Artwork

コンテンツは Craig Peterson によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Craig Peterson またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal
Player FM -ポッドキャストアプリ
Player FMアプリでオフラインにしPlayer FMう!

Do You Know How to Identify a Fake Web Page? - Whole Show

1:21:44
 
シェア
 

Manage episode 302238002 series 1107025
コンテンツは Craig Peterson によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Craig Peterson またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Do You Know How to Identify a Fake Web Page? The FBI's reporting that more than 70% of all business hacks are because of our employees. They're clicking on emails, they're going to websites, what can we do? How do we know if a website is legitimate or not?

[Automated transcript]

[00:00:19] There's a great little article that McAfee published now, McAfee is a company that's been in the cybersecurity business for quite a while.

[00:00:28] I do not use their products. I use some competing products. I have not been impressed with their products.

[00:00:35] Let me tell you this particular web post that they put up is fantastic and you'll see it in my newsletter this week. Make sure you get that.

[00:00:45] Have you ever come across a website that didn't look quite right if you haven't, you haven't been on the internet very much because whether you're an individual at home or you are in a business environment, we are likely going to end up on websites that are not legitimate. Sometimes we'll see these things, that company logo might be wrong. There's not enough information on the page. You've been there before and this looks down page. The odds are that you were on a hack site, a site that's trying to get you to do something most of the time when you end up on these sites, they're trying to get you to put in your username and password.

[00:01:31] Already that the bad guys have stolen your username and password from so many websites out there. So why would they try and do it this way? It's because if they're pretending to be your bank and you try and log in, They know this as your bank account, and many times they immediately try and get into your bank account or your phone account, whatever it might be.

[00:01:56] This is a very long-standing tactic that's relied on by hackers everywhere. Usually it's a knockoff of a real page. They'll take it and they will recreate it. Then it's easy to do if you're in a web browser right now, when you go to your bank's website. You can just go to file, save as, and go ahead and save the entire webpage and you'll get everything.

[00:02:23] You'll get all of the links that are on there. All of the graphics that are there, it'll pull it in for you all automatically. And that's all they do. That's what they use. Just a copy. How do they get in front of you in the first place? Typically the hackers will go ahead and send a phishing email.

[00:02:43] They'll make the email sound legitimate. They'll make it look legitimate. They'll often even use a URL that looks a lot like it. B the real banks email. I've seen it before where the URL is bank of america.safe site.com. That sort of a thing. I'm not blaming safe site. They could be a great company.

[00:03:04] I don't know. I just made it up as we're going, but that type of a URL where it's not really bank of america.com or it's a misspelling of bank of America, that's the sort of thing that gets to be pretty darn common and. Clicking on that link and then submitting your information. It hasn't been leading to credit card fraud, data extraction, wire transfers, identity theft, and a whole lot more.

[00:03:34] Now with the COVID relief, that's been out there. All of these things from filing for unemployment claims through filing for PPP protection as a business, the whole. Industry has changed. I'm talking about the hacker industry here, because there are so many people who are falling for these scams and ransomware as well has gone up over 300%.

[00:04:08] It's just absolutely amazing. Now, if you go online and you duck, duck, go. Fake login pages. And for those of you who don't know what I mean by that duck go is the search engine I've been recommending lately. It is a search engine that doesn't take politics into play like Google does. And it also does not track you.

[00:04:31] And what you're looking at it is ad based. It gets its revenue from advertisement, but it's not selling your information just on the basic search. That you're doing. I think it's a very good alternative, but if you go ahead and your search for fake login pages, you're going to find thousands of guides on how to create websites.

[00:04:53] And these bad guys can create these websites in absolutely no time at all. It just a minute or two in order to make one of them. Now it can be difficult nowadays to figure out if it's a fake site, because the, again, the hackers are constantly updating their techniques to be more sophisticated. So it's made it more difficult for consumers to really recognize when something's fraudulent.

[00:05:22] Now I want to get it into a psychological term. In attentional, blindness. You've probably heard of this. I remember this from, I think it was college days for me, so a very long time ago, but there's a study that was done on inattentional blindness called the invisible gorilla test. If you go right now online and just search for invisible gorilla test, you'll see a bunch of these coming.

[00:05:52] No, there's even a book called that the invisible gorilla test that came out about 11 years ago, 12 years ago, I think. But here's the bottom line on this? They tell you to do something in this study. What they did here is there's a video. People there's six people, three of them are dressed with white shirts and three of them have black shirts and they're passing basketballs back and forth.

[00:06:20] The white shirts are only passing to the white shirts and the black shirts under the black shirts. And what they ask you to do is count the number of times the team in white past. Now, you're sitting there watching, knowing they're going to try and fool you, you're paying a whole lot of attention to it.

[00:06:40] And then at the end, they ask you a question that may be not expecting the video. I just watched on this, that was called the monkey business. Illusion is the name of this. I counted and I counted carefully and I came up with 16 passes. So the monkey business, illusion, 16 times the people in the white shirts passed the basketball back and forth.

[00:07:06] So I got that. But then they said did you notice the person in the gorilla costs? Who walked through the game. He didn't just walk through the game, walked in, beat on this chest and then walked out of the game. If you didn't know about this and okay. In chorus, all honesty, I always try and put everything upfront here.

[00:07:29] I knew about it beforehand. I remember from college days. But eight, most people actually about 50% of people who did not know, there is a gorilla in the middle of this. Would not have noticed the gorilla walking through the game, but this monkey business illusion video, there's something else too.

[00:07:52] And I've got to admit, I did not notice that. And that is the curtain color change. From red to gold, this curtain that was in the background of all of these players. And I didn't notice one other thing. I'm not going to tell you what that is. You'll have to watch the video of yourself too, to figure that out again, just go online and search for the monkey business illusion.

[00:08:19] And I think you'll find it. So the reason I brought this up is because if you come across a well forged login page and you're not actively looking for signs of fraud, you're fairly likely to miss a cybercriminals gorilla. You're likely to miss that the logo's not quite right, or the placement isn't the same as I'm used to.

[00:08:45] Because you're focused in, on doing what you're supposed to be doing. It's the whole concept as well of have tunnel vision. And I'm sure you're aware of that. We've all had that before, where we're really focused on this one little thing and we don't notice everything else going on. It particularly happens in high stress times.

[00:09:08] So how do you steer clear of the fake login pages? We're going to talk about that when we get. But it's absolutely crucial for everyone, even if you've had phishing training and you are trying to be cautious, you could fall for this invisible gorilla and enter in your personal details, not something that you really want.

[00:09:36] Hopefully you guys got my newsletter last weekend. I got a lot of comments on it. People are saving. In fact, that's the first thing I said in this email last week is don't lose this because it went through point by point on about 10 different things that you should be doing too. Yourself and your business safe during the holidays.

[00:10:03] Now, of course we had labor day coming up. We're going to have more holidays, right? There's always more holidays in the future and less it's after the first of the year, then you got to wait a long time. Make sure you get it, make sure you dig it out. If he didn't notice it just search for me@craigpeterson.com.

[00:10:23] That's where the email comes from and have a look at that. I have links on how to do all of those things. It's very important. FBI warning out just last week.

[00:10:33] I just told you about one of the biggest problems we are facing right now, when it comes to hackers and then has to do with fishing and going to fake login pages. Now I'm going to tell you exactly what to do.

[00:10:47] How do you steer clear of these fake log-in pages and how do you protect yourself in case you accidentally do provide the bad guys with the information that you shouldn't have?

[00:11:01] If they've got your email address or your login name and they have your password, it's pretty easy for them to log in. In most cases right into your bank account. So first of all, don't fall for phishing, but as we just described because of this whole inattentional blindness that we have, it's easy enough to fall, pray for this.

[00:11:28] Beat yourself up too bad if you followed, if you fell for some of that stuff, but there is a great little website the Google has that you might want to check out. And that website gives you a real quick quiz, is the best way to. And it shows you some emails and you get to determine whether or not you think it's fishing and then it tells you what the reality of it is.

[00:11:59] So go to fishing quiz. Dot with google.com. If you miss that, you can always email me M e@craigpeterson.com and I'll send it off to, but phishing quiz dot with google.com. And of course, phishing is spelled P H I S H I N G fishing. Dot with google.com. So you can go there and right there on the screen, it says, take the quiz.

[00:12:30] You can hit it and make up a name and an email address. So it doesn't have to be your real name or your real email address. Okay. It's not going to send you anything. It's not going to sign you up for stuff. It just wants to use it in. Phishing email examples. That's going to give you, so I put in a fake name and a fake email address and it is showing me an email.

[00:13:00] So to me, from a Luke, John. And it says Luke Johnson shared a link to the following document, Tony 21 budget department dot doc. So if I click on that, I have now told them, Hey, I'm open to all that sort of stuff. It's so anyways, it's got the link and it's got the opening docs and you now up above say, is this phishing or is it.

[00:13:27] Legitimate. Okay. So if we say fishing that says, correct, this is a phishing email. You might have spotted the look alike, you are out. And that is indeed exactly what it is cause it it wasn't legitimate. And remember when you mouse over a link, you can see down at the bottom. The URL that is going to open up for you.

[00:13:51] So you can just go through this at your own speed at your own pace and figure it out again. If you didn't get that, you can always email me M E ed Craig peterson.com. And I'll be glad to get back to you. So that's a good way to learn about fishing. I want to con really warn, I should say businesses. If you are sending out phishing emails to your employees to see if they are opening fake phishing emails or not.

[00:14:23] That's an okay. Practice. The problems really come in with the companies that are sending out phishing emails and are then following up in such a way that employee is punished in some places they are being punished by if you've opened three fake emails over the last year or whatever it might be.

[00:14:47] But over the last year, you're. It's that bad. So we have to be careful. You're not going to increase the confidence of your employees by doing that. And what's, you're actually going to end up doing is slowing down the productivity of your employees. Because now they're going to be really worried about opening, any emails that look like they might be legitimate.

[00:15:14] And so your business is going to slow right down. So having some more training about it. Okay. I can see that everyone makes mistakes and we've got to remember that as well, but watch free, man. But we really are trying to get you to move quickly, act fast, or I need this answer right away. Or one of the big ones is we've got this vendor and in fact, I'll, let me give you a real world example.

[00:15:41] It's a manufacturing company and of course they. To buy product from vendors, as supplier. And then they use that product or whether it's copper or whatever it might be now to put it all together to make their products. And this one person, this one, hacker a lady again in Eastern Europe, she went and found out about this company.

[00:16:08] Okay, great. Found on their website, who the CEO was, who the CFO was. Okay, great. And was able to find the CEO online on Facebook and on his Facebook account, he said, yeah, we're going to The Bahamas. Rear-ending a sailboat. We're going to be out there, the whole family for two weeks. This is going to be fantastic disconnected.

[00:16:37] So she found all of that. Now what she had to do was she found out who it was. The CEO, what school he went to. So first she had to get around the restrictions. Cause he had said, don't share my posts with anyone other than friend. So she sent him a message because she found his LinkedIn profile. You see how easy this is to do.

[00:16:59] She found his LinkedIn profile and that he went to Harvard and got his MBA. So she sent him. A little note saying, Hey, remember me Janie from X, Y, Z class at Harvard, and want to be friends catch up a little bit. And then he doesn't remember who she is, but the picture looks cute enough. I might as well say yes.

[00:17:21] And now she had his contact information over on LinkedIn, send him a friend request over on Facebook as well. That's how she found out he was going to be gone for two weeks. And so now she knows when he's gone. And where he's going to be completely out of touch. So once he's gone about two or three days later, she sent an email off to the CFO inside the company and said, Hey.

[00:17:49] We've got this new vendor they've been providing us with product for the last three months. We haven't paid them at all yet. I need you to wire. It was a little more than $40 million because she'd done her homework. She knew how much money the company made, what their expenses probably were. I need you to wire $40 million to this account, or they're going to stop.

[00:18:17] All shipments to us. And instead of the CFO doing a little bit more homework into it and digging in and finding out because talking to the people in receiving that we've never received anything from that company. I don't know what you're talking about. And then talking with the guy on the manufacturing floor, the CFO didn't do any of that, just okay. This looks legit. And by the way, it is so easy for these hackers to also gain access to personal email accounts. And we're not going to spend time going into that right now. So he wired. Yes indeed. So there's an example of falling for fishing. A little bit of follow up on the part of the CFO would have shown him that this was not legitimate.

[00:19:07] Even over on Shark Tank. Barbara Cochran. She fell prey to this, actually it was her assistant and who wired some $400,000 to a vendor that wasn't real. Now the good news is the assistant copied Barbara who saw the email right away and said, whoa, wait a minute. They called the bank and they put a stop on it..

[00:19:34] Doing a little training here on how to spot fake log-in pages. We just covered fishing and some real world examples of it, of some free quiz stuff that you can use to help with it. And now we're moving on to the next step.

[00:19:50] The next thing to look for when it comes to the emails and these fake login pages is a spelling mistake or grammatical errors.

