DTNS 2211 – Live from Greenville High School

Logo by Mustafa Anabtawi thepolarcat.comWe chat with students from Greenville High School in Illinois about tech topics on their mind like Internet sovereignty, piracy and Heartbleed.

MP3

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke and scottierowland on the subreddit

Show Notes

Today’s guests: The students of Greenville High (Go GHS Comets!)  

Headlines

The Verge reports CloudFlare has announced the Heartbleed vulnerability may not leak the private keys of servers after all, reducing the severity of the bug greatly. Theoretically an attacker could exploit the heartbleed problem to extract the keys to a servers security and then impersonate it. Cloudflare has been unable to do so in testing for two weeks leading them to suggest it may be very hard if not impossible. To further test the theory, Cloudfare set up an intentionally vulnerable server at https://www.cloudflarechallenge.com/heartbleed and invited all comers to try stealing its keys.

That’s good news for owners of certain network routers from Cisco and Juniper Networks as those routers have been identified as using the version of OPenSSL that contains the Heartbleed vulnerability. Both companies are investigating their product libraries and making lists of affected devices, as well as working on patches.

Tax day in the US will be a bit more fun for residents. On April 15 in the US, Google will allow anyone over the age of 18 the privilege of plunking down $1500 to purchase a pair of the Explorer edition of Google Glass for a limited time. To get in on the action you can sign up for a reminder at http://www.google.com/glass/start/how-to-get-one/

TechCrunch reports that in addition to 15 new ad units announced yesterday, Twitter is also adding Web notifications to desktop users. The feature was noticed by Michel Wester of Holland as a disabled option in one of his test accounts. Twitter users can real-time notifications from mobile apps for things like posts that mention your name and such, but on the desktop they need to use third-party software.

Reuters reports patent buyer or depending in your view of things, patent troll, Intellectual Ventures has convinced Microsoft and Sony to invest in its latest round of fundraising. Apple and Intel declined. Intellectual Ventures buys patents and then makes money re-licensing them.

News From You: 

MikePKennedy posted the story that Facebook has announced plans to penalize Facebook Page operators that try to bait users into liking their page and sharing content. Facebook says it will pull or demote these kinds of posts from commercial pages: Like-baiting posts that frequently beg for likes and Spammy posts that contain, “only ads or a combination of frequently circulated content and ads.”

habichuelacondulce submitted the CNET report that the Internet advertisng Bureau announced Thursday that Internet advertising generated $42.8 billion in revenue in 2013. That’s a 17% increase over 2012 but bigger news than that is the fact that broadcast TV advertising generated $40.1 billion. That means Internet advertising surpassed broadcast TV advertising for the first time. Though they have a ways to go to catch all TV advertising. And Internet advertising sells a combo of print-like as well as TV-like ads. In fact, search ads generated $18.4 billion, Display ads generated $12.8 billion, and digital video $2.8 billion.

SkyJedi and Galcyon both submitted this story. Engadget reports Amazon is purchasing popular digital comic book seller Comixology. The service has Web and mobile app access to libraries of digital comics from most major and many smaller publishers. It’s guided view technology attempts to make frame by frame reading of comics smooth and easy. Amazon currently sells single issues and graphic novels on Kindle. Amazon expects to find ways to make Comixology and Kindle work better together, but Amazon will retain the Comixology branding and continue to support existing apps.

And HobbitfromPA sent in the Ars Technica story about the Solar Impulse 2. Its a solar-powered plane with the wingspan of a 747 and a weight of 2300 kilograms, about that of an average automobile. It cruises at a maximum speed of 140 kilometers an hour and slows down at night when it runs off batteries. Team head Bertrand Piccard and engineer André Borschberg will start test flights in the next few weeks with the goal of a flight around the world next March.

Discussion Section Links: Thoughts from Greenville

Monday’s guest: Andrew Zarian

DTNS 2210 – News From You The Third

Tom’s on assignment today, so he called his most trusted fill-in host – YOU!  We’ve got listener thoughts on the Amazon Fire, Facebook and Oculus, the Adobe Creative Cloud, and a genuine Molly Wood Heartbleed rant. Plus Jon Strickland has some thoughts about the (much) bigger picture.

Logo by Mustafa Anabtawi thepolarcat.comNews From You The Third

MP3

Video version with still photo and audio.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke and scottierowland on the subreddit

Show Notes

Headlines:

BlackBerry CEO John Chen told Reuters, “If I cannot make money on handsets, I will not be in the handset business,” which lead headline writers to declare BlackBerry would dump handsets. So Chen wrote a blog post Thursday that said “I want to assure you that I have no intention of selling off or abandoning this business any time soon,” referring to the devices business. So what gives? Pretty easy if you think about it. Chen said he won’t stop making devices soon but if he can’t make money off it eventually he’ll get out of the business. Stop SAYING REASONABLE THINGS JOHN CHEN, IT CONFUSES US!

