frankly, doesn’t surprise me in the least. Why not? It’s a good way to fund your operations when you get right down to it.

Craig 26:05
And then we got one more article really quickly here. I couldn’t believe it when our friends over at Facebook decided that they would go ahead, I just couldn’t believe this, that they would go ahead and release a nice little creepy device.

Craig 26:27
This is the Portal Have you heard about their Portal before? This is a device they were selling for 200 bucks and it had in at some pretty darn neat technology. And this technologies designed to be able to recognize faces in the room, follow faces. And you could call out to your family and friends you know really cool stuff that an article by our friends over at Boeing Boeing. Well, the bottom line is who wants to buy a telescreen from Facebook? Nobody trusts them. They were selling it six months ago for 200 bucks. Apparently, it hasn’t been selling very well. And as part of Facebook’s apology tour they’ve been doing for the last year, they dropped the price. So if you want Facebook to spy on you in your home, and track you and your face as you walk around the room, which is nice if you’re cooking dinner and you’re talking with someone and it’s creepy if you’re not, then go ahead for 99 bucks, you can get it right now as well. So that’s it for today. Have a great week. We are putting these up online as well. You can see them at http://CraigPeterson.com/YouTube for all of the YouTube people who want to follow it and we’re putting our security tips up there and other things as well. So it should be a good time for all. Keep an eye out and please do subscribe. Follow me over there http://CraigPeterson.com/YouTube. And I will be back next week right here. And I’ll be here with Jack Heath on Monday morning and Jim Polito on Tuesday morning and an even more throughout the week. So keep an eye on my podcast and that’s at http://CraigPeterson.com/iTunes. Take care everybody. Have a great week ahead. Bye bye.