2019 Newsletter: 51/58 — PreviousNext — (Attach.)

Sydney Harbour
WEEKLY NEWSLETTER 7 - 12 OCTOBER 2019

Hello and Welcome,

Vale Robert Tonazzi

It is with great sadness that we report the passing of Robert Tonazzi. He was a long-standing member of SPCTUG, and died Monday, September 30th, following a heart-attack.

Several years ago, when the Club had a "Repair and Maintenance" SIG based in Hornsby, he was an enthusiastic and knowledgeable member.

He will be sadly missed.

 

Daylight Saving Time:

†Daylight Saving Time begins on Sunday, 6 October 2019 at 2:00 am.
The clock is set to go forward 1 hour at that time.

†Msg from Windows 7

London is currently on BST (British Summer Time)
and will change back to GMT on Sunday, 27 October 2019 at 2:00 am.

 

Labour Day Weekend:

It's a public holiday in NSW this coming Monday, October 7th 2019.

 

Changing your email address?

At the end of this Newsletter, there are a number of places where our email address appears. They used to go to one of the Club's web addresses, i.e. to "something @ sydneypc . com" — if you wanted to subscribe or change your email address.

See below for the new email address which is the Gmail account you are receiving this Newsletter from.

If you had tried the old address, sorry for the confusion.

Ed.

Meetings This Week:

Programming - Tuesday Oct 8th - 5:30 pm (6:00 pm meeting start) - 8:00 pm

Bring along your electronics / programming project or technical issues for our 'informal but informative' presentations and discussion.

The next meeting will be on Tuesday October 8 at 6pm. We'll see some new microprocessor applications and programming examples.

Friday Forum - Friday Oct 11th - 9:30 am (10:00 am meeting start) - 12 noon

This coming Tuesday is the usual "Patch Tuesday" of the month for Microsoft. There may be some issues arising from those updates.

The usual Q&A and other discussions.

Communications - Friday Oct 11th - 1:00 pm - 3:00 pm

The usual Q&A and other discussions.

Meetings Next Week:

Tuesday Forum - Tuesday Oct 15th - 9:30 am (10:00 am meeting start) - 12 noon
Web Design - Saturday Oct 19th - 1:30 pm (2:00 pm meeting start) - 4:00 pm

Current & Upcoming Meetings:

71 2019/10/05 - 14:00-17:00 - 05 Oct, Saturday - Penrith Group
72 2019/10/08 - 17:30-20:30 - 08 Oct, Tuesday - Programming
73 2019/10/11 - 09:30-12:30 - 11 Oct, Friday - Friday Forum
74 2019/10/11 - 12:30-15:30 - 11 Oct, Friday - Communications
75 2019/10/15 - 09:30-12:30 - 15 Oct, Tuesday - Tuesday Forum
76 2019/10/19 - 13:30-16:30 - 19 Oct, Saturday - Web Design
77 2019/10/22 - 17:30-20:30 - 22 Oct, Tuesday - Main Meeting
78 2019/10/25 - 09:30-12:30 - 25 Oct, Friday - Digital Photography

ASCCA News:


Tech News:

“MS-DEFCON 3: Patch Windows, but watch out for the optionals”:

ASKWOODY + Windows Secrets | ISSUE 16.35.1 | 2019-10-02 | Get September's patches installed | gently

By Woody Leonhard

Everything looks reasonably good for the September Windows and Office updates. Let Windows install them now.

I've seen an enormous amount of drivel — both online and in the mainstream news media — about the new Internet Explorer zero-day threat known as CVE-2019-1367. If you're confused, don't worry; most of the people reporting on it are confused, too.

There's a simple way to get all Microsoft-recommended patches installed, and you don't have to go looking for that toothless CVE-2019-1367 monster under your bed. Details in my Computerworld article.

Get free help and advice on the AskWoody Lounge.

 

“Inside a massive cyber hack that risks compromising leaders across the globe”:

Referred by John Mathews: See the ABC Report by political reporter Stephanie Borys | Published 2 Oct 2019, 16:16pm.

The hack on a prestigious Australian university with far-reaching international implications.

One email was all it took for hackers to steal some of the most personal information from people potentially now in high-ranking roles across the globe.

The cyber attack was so sophisticated it didn't even need the person to click on a link or open a document to compromise decades worth of private information.

The email was sent to a senior staff member at the Australian National University (ANU) in November last year.

A person working closely with that staff member previewed the email before deleting it — but it was too late.

Merely previewing the email was enough for hackers to steal a username and password that opened the first door into the ANU network.

This wasn't the first time ANU had been hacked. An earlier cyber attack in 2018 had given ANU what its leader called a "wakeup call", but that awakening ultimately failed to protect the university from what came next.