[00:20:02] Most of the time, these emails that we get that are faking emails are, have really poor grammar in them. Many times, of course the commas are in the wrong place, et cetera, et cetera. But most of us weren't English majors. So we're not going to pick that up myself included. That's why I use Grammarly.

[00:20:21] If you have to ever write anything or which includes anything from an email or a document you probably want to get Grammarly. There's a few out there, but that's the one I liked the best for making sure my grammar. So a tip, to the hackers out there, but the hackers will often use a URL that is very close to it.

[00:20:45] Where are you want to go? So they might put a zero in place of an O in the domain, or they might make up some other domain. So it might be amazon-aws.com or a TD bank-account.com. Something like that. Sometimes the registrars they'll catch that sort of thing and kill it. Sometimes the business that they are trying to fake will catch it and let them know as well.

[00:21:19] There's companies out there that watch for that sort of thing. But many times it takes a while and it's only fixed once enough people have reported it. So look at the URL. Make sure it's legitimate. I always advise that instead of clicking on the link in the email, try and go directly to the website.

[00:21:41] It's like the old days you got a phone call and somebody saying, yo, I'm from the bank and I need your name and social security numbers. So I can validate the someone broke into your account. No, they don't. They don't just call you up like that nowadays. They'll send you a message in their app.

[00:21:56] That's on your smart. But they're not going to call you. And the advice I've always given is look up their phone. And by the way, do it in the phone book, they remember those and then call them back. That's the safest way to do that sort of thing. And that's true for emails as well. If it's supposedly your bank and it's reporting something like someone has broken into your account, which is a pretty common technique for these fissures, these hackers that are out there, just type in the bank URL as it not what's in the email.

[00:22:33] There will be a message there for you if it's legitimate, always. Okay. So before you click on any website, Email links, just try and go directly to the website. Now, if it's one of these deep links where it's taking new Jew, something specific within the site, the next trick you can play is to just mouse over the link.

[00:22:58] So bring your mouse down to where the link is. And typically what'll happen is at the bottom left. Your screen or of the window. It'll give you the actual link. Now, if you look at some of them, for instance, the emails that I send out, I don't like to bother people. So if you have an open one of my emails in a while, I'll just automatically say, Hey, I have opened them in awhile, and then I will drop you off the list.

[00:23:28] Plus if you hit reply to one of my newsletters, my show notes, newsletters. That's just fine, but it's not going to go to me@craigpeterson.com and some people you listeners being the best and brightest have noticed that what happens is it comes up and it's some really weird URL that's so I can track.

[00:23:51] Who responded to me. And that way I can just sit down and say, okay, now let me go through who has responded? And I've got a, kind of a customer relationship management system that lets me keep track of all of that stuff so that I know that you responded. I know you're interacting, so I know I'm not bothering you.

[00:24:11] And I know I need to respond. Much the same thing is true with some of these links. When I have a link in my newsletter and I say, Hey, I'm linking to MIT's article. It is not going to be an MIT. Because again, I want to know what are you guys interested in? So anytime you click on a link, I'll know, and I need to know that, so I know why, Hey, wait a minute.

[00:24:36] Now, 50% of all of the people that opened the emails are interested in identifying fake login pages. So what do I do? I do something like I'm doing right now. I go into depth on fake logs. Pages. I wouldn't have known that if I wasn't able to track it. So just because the link doesn't absolutely look legit doesn't mean it isn't legit, but then again, if it's a bank of it involves financial transactions or some of these other things be more cautious.

[00:25:11] So double check for misspellings or grammatical errors. Next thing to do is to check the certificate, the security certificate on the site. You're on this gets a little bit confusing. If you go to a website, you might notice up in the URL bar, the bar that has the universal resource locator, that's part of the internet.

[00:25:38] You might've noticed a. And people might've told you do check for the lock. That lock does not mean that you are safe. All it means is there is a secure VPN from your computer to the computer on the other side. So if it's a hacker on the other side, you're sending your data securely to the hacker, right?

[00:26:05] That's not really going to do you a whole lot of good. This is probably one of the least understood things in the whole computer security side, that connect. May be secure, but is this really who you think it is? So what you need to do is click on their certificate and the certificate will tell you more detail.

[00:26:29] So double check their certificate and make sure it is for the site. You really. To go to, so when it's a bank site, it's going to say, the bank is going to have the bank information on it. That makes sense. But if you go for instance on now, I'm going to throw a monkey wrench into this whole thing.

[00:26:48] If you go to Craig peterson.com, for instance, it's going to. Connection is secure. The certificate is valid, but if you look at their certificate and the trust in the details, it's going to be issued by some company, but it's going to just say Craig peterson.com. It's not going to give a business name like it would probably do for a bank.

[00:27:14] So you know, a little bit of a twist to it, but that's an important thing. Don't just count on the lock, make sure that the certificate is for the place you want to contact. Last, but not least is multi-factor authentication. I can't say this enough. If the bad guys have your username or email address and your password for a site, if you're using multifactor authentication, they cannot get in.

[00:27:53] So it's going to prevent credential stuffing tactics, or they'll use your email and password combinations that have already been stolen for mothers sites to try and hack in to your online profile. So very important to set up and I advise against using two factor authentication with your, just a cell phone, as in a text message SMS, it is not secure and it's being hacked all of the time.

[00:28:23] Get an authorization. Like one password, for instance, and you shouldn't be using one password anyways, for all of your passwords. And then Google has a free one called Google authenticator. Use those instead of your phone number for authentication.

[00:28:40] You're listening to Craig Peterson, cybersecurity strategist, and online@craigpeterson.com.

[00:28:48] I've been warning about biometric databases. And I sat down with a friend of mine who is an attorney, and he's using this clear thing at the airport. I don't know if you've seen it, but it's a biometric database. What are the real world risks?

[00:29:04] This clear company uses biometrics.

[00:29:08] It's using your eye. Brent, if you will, it's using your Iris. Every one of us has a pretty darn unique Iris, and they're counting on that and they're using it to let you through TSA very quickly. And this attorney, friend of mine thinks it's the best thing since sliced bread, because he can just. On through, but the problem here is that we're talking about biometrics.

[00:29:34] If your password gets stolen, you can change it. If your email account gets hacked, I have another friend who his account got hacked. You can get a new email account. If your Iris scan that's in this biometric database gets stolen. You cannot replace your eyes unless of course you're Tom cruise and you remember that movie, and it's impossible to replace your fingerprints. It's possible to replace your face print. I guess you could, to a degree or another, some fat injections or other things. Could be done to change your face sprint, but these Iris scans fingerprints and facial images are something I try not to provide any.

[00:30:29] Apple has done a very good job with the security of their face print, as well as their fingerprint, because they do not send any of that information out directly to themselves or to any database at all. Period. They are stored only on the device itself. And they're in this wonderful little piece of electronics that can not be physically compromised.

[00:30:59] And to date has not been electronically compromised either. They've done a very good job. Other vendors on other operating systems like Android, again, not so much, but there are also databases that are being kept out there by the federal government. I mentioned this clear database, which isn't the federal government, it's a private company, but the federal government obviously has its fingers into that thing.

[00:31:29] The office of personnel. For the federal government, they had their entire database, at least pretty much the entire database. I think it was 50 million people stolen by the red, Chinese about six years ago. So the communists. Copies of all of the information that the officer personnel management had about people, including background checks and things.

[00:31:55] You've probably heard me talk about that before. So having that information in a database is dangerous because it attracts the hackers. It attracts the cybercriminals. They want to get their hands on it. They'll do all kinds of things to try and get their hands. We now have completely quit Afghanistan.

[00:32:20] We left in a hurry. We did some incredibly stupid things. I just, I can't believe our president of the United States would do what was done here. And now it's been coming out that president and Biden completely ignored. The advice that he was getting from various military intelligence and other agencies out there and just said, no, we're going to be out of there.

[00:32:46] You have to limit your troops to this. And that's what causes them to close the air base battleground that we had for so many years. Apparently the Chinese are talking about taking it over now. Yeah. Isn't that nice. And whereas this wasn't an eternal war, right? We hadn't had anybody die in a year and a half.

[00:33:05] It's crazy. We have troops in south Vietnam. We have troops in Germany. We have troops in countries all over the world, Japan, you name it so that we have a local forest that can keep things calm. And we were keeping things calm. It's just mind blowing. But anyhow, politics aside, we left behind a massive database of biometric database.

[00:33:38] Of Afghanis that had been helping us over in Afghanistan, as well as a database that was built using us contractors of everyone in the Afghan military and the basically third genealogy. Who their parents were the grandparents blood type weight, height. I'm looking at it right now. All of the records in here, the sex ID nationality.

[00:34:11] Date of exploration, hair color, favorite fruit, favorite vegetables, place of birth, uncle's name marker signature approval. Signature date, place of birth. Date of birth address, permanent address national ID number place of ISS. Date of ISS native language salary data salary, group of salary, police of salary education, father's name, graduation, date, weapon and service now.

[00:34:41] These were all in place in Afghanistan. We put them in place because we were worried about ghost soldiers. A gold soldier was someone who we were paying the salary of taxpayers of the United States were paying the salaries of the Afghan military for quite some time. And we were thinking that about half of the.

[00:35:06] Payroll checks. We were funding. We're actually not going to people who were in the military, but we're going to people who were high up within the Afghan government and military. So we put this in place to get rid of the ghost soldiers. Everybody had to have all of this stuff. In the database, 36 pieces of information, just for police recruitment.

[00:35:39] Now this information we left behind and apparently this database is completely in the hand of the Taliban. Absolutely. So we were talking about Americans who helped construct Afghanistan and the military and the telephone. The looking for the networks of their Ponant supporters. This is just absolutely amazing.

[00:36:07] So all of the data doesn't have clear use, like who cares about the favorite fruit or vegetable, but the rest of it does the genealogy. Does they now know who was in the police department, who was in the military, who their family is, what their permanent address is. Okay. You see the problem here and the biometrics as well in the biometrics are part of this us system that we were using called hide H I D E.

[00:36:41] And this whole hide thing was a biometric reader. The military could keep with them. There were tens of thousands of these things out in the field. And when they had an encounter with someone, they would look up their biometrics, see if they were already in the database and in the database, it would say, yeah, they're friendly, they're an informant.

[00:37:03] Or we found them in this area or w we're watching them. We have concern about them, et cetera, et cetera. All of their actions were in. Turns out that this database, which covered about 80% of all Afghans and these devices are now in the hands of the Taliban. Now, the good news with this is that a lot of this information cannot be easily extracted.

[00:37:32] So you're not going to get some regular run of the mill Taliban guy to pick one of these up and start using. But the what's happening here is that we can really predict that one of these surrounding companies like Pakistan that has been very cooperative with the Taliban. In fact, they gave refuge to Saddam, not Saddam Hussein, but to a bin Ladin and also Iran and China and Russia.

[00:38:04] Any of those countries should be able to get into that database. Okay. So I think that's really important to remember now, a defense department spokesperson quote here, Eric Fay on says the U S has taken prudent actions to ensure that sensitive data does not fall into the Tolo bonds. And this data is not at risk of misuse.

[00:38:29] Misuse that's unfortunately about all I can say, but Thomas Johnson, a research professor at the Naval postgraduate school in Monterey, California says not so fast, the taller Bon may have used biometric information in the Coon dues. So instead of taking the data straight from the high devices, he told MIT technology review that it is possible that Tolo bond sympathizers in Kabul, provided them with databases of military personnel, against which they could verify prints.

[00:39:07] In other words, even back in 2016, it may have been the databases rather than these high devices themselves pose the greatest risk. This is very concerning big article here in MIT technology review. I'm quoting from it a little bit here, but there are a number of databases. They are biometric. Many of these, they have geological information.

[00:39:35] They have information that can be used to round up and track down. Now, I'm not going to mention world war two, and I'm not going to mention what happened with the government too, before Hitler took over, because to do that means you lose that government had registered firearms, that government had registered the civilians and the people and Afghanistan.

[00:40:04] The government was also as part of our identification papers, registering your religion. If you're Christian, they're hunting you down. If you were working for the military, they're hunting you down. And this is scary. That's part of the reason I do not want biometric information and databases to be kept here in the U S Hey, make sure you get my show notes every week on time, along with free training, I try to help you guys out.

[00:40:41] If you've never heard of the Carrington event, I really hope, frankly, I really do hope we never have to live through one of these. Again, there is a warning out there right now about an internet apocalypse that could happen because of the sun.

[00:40:58] Solar storms are something that happens really all of the time. The sun goes through solar cycles. About every seven years, there are longer cycles as well. You might know. I have an advanced class amateur radio license I've had for a long time, and we rely a lot when we're dealing with short wave on the solar cycle.

[00:41:22] You see what happens is that the sun charges, the atmosphere. That if you've ever seen the Northern light, that is. Part of the Sunzi missions, hitting our magnetic field and getting sucked into the core of the earth, if you will, as they get caught in that field. And the more charged the atmosphere is, the more bounce you get.