Does hearing more about the Heartbleed vulnerability make your brain bleed? Lastpass to the rescue! The passwords storage and checker won points for fixing the vulnerability on their own site quickly and for the solid practice of encrypting traffic on another level. Now Lastpass users have a handy tool to help them decide if and when to change passwords due to heartbleed. The security checkler function in lastpass wills can all stored passwords and highlight any servers that have not patched OpenSSL 1.01 PLUS whether they’ve updated their security certificate. It’s all summarized in an action entry that either says wait, or Go update.

TechCrunch reports Google’s Advanced Technology and Projects (ATAP) group has released a Module Developers Kit (MDK) for Project Ara, its forthcoming modular smartphone. That means hardware developers can start working on modules that would fit into the Google-made endoskeleton. Without independent companies making lots of modules, Project Ara won’t be very interesting, so go et ‘em developers.

TechCrunch also reports Facebook is taking the messaging capability out of the standard Facebook app. That means you’ll need to download the Facebook Messenger app if you want to chat with friends on the service on your mobile device. People who already downlaoded the Messenger app might not notice since the messenger tab automatically detects the messenger app and links to it if it’s there. Facebook will roll the change out slowly, starting in Europe and notify users several times before the messaging tabs actually disappears. The change doesn’t affect users of Facebook’s Paper app.

Remember Comcast submitted their 180-page filing on why a merger with Time Warner Cable would be good? Among the many reasons Comcast pointed out they don’t compete with TWC because they have no overlapping markets. CNET reports, Senator Al Franken found that interesting. During a US Senate Judiciary Committee hearing on the merger, Senator Franken pointed out Comcast cited competition with Time Warner Cable as a reason to approve Comcast’s acquisition of NBC Universal in 2010. The hearing does not have any direct influence over approval of the merger.

The Dropbox-owned mailbox app is now available for Android. Engadget reports it even has some features not found int he iOS version., including a new auto-swipe feature that teaches the app which emails you archive and defer until later and acts appropriately when it sees them. The company also showed off a preview of mailbox for the desktop.

Dropbox also made the news with the addition of Dr. Condoleeza Rice to its board of Directors. PC Magazine reports that Dropbox CEO Drew Houston made the announcement along with the news that Sujay Jaswa and Dennis Woodside have been named CFO and COO, respectively. Rice has been Provost of Stanford University, served on the board of several companies like HP and Charles Schwab, and is likely best known for serving as US Secretary of State under President George W. Bush. Rice was also National Security Advisor from 2002 until 2005. That is an advisory White House position with no authority over any departent.

News From You!

Toby Pinder on Heartbleed and the long tail of the internet

KTLA’s Rich DeMuro on Dropbox updates

Justin Crowell on the Adobe Creative Cloud

Dave from Allen, TX on Amazon Fire

David Brodbeck on media portability across devices

Rich from Lovely Cleveland on chips!

Richard Ya on Facebook and Oculus

Molly Wood has a Heartbleed rant (and also an article in the New York Times about it!)

Daemon on airlines using Twitter for customer service

Guillaume on Chromium OS

Patrick Beja on Windows 8.1

Kencade Babb on universal search

And Jon Strickland of Thinking, co-host of TechStuff, and HowStuffWorks writer leaves us with some thoughts on the bigger picture.

Picks of the Day:

Vudu recommended by Tony Vahl

Gooseberry project by metalfreak

Run Zombies Run! by Sean Palladino

 

 

DTNS 2209 – Free to be 3D

Logo by Mustafa Anabtawi thepolarcat.comJason Hiner is on the show today, we’ll chat a bit about Heartbleed, Windows XP and dig into whether 3D printing belongs in the home or the factory.

MP3

Multiple versions (ogg, video etc.) from Archive.org.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke and scottierowland on the subreddit

Show Notes

Today’s guest:  Jason Hiner, editor-in-chief of Tech Republic

Headlines

As we discussed yesterday, the Heartbleed vulnerability affects around 18% of SSL 1.01 servers that implemented TLS-Heartbeat. SysAdmins have been scrambling to patch their systems and issue new security certificates. The simple advice is to wait for confirmation of a fix from vulnerable websites before logging in. If you don’t want to wait, GRC’s Steve Gibson recommends using ssllabs.com to check if a site’s server has had their SSL version upgraded to 1.01g and the security certificate was reissued AFTER the update. Matthew Green has an excellent discussion at cryptographicengineering.com of the code error itself, if you’re interested in how the bug happened in the first place.