"It was an extremely sophisticated operation & they were on a mission & the A-team was clearly brought in in this case," ANU vice chancellor Brian Schmidt told the ABC as he released a report into the hack.

"This report shows we could have done more."

How it happened

Spear phishing attack one

Remember the Nigerian prince scams from the 1990s? Spear phishing emails are a much more targeted message that look like they're from a real person. No princes were on offer in the email sent to the senior staff member at the ANU. The email was previewed by one of their colleagues who had access to their emails and that allowed hackers to copy the senior staff members' username, password and calendar.

Creation of attack station one

The details stolen on November 9 were used by hackers to gain control of a section of the ANU computer network known as "attack station one". To ensure their break-in wasn't discovered, the hackers meticulously covered their tracks by deleting logs that showed what they'd done. They also used software called Tor, which disguised where they were operating from.

Network map copied

The hackers wanted an overall view of how ANU's computer network operated. Imagine a large map, showing how everything connects. They emailed those details to external addresses by using an old ANU mail server that didn't need login details to send messages.

Second spear phishing campaign

The hackers targeted 10 people at ANU, sending them an email with an attachment, inviting them to attend an event at the university. The hackers also accessed a directory that houses usernames, emails, phone numbers and titles of staff, allowing them to understand roles and responsibilities within the university. This information assisted the hackers in determining who to send the next spear phishing email to.

Data taken

The hackers reached what they considered to be the pot of gold, the university's enterprise systems domain (ESD). It holds human resources, finance and student administration databases, containing tax file numbers, student academic records and personal details, including dates of birth and addresses. The investigation could not determine how much of this data was stolen or if the hackers targeted certain people. It found the hackers passed valuable research and intellectual property on the way to the ESD but didn't take anything from those databases.

Third spear phishing campaign

Dozens of emails were sent to ANU addresses and the hackers gained the username and password of at least one network administrator who had keys to open other doors within the computer network.

Hackers kicked out

The hackers were working to clean up their tracks when ANU launched planned maintenance, effectively kicking them out of the system. The hackers were intent on pushing down the door again, and made several attempts to get back in.

Hackers back in and data stolen

The hackers found a different door that the university had not put proper protections on. It appears they were setting up with the intention of staying for some time. The hackers also took further data from the ESD.

Fourth spear phishing campaign

The hackers were desperate for more information and sent an email with an attachment to 40 ANU staff that had the keys to a number of sections of ANU's computer network. The group were IT staff and some clicked on the attachment but others realised what the email was and removed the attack.

Hackers kicked out again

The second attack station was found and removed. The hackers have tried several times since to enter the network via different doors but have not been successful in removing further personal data.

Hackers try their luck again

Repeated attempts were made by hackers to gain access to ESD but were denied. After ANU announced the data breach, investigators believed the same group tried again to enter the network.

The faceless keyboard warriors behind the hack

The ANU suspects up to 15 people were involved in the hack.

The cyber attack was so sophisticated it's left the nation's leading security experts shocked.

"The fact it took us six months to find that they had been here & we were pleased that we were even able to find them," Professor Schmidt said.

The investigation didn't determine who was behind the attack, but the vice chancellor has outlined who could be the potential perpetrators.

"There are a whole bunch of countries that can do it, it's not one or two countries, it's probably dozens of countries," he said.

"Organised crime potentially has the ability to do it and certainly all of these groups going forward are going to have more and more capabilities."

The ANU has refused to single out any one country.

But Tom Uren, a senior analyst with the Australian Strategic Policy Institute (ASPI), said the evidence pointed to one suspect.

"It's likely to be China, frankly, they've got strong interests in Australia for a number of different reasons," he said.

"We're part of the Five Eyes alliance so there's a relationship with American military and intelligence. Canberra is the heart of government and there's many students at the ANU that go on to work in government."

"Plus, there's also a lot of Chinese students who come to Australia to study and one theory that's been told to me is that perhaps the Chinese Government wants to keep tabs on what its students in Australia are doing as well."

The report has been handed to a university foreign interference taskforce, which Education Minister Dan Tehan established in August to provide better protection for universities against foreign interference.

Email that started the ANU hack attempt
One of the spear phishing emails sent to ANU staff,
inviting them to provide support on common issues in the region.
Supplied: Australian National University

The theft of personal information

The hackers left very little evidence for investigators to sift through, having regularly wiped logs, disk and files.

They bypassed ANU systems that held intellectual property and research information, instead targeting the database that held personal details of current and former staff and students.

Investigators couldn't determine what was taken or who was affected because of the attacker's abilities to erase the evidence of their work and encrypt the files they stole.

The database holds 19 years of records but the investigators believe the hackers only took a fraction of the available data.