[00:41:46] That's what we call it bounce. And the reason us hams have all these different frequencies to use is because of the bow. We can go different frequencies with different distances, I should say, using different frequencies. So think about it right now. You've got the earth and I want to talk from Boston to Chicago.

[00:42:08] For instance, I know about how many miles it is, and I have to figure out in the ionosphere up in the higher levels of the atmosphere, what frequency. To use in order to go up into the atmosphere, bounce back, and then hit Chicago. That's the idea. It's not quite as simple or as complex in some ways, as it sounds, a lot of people just try different frequencies and a lot of hams just sit there, waiting for anybody anywhere to talk to, particularly if they are.

[00:42:41] It's really quite fun. Now what we're worried about, isn't so much just the regular solar activity. We get worried when the sun spots increase. Now, the solar cycle is what has primary image. On the temperature on earth. So no matter what, you might've heard that isn't your gas, guzzling car or a diesel truck that causes the Earth's temperature to change.

[00:43:10] Remember the only constant when it comes to the Earth's temperature has been changed over the millions of years. We had periods where the earth was much warmer than it is now had more common that carbon dioxide in the atmosphere than it does now had less. In fact, right now we are at one of the lowest levels of carbon dioxide in the atmosphere in earth long.

[00:43:36] So the sun, if you might remember, comes up in the morning, warms things up, right? And then it cools down. When the sun disappears at nighttime, it has a huge impact. It's almost exclusively the impact for our temperatures. There's other things too, for instance. eruption can spew all to hold a lot of carbon dioxide.

[00:44:01] In fact, just one, just Mount St. Helens wanted erupted, put more carbon dioxide into the atmosphere than man has throughout our entire existence. Just to give you an idea, right? So these alarms that are out there, come on, people. Really, and now we're seeing that in this last year, we had a 30% increase in the ice cap up in the, in, up in the north, up in Northern Canada, around the polls.

[00:44:32] We also had some of these glaciers growing. It was so funny. I saw an article this year, or excuse me, this week that was showing a sign that was at one of our national parks. And it said this glacier will have disappeared by 2020. Of course it hasn't disappeared. In fact, it has grown now and it's past 2020.

[00:44:54] Anyhow, the sun has a huge impact on us in so many ways. And one of the ways is. Something called a coronal mass ejection. This is seriously charged particles. That tend to be very directional. So when it happens, when there's one of these CMS coronal, mass ejections, it's not just sending it out all the way around the sun everywhere.

[00:45:21] It's really rather concentrated in one. One particular spot. Now we just missed one not too long ago. And let me see if I can find it here. Just mast, a cm E near miss. Here we go. There a solar super storm in July, 2012, and it was a very close shave that we had most newspapers didn't mention it, but this could have been.

[00:45:51] AB absolutely incredible. We'd be picking up the pieces for the next 50 years. Yeah. Five, zero years from this one particular storm. And what happens is these solar flares, if you will, are very extreme, the CME. You're talking about x-rays extreme UV, ultraviolet radiation, reaching the earth at the speed of light ionizes, the upper layers of atmosphere.

[00:46:19] When that happens, by the way, it hurts our communications, but it can also have these massive effects where it burns out saddle. And then causes radio blackouts, GPS, navigation problems. Think about what happened up in Quebec. So let me just look at this back hit with an E and yeah, here we go. And March 13th, 1989.

[00:46:50] Here we go. Here's another one. Now I remembered. And this is where Quill back got nailed. I'm looking at a picture here, which is looking at the United States and Canada from the sky and where the light is. And you can see Quebec is just completely black, but they have this massive electrical blackout and it's becomes.

[00:47:13] Of this solar storm. Now they, these storms that I said are quite directional depending on where it hits and when it hits things can get very bad. This particular storm back in 1989 was so strong. We got to see their Rora Borealis, the Northern lights as far south, as Florida and cute. Isn't that something, when we go back further in time to this Carrington event that I mentioned, you could see the Northern lights at the eclipse.

[00:47:50] Absolutely amazing. Now the problem with all of this is we've never really had an internet up online. Like we have today when we had one of the storms hit. And guess what we're about to go into right now, we're going into an area or a time where the sun's going to be more active, certainly on this 11 year cycle and possibly another bigger cycle too, that we don't really know much about.

[00:48:22] But when this hit us back in the 1850s, what we saw was a a. Telegraph system that was brought to its knees. Our telegraphs were burned out. Some of the Telegraph buildings were lit. They caught on fire because of the charges coming in, people who were working the telegraphs, who are near them at the time, got electric shocks or worse than that.

[00:48:48] Okay. 1859 massive Carrington event compass needles were swinging wildly. The Aurora Borealis was visible in Columbia. It's just amazing. So that was a severe storm. A moderate severity storm was the one that hit in Quebec here knocked out Quebec electric. Nine hour blackout of Northeast Canada. What we think would happen if we had another Carrington event, something that happened to 150 years ago is that we would lose power on a massive scale.

[00:49:27] So that's one thing that would happen. And these massive transformers that would likely get burned out are only made in China and they're made on demand. Nobody has an inventory. So it would be at least six months before most of the country would get power back. Can you believe that would be just terrible and we would also lose internet connectivity.

[00:49:52] In fact, the thinking that we could lose internet connectivity with something much less than a severe storm, maybe if the Quebec power grid solar, a massive objection here. Maybe if that had happened, when. The internet was up. They might have burned out internet in the area and maybe further. So what we're worried about is if it hits us, we're going to lose power.

[00:50:20] We're going to lose transformers on the transmission lines and other places we're going to lose satellites and that's going to affect our GPS communication. We're going to lose radio communication, and even the undersea cables, even though they're now no longer. Regular copper cables. It's now being carried of course, by light in pieces of glass.

[00:50:45] The, those cables need to have repeaters about every 15 miles or so under underwater. So the power is provided by. Copper cables or maybe some other sort of power. So these undersea cables, they're only grounded at extensive intervals, like hundreds or thousands of kilometers apart. So there's going to be a lot of vulnerable components.

[00:51:12] This is all a major problem. We don't know when the next massive. Solar storm is going to happen. These coronal mass ejections. We do know they do happen from time to time. And we do know it's the luck of the draw and we are starting to enter another solar cycle. So be prepared. Of course, you're listening to Craig Peterson, cybersecurity strategist.

[00:51:42] If you'd like to find out more and what you can do, just visit Craig peterson.com and subscribe to my weekly show notes.

[00:51:52] Google's got a new admission and Forbes magazine has an article by Zach Dorfman about it. And he's saying you should delete Google Chrome now after Google's newest tracking admission. So here we go.

[00:52:09] Google's web browser. It's been the thing for people to use Google Chrome for many years, it's been the fastest. Yeah, not always people leapfrog it every once in a while, but it has become quite a standard. Initially Microsoft is trying to be the standard with their terrible browser and yeah, I to Exploder, which was really bad and they have finally completely and totally shot it in the head.

[00:52:42] Good move there on their part. In fact, they even got rid of their own browser, Microsoft edge. They shot that one in. They had to, I know I can hear you right now saying, oh, Craig, I don't know. I just use edge browser earlier today. Yeah. But guess what? It isn't edge browser. It's actually Google Chrome. The Microsoft has rebranded.

[00:53:04] You see the guts to Google Chrome are available as what's called an open source project. It's called chromium. And that allows you to take it and then build whatever you want on top of. No, that's really great. And by the way, Apple's web kit, Kat is another thing that many people build browsers on top of and is part of many of these browsers we're talking about right now, the biggest problem with the Google Chrome.

[00:53:35] Is they released it so they could track you, how does Google make its money? It makes us money through selling advertising primarily. And how does it sell advertising if it doesn't know much or anything about you? So they came out with the Google Chrome browser is a standard browser, which is a great.

[00:53:55] Because Microsoft, of course, is very well known for not bothering to follow standards and say what they have is the actual standard and ignoring everybody else. Yeah. Yeah. I'm picking on Microsoft. They definitely deserve it. There is what is being called here in Forbes magazine, a shocking new tracking admission from.

[00:54:17] One that has not yet made headlines. And there are about what 2.6 billion users of Google's Chrome worldwide. And this is probably going to surprise you and it's frankly, Pretty nasty and it's, I think a genuine reason to stop using it. Now, as you probably know, I have stopped using Chrome almost entirely.

[00:54:42] I use it when I have to train people on Chrome. I use it when I'm testing software. There's a number of times I use it, but I don't use it. The reality is that Chrome is an absolute terror. When it comes to privacy and security, it has fallen way behind its rivals in doing that. If you have an iPhone or an iPad or a Mac, and you're using safari, apple has gone a long ways to help secure your data.

[00:55:19] That's not true with Chrome. In fact, it's not protecting you from tracking and Dave data harvesting. And what Google has done is they've said, okay we're going to get these nasty third party cookies out of the whole equation. We're not going to do that anymore. And what they were planning on doing is instead of knowing everything specifically.

[00:55:43] You they'd be able to put you in a bucket. So they'd say, okay, you are a 40 year old female and you are like driving fast cars and you have some kids with a grandkid on the way, and you liked dogs, not cats, right? So that's a bucket of people that may be a few hundred or maybe up to a thousand. As opposed to right now where they can tell everything about you.

[00:56:12] And so they were selling that as a real advantage because they're not tracking you individually anymore. No, we're putting you in a bucket. It's the same thing. And in fact, it's easier for Google to put you in a bucket than to track everything about you and try and make assumptions. And it's easier for people who are trying to buy ads to place in front of you.

[00:56:34] It's easier for them to not have to reverse engineer all of the data the Google has gathered in instead. To send this ad to people that are in this bucket and then that bucket. Okay. It makes sense to you, but I, as it turns out here, Google has even postponed of that. All right. They really have, they're the Google's kind of hiding.

[00:56:59] It's really what's going on out there. They are trying to figure out what they should do, why they should do it, how they should do it, but it's going to be a problem. This is a bad habit. The Google has to break and just like any, anybody that's been addicted to something it's going to take a long time.

[00:57:19] They're going to go through some serious jitters. So Firefox is one of the alternatives and to Google Chrome. And it's actually a very good one. It is a browser that I use. I don't agree with some of the stuff that Mozilla and Firefox does, but again, nobody agrees on everything. Here's a quote from them.

[00:57:41] Ubiquitous surveillance harms individually. And society Chrome is the only major browser that does not offer meaningful protection against cross site tracking and Chrome will continue to leave users unprotected. And then it goes on here because. Google response to that. And they admit that this massive web tracking out of hand and it's resulted in, this is a quote from Google and erosion of trust, where 72% of people feel that almost all of what they do online is being.

[00:58:19] By advertisers, technology firms or others, 81% say the potential risks from data collection outweigh the benefit by the way, the people are wrong. 72% that feel almost all of what they do on online is being tracked. No. The answer is 100% of what you do is probably being tracked in some way online.

[00:58:41] Even these VPN servers and systems that say that they don't do logs. Do track you take a look at proton mail just last week. Proton mail it's in Switzerland. Their servers are in Switzerland. A whole claim to fame is, Hey, it's all encrypted. We keep it safe. We don't do logging. We don't do tracking guess what they handed over the IP addresses of some of the users to a foreign government.

[00:59:09] So how can you do that? If you're not logging, if you're not tracking. Yeah, they are. And the same thing is true for every paid VPN service I can think of. So how can Google openly admit that their tracking is in place tracking everything they can, and also admit that it's undermining our privacy.

[00:59:36] Their flagship browser is totally into it. It's really, it's gotta be the money. And Google does not have a plan B this anonymized tracking thing that they've been talking about, the buckets that I mentioned, isn't realistic, frankly. Google's privacy sandbox is supposed to Fitbit fix it.

[00:59:56] I should say. The whole idea and the way it's being implemented and the way they've talked about it, the advertisers on happy. So Google is not happy. The users are unhappy. So there you go. That's the bottom line here from the Forbes article by Zach Dorfman, delete Google Chrome. And I said that for a long time, I do use some others.

[01:00:20] I do use Firefox and I use. Which is a fast web browser. That's pretty good shape. Hey, if you sign up for my shows weekly newsletter, not only will you get all of my weekly tips that I send to the radio hosts, but you will get some of my special reports that go into detail on things like which browser you shouldn't be using.

[01:00:46] Sign up right now. Craig peterson.com.

[01:00:50] Many businesses have gone to the cloud, but the cloud is just another word for someone else's computer. And many of the benefits of the cloud just haven't materialized. A lot of businesses have pulled back and are building data centers.

[01:01:07] Now, the reason I mentioned this thing about Microsoft again, and the cloud is Microsoft has a cloud offering.

[01:01:17] It's called Microsoft Azure. Many people, many businesses use it. We have used it with some of our clients in the past. Now we have some special software that sits in front of it that helps to secure. And we do the same thing for Amazon web services. I think it's important to do that. And we also use IBM's cloud services, but Microsoft is been pitching for a long time.

[01:01:45] Come use our cloud services and we're expecting here probably within the next month, a big announcement from Microsoft. They're planning on making it so that you can have your desktop reside in Microsoft's cloud, in the Azure cloud. And they're selling really the feature of it doesn't matter where you are.

