Show 324 – March 02, 2020
Run Sheet ~ Zarn & Michael
Aussie Tech Radio
Our Aussie Apple Ramblings
vale Larry Tesler re early Apple and Xerox PARC
Born in 1945 in New York, Tesler went on to study computer science at Stanford University, and after graduation he dabbled in artificial intelligence research (long before it became a deeply concerning tool) and became involved in the anti-war and anti-corporate monopoly movements, with companies like IBM as one of his deserving targets. In 1973 Tesler took a job at the Xerox Palo Alto Research Centre (PARC) where he worked until 1980. Xerox PARC is famously known for developing the mouse-driven graphical user interface we now all take for granted, and during his time at the lab Tesler worked with Tim Mott to create a word processor called Gypsy that is best known for coining the terms “cut,” “copy,” and “paste” when it comes to commands for removing, duplicating, or repositioning chunks of text.
Xerox PARC is also well known for not capitalising on the groundbreaking research it did in terms of personal computing, so in 1980 Tesler transitioned to Apple Computer where he worked until 1997. Over the years he held countless positions at the company including Vice President of AppleNet (Apple’s in-house local area networking system that was eventually cancelled), and even served as Apple’s Chief Scientist, a position that at one time was held by Steve Wozniak, before eventually leaving the company.
In addition to his contributions to some of Apple’s most famous hardware, Tesler was also known for his efforts to make software and user interfaces more accessible. In addition to the now ubiquitous “cut,” “copy,” and “paste” terminologies, Tesler was also an advocate for an approach to UI design known as modeless computing, which is reflected in his personal website. In essence, it ensures that user actions remain consistent throughout an operating system’s various functions and apps. When they’ve opened a word processor, for instance, users now just automatically assume that hitting any of the alphanumeric keys on their keyboard will result in that character showing up on-screen at the cursor’s insertion point. But there was a time when word processors could be switched between multiple modes where typing on the keyboard would either add characters to a document or alternately allow functional commands to be entered.
TELSTRA issue re 000 and esim
From Telstra ~ Hi. We have identified that your phone is using an eSIM profile. We are aware of a software issue where if you delete the eSIM profile associated with this device and do not insert a physical SIM card, then you may be unable to make calls to emergency services (000) in 4G only areas. If you want to deactivate your eSIM profile, please ensure you put an alternative SIM card from any provider in the device and make a phone call to any number to activate it. We are working with the device manufacturer as a priority to upgrade the software and fix the issue.
So the important bit of the text ~ If you want to deactivate your eSIM profile, please ensure you put an alternative SIM card from any provider in the device and make a phone call to any number to activate it.
Telstra Cans Its 100Mbps FTTN NBN Plans
When the nation’s biggest telco says it won’t offer 100Mbps Fibre to the Node (FTTN) plans any more, doesn’t that say something profound about the quality of the National Broadband Network? That’s precisely what Telstra has done, which is bad news if you’re in an area with FTTN connectivity. Which is, let us remind you, most of the country.
As reported by Commsday, Telstra’s ditching its 100Mbps plans for consumers on the most common type of fixed line NBN connection, Fibre to the Node. The move also affects customers on Fibre to the Curb (FTTC) and Fibre to the Building (FTTB) connections, but it’s the in the FTTN space that the impact will be most felt, because that’s the vast majority of actual NBN connections across Australia.
FTTC and FTTB could be more capable of reaching those higher speeds, because they use connections that only require copper from the kerb or building respectively, where full FTTN uses copper all the way to your local neighbourhood node, which could be hundreds of metres away.
A Telstra spokesperson told Gizmodo Australia that it was temporarily ceasing sales of NBN 100 plans to FTTN customers.
“We have made a decision to only offer Premium speed (NBN100) on FTTP and HFC for the time being.”
Telstra isn’t mincing words about why it’s making this move, either.
“The reason for this is because a number of our customers on FTTN/B/C do not have connections that are capable of achieving 100Mbps. It is often the case that customers that sign up to these plans will be subsequently notified that they cannot achieve top speed and end up downgrading to a lower plan or leaving.”
The move leaves 100Mbps as the exclusive province of FTTP and Hybrid Fibre Coaxial (HFC) NBN customers. HFC NBN uses the older Telstra cable system laid down in the 1990s, employing a mix of coaxial cable from your home or office to a local fibre node.
NBN Co did also purchase the HFC cable assets of Optus, but junked most of it once it became apparent how bad the condition of Optus’ HFC network was.
Telstra’s spin is that it’s doing to ensure customer satisfaction levels remain high.
“We want to ensure these customers have the best possible experience when connected to our plans and hope to have some news soon.”
Reminder this week we are bought to you by
Aussie Tech Radio
EFTM – The Podcast
Two Blokes Talking Tech
Aussie Mac Zone
Aussie Tech Heads
TechWebcast – not been up for nearly two years but he reckons he coming back
Crossy road castle
It’s the game we have all been waiting for!
It’s 8 bit pandemonium with crazy levels and huge boss fights. fantastic colours that all brings back the awesome feel of 80’s gaming.
I love this game and think everyone should play it.
4 out of 5 apple.