There is no evidence that the information has been used by criminals for identity fraud.

Analyst Tom Uren said China had a reputation for building and keeping profiles of people of interest.

"One possibility is that they're using it to just keep tabs on their own students," he said.

"Another theory is that they're trying to find a pool of potential people that they could cultivate later."

"A third possibility is that they're just looking for people who are in government currently and are trying to find more about them."

What was stolen:

  • Names
  • Addresses
  • Phone numbers
  • Dates of birth
  • Emergency contact details
  • Tax file numbers
  • Payroll information
  • Bank account details
  • Student academic records

The investigation didn't determine the motivation of the hackers, but Professor Schmidt pointed to the type of people studying and working at ANU.

"Universities are places that the future leaders of our country, of other countries, are going to be," he said.

"We are obviously a place of interest to people who want to break in and hack but as to the overall motivation, I'm scratching my head."

The wakeup call

The details of the six-week long hack are outlined in a report released by the ANU, which Professor Schmidt said was the first time a public institution in Australia has issued such a comprehensive account of a cyber attack.

The ANU report provides insights into how the hackers worked but still leaves many questions unanswered, including the exact details of what was stolen and the number of victims.

"In 2019, the world is making a transition where cyber issues are going to actually be part of daily life from here on out," the vice chancellor said.

"It's important for other universities and other institutions and businesses just to see what one of these things look like because they are going to have to face up to them themselves."

The university is spending millions upgrading its computer network to better safeguard against future attacks.

However, the Australian Cyber Security Centre warns a computer network is never 100 per cent secure in the face of a growing industry of hackers keen to steal information.

It wants all Australians, from individuals to organisations, to take the threat seriously and ensure they're adequately protected.

Mr Uren is pleased the ANU has disclosed the details of the hack and hopes it prompts other organisations to disclose the details of hacks they fall victim to.

"Every time a plane crashes there's an investigation to find out what the cause is," he said.

"This is the equivalent of that investigation, people can learn from this report, see how they compare and take steps to improve their own posture."

Credits:

Reporter: Stephanie Borys

Design and illustration: Emma Machan

Developer: Andrew Kesper

ODYSSEY FORMAT BY ABC NEWS STORY LAB

Read more »

“FIX: Windows 10 Update 1903 failed to install (Solved)”:

Referred by Roger Foulds: See the Wintips article | Last updated on July 9th, 2019.

Microsoft released on May 21, 2019, the last major update for Windows 10, known as "April 2019 Update version 1903" or "Cumulative Update for Windows 10 version 1903". The update will be available to download and install via the Windows Update feature (Settings -> Update & Security -> Windows Update -> Check for updates), for everyone in the next days.

As usually happens with many Windows updates, in some PCs, the Windows 10 v1903 update, failed to download and install for several reasons. In this tutorial you'll find several solutions to resolve the following problems in Windows 10 1903 update installation:

  • Windows 10 v1903 update fails to install with error code 0x8007000E.
  • Windows 10 v1903 cannot be downloaded (stuck on "Pending Download").
  • Windows 10 v1903 freezes while installing.
  • The Windows 10 v1903 installation failed at the SECOND_BOOT phase with an error during BOOT operation with error 0xC1900101 — 0x40017.
  • Windows 10 v1903 update failed to install with error 0x80242016.

How to fix: May 2019 Feature Update for Windows 10 version 1903 Failed to Install.

Important: Before proceeding to the methods below, to troubleshoot the Windows 10 Update v1903 installation issues, perform the following actions and then install the update:

  • Make sure that you have enough free disk space (at least 32GB) before installing the update. How to Free Up Disk Space with Disk Cleanup.
  • Download and install the latest Servicing stack update for Windows 10 version 1809.
  • Remove all external storage media, such as USB drives and SD cards. Also remove any USB connected devices that you don't need. (e.g. USB Printer, USB Wireless Mouse or Keyboard Receiver, USB Wireless Network Card, etc.).
  • Temporarily disable or completely uninstall any 3rd party antivirus or security program from your system.
  • If you have enabled the Developer Mode on your system, then proceed to disable and uninstall the Windows Developer Mode, until you install the update. To do that:
  • Go to Settings -> Update and Security -> For developers -> Select Sideload apps and then click Yes to confirm.
  • Then, navigate to Settings -> Apps -> Manage optional features -> Windows Developer Mode -> click Uninstall and Yes to confirm.
  • Restart your PC and try to update.
  • Disable Drive Encryption: If you have enabled the device encryption on your system (BitLocker, VeraCrypt), then proceed and decrypt the drive C: before installing the update.
  • Try to fix the Windows Updates problems by running the Windows Update Troubleshooter. To do that, proceed as follows:
  • Go to Start -> Settings -> Update & Security -> Troubleshoot -> Windows Update.
  • Or, (alternatively), download and run the Windows Update Troubleshooter.