[01:02:11] You have your desktop and it doesn't matter what kind of computer you're on. As long as you can connect to your desktop, using some just reasonable software, you will be able to be just like you're in front of a computer. So if you have a Chromebook or a Mac, Or windows or tablet, whatever. And you're at the grocery store or the coffee shop or the office, you'll be able to get it, everything, all of your programs, all your files.

[01:02:41] And we, Microsoft will keep the operating system up to date for you automatically a lot of great selling points. And we're actually looking into that, not too heavily yet. We'll give them a year before we really delve into it at all. Cause it takes them a while to get things right. And Microsoft has always been one that adds all kinds of features, but most of the time, most of them don't work and we can document that pretty easily, even in things like Microsoft.

[01:03:11] The verge is now reporting that Microsoft has warned users of its as your cloud computing service, that their data has been exposed online for the last two years. Yeah, let me repeat that in case you missed it, you yeah. I'm I might've misspoken. Let me see, what does it say? It says users of Azure cloud competing service.

[01:03:36] So that's their cloud. Microsoft's big cloud. Okay. Their data has been. Exposed online. Okay. So that means that people could get the data, maybe manipulate the data that's exposed means for the last two years. Are you kidding me? Microsoft is again, the verge. Microsoft recently revealed that an error in its Azure cosmos database product left more than 3,300 as your customer's data.

[01:04:12] Completely exposed. Okay guys. So this is not a big thing, right? It can't possibly be big thing because you know who uses Azure, nobody uses a zer and nobody uses hosted databases. Come on, give me a break. Let me see, what else does this have to say? Oh, okay. It says that the vulnerability was reported, reportedly introduced into Microsoft systems in 2019, when the company added a data visualization feature called Jupiter notebook to cosmos DB.

[01:04:46] Okay. I'm actually familiar with that one and let's see what small companies let's see here. Some Azure cosmos DB clients include Coca Cola. Liberty mutual insurance, Exxon mobile Walgreens. Let me see. Could any of these people like maybe Liberty mutual insurance and Walgreens, maybe they'd have information about us, about our health and social security numbers and account numbers and credit cards. Names addresses. That's again, why I used to get so upset when these places absolutely insist on taking my social security number, right? It, first of all, when it was put in place, the federal government guaranteed, it would never be used for anything other than social security.

[01:05:34] And the law even said it could not be used for anything other than social security. And then the government started expanding it. And the IRS started using it. To track all of our income and that's one thing right there, the government computers, they gotta be secure. All of these breaches we hear about that.

[01:05:52] Can't be true. So how about when the insurance company wants your personal information? Like your social security number? What business is it of? There's really no. Why do they have to have my social security number? It's a social security number. It's not some number that's tattooed on my forehead. That's being used to track me.

[01:06:18] Is it this isn't a socialist country like China is, or the Soviet union was right. It's not social. So why are they tracking us like that? Walgreens? Why do they need some of that information? Why does the doctor that you go to that made the prescription for Walgreens? Why do they need that information?

[01:06:40] And I've been all over this because they don't. Really need it. They want, it makes their life easier, but they don't really need it. However, it exposes us. Now, if you missed the email, I sent out a week ago, two weeks ago now, you missed something big because I, in my weekly newsletter went through and described exactly what you could do in order to keep your information private.

[01:07:13] So in those cases where websites asking for information that they don't really need, right? You don't want to lie, but if they don't really need your real name, why you're giving them your real name? Why do you use a single email address? Why don't you have multiple addresses? Does that start make sense to you guys?

[01:07:33] And now we find out that Microsoft Azure, their cloud services, where they're selling cloud services, including a database that can be used online, a big database 3,300 customers looks like some of them are actually big. I don't know. ExxonMobil pretty big. Yeah. I think so. Walgreens, you think that might be yeah.

[01:07:57] Why. Why are we trusting these companies? If you have a lot of data, a lot of customers, you are going to be a major target of nation states to hack you and bat just general hackers, bad guys. But you're also if you've got all this information, you've also got to have a much higher level of security than somebody that doesn't have all of that information.

[01:08:24] Does that make sense to you? Did I say that right? You don't need the information and I've got to warn anybody that's in a business, whether you're a business owner or you're an employee, do not keep more data than you need the new absolutely need to run your company. And that includes data about your customers.

[01:08:48] And maybe it's even more specifically data about your customer. Because what can happen is that data can be stolen and we just found it. That? Yes, indeed. It could have been, it was exposed Microsoft the same. We don't know how much it was stolen. If anything was stolen. Yeah, Walgreens. Hey, I wonder if anyone's going to try and get some pain pills illegally through a, this database hack or a vulnerability anyways.

[01:09:17] All right, everyone. Stick around. We'll be back. Of course, you listening to Craig Peterson. I am a cybersecurity strategist for business, and I'm here to help you as well. You can ask any question any time consumers are the people I help the most, I wish I got a dime for every time I answered a question.

[01:09:38] Just email me@craigpeterson.com and stick around.

[01:09:44] Whether or not, you agree with the lockdown orders that were put in place over this COVID pandemic that we had. There are some other parts of the world that are doing a lot more.

[01:10:00] Australia has. I don't know. I think that they went over the deep end that much, the same thing is true right next door to them.

[01:10:11] And I am looking at a report of what they are doing with this new app. You might be aware that both apple and Google came out with an application programming interface. That could be used for contract tack tracking, contact tracking. There you go. It wasn't terribly successful. Some states put some things in place.

[01:10:38] Of course you get countries like China. I love the idea because heaven forbid you get people getting together to talk about a Tannen square remembrance. Now you want to know who all of those people were, who were in close proximity, right? Good for China a while, as it turns out, Australia is putting something in place they have yet another COVID lockdown.

[01:11:03] They have COVID quarantine orders. Now I think if you are sick, you should stay here. I've always felt that I, I had 50 employees at one point and I would say, Hey, if you're sick, just stay home. Never required a doctor's note or any of that other silliness, come on. People. If someone's sick, they're sick and let them stay home.

[01:11:26] You don't want to get everybody else in the office, sick and spread things around. Doesn't that just make sense. They now in Australia, don't trust people to stay home, to get moving. Remember China, they were taking welders and we're going into apartments in anybody that tested positive.

[01:11:42] They were welding them into their apartment for minimum of two weeks. And so hopefully they had food in there and they had a way to get fresh water. Australia is not going quite that far, but some of the states down under. Using facial recognition and geolocation in order to enforce quarantine orders and Canada.

[01:12:07] One of the things they've been doing for very long time is if you come into the country from out of the country, even if you're a Canadian citizen, you have to quarantine and they'll send people by your house or you have to pay to stay for 10 days in a quarantine hope. So you're paying the, of course now inflated prices for the hotel, because they're a special quarantine hotel.

[01:12:34] You have to pay inflated prices to have food delivered outside your door. And that you're stuck there for the 10 days, or if you're at home though, they, you're stuck there and they'll send people by to check up on you. They'll make phone calls to check up on you. They have pretty hefty fines.

[01:12:54] What Australia has decided to do is in Australia is Charlene's even going from one state to another state are required to prove that they're obeying a 14 day quarantine. And what they have to do is have this little app on their phone and they, the app will ping them saying, prove it. And then they have to take a photo of themselves with geo location tag on it and send it up via the app to prove their location.

[01:13:32] And they have to do all of that within 15 minutes of getting the notification. Now the premier of the state of south Australia, Steven Marshall said, we don't tell them how often or when on a random basis, they have to reply within 15 minutes. And if you don't then a police, officer's going to show up at the address you're supposed to be at to conduct an in-person check.

[01:13:59] Very intrusive. Okay. Here's another one. This is an unnamed government spokesperson who was apparently speaking with Fox news quote. The home quarantine app is for a selected cohort of returning self Australians who have applied to be part of a trial. If successful, it will help safely ease the burden of travel restrictions associated with the pandemic.

[01:14:27] So there you go. People nothing to worry about. It's just a trial. It will go away. Just for instance, income tax, as soon as rule, number one is over, it will be removed and it will never be more than 3% and it will only apply to the top 1% of wage-earners. So there you go. And we all know that world war one isn't over yet.

[01:14:47] So that's why they still have it in somehow. Yeah, some of the middle class pays the most income tax. I don't know. Interesting. Interesting. So there you go. Little news from down under, we'll see if that ends up happening up here. News from China, China has China and Russia have some interesting things going on.

[01:15:08] First of all, Russia is no longer. Country, they are. They aren't, they are a lot freer in many ways than we are here in the United States. Of course, China, very heavily socialist. In fact, they're so socialists, they are communist and China. And Russia both want their kids to have a very good education in science, engineering, and mathematics.

[01:15:35] Not so much on history, not so much on, on politics. But definitely heavy on the sciences, which I can see that makes all the sense. I think everybody should be pretty heavily on the science. According to the wall street journal this week, gamers under the age of 18 will not be allowed to play online games between 8:00 PM and 9:00 PM on Friday, Saturdays and Sundays.

[01:16:02] Okay. So basically what they're doing, I reverse that what they're doing is they're only allowing the kids three hours of gaming per week. In other words, they can play between eight and 9:00 PM, Friday, Saturday, and Sundays. I think that might overload some gaming servers. Cov gaming addiction has affected studies and normal lives.

[01:16:23] And many parents have become miserable. That's China's press and public administration. Sedna state. Okay. There's going to be some relief during the school holidays. Children will be allowed 60 minutes per day for gaming hard to say how China plans didn't force it, but they have their ways, identity cards. By the way required for playing online. They've got a facial recognition system introduced in July by 10 cent. Remember all of the uproar around 10 cent and their apps and president Trump trying to get them blocked here in the U S yeah, there you go. Facial recognition bill right into the app, and it's proven effective at catching children pretending to be adults in order to get around government gaming curves.

[01:17:12] So this goes on and on and Korea as well, South Korea has had some very big problems. You might remember it was headlines just a few years ago of some of these south Korean kids dying because they were playing video games four days straight with no sleep, no real food. Just taking all of these energy.

[01:17:37] And we'll literally gaming themselves to death. So South Korea passed a law that prevented young people from playing online video games late at night. So that was introduced back in 2011 and it's targeted at players 16 or up. And south Korean miners were prevented from playing online PC games between midnight and six, 8:00 AM.

[01:18:03] Now South Korea has scrapped that law. Interesting. So they're saying it's out of respect for younger citizens, right? They're going to abolish this law, replace it by. Permit system that allows players to request a permit per game and play during self-assigned hours that their parents will sign off on.

[01:18:27] This is in an article from GameSpot, by the way, a gamespot.com. You might remember them too, the whole Robin hood scandal. But I think it's an interesting question. When my kids were young lo those many years ago I got this box that the, you took the TV wire, you ran it into the box and you could program.

[01:18:51] So that each kid had their own code and you could specify how much time the kid could watch TV or how much time or when they could watch TV and how much time cumulative the kids could have. And it actually worked pretty well. And the kids certainly complained a lot about it. And a couple of them tried to work the way around it hard to when the plug is inside the box.

[01:19:17] Yeah, ingenuity as they are. They were able to do that. They cut the wire off and put another power connector on the end of the TV wire. Anyhow Microsoft, we've been talking about them a lot. This show. I do not like Microsoft, that already the windows 11 is coming out and we talked about.

[01:19:38] Before, because windows 11 is plying. Microsoft is planning on requiring you to have a very modern computer. You need to have a TPM in it, which is this special security module. You need to have a certain speed, et cetera, but the TPM is a big thing. That's going to make it. So most of your computers won't work.

[01:20:04] Tons of pushback on that. I can see what Microsoft is trying to do it. They really would love to have a clean operating system that really wasn't getting hacked all the time. And this will help it won't solve their problem, but it will help. So that they're going to be doing now is they're going to over the course of months, starting October 5th.

[01:20:28] They're going to release windows 11 to certain people, one at a time type approach. So they're not going to force everyone to upgrade. They're not going to offer it to everyone. And Microsoft is going to offer a preview of the Android apps in the Microsoft store for windows insiders in the months ahead.

[01:20:51] But they're planning on having a phased rollout through winter. Date, and you're not going to see it most likely when it starts to roll out, but you will be seen and to end with the stringent system requirement, apparently what they're going to do is not auto update your computer if it's not new enough.

[01:21:13] And if it doesn't have a TPM, but you can manually install windows 11, at least that's what they're doing. That's it for today. We had some more stuff I didn't get to, but we always have more every week. And I try to keep you up to date. We do trainings, visit me online so you can find out about all of this stuff.