So just a reminder with Apple TV+ you get access to Car Pool Karaoke
My wife and I have been watching a few episodes and enjoying them and learning things.
Did you know that the female lead in the TV series Bones is the sister of the female lead in New Girl
Emily & Zooey Deschanel
Reminder this week we are bought to you by
Australian housing provider launches HomeKit smart homes to enhance disability accommodation
9to5Mac reports ~ An Australian housing provider, Casa Capace, debuted two HomeKit-equipped homes this week as part of an innovative disability accommodation pilot. For most of us, smart home accessories are just a simple convenience but for the highly-dependent and disabled, smart home technology can be transformative.
Residents can use the Home app or Siri on the HomePod to open doors, raise and lower blinds, adjust the thermostat and more. The pilot program will house six residents across the two newly-built smart homes. If successful, it is likely that more homes in the same manner will be built.
The smart home elements are built on the KNX automation system, which can interface with HomeKit using a bridge. Right now, HomeKit is being used to control lights, blinds and curtains, air conditioning, unlock doors, control the TV and sound systems in the homes.
As shown in the video, even the workspaces are connected to HomeKit so occupants can use Siri to raise and lower the centre island bench as appropriate.
Just like a consumer installation, HomeKit can be exposed through the Home app on resident’s iPhone, iPad, Mac, and Apple Watch devices. The homes also feature HomePods for comprehensive voice control. As HomeKit adds support for more types of accessories, Casa Capace will be able to easily integrate them into the HomeKit app through the KNX bridge.
The company expects to build 16 new smart homes this year, with potential to build more than 1500 in the years to come as investors come onboard across Australia.
Cyber attack forces cancellation of wool sales across Australia
abc Australia reported Thursday ~ Wool sales across Australia have been cancelled for the rest of the week after the IT system underpinning auctions and exports was hit by a cyber attack.
1/ The system used widely in Australia and New Zealand has fallen victim to a ransomware attack that encrypted the trading database
2/ Buyers say if the system can be restored over the weekend, it will have minimal impact on the market
3/ Some in the industry believe the cyber attack highlights the vulnerability of relying too much on IT systems
Talman Software, which is used by more than 75 per cent of the wool industry across Australia and New Zealand, fell victim to ransomware, forcing the buying and trading system offline.
The company’s research and development manager, Pramod Pandey, said wool brokers’ data had not been compromised.
“The attacker has encrypted all the files,” he said.
“We did a regular check and the databases were locked and eventually that means the software becomes inoperable.”
On a weekly basis the nation’s wool exports turn over between $60 million and $80 million.
Mark Grave, chief executive of the Australian Wool Exchange (AWEX), said he could not remember a similar incident impacting the industry.
“Not in my memory, and not in a situation such as this,” he said.
“We’re working closely with Talman, who are the largest system provider to the industry, to restore sales to an operating level.
“We first found out on Tuesday morning, and since then there have been regular and progressive meetings to figure out what’s next.”
He said cancelled sales could be reallocated where necessary next week.
“Obviously there are implications for growers, brokers and traders who want to use the data and move orders and progress shipments that are underway.”
Sydney-based wool buyer Scott Carmody said if the system could be restored over the weekend, it would have minimal impact on the market.
“The main impact is cashflow, especially for woolgrowers; they will be unable to get paid for the wool they intended to sell this week,” he said.
“It means next week’s sale will be twice as big, and the extra wool quantities on offer may flatten out any prospect of an increase in price off the back of the low Aussie dollar.
“However, most exporters still have orders to fill and overall there is not a lot of wool in the pipeline.”
Mr Carmody said the cyber attack showed the vulnerability in the selling system.
“If individual businesses are relying on one form of backed-up data — in the modern day, that’s calling for trouble.
“Whether there needs to be significant changes going forward, I think it’s a must.”
Leaked Document Shows Australian Police Use Creepy Clearview AI Facial Recognition Software
Australian police forces have previously denied using controversial facial recognition software, Clearview AI, but a new Buzzfeed report suggests employees within the organisations have undertaken thousands of searches using the software.
According to internal Clearview AI data obtained by Buzzfeed News, four Australian police forces are alleged to have searched the Clearview AI database. The Australian Federal Police (AFP) as well as state police forces from Queensland, Victoria and South Australia have reportedly run more than 1,000 searches.
Concerns regarding Clearview AI’s technology first reared after a New York Times report revealed how far-reaching the software had become. With a database of three billion images scraped from social media sites such as Facebook, YouTube and Venmo, Clearview is able to match a single image to the identity of those it holds.
The man behind it is an Australian app developer, Hoan Ton-That, who’s also responsible for HappyAppy and ViddyHo, apps containing phishing features. After investments from wealthy politicians and business people in the U.S., including a PayPal co-founder, Ton-That began work on creating Clearview AI.
Clearview is not available to the general public but it offers free trials to law enforcement officers who can sign up using their official government email addresses.
Gizmodo Australia has contacted the AFP, Queensland, Victorian and South Australian police forces to confirm how many times it was used and under what circumstances.