Read more »

“Windows 10 problems are ruining Microsoft's reputation — and the damage can't be understated”:

Referred by Jeff Garland: See the Techradar article by Darren Allan | 28 Sept.

Reputation deflation is the path to damnation…

Microsoft dreams of a future where its cloud empire dominates — in the computing and business world, as well as game-streaming — and subscription revenue pours in at such a gushing rate that the accountants can barely keep track of the ever-spiralling-upward numbers.

But, the software giant's current slumbers are more likely to be dogged by nightmares rather than any sweet dreams of a heavenly cloud-based future. Microsoft's sleep is probably haunted by visions of poisonous little bugs skittering in the shadows, clustering around the occasional hulking queen of a showstopper that threatens to shred user files in her chitinous mandibles.

Yes, we're talking about Windows 10, which in recent times has been plagued by an alarming amount of bugs. This started with the infamous October 2018 Update and a doozy of a file deletion faux pas along with a raft of other 'small but serious' gremlins that caused the upgrade to actually be put on ice for over a month (an unprecedented move with Windows 10 updates).

  • How to use Windows 10
  • We solve 100 common Windows 10 problems
  • Check out our best laptops of 2019

So Microsoft was careful to thoroughly test the following May 2019 Update, holding the upgrade in the final phases of bug squashing for a considerable time, and rolling it out very slowly and cautiously indeed. Quite rightly so, and with apparent success as users subsequently flocked to the upgrade (albeit with many being pushed by an impending support deadline, mind you).

[ Half-way down the article there's an excellent video explanation about the wholesale layoff of Microsoft Checking Teams a few years ago by a Microsoft ex-employee, BarnaculesEd. ]

Read more »


Fun Facts:

“Fermat's Last Theorem — and a few Near Misses”:

We all know the Theorem — no whole number solutions x, y and z to xn + yn = zn where n > 2.

It works for n = 2 because they are the Pythagorean numbers, like 3, 4 and 5. That gives 32 + 42 (9 + 16) = 52 (25).

But not for the powers of n = 3 or higher.

I did, however, find some Near Misses, such as: 103 + 93 (1000 + 729) = 123 (1728) + 1. Missed it by THAT much!

It turns out that there are a lot of these:

   x    y    z    1         z - y  10    9   12    1   ===>  (3×1)  64   94  103    1  73  144  150    1   ===>  (3×2) 135  235  249    1 334  438  495    1 244  729  738    1   ===>  (3i×3) ...

There seems to be a pattern with the z - y number (3, 6, 9 etc).

After some juggling we get a formula that fits, using the difference of 3m between z and y.

x = 9m3 + 1
y = 9m4
z = 9m4 + 3m

To explain the first table entry above — why it's "10 9 12" instead of "9 10 12": Our formula makes x = 10 and y = 9 the values when m = 1 (not the other way around).

This gives an infinite list of Near Misses for our formula with m = 1, 2, 3, 4…

I also noticed that if we switch m with -m, x goes negative (just move the x to the other side of the equation), y stays the same (9m4 is still positive) but morphs into z and the original z changes from 9m4 + 3m to 9m4 - 3m and becomes the new y.

This gives us a whole new infinite list with -1 instead of +1; another list of Near Misses.

   x    y    z   -1          z - y   8    6    9   -1   ===>   (3×1)  71  138  144   -1   ===>   (3×2) 135  138  172   -1 372  426  505   -1 426  486  577   -1 242  720  729   -1   ===>   (3×3) 566  823  904   -1 ... 575 2292 2304   -1   ===>   (3×4) ...

And another formula:

x = 9m3 - 1
y = 9m4 - 3m
z = 9m4

You'll notice that our two formulas don't account for all the table entries, so can you find some new formulas?

Bring out your pens, paper and calculators (or write a computer program) to have fun with these numbers.

Ed.


Bob Backstrom
~ Newsletter Editor ~

Information for Members and Visitors:

Link to — Sydney PC & Technology User Group
All Meetings, unless specifically stated above, are held on the
1st Floor, Sydney Mechanics' School of Arts, 280 Pitt Street, Sydney.
Sydney PC & Technology User Group's FREE newsletter — SubscribeUnsubscribe
Go to Sydney PC & Technology User Group's — Events Calendar
Changing your e-mail address? Please e-mail your new address to — newsletter.sydneypc@gmail.com
DISCLAIMER: This Newsletter is provided "As Is" without warranty of any kind.
Each user or reader of this Newsletter assumes complete risk as to the accuracy and subsequent use of its contents.