[01:21:33] The trainings, most of them are absolutely free. Craig peterson.com/subscribe. Craig peterson.com.

  continue reading

500 つのエピソード

Artwork
iconシェア
 
Manage episode 302238002 series 1107025
コンテンツは Craig Peterson によって提供されます。エピソード、グラフィック、ポッドキャストの説明を含むすべてのポッドキャスト コンテンツは、Craig Peterson またはそのポッドキャスト プラットフォーム パートナーによって直接アップロードされ、提供されます。誰かがあなたの著作権で保護された作品をあなたの許可なく使用していると思われる場合は、ここで概説されているプロセスに従うことができますhttps://ja.player.fm/legal

Do You Know How to Identify a Fake Web Page? The FBI's reporting that more than 70% of all business hacks are because of our employees. They're clicking on emails, they're going to websites, what can we do? How do we know if a website is legitimate or not?

[Automated transcript]

[00:00:19] There's a great little article that McAfee published now, McAfee is a company that's been in the cybersecurity business for quite a while.

[00:00:28] I do not use their products. I use some competing products. I have not been impressed with their products.

[00:00:35] Let me tell you this particular web post that they put up is fantastic and you'll see it in my newsletter this week. Make sure you get that.

[00:00:45] Have you ever come across a website that didn't look quite right if you haven't, you haven't been on the internet very much because whether you're an individual at home or you are in a business environment, we are likely going to end up on websites that are not legitimate. Sometimes we'll see these things, that company logo might be wrong. There's not enough information on the page. You've been there before and this looks down page. The odds are that you were on a hack site, a site that's trying to get you to do something most of the time when you end up on these sites, they're trying to get you to put in your username and password.

[00:01:31] Already that the bad guys have stolen your username and password from so many websites out there. So why would they try and do it this way? It's because if they're pretending to be your bank and you try and log in, They know this as your bank account, and many times they immediately try and get into your bank account or your phone account, whatever it might be.

[00:01:56] This is a very long-standing tactic that's relied on by hackers everywhere. Usually it's a knockoff of a real page. They'll take it and they will recreate it. Then it's easy to do if you're in a web browser right now, when you go to your bank's website. You can just go to file, save as, and go ahead and save the entire webpage and you'll get everything.

[00:02:23] You'll get all of the links that are on there. All of the graphics that are there, it'll pull it in for you all automatically. And that's all they do. That's what they use. Just a copy. How do they get in front of you in the first place? Typically the hackers will go ahead and send a phishing email.

[00:02:43] They'll make the email sound legitimate. They'll make it look legitimate. They'll often even use a URL that looks a lot like it. B the real banks email. I've seen it before where the URL is bank of america.safe site.com. That sort of a thing. I'm not blaming safe site. They could be a great company.

[00:03:04] I don't know. I just made it up as we're going, but that type of a URL where it's not really bank of america.com or it's a misspelling of bank of America, that's the sort of thing that gets to be pretty darn common and. Clicking on that link and then submitting your information. It hasn't been leading to credit card fraud, data extraction, wire transfers, identity theft, and a whole lot more.

[00:03:34] Now with the COVID relief, that's been out there. All of these things from filing for unemployment claims through filing for PPP protection as a business, the whole. Industry has changed. I'm talking about the hacker industry here, because there are so many people who are falling for these scams and ransomware as well has gone up over 300%.

[00:04:08] It's just absolutely amazing. Now, if you go online and you duck, duck, go. Fake login pages. And for those of you who don't know what I mean by that duck go is the search engine I've been recommending lately. It is a search engine that doesn't take politics into play like Google does. And it also does not track you.

[00:04:31] And what you're looking at it is ad based. It gets its revenue from advertisement, but it's not selling your information just on the basic search. That you're doing. I think it's a very good alternative, but if you go ahead and your search for fake login pages, you're going to find thousands of guides on how to create websites.

[00:04:53] And these bad guys can create these websites in absolutely no time at all. It just a minute or two in order to make one of them. Now it can be difficult nowadays to figure out if it's a fake site, because the, again, the hackers are constantly updating their techniques to be more sophisticated. So it's made it more difficult for consumers to really recognize when something's fraudulent.

[00:05:22] Now I want to get it into a psychological term. In attentional, blindness. You've probably heard of this. I remember this from, I think it was college days for me, so a very long time ago, but there's a study that was done on inattentional blindness called the invisible gorilla test. If you go right now online and just search for invisible gorilla test, you'll see a bunch of these coming.

[00:05:52] No, there's even a book called that the invisible gorilla test that came out about 11 years ago, 12 years ago, I think. But here's the bottom line on this? They tell you to do something in this study. What they did here is there's a video. People there's six people, three of them are dressed with white shirts and three of them have black shirts and they're passing basketballs back and forth.

[00:06:20] The white shirts are only passing to the white shirts and the black shirts under the black shirts. And what they ask you to do is count the number of times the team in white past. Now, you're sitting there watching, knowing they're going to try and fool you, you're paying a whole lot of attention to it.

[00:06:40] And then at the end, they ask you a question that may be not expecting the video. I just watched on this, that was called the monkey business. Illusion is the name of this. I counted and I counted carefully and I came up with 16 passes. So the monkey business, illusion, 16 times the people in the white shirts passed the basketball back and forth.

[00:07:06] So I got that. But then they said did you notice the person in the gorilla costs? Who walked through the game. He didn't just walk through the game, walked in, beat on this chest and then walked out of the game. If you didn't know about this and okay. In chorus, all honesty, I always try and put everything upfront here.

[00:07:29] I knew about it beforehand. I remember from college days. But eight, most people actually about 50% of people who did not know, there is a gorilla in the middle of this. Would not have noticed the gorilla walking through the game, but this monkey business illusion video, there's something else too.

[00:07:52] And I've got to admit, I did not notice that. And that is the curtain color change. From red to gold, this curtain that was in the background of all of these players. And I didn't notice one other thing. I'm not going to tell you what that is. You'll have to watch the video of yourself too, to figure that out again, just go online and search for the monkey business illusion.

[00:08:19] And I think you'll find it. So the reason I brought this up is because if you come across a well forged login page and you're not actively looking for signs of fraud, you're fairly likely to miss a cybercriminals gorilla. You're likely to miss that the logo's not quite right, or the placement isn't the same as I'm used to.

[00:08:45] Because you're focused in, on doing what you're supposed to be doing. It's the whole concept as well of have tunnel vision. And I'm sure you're aware of that. We've all had that before, where we're really focused on this one little thing and we don't notice everything else going on. It particularly happens in high stress times.

[00:09:08] So how do you steer clear of the fake login pages? We're going to talk about that when we get. But it's absolutely crucial for everyone, even if you've had phishing training and you are trying to be cautious, you could fall for this invisible gorilla and enter in your personal details, not something that you really want.

[00:09:36] Hopefully you guys got my newsletter last weekend. I got a lot of comments on it. People are saving. In fact, that's the first thing I said in this email last week is don't lose this because it went through point by point on about 10 different things that you should be doing too. Yourself and your business safe during the holidays.

[00:10:03] Now, of course we had labor day coming up. We're going to have more holidays, right? There's always more holidays in the future and less it's after the first of the year, then you got to wait a long time. Make sure you get it, make sure you dig it out. If he didn't notice it just search for me@craigpeterson.com.

[00:10:23] That's where the email comes from and have a look at that. I have links on how to do all of those things. It's very important. FBI warning out just last week.

[00:10:33] I just told you about one of the biggest problems we are facing right now, when it comes to hackers and then has to do with fishing and going to fake login pages. Now I'm going to tell you exactly what to do.

[00:10:47] How do you steer clear of these fake log-in pages and how do you protect yourself in case you accidentally do provide the bad guys with the information that you shouldn't have?

[00:11:01] If they've got your email address or your login name and they have your password, it's pretty easy for them to log in. In most cases right into your bank account. So first of all, don't fall for phishing, but as we just described because of this whole inattentional blindness that we have, it's easy enough to fall, pray for this.

[00:11:28] Beat yourself up too bad if you followed, if you fell for some of that stuff, but there is a great little website the Google has that you might want to check out. And that website gives you a real quick quiz, is the best way to. And it shows you some emails and you get to determine whether or not you think it's fishing and then it tells you what the reality of it is.

[00:11:59] So go to fishing quiz. Dot with google.com. If you miss that, you can always email me M e@craigpeterson.com and I'll send it off to, but phishing quiz dot with google.com. And of course, phishing is spelled P H I S H I N G fishing. Dot with google.com. So you can go there and right there on the screen, it says, take the quiz.

[00:12:30] You can hit it and make up a name and an email address. So it doesn't have to be your real name or your real email address. Okay. It's not going to send you anything. It's not going to sign you up for stuff. It just wants to use it in. Phishing email examples. That's going to give you, so I put in a fake name and a fake email address and it is showing me an email.

[00:13:00] So to me, from a Luke, John. And it says Luke Johnson shared a link to the following document, Tony 21 budget department dot doc. So if I click on that, I have now told them, Hey, I'm open to all that sort of stuff. It's so anyways, it's got the link and it's got the opening docs and you now up above say, is this phishing or is it.

[00:13:27] Legitimate. Okay. So if we say fishing that says, correct, this is a phishing email. You might have spotted the look alike, you are out. And that is indeed exactly what it is cause it it wasn't legitimate. And remember when you mouse over a link, you can see down at the bottom. The URL that is going to open up for you.

[00:13:51] So you can just go through this at your own speed at your own pace and figure it out again. If you didn't get that, you can always email me M E ed Craig peterson.com. And I'll be glad to get back to you. So that's a good way to learn about fishing. I want to con really warn, I should say businesses. If you are sending out phishing emails to your employees to see if they are opening fake phishing emails or not.

[00:14:23] That's an okay. Practice. The problems really come in with the companies that are sending out phishing emails and are then following up in such a way that employee is punished in some places they are being punished by if you've opened three fake emails over the last year or whatever it might be.

[00:14:47] But over the last year, you're. It's that bad. So we have to be careful. You're not going to increase the confidence of your employees by doing that. And what's, you're actually going to end up doing is slowing down the productivity of your employees. Because now they're going to be really worried about opening, any emails that look like they might be legitimate.

[00:15:14] And so your business is going to slow right down. So having some more training about it. Okay. I can see that everyone makes mistakes and we've got to remember that as well, but watch free, man. But we really are trying to get you to move quickly, act fast, or I need this answer right away. Or one of the big ones is we've got this vendor and in fact, I'll, let me give you a real world example.

[00:15:41] It's a manufacturing company and of course they. To buy product from vendors, as supplier. And then they use that product or whether it's copper or whatever it might be now to put it all together to make their products. And this one person, this one, hacker a lady again in Eastern Europe, she went and found out about this company.

[00:16:08] Okay, great. Found on their website, who the CEO was, who the CFO was. Okay, great. And was able to find the CEO online on Facebook and on his Facebook account, he said, yeah, we're going to The Bahamas. Rear-ending a sailboat. We're going to be out there, the whole family for two weeks. This is going to be fantastic disconnected.

[00:16:37] So she found all of that. Now what she had to do was she found out who it was. The CEO, what school he went to. So first she had to get around the restrictions. Cause he had said, don't share my posts with anyone other than friend. So she sent him a message because she found his LinkedIn profile. You see how easy this is to do.

[00:16:59] She found his LinkedIn profile and that he went to Harvard and got his MBA. So she sent him. A little note saying, Hey, remember me Janie from X, Y, Z class at Harvard, and want to be friends catch up a little bit. And then he doesn't remember who she is, but the picture looks cute enough. I might as well say yes.

[00:17:21] And now she had his contact information over on LinkedIn, send him a friend request over on Facebook as well. That's how she found out he was going to be gone for two weeks. And so now she knows when he's gone. And where he's going to be completely out of touch. So once he's gone about two or three days later, she sent an email off to the CFO inside the company and said, Hey.

[00:17:49] We've got this new vendor they've been providing us with product for the last three months. We haven't paid them at all yet. I need you to wire. It was a little more than $40 million because she'd done her homework. She knew how much money the company made, what their expenses probably were. I need you to wire $40 million to this account, or they're going to stop.

[00:18:17] All shipments to us. And instead of the CFO doing a little bit more homework into it and digging in and finding out because talking to the people in receiving that we've never received anything from that company. I don't know what you're talking about. And then talking with the guy on the manufacturing floor, the CFO didn't do any of that, just okay. This looks legit. And by the way, it is so easy for these hackers to also gain access to personal email accounts. And we're not going to spend time going into that right now. So he wired. Yes indeed. So there's an example of falling for fishing. A little bit of follow up on the part of the CFO would have shown him that this was not legitimate.

[00:19:07] Even over on Shark Tank. Barbara Cochran. She fell prey to this, actually it was her assistant and who wired some $400,000 to a vendor that wasn't real. Now the good news is the assistant copied Barbara who saw the email right away and said, whoa, wait a minute. They called the bank and they put a stop on it..

[00:19:34] Doing a little training here on how to spot fake log-in pages. We just covered fishing and some real world examples of it, of some free quiz stuff that you can use to help with it. And now we're moving on to the next step.

[00:19:50] The next thing to look for when it comes to the emails and these fake login pages is a spelling mistake or grammatical errors.

[00:20:02] Most of the time, these emails that we get that are faking emails are, have really poor grammar in them. Many times, of course the commas are in the wrong place, et cetera, et cetera. But most of us weren't English majors. So we're not going to pick that up myself included. That's why I use Grammarly.