South Australia Police denied the use of Clearview AI in their facial recognition department. Gizmodo Australia is seeking clarity if the software could be used by individual officers. “Our information is that the location within SAPOL which is responsible for facial recognition searching has confirmed that they do not use Clearview AI,” a spokesperson for South Australia Police said in an email to Gizmodo Australia.
Gizmodo Australia asked the AFP if it could confirm whether any AFP email addresses had been used to sign up for Clearview access and whether they’d conducted any searches. It said it did not have that information but had requested it from Clearview.
“The AFP requested the names associated with the accounts registered using AFP email addresses, but these have not been provided. Without this information, the AFP is not in a position to provide further information or comment,” an AFP spokesperson said to Gizmodo Australia in an email.
Optus Claims World’s First With Dual Band 5G Network
Optus’ 5G network now operates on both the 2300Mhz and 3500Mhz bands in Sydney, with Melbourne to follow soon as the battle for Australian 5G supremacy really starts to heat up.
Optus has announced that it’s rolled out a dual-band 5G network in Sydney, using its spectrum holdings in the 2300Mhz and 3500Mhz bands and testing with a Samsung Galaxy S20 5G handset.
The use of dual bands is one way that telcos can address the capacity requirements and coverage limitations of current 5G technology, as long of course as you’re using a 5G device that supports connectivity across both bands.
“As we push ahead with the roll out of our 5G network we are also continuing to test and implement new ways of enhancing our 5G network. Initial findings from our dual band testing have shown that the use of these two spectrum bands delivered increased 5G capacity and coverage which if deployed will ultimately benefit our customers” said Kent Wu, Optus Head of Network Access Planning and Quality in a statement.
Optus’ initial rollout for dual band 5G is in Sydney, but it said it plans to extend the rollout to Melbourne “in the coming weeks”.
Optus’ underlying network partner in the rollout is Ericsson, who are also involved in Telstra’s 5G rollout plans. Rival Vodafone (soon to be TPG merged/owned) is using 5G equipment provided by Nokia Networks, while Huawei remains banned from providing 5G network equipment to Australian telcos.
You can’t have helped but notice that Australia’s big three telcos are really jostling for attention when it comes to building out and hyping up their 5G networks. Vodafone recently announced that its 5G network will be operational within a matter of weeks, while Telstra this week talked up its early tests of mmWave 5G, as well as its plans to split pricing for different modes of 5G operation.
Android malware can steal Google Authenticator 2 Factor Authenticaion codes
Security researchers say that an Android malware strain can now extract and steal one-time passcodes (OTP) generated through Google Authenticator, a mobile app that’s used as a two-factor authentication (2FA) layer for many online accounts.
Google launched the Authenticator mobile app in 2010. The app works by generating six to eight-digits-long unique codes that users must enter in login forms while trying to access online accounts.
Google launched Authenticator as an alternative to SMS-based one-time passcodes. Because Google Authenticator codes are generated on a user’s smartphone and never travel through insecure mobile networks, online accounts who use Authenticator codes as 2FA layers are considered more secure than those protected by SMS-based codes.
CERBERUS GETS AUTHENTICATOR OTP-STEALING CAPABILITIES
In a report published this week, security researchers from Dutch mobile security firm ThreatFabric say they’ve spotted an Authenticator OTP-stealing capability in recent samples of Cerberus, a relatively new Android banking trojan that launched in June 2019.
“Abusing the Accessibility privileges, the Trojan can now also steal 2FA codes from Google Authenticator application,” the ThreatFabric team said.
“When the [Authenticator] app is running, the Trojan can get the content of the interface and can send it to the [command-and-control] server,” they added.
ThreatFabric said this new feature is not yet live in the Cerberus version advertised and sold on hacking forums.
“We believe that this variant of Cerberus is still in the test phase but might be released soon,” researchers said.
FEATURE DEVELOPED FOR BYPASSING 2FA ON BANKING ACCOUNTS
All in all, the ThreadFabric team points out that current versions of the Cerberus banking trojan are very advanced. They say Cerberus now includes the same breadth of features usually found in remote access trojans (RATs), a superior class of malware.
These RAT features allow Cerberus operators to remotely connect to an infected device, use the owner’s banking credentials to access an online banking account, and then use the Authenticator OTP-stealing feature to bypass 2FA protections on the account — if present.
ThreatFabric researchers believe the Cerberus trojan will most likely use this feature to bypass Authenticator-based 2FA protections on online banking accounts, however, there’s nothing stopping hackers from bypassing Authenticator-based 2FA on other types of accounts. This includes email inboxes, coding repositories, social media accounts, intranets, and others.
Historically, very few hacker groups and even fewer malware strains [1, 2] have ever had the ability to bypass multi-factor (MFA) authentication solutions.
If this feature will work as intended and will ship with Cerberus, this will put the banking trojan in an elite category of malware strains.
Show notes link each week on show upload, the link being
there you will see the last 6 weeks shows notes
Email us at Michael or Zarn @ aussiemaczone.com.au
Spotify – just search Aussie Mac Zone
Apple News ~ Aussie Mac Zone
(remind ~ how to Favourite)
Thanks to our sponsors, this week being
AussieTechRadio . Com
& our supporters you our listeners!