Reuters reports that 70% of the market in China still uses Windows XP, which received it’s last security patch yesterday. Microsoft has partnered with Lenovo and Tencent to provide continuing support. Tencent will provide permanent XP support free of charge with two 24-hour hotlines. tm204 posted a Netcraft survey to our subreddit showing 6,000 websites still running on Windopws XP including 14 hosted by US governments. If that sounds bad, it’s nothing compared to the 500,000 or so websites hosted on Windows 2000 which stopped being supported in July 2010. There are even 50,000 sites running Windows NT4 which ended support December 31, 2004.

The Verge passed along Amazon’s claim to have tripled its streams over the past year, making its instant video site the third largest behind Netflix and YouTube, passing up Hulu, according to numbers from video-delivery firm Qwilt.

The Economic Times reports Facebook now has more than 100 million active users in India, the second country in which the social network has reached that milestone. The first was its home country of the US. 84 million of that 100 access the site from their mobile devices. Brazil, Indonesia and Mexico round out the top 5 countries for Facebook, in that order.

News From You: 

Google would like all you XP users out there to have a new PC. MikePKennedy posted the Android Central story about Google taking $100 off Chromebooks when purchased through the Chromebooks for Business program. If you’re really attached to Windows apps, Google is offering $200 off Chromebooks for Business with VMWare’s DaaS virtualization suite, and 25% off Citrix XenApp Platinum Edition.

tekkyn00b posted a different Android Central story. This one is about Comcast considering their own mobile phone service, using WiFi as the main delivery, with cellular data leased as a backup. Sound familiar? Google was rumored to be meeting with Verizon about the same sort of plan. The Information reported the story originally with sources saying Comcast would like to create a nationwide network, though implementation is still far off.

habichuelcondulce submitted the Reuters report that Intel will shut its assembly and test operation in Costa Rica, eliminating 1,500 jobs. Intel spokesman Chuck Malloy said Intel will move assembly and testing from its site in Heredia, Costa Rica to existing sites in China, Malaysia and Vietnam, over the next 6 months. Intel’s R&D efforts will continue in Costa Rica, employing some 1,000 people. Intel announced in January it would reduce its worldwide workforce by 107,000 this year.

Draconos passed along the Verge report about Sesame Street launching its own streaming video service. Sesame Go is browser-based but US-only and works on Mac, Windows and mobile devices. For $4 a month or $30 a year, you can watch hundreds of Sesame Street episodes as well as the animated series Pinky Dinky Doo.

tm204 posted the ScienceDaily report about a study published in Materials Today describing computer logic units built using slime molds. The work by Andrew Adamatzky of the University of West England, and Theresa Schubert of Bauhaus University, exploited the interconnected tubes of slime molds to process information. To make the tubes work the way they wanted to, they fed tubes oat flakes where they wanted to grow them and salted areas where they didn’t want tubes. Using dyes with magnetic nanoparticles and tiny fluorescent beads, allowed them to use the slime mold network as a biological “lab-on-a-chip” device. “The slime mold based gates are non-electronic, simple and inexpensive,” according tot he study.

Discussion Section Links: 3-D Printing’s Missing Link

http://www.techrepublic.com/article/the-missing-link-in-3d-printing-user-friendly-software/

https://www.kickstarter.com/projects/m3d/the-micro-the-first-truly-consumer-3d-printer 

Pick of the Day:  SSL Labs

Thursday’s guest: YOU!

DTNS 2208 – The Bleedin’ Internet’s Broken

Logo by Mustafa Anabtawi thepolarcat.comMichael Wolf is on the show helping me deal with the post Heartbleed vulnerability trauma we all are feeling today. Plus he’s got some good news for folks in the wearables industry. As a bonus Steve Gibson helps us understand what we should do about Heartbleed.

MP3

Multiple versions (ogg, video etc.) from Archive.org.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke and scottierowland on the subreddit

Show Notes

The entire Internet has been reporting on the Heartbleed vulnerability in SSL/TLS today. Heartbleed is a bug in the OpenSSL cryptographic library version 1.01 that as been in
wild since 14 March 2012. The bug would allow an attacker to recover up to 64 kilobytes of memory from the server or client computer, repeatedly. OpenSSL has issued a patch which is OpenSSL 1.01g. The nasty part of the bug is it could not only allow an attacker to get things like passwords in memory if they’re lucky, but also recover primary and secondary SSL keys, which means the bad guys could impersonate the good guys and you’d never be able to tell. Many sites do not use OpenSSL and are unaffected. Apple, Google and Microsoft appear to be unaffected, along with the major e-banking services. Before you log into a sensitive service check filippo.io/Heartbleed/ to see if the site has updated to SSL 1.01g, although beware some false negatives have been reported. But if it says it’s updated it is. Then you should also check to make sure any previously vulnerable site has updated its ssl certificate which you can do at https://sslcheck.globalsign.com/ or do several of these tests at https://www.ssllabs.com/

The Verge reports Twitter profile pages are showing up with a fundamental redesign. The Twitter blog announced the change Tuesday morning saying the changes will be rolled out to select users first then globally over the next few weeks. Main changes include user and friend photos in a tile layout on the lower left, size adjustment to posts based on how popular they are and the ability to pin a tweet to the top of the page.