[00:20:21] If you have to ever write anything or which includes anything from an email or a document you probably want to get Grammarly. There's a few out there, but that's the one I liked the best for making sure my grammar. So a tip, to the hackers out there, but the hackers will often use a URL that is very close to it.

[00:20:45] Where are you want to go? So they might put a zero in place of an O in the domain, or they might make up some other domain. So it might be amazon-aws.com or a TD bank-account.com. Something like that. Sometimes the registrars they'll catch that sort of thing and kill it. Sometimes the business that they are trying to fake will catch it and let them know as well.

[00:21:19] There's companies out there that watch for that sort of thing. But many times it takes a while and it's only fixed once enough people have reported it. So look at the URL. Make sure it's legitimate. I always advise that instead of clicking on the link in the email, try and go directly to the website.

[00:21:41] It's like the old days you got a phone call and somebody saying, yo, I'm from the bank and I need your name and social security numbers. So I can validate the someone broke into your account. No, they don't. They don't just call you up like that nowadays. They'll send you a message in their app.

[00:21:56] That's on your smart. But they're not going to call you. And the advice I've always given is look up their phone. And by the way, do it in the phone book, they remember those and then call them back. That's the safest way to do that sort of thing. And that's true for emails as well. If it's supposedly your bank and it's reporting something like someone has broken into your account, which is a pretty common technique for these fissures, these hackers that are out there, just type in the bank URL as it not what's in the email.

[00:22:33] There will be a message there for you if it's legitimate, always. Okay. So before you click on any website, Email links, just try and go directly to the website. Now, if it's one of these deep links where it's taking new Jew, something specific within the site, the next trick you can play is to just mouse over the link.

[00:22:58] So bring your mouse down to where the link is. And typically what'll happen is at the bottom left. Your screen or of the window. It'll give you the actual link. Now, if you look at some of them, for instance, the emails that I send out, I don't like to bother people. So if you have an open one of my emails in a while, I'll just automatically say, Hey, I have opened them in awhile, and then I will drop you off the list.

[00:23:28] Plus if you hit reply to one of my newsletters, my show notes, newsletters. That's just fine, but it's not going to go to me@craigpeterson.com and some people you listeners being the best and brightest have noticed that what happens is it comes up and it's some really weird URL that's so I can track.

[00:23:51] Who responded to me. And that way I can just sit down and say, okay, now let me go through who has responded? And I've got a, kind of a customer relationship management system that lets me keep track of all of that stuff so that I know that you responded. I know you're interacting, so I know I'm not bothering you.

[00:24:11] And I know I need to respond. Much the same thing is true with some of these links. When I have a link in my newsletter and I say, Hey, I'm linking to MIT's article. It is not going to be an MIT. Because again, I want to know what are you guys interested in? So anytime you click on a link, I'll know, and I need to know that, so I know why, Hey, wait a minute.

[00:24:36] Now, 50% of all of the people that opened the emails are interested in identifying fake login pages. So what do I do? I do something like I'm doing right now. I go into depth on fake logs. Pages. I wouldn't have known that if I wasn't able to track it. So just because the link doesn't absolutely look legit doesn't mean it isn't legit, but then again, if it's a bank of it involves financial transactions or some of these other things be more cautious.

[00:25:11] So double check for misspellings or grammatical errors. Next thing to do is to check the certificate, the security certificate on the site. You're on this gets a little bit confusing. If you go to a website, you might notice up in the URL bar, the bar that has the universal resource locator, that's part of the internet.

[00:25:38] You might've noticed a. And people might've told you do check for the lock. That lock does not mean that you are safe. All it means is there is a secure VPN from your computer to the computer on the other side. So if it's a hacker on the other side, you're sending your data securely to the hacker, right?

[00:26:05] That's not really going to do you a whole lot of good. This is probably one of the least understood things in the whole computer security side, that connect. May be secure, but is this really who you think it is? So what you need to do is click on their certificate and the certificate will tell you more detail.

[00:26:29] So double check their certificate and make sure it is for the site. You really. To go to, so when it's a bank site, it's going to say, the bank is going to have the bank information on it. That makes sense. But if you go for instance on now, I'm going to throw a monkey wrench into this whole thing.

[00:26:48] If you go to Craig peterson.com, for instance, it's going to. Connection is secure. The certificate is valid, but if you look at their certificate and the trust in the details, it's going to be issued by some company, but it's going to just say Craig peterson.com. It's not going to give a business name like it would probably do for a bank.

[00:27:14] So you know, a little bit of a twist to it, but that's an important thing. Don't just count on the lock, make sure that the certificate is for the place you want to contact. Last, but not least is multi-factor authentication. I can't say this enough. If the bad guys have your username or email address and your password for a site, if you're using multifactor authentication, they cannot get in.

[00:27:53] So it's going to prevent credential stuffing tactics, or they'll use your email and password combinations that have already been stolen for mothers sites to try and hack in to your online profile. So very important to set up and I advise against using two factor authentication with your, just a cell phone, as in a text message SMS, it is not secure and it's being hacked all of the time.

[00:28:23] Get an authorization. Like one password, for instance, and you shouldn't be using one password anyways, for all of your passwords. And then Google has a free one called Google authenticator. Use those instead of your phone number for authentication.

[00:28:40] You're listening to Craig Peterson, cybersecurity strategist, and online@craigpeterson.com.

[00:28:48] I've been warning about biometric databases. And I sat down with a friend of mine who is an attorney, and he's using this clear thing at the airport. I don't know if you've seen it, but it's a biometric database. What are the real world risks?

[00:29:04] This clear company uses biometrics.

[00:29:08] It's using your eye. Brent, if you will, it's using your Iris. Every one of us has a pretty darn unique Iris, and they're counting on that and they're using it to let you through TSA very quickly. And this attorney, friend of mine thinks it's the best thing since sliced bread, because he can just. On through, but the problem here is that we're talking about biometrics.

[00:29:34] If your password gets stolen, you can change it. If your email account gets hacked, I have another friend who his account got hacked. You can get a new email account. If your Iris scan that's in this biometric database gets stolen. You cannot replace your eyes unless of course you're Tom cruise and you remember that movie, and it's impossible to replace your fingerprints. It's possible to replace your face print. I guess you could, to a degree or another, some fat injections or other things. Could be done to change your face sprint, but these Iris scans fingerprints and facial images are something I try not to provide any.

[00:30:29] Apple has done a very good job with the security of their face print, as well as their fingerprint, because they do not send any of that information out directly to themselves or to any database at all. Period. They are stored only on the device itself. And they're in this wonderful little piece of electronics that can not be physically compromised.

[00:30:59] And to date has not been electronically compromised either. They've done a very good job. Other vendors on other operating systems like Android, again, not so much, but there are also databases that are being kept out there by the federal government. I mentioned this clear database, which isn't the federal government, it's a private company, but the federal government obviously has its fingers into that thing.

[00:31:29] The office of personnel. For the federal government, they had their entire database, at least pretty much the entire database. I think it was 50 million people stolen by the red, Chinese about six years ago. So the communists. Copies of all of the information that the officer personnel management had about people, including background checks and things.

[00:31:55] You've probably heard me talk about that before. So having that information in a database is dangerous because it attracts the hackers. It attracts the cybercriminals. They want to get their hands on it. They'll do all kinds of things to try and get their hands. We now have completely quit Afghanistan.

[00:32:20] We left in a hurry. We did some incredibly stupid things. I just, I can't believe our president of the United States would do what was done here. And now it's been coming out that president and Biden completely ignored. The advice that he was getting from various military intelligence and other agencies out there and just said, no, we're going to be out of there.

[00:32:46] You have to limit your troops to this. And that's what causes them to close the air base battleground that we had for so many years. Apparently the Chinese are talking about taking it over now. Yeah. Isn't that nice. And whereas this wasn't an eternal war, right? We hadn't had anybody die in a year and a half.

[00:33:05] It's crazy. We have troops in south Vietnam. We have troops in Germany. We have troops in countries all over the world, Japan, you name it so that we have a local forest that can keep things calm. And we were keeping things calm. It's just mind blowing. But anyhow, politics aside, we left behind a massive database of biometric database.

[00:33:38] Of Afghanis that had been helping us over in Afghanistan, as well as a database that was built using us contractors of everyone in the Afghan military and the basically third genealogy. Who their parents were the grandparents blood type weight, height. I'm looking at it right now. All of the records in here, the sex ID nationality.

[00:34:11] Date of exploration, hair color, favorite fruit, favorite vegetables, place of birth, uncle's name marker signature approval. Signature date, place of birth. Date of birth address, permanent address national ID number place of ISS. Date of ISS native language salary data salary, group of salary, police of salary education, father's name, graduation, date, weapon and service now.

[00:34:41] These were all in place in Afghanistan. We put them in place because we were worried about ghost soldiers. A gold soldier was someone who we were paying the salary of taxpayers of the United States were paying the salaries of the Afghan military for quite some time. And we were thinking that about half of the.

[00:35:06] Payroll checks. We were funding. We're actually not going to people who were in the military, but we're going to people who were high up within the Afghan government and military. So we put this in place to get rid of the ghost soldiers. Everybody had to have all of this stuff. In the database, 36 pieces of information, just for police recruitment.

[00:35:39] Now this information we left behind and apparently this database is completely in the hand of the Taliban. Absolutely. So we were talking about Americans who helped construct Afghanistan and the military and the telephone. The looking for the networks of their Ponant supporters. This is just absolutely amazing.

[00:36:07] So all of the data doesn't have clear use, like who cares about the favorite fruit or vegetable, but the rest of it does the genealogy. Does they now know who was in the police department, who was in the military, who their family is, what their permanent address is. Okay. You see the problem here and the biometrics as well in the biometrics are part of this us system that we were using called hide H I D E.

[00:36:41] And this whole hide thing was a biometric reader. The military could keep with them. There were tens of thousands of these things out in the field. And when they had an encounter with someone, they would look up their biometrics, see if they were already in the database and in the database, it would say, yeah, they're friendly, they're an informant.

[00:37:03] Or we found them in this area or w we're watching them. We have concern about them, et cetera, et cetera. All of their actions were in. Turns out that this database, which covered about 80% of all Afghans and these devices are now in the hands of the Taliban. Now, the good news with this is that a lot of this information cannot be easily extracted.

[00:37:32] So you're not going to get some regular run of the mill Taliban guy to pick one of these up and start using. But the what's happening here is that we can really predict that one of these surrounding companies like Pakistan that has been very cooperative with the Taliban. In fact, they gave refuge to Saddam, not Saddam Hussein, but to a bin Ladin and also Iran and China and Russia.

[00:38:04] Any of those countries should be able to get into that database. Okay. So I think that's really important to remember now, a defense department spokesperson quote here, Eric Fay on says the U S has taken prudent actions to ensure that sensitive data does not fall into the Tolo bonds. And this data is not at risk of misuse.

[00:38:29] Misuse that's unfortunately about all I can say, but Thomas Johnson, a research professor at the Naval postgraduate school in Monterey, California says not so fast, the taller Bon may have used biometric information in the Coon dues. So instead of taking the data straight from the high devices, he told MIT technology review that it is possible that Tolo bond sympathizers in Kabul, provided them with databases of military personnel, against which they could verify prints.

[00:39:07] In other words, even back in 2016, it may have been the databases rather than these high devices themselves pose the greatest risk. This is very concerning big article here in MIT technology review. I'm quoting from it a little bit here, but there are a number of databases. They are biometric. Many of these, they have geological information.

[00:39:35] They have information that can be used to round up and track down. Now, I'm not going to mention world war two, and I'm not going to mention what happened with the government too, before Hitler took over, because to do that means you lose that government had registered firearms, that government had registered the civilians and the people and Afghanistan.

[00:40:04] The government was also as part of our identification papers, registering your religion. If you're Christian, they're hunting you down. If you were working for the military, they're hunting you down. And this is scary. That's part of the reason I do not want biometric information and databases to be kept here in the U S Hey, make sure you get my show notes every week on time, along with free training, I try to help you guys out.

[00:40:41] If you've never heard of the Carrington event, I really hope, frankly, I really do hope we never have to live through one of these. Again, there is a warning out there right now about an internet apocalypse that could happen because of the sun.

[00:40:58] Solar storms are something that happens really all of the time. The sun goes through solar cycles. About every seven years, there are longer cycles as well. You might know. I have an advanced class amateur radio license I've had for a long time, and we rely a lot when we're dealing with short wave on the solar cycle.

[00:41:22] You see what happens is that the sun charges, the atmosphere. That if you've ever seen the Northern light, that is. Part of the Sunzi missions, hitting our magnetic field and getting sucked into the core of the earth, if you will, as they get caught in that field. And the more charged the atmosphere is, the more bounce you get.

[00:41:46] That's what we call it bounce. And the reason us hams have all these different frequencies to use is because of the bow. We can go different frequencies with different distances, I should say, using different frequencies. So think about it right now. You've got the earth and I want to talk from Boston to Chicago.

[00:42:08] For instance, I know about how many miles it is, and I have to figure out in the ionosphere up in the higher levels of the atmosphere, what frequency. To use in order to go up into the atmosphere, bounce back, and then hit Chicago. That's the idea. It's not quite as simple or as complex in some ways, as it sounds, a lot of people just try different frequencies and a lot of hams just sit there, waiting for anybody anywhere to talk to, particularly if they are.

[00:42:41] It's really quite fun. Now what we're worried about, isn't so much just the regular solar activity. We get worried when the sun spots increase. Now, the solar cycle is what has primary image. On the temperature on earth. So no matter what, you might've heard that isn't your gas, guzzling car or a diesel truck that causes the Earth's temperature to change.

[00:43:10] Remember the only constant when it comes to the Earth's temperature has been changed over the millions of years. We had periods where the earth was much warmer than it is now had more common that carbon dioxide in the atmosphere than it does now had less. In fact, right now we are at one of the lowest levels of carbon dioxide in the atmosphere in earth long.

[00:43:36] So the sun, if you might remember, comes up in the morning, warms things up, right? And then it cools down. When the sun disappears at nighttime, it has a huge impact. It's almost exclusively the impact for our temperatures. There's other things too, for instance. eruption can spew all to hold a lot of carbon dioxide.

[00:44:01] In fact, just one, just Mount St. Helens wanted erupted, put more carbon dioxide into the atmosphere than man has throughout our entire existence. Just to give you an idea, right? So these alarms that are out there, come on, people. Really, and now we're seeing that in this last year, we had a 30% increase in the ice cap up in the, in, up in the north, up in Northern Canada, around the polls.

[00:44:32] We also had some of these glaciers growing. It was so funny. I saw an article this year, or excuse me, this week that was showing a sign that was at one of our national parks. And it said this glacier will have disappeared by 2020. Of course it hasn't disappeared. In fact, it has grown now and it's past 2020.

[00:44:54] Anyhow, the sun has a huge impact on us in so many ways. And one of the ways is. Something called a coronal mass ejection. This is seriously charged particles. That tend to be very directional. So when it happens, when there's one of these CMS coronal, mass ejections, it's not just sending it out all the way around the sun everywhere.

[00:45:21] It's really rather concentrated in one. One particular spot. Now we just missed one not too long ago. And let me see if I can find it here. Just mast, a cm E near miss. Here we go. There a solar super storm in July, 2012, and it was a very close shave that we had most newspapers didn't mention it, but this could have been.

[00:45:51] AB absolutely incredible. We'd be picking up the pieces for the next 50 years. Yeah. Five, zero years from this one particular storm. And what happens is these solar flares, if you will, are very extreme, the CME. You're talking about x-rays extreme UV, ultraviolet radiation, reaching the earth at the speed of light ionizes, the upper layers of atmosphere.

[00:46:19] When that happens, by the way, it hurts our communications, but it can also have these massive effects where it burns out saddle. And then causes radio blackouts, GPS, navigation problems. Think about what happened up in Quebec. So let me just look at this back hit with an E and yeah, here we go. And March 13th, 1989.

[00:46:50] Here we go. Here's another one. Now I remembered. And this is where Quill back got nailed. I'm looking at a picture here, which is looking at the United States and Canada from the sky and where the light is. And you can see Quebec is just completely black, but they have this massive electrical blackout and it's becomes.

[00:47:13] Of this solar storm. Now they, these storms that I said are quite directional depending on where it hits and when it hits things can get very bad. This particular storm back in 1989 was so strong. We got to see their Rora Borealis, the Northern lights as far south, as Florida and cute. Isn't that something, when we go back further in time to this Carrington event that I mentioned, you could see the Northern lights at the eclipse.

[00:47:50] Absolutely amazing. Now the problem with all of this is we've never really had an internet up online. Like we have today when we had one of the storms hit. And guess what we're about to go into right now, we're going into an area or a time where the sun's going to be more active, certainly on this 11 year cycle and possibly another bigger cycle too, that we don't really know much about.

[00:48:22] But when this hit us back in the 1850s, what we saw was a a. Telegraph system that was brought to its knees. Our telegraphs were burned out. Some of the Telegraph buildings were lit. They caught on fire because of the charges coming in, people who were working the telegraphs, who are near them at the time, got electric shocks or worse than that.

[00:48:48] Okay. 1859 massive Carrington event compass needles were swinging wildly. The Aurora Borealis was visible in Columbia. It's just amazing. So that was a severe storm. A moderate severity storm was the one that hit in Quebec here knocked out Quebec electric. Nine hour blackout of Northeast Canada. What we think would happen if we had another Carrington event, something that happened to 150 years ago is that we would lose power on a massive scale.

[00:49:27] So that's one thing that would happen. And these massive transformers that would likely get burned out are only made in China and they're made on demand. Nobody has an inventory. So it would be at least six months before most of the country would get power back. Can you believe that would be just terrible and we would also lose internet connectivity.

[00:49:52] In fact, the thinking that we could lose internet connectivity with something much less than a severe storm, maybe if the Quebec power grid solar, a massive objection here. Maybe if that had happened, when. The internet was up. They might have burned out internet in the area and maybe further. So what we're worried about is if it hits us, we're going to lose power.

[00:50:20] We're going to lose transformers on the transmission lines and other places we're going to lose satellites and that's going to affect our GPS communication. We're going to lose radio communication, and even the undersea cables, even though they're now no longer. Regular copper cables. It's now being carried of course, by light in pieces of glass.

[00:50:45] The, those cables need to have repeaters about every 15 miles or so under underwater. So the power is provided by. Copper cables or maybe some other sort of power. So these undersea cables, they're only grounded at extensive intervals, like hundreds or thousands of kilometers apart. So there's going to be a lot of vulnerable components.

[00:51:12] This is all a major problem. We don't know when the next massive. Solar storm is going to happen. These coronal mass ejections. We do know they do happen from time to time. And we do know it's the luck of the draw and we are starting to enter another solar cycle. So be prepared. Of course, you're listening to Craig Peterson, cybersecurity strategist.

[00:51:42] If you'd like to find out more and what you can do, just visit Craig peterson.com and subscribe to my weekly show notes.

[00:51:52] Google's got a new admission and Forbes magazine has an article by Zach Dorfman about it. And he's saying you should delete Google Chrome now after Google's newest tracking admission. So here we go.

[00:52:09] Google's web browser. It's been the thing for people to use Google Chrome for many years, it's been the fastest. Yeah, not always people leapfrog it every once in a while, but it has become quite a standard. Initially Microsoft is trying to be the standard with their terrible browser and yeah, I to Exploder, which was really bad and they have finally completely and totally shot it in the head.

[00:52:42] Good move there on their part. In fact, they even got rid of their own browser, Microsoft edge. They shot that one in. They had to, I know I can hear you right now saying, oh, Craig, I don't know. I just use edge browser earlier today. Yeah. But guess what? It isn't edge browser. It's actually Google Chrome. The Microsoft has rebranded.

[00:53:04] You see the guts to Google Chrome are available as what's called an open source project. It's called chromium. And that allows you to take it and then build whatever you want on top of. No, that's really great. And by the way, Apple's web kit, Kat is another thing that many people build browsers on top of and is part of many of these browsers we're talking about right now, the biggest problem with the Google Chrome.

[00:53:35] Is they released it so they could track you, how does Google make its money? It makes us money through selling advertising primarily. And how does it sell advertising if it doesn't know much or anything about you? So they came out with the Google Chrome browser is a standard browser, which is a great.

[00:53:55] Because Microsoft, of course, is very well known for not bothering to follow standards and say what they have is the actual standard and ignoring everybody else. Yeah. Yeah. I'm picking on Microsoft. They definitely deserve it. There is what is being called here in Forbes magazine, a shocking new tracking admission from.

[00:54:17] One that has not yet made headlines. And there are about what 2.6 billion users of Google's Chrome worldwide. And this is probably going to surprise you and it's frankly, Pretty nasty and it's, I think a genuine reason to stop using it. Now, as you probably know, I have stopped using Chrome almost entirely.

[00:54:42] I use it when I have to train people on Chrome. I use it when I'm testing software. There's a number of times I use it, but I don't use it. The reality is that Chrome is an absolute terror. When it comes to privacy and security, it has fallen way behind its rivals in doing that. If you have an iPhone or an iPad or a Mac, and you're using safari, apple has gone a long ways to help secure your data.

[00:55:19] That's not true with Chrome. In fact, it's not protecting you from tracking and Dave data harvesting. And what Google has done is they've said, okay we're going to get these nasty third party cookies out of the whole equation. We're not going to do that anymore. And what they were planning on doing is instead of knowing everything specifically.

[00:55:43] You they'd be able to put you in a bucket. So they'd say, okay, you are a 40 year old female and you are like driving fast cars and you have some kids with a grandkid on the way, and you liked dogs, not cats, right? So that's a bucket of people that may be a few hundred or maybe up to a thousand. As opposed to right now where they can tell everything about you.

[00:56:12] And so they were selling that as a real advantage because they're not tracking you individually anymore. No, we're putting you in a bucket. It's the same thing. And in fact, it's easier for Google to put you in a bucket than to track everything about you and try and make assumptions. And it's easier for people who are trying to buy ads to place in front of you.

[00:56:34] It's easier for them to not have to reverse engineer all of the data the Google has gathered in instead. To send this ad to people that are in this bucket and then that bucket. Okay. It makes sense to you, but I, as it turns out here, Google has even postponed of that. All right. They really have, they're the Google's kind of hiding.

[00:56:59] It's really what's going on out there. They are trying to figure out what they should do, why they should do it, how they should do it, but it's going to be a problem. This is a bad habit. The Google has to break and just like any, anybody that's been addicted to something it's going to take a long time.

[00:57:19] They're going to go through some serious jitters. So Firefox is one of the alternatives and to Google Chrome. And it's actually a very good one. It is a browser that I use. I don't agree with some of the stuff that Mozilla and Firefox does, but again, nobody agrees on everything. Here's a quote from them.

[00:57:41] Ubiquitous surveillance harms individually. And society Chrome is the only major browser that does not offer meaningful protection against cross site tracking and Chrome will continue to leave users unprotected. And then it goes on here because. Google response to that. And they admit that this massive web tracking out of hand and it's resulted in, this is a quote from Google and erosion of trust, where 72% of people feel that almost all of what they do online is being.

[00:58:19] By advertisers, technology firms or others, 81% say the potential risks from data collection outweigh the benefit by the way, the people are wrong. 72% that feel almost all of what they do on online is being tracked. No. The answer is 100% of what you do is probably being tracked in some way online.

[00:58:41] Even these VPN servers and systems that say that they don't do logs. Do track you take a look at proton mail just last week. Proton mail it's in Switzerland. Their servers are in Switzerland. A whole claim to fame is, Hey, it's all encrypted. We keep it safe. We don't do logging. We don't do tracking guess what they handed over the IP addresses of some of the users to a foreign government.

[00:59:09] So how can you do that? If you're not logging, if you're not tracking. Yeah, they are. And the same thing is true for every paid VPN service I can think of. So how can Google openly admit that their tracking is in place tracking everything they can, and also admit that it's undermining our privacy.

[00:59:36] Their flagship browser is totally into it. It's really, it's gotta be the money. And Google does not have a plan B this anonymized tracking thing that they've been talking about, the buckets that I mentioned, isn't realistic, frankly. Google's privacy sandbox is supposed to Fitbit fix it.

[00:59:56] I should say. The whole idea and the way it's being implemented and the way they've talked about it, the advertisers on happy. So Google is not happy. The users are unhappy. So there you go. That's the bottom line here from the Forbes article by Zach Dorfman, delete Google Chrome. And I said that for a long time, I do use some others.

[01:00:20] I do use Firefox and I use. Which is a fast web browser. That's pretty good shape. Hey, if you sign up for my shows weekly newsletter, not only will you get all of my weekly tips that I send to the radio hosts, but you will get some of my special reports that go into detail on things like which browser you shouldn't be using.

[01:00:46] Sign up right now. Craig peterson.com.

[01:00:50] Many businesses have gone to the cloud, but the cloud is just another word for someone else's computer. And many of the benefits of the cloud just haven't materialized. A lot of businesses have pulled back and are building data centers.

[01:01:07] Now, the reason I mentioned this thing about Microsoft again, and the cloud is Microsoft has a cloud offering.

[01:01:17] It's called Microsoft Azure. Many people, many businesses use it. We have used it with some of our clients in the past. Now we have some special software that sits in front of it that helps to secure. And we do the same thing for Amazon web services. I think it's important to do that. And we also use IBM's cloud services, but Microsoft is been pitching for a long time.

[01:01:45] Come use our cloud services and we're expecting here probably within the next month, a big announcement from Microsoft. They're planning on making it so that you can have your desktop reside in Microsoft's cloud, in the Azure cloud. And they're selling really the feature of it doesn't matter where you are.