If you plunked down for a 4K TV, you finally have something to watch. CNET reports Netflix confirmed it has begun streaming 4K versions of its original series House of Cards as well as a few nature documentaries. Not working on your 4K TV? That’s because it has to be a TV with the built-in H.265/HEVC codec, which is pretty much on TVs shipping now. Sorry. Oh unless you have the Samsung UNF9000 which is upgradable.

XP says goodbye, and 8.1 update says hello. OK XP users, this is it. The final four security updates for Windows XP and Office 2003 for Windows XP were released today. Download. Install. Enjoy. You’re on your own now. Godspeed. On the other end of the scale, Windows 8.1 Update aka 8.1 (1) or the new 8.1 or whatever arrived today.

Recode reports Comcast made their 180-page case for why the government should allow them to merge with Time Warner Cable and grab 30% of the US cable market. There’s a lot in those pages about video competition, citing Apple, Microsoft, even Facebook as big competitors to little ol’ Comcast. They don’t point out so clearly that those services all have to run over pipes which would become dominated by Comcast. They also didn’t mention they beat Monsanto in the Consumerist’s Worst Company in America poll. This is only the beginning of the review. Tomorrow, a Senate panel will examine the deal. Justice Department officials are starting to evaluate any competitive threats and the FCC plans to focus on whether it’s in the public interest.

Like Microsoft Office on your iPAd? Thank Steve Ballmer. During a Reddit Ask Me Anything session, the Office for iPad and Mac team revealed “the decision to ship Office for iPad was made before Satya Nadella became CEO.

I bet Stephen Elop is relieved. China’s regulators have approved the acquisition of Nokia’s handset division by Microsoft, taking away the last significant hurdle to the deal being completed. With US and EU approval already complete, Nokia feels confident the deal can still close in April.

Draconos posted the story from Gizmodo about scientists at the University of Louisville’s Kentucky Spinal Cord Injury Research Center, fitting four wheel-chair-bound men with an array of electrodes in the lumbosacral region of the spinal cord. The implant restores what in healthy people would be the resting potential of the spinal cord, the baseline electrical activity that keeps the cord alert. All four patients can move their legs and toes, and some can even lift up to 100 kilograms with their legs. The research is published in Brain.

metalfreak pointed out the PC World story that the European Court of Justice ruled Tuesday that laws requiring communications providers to retain metadata are invalid because they seriously interfere with fundamental privacy rights. The current EU Data Retention Directive requires telecommunications and Internet providers to retain traffic and location data as well as related data necessary to identify the subscriber or user. The court acknowledge the value of the data in fighting crime but identified several ways in which the law exceeded the limits of proportionality. IN toher words it went farther than it needed to. The CJEU’s ruling is binding for national courts who have to dispose of cases in accordance with the Court’s decision.

And tsukiri posted the NBC News story about the US Navy planning sea trials for an electromagnetic railgun that can fire a low-cost, 10-kg projectile at seven times the speed of sound. Yeah rail guns. Like in your video game, except real. In related news the Navy says it’s making final adjustments on a new prototype of a Laser Weapons System — dubbed LaWS — that will be deployed into the real world in late summer. So yeah. Electromagnetic railguns and lasers. At sea.

 Discussion Links: Heartbleed Heartburn

http://heartbleed.com/

http://www.kb.cert.org/vuls/id/720951

https://www.grc.com/sn/sn-450-notes.pdf

http://arstechnica.com/security/2014/04/critical-crypto-bug-in-openssl-opens-two-thirds-of-the-web-to-eavesdropping/

http://krebsonsecurity.com/2014/04/heartbleed-bug-exposes-passwords-web-site-encryption-keys/

http://www.zdnet.com/heartbleed-serious-openssl-zero-day-vulnerability-revealed-7000028166/

https://www.openssl.org/news/secadv_20140407.txt

http://www.theverge.com/2014/4/8/5594266/how-heartbleed-broke-the-internet

http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/

http://news.netcraft.com/archives/2014/04/08/half-a-million-widely-trusted-websites-vulnerable-to-heartbleed-bug.html
http://ssllabs.com/

Wearables: 

http://www.forbes.com/sites/michaelwolf/2014/04/03/heres-whats-wrong-with-the-guardian-article-on-wearables/

http://www.theguardian.com/technology/2014/apr/01/wearables-consumers-abandoning-devices-galaxy-gear

Pick of the Day: Lastpass.com

Because of this blog post. 

Tomorrow’s Guest: Special 9am DTNS with Jason Hiner, editor in chief of Tech Republic