[01:02:11] You have your desktop and it doesn't matter what kind of computer you're on. As long as you can connect to your desktop, using some just reasonable software, you will be able to be just like you're in front of a computer. So if you have a Chromebook or a Mac, Or windows or tablet, whatever. And you're at the grocery store or the coffee shop or the office, you'll be able to get it, everything, all of your programs, all your files.

[01:02:41] And we, Microsoft will keep the operating system up to date for you automatically a lot of great selling points. And we're actually looking into that, not too heavily yet. We'll give them a year before we really delve into it at all. Cause it takes them a while to get things right. And Microsoft has always been one that adds all kinds of features, but most of the time, most of them don't work and we can document that pretty easily, even in things like Microsoft.

[01:03:11] The verge is now reporting that Microsoft has warned users of its as your cloud computing service, that their data has been exposed online for the last two years. Yeah, let me repeat that in case you missed it, you yeah. I'm I might've misspoken. Let me see, what does it say? It says users of Azure cloud competing service.

[01:03:36] So that's their cloud. Microsoft's big cloud. Okay. Their data has been. Exposed online. Okay. So that means that people could get the data, maybe manipulate the data that's exposed means for the last two years. Are you kidding me? Microsoft is again, the verge. Microsoft recently revealed that an error in its Azure cosmos database product left more than 3,300 as your customer's data.

[01:04:12] Completely exposed. Okay guys. So this is not a big thing, right? It can't possibly be big thing because you know who uses Azure, nobody uses a zer and nobody uses hosted databases. Come on, give me a break. Let me see, what else does this have to say? Oh, okay. It says that the vulnerability was reported, reportedly introduced into Microsoft systems in 2019, when the company added a data visualization feature called Jupiter notebook to cosmos DB.

[01:04:46] Okay. I'm actually familiar with that one and let's see what small companies let's see here. Some Azure cosmos DB clients include Coca Cola. Liberty mutual insurance, Exxon mobile Walgreens. Let me see. Could any of these people like maybe Liberty mutual insurance and Walgreens, maybe they'd have information about us, about our health and social security numbers and account numbers and credit cards. Names addresses. That's again, why I used to get so upset when these places absolutely insist on taking my social security number, right? It, first of all, when it was put in place, the federal government guaranteed, it would never be used for anything other than social security.

[01:05:34] And the law even said it could not be used for anything other than social security. And then the government started expanding it. And the IRS started using it. To track all of our income and that's one thing right there, the government computers, they gotta be secure. All of these breaches we hear about that.

[01:05:52] Can't be true. So how about when the insurance company wants your personal information? Like your social security number? What business is it of? There's really no. Why do they have to have my social security number? It's a social security number. It's not some number that's tattooed on my forehead. That's being used to track me.

[01:06:18] Is it this isn't a socialist country like China is, or the Soviet union was right. It's not social. So why are they tracking us like that? Walgreens? Why do they need some of that information? Why does the doctor that you go to that made the prescription for Walgreens? Why do they need that information?

[01:06:40] And I've been all over this because they don't. Really need it. They want, it makes their life easier, but they don't really need it. However, it exposes us. Now, if you missed the email, I sent out a week ago, two weeks ago now, you missed something big because I, in my weekly newsletter went through and described exactly what you could do in order to keep your information private.

[01:07:13] So in those cases where websites asking for information that they don't really need, right? You don't want to lie, but if they don't really need your real name, why you're giving them your real name? Why do you use a single email address? Why don't you have multiple addresses? Does that start make sense to you guys?

[01:07:33] And now we find out that Microsoft Azure, their cloud services, where they're selling cloud services, including a database that can be used online, a big database 3,300 customers looks like some of them are actually big. I don't know. ExxonMobil pretty big. Yeah. I think so. Walgreens, you think that might be yeah.

[01:07:57] Why. Why are we trusting these companies? If you have a lot of data, a lot of customers, you are going to be a major target of nation states to hack you and bat just general hackers, bad guys. But you're also if you've got all this information, you've also got to have a much higher level of security than somebody that doesn't have all of that information.

[01:08:24] Does that make sense to you? Did I say that right? You don't need the information and I've got to warn anybody that's in a business, whether you're a business owner or you're an employee, do not keep more data than you need the new absolutely need to run your company. And that includes data about your customers.

[01:08:48] And maybe it's even more specifically data about your customer. Because what can happen is that data can be stolen and we just found it. That? Yes, indeed. It could have been, it was exposed Microsoft the same. We don't know how much it was stolen. If anything was stolen. Yeah, Walgreens. Hey, I wonder if anyone's going to try and get some pain pills illegally through a, this database hack or a vulnerability anyways.

[01:09:17] All right, everyone. Stick around. We'll be back. Of course, you listening to Craig Peterson. I am a cybersecurity strategist for business, and I'm here to help you as well. You can ask any question any time consumers are the people I help the most, I wish I got a dime for every time I answered a question.

[01:09:38] Just email me@craigpeterson.com and stick around.

[01:09:44] Whether or not, you agree with the lockdown orders that were put in place over this COVID pandemic that we had. There are some other parts of the world that are doing a lot more.

[01:10:00] Australia has. I don't know. I think that they went over the deep end that much, the same thing is true right next door to them.

[01:10:11] And I am looking at a report of what they are doing with this new app. You might be aware that both apple and Google came out with an application programming interface. That could be used for contract tack tracking, contact tracking. There you go. It wasn't terribly successful. Some states put some things in place.

[01:10:38] Of course you get countries like China. I love the idea because heaven forbid you get people getting together to talk about a Tannen square remembrance. Now you want to know who all of those people were, who were in close proximity, right? Good for China a while, as it turns out, Australia is putting something in place they have yet another COVID lockdown.

[01:11:03] They have COVID quarantine orders. Now I think if you are sick, you should stay here. I've always felt that I, I had 50 employees at one point and I would say, Hey, if you're sick, just stay home. Never required a doctor's note or any of that other silliness, come on. People. If someone's sick, they're sick and let them stay home.

[01:11:26] You don't want to get everybody else in the office, sick and spread things around. Doesn't that just make sense. They now in Australia, don't trust people to stay home, to get moving. Remember China, they were taking welders and we're going into apartments in anybody that tested positive.

[01:11:42] They were welding them into their apartment for minimum of two weeks. And so hopefully they had food in there and they had a way to get fresh water. Australia is not going quite that far, but some of the states down under. Using facial recognition and geolocation in order to enforce quarantine orders and Canada.

[01:12:07] One of the things they've been doing for very long time is if you come into the country from out of the country, even if you're a Canadian citizen, you have to quarantine and they'll send people by your house or you have to pay to stay for 10 days in a quarantine hope. So you're paying the, of course now inflated prices for the hotel, because they're a special quarantine hotel.

[01:12:34] You have to pay inflated prices to have food delivered outside your door. And that you're stuck there for the 10 days, or if you're at home though, they, you're stuck there and they'll send people by to check up on you. They'll make phone calls to check up on you. They have pretty hefty fines.

[01:12:54] What Australia has decided to do is in Australia is Charlene's even going from one state to another state are required to prove that they're obeying a 14 day quarantine. And what they have to do is have this little app on their phone and they, the app will ping them saying, prove it. And then they have to take a photo of themselves with geo location tag on it and send it up via the app to prove their location.

[01:13:32] And they have to do all of that within 15 minutes of getting the notification. Now the premier of the state of south Australia, Steven Marshall said, we don't tell them how often or when on a random basis, they have to reply within 15 minutes. And if you don't then a police, officer's going to show up at the address you're supposed to be at to conduct an in-person check.

[01:13:59] Very intrusive. Okay. Here's another one. This is an unnamed government spokesperson who was apparently speaking with Fox news quote. The home quarantine app is for a selected cohort of returning self Australians who have applied to be part of a trial. If successful, it will help safely ease the burden of travel restrictions associated with the pandemic.

[01:14:27] So there you go. People nothing to worry about. It's just a trial. It will go away. Just for instance, income tax, as soon as rule, number one is over, it will be removed and it will never be more than 3% and it will only apply to the top 1% of wage-earners. So there you go. And we all know that world war one isn't over yet.

[01:14:47] So that's why they still have it in somehow. Yeah, some of the middle class pays the most income tax. I don't know. Interesting. Interesting. So there you go. Little news from down under, we'll see if that ends up happening up here. News from China, China has China and Russia have some interesting things going on.

[01:15:08] First of all, Russia is no longer. Country, they are. They aren't, they are a lot freer in many ways than we are here in the United States. Of course, China, very heavily socialist. In fact, they're so socialists, they are communist and China. And Russia both want their kids to have a very good education in science, engineering, and mathematics.

[01:15:35] Not so much on history, not so much on, on politics. But definitely heavy on the sciences, which I can see that makes all the sense. I think everybody should be pretty heavily on the science. According to the wall street journal this week, gamers under the age of 18 will not be allowed to play online games between 8:00 PM and 9:00 PM on Friday, Saturdays and Sundays.

[01:16:02] Okay. So basically what they're doing, I reverse that what they're doing is they're only allowing the kids three hours of gaming per week. In other words, they can play between eight and 9:00 PM, Friday, Saturday, and Sundays. I think that might overload some gaming servers. Cov gaming addiction has affected studies and normal lives.

[01:16:23] And many parents have become miserable. That's China's press and public administration. Sedna state. Okay. There's going to be some relief during the school holidays. Children will be allowed 60 minutes per day for gaming hard to say how China plans didn't force it, but they have their ways, identity cards. By the way required for playing online. They've got a facial recognition system introduced in July by 10 cent. Remember all of the uproar around 10 cent and their apps and president Trump trying to get them blocked here in the U S yeah, there you go. Facial recognition bill right into the app, and it's proven effective at catching children pretending to be adults in order to get around government gaming curves.

[01:17:12] So this goes on and on and Korea as well, South Korea has had some very big problems. You might remember it was headlines just a few years ago of some of these south Korean kids dying because they were playing video games four days straight with no sleep, no real food. Just taking all of these energy.

[01:17:37] And we'll literally gaming themselves to death. So South Korea passed a law that prevented young people from playing online video games late at night. So that was introduced back in 2011 and it's targeted at players 16 or up. And south Korean miners were prevented from playing online PC games between midnight and six, 8:00 AM.

[01:18:03] Now South Korea has scrapped that law. Interesting. So they're saying it's out of respect for younger citizens, right? They're going to abolish this law, replace it by. Permit system that allows players to request a permit per game and play during self-assigned hours that their parents will sign off on.

[01:18:27] This is in an article from GameSpot, by the way, a gamespot.com. You might remember them too, the whole Robin hood scandal. But I think it's an interesting question. When my kids were young lo those many years ago I got this box that the, you took the TV wire, you ran it into the box and you could program.

[01:18:51] So that each kid had their own code and you could specify how much time the kid could watch TV or how much time or when they could watch TV and how much time cumulative the kids could have. And it actually worked pretty well. And the kids certainly complained a lot about it. And a couple of them tried to work the way around it hard to when the plug is inside the box.

[01:19:17] Yeah, ingenuity as they are. They were able to do that. They cut the wire off and put another power connector on the end of the TV wire. Anyhow Microsoft, we've been talking about them a lot. This show. I do not like Microsoft, that already the windows 11 is coming out and we talked about.

[01:19:38] Before, because windows 11 is plying. Microsoft is planning on requiring you to have a very modern computer. You need to have a TPM in it, which is this special security module. You need to have a certain speed, et cetera, but the TPM is a big thing. That's going to make it. So most of your computers won't work.

[01:20:04] Tons of pushback on that. I can see what Microsoft is trying to do it. They really would love to have a clean operating system that really wasn't getting hacked all the time. And this will help it won't solve their problem, but it will help. So that they're going to be doing now is they're going to over the course of months, starting October 5th.

[01:20:28] They're going to release windows 11 to certain people, one at a time type approach. So they're not going to force everyone to upgrade. They're not going to offer it to everyone. And Microsoft is going to offer a preview of the Android apps in the Microsoft store for windows insiders in the months ahead.

[01:20:51] But they're planning on having a phased rollout through winter. Date, and you're not going to see it most likely when it starts to roll out, but you will be seen and to end with the stringent system requirement, apparently what they're going to do is not auto update your computer if it's not new enough.

[01:21:13] And if it doesn't have a TPM, but you can manually install windows 11, at least that's what they're doing. That's it for today. We had some more stuff I didn't get to, but we always have more every week. And I try to keep you up to date. We do trainings, visit me online so you can find out about all of this stuff.

[01:21:33] The trainings, most of them are absolutely free. Craig peterson.com/subscribe. Craig peterson.com.

  continue reading

500 つのエピソード

すべてのエピソード

×
 
Loading …

プレーヤーFMへようこそ!

Player FMは今からすぐに楽しめるために高品質のポッドキャストをウェブでスキャンしています。 これは最高のポッドキャストアプリで、Android、iPhone、そしてWebで動作します。 全ての端末で購読を同期するためにサインアップしてください。

 

クイックリファレンスガイド