2020 Newsletter: 41/54 — PreviousNext — (Attach.)

Sydney Harbour
WEEKLY NEWSLETTER 10 - 15 AUGUST 2020

Hello and Welcome,

Meetings This Week:

Programming - Tuesday, 11 Aug - 5:30 pm (6:00 pm meeting start) - 8:00 pm

Hi Team,

We will be running this meeting using Zoom; details later by e-mail.

See the Progsig Meeting Reports:

https://­sites.google.com/­site/­progsig/

The next meeting is on Tuesday 11th August 2020, at 6 pm.

Regards,

— Steve OBrien

Friday Forum - Friday, 14 Aug - 9:30 am (10:00 am meeting start) - noon

We have cancelled this meeting until further notice.

Communications - Friday, 14 Aug - 1:00 pm - 3:00 pm

We have cancelled this meeting until further notice.

Web Design - Saturday, 15 Aug - 1:30 pm (2:00 pm meeting start) - 4:00 pm

We will be running this meeting using Zoom; details later by e-mail.

— Steve South

Meeting Next Week:

Tuesday Forum - Tuesday, 18 Aug - 9:30 am (10:00 am meeting start) - noon

We have cancelled this meeting until further notice.

Current & Upcoming Meetings:
(Face-to-Face Meetings for August Cancelled)

53 2020/08/01 — 14:00-17:00 — 01 Aug, Saturday — Penrith Group
54 2020/08/11 — 17:30-20:30 — 11 Aug, Tuesday — Programming SIG, L1 Woolley + Lawson Rooms
55 2020/08/14 — 09:30-12:30 — 14 Aug, Friday — Friday Forum, LG Windeyer (+ ?) Rooms
56 2020/08/14 — 12:30-15:30 — 14 Aug, Friday — Communications, LG Windeyer (+ ?) Rooms
57 2020/08/15 — 13:30-16:30 — 15 Aug, Saturday — Web Design, L1 Woolley + Lawson Rooms
58 2020/08/18 — 09:30-12:30 — 18 Aug, Tuesday — Tuesday Forum, L1 Woolley + Lawson Rooms
59 2020/08/25 — 17:30-20:30 — 25 Aug, Tuesday — Main Meeting, L1 Carmichael + Dowling Rooms
60 2020/08/28 — 09:30-12:30 — 28 Aug, Friday — Digital Photography, L1 Woolley + Lawson Rooms [ Discontinued ]

ASCCA News:

“The August 2020 issue of ASCCA NEWS”:

Greetings all,

Please find the August 2020 issue of ASCCA NEWS on the ASCCA website.

In this issue you will find the following:

  • A message from Microsoft's Training team
  • A reminder that the 2020 ASCCA Digital Photography Competition closes on 1 September
  • Deb Neyle from the Parramatta Computer Pals for Seniors club shares information about how that club is not letting COVID-19 beat them!
  • SWADE NT hits the road, and SWADE NSW builds momentum
  • Do any of you have dancing feet? If so, turn quickly to page 4!
  • But there is more:
    Find a reassuring message, and
    Ponder if you could perhaps write a book review.

Take care, stay safe and keep connected,

Nan

Nan Bosler, AM
President

Editor: Jenny Willcox

Australian Seniors Computer Clubs Association
Level LG, 280 Pitt St SYDNEY 2000
www.ascca.org.au
ascca@ascca.org.au
(02) 9286 3871

ASCCA acknowledges the traditional owners of country throughout Australia and their connection to land, waters and community.
We pay our respects to them, their cultures, and to their elders past, present and emerging.


“Microsoft will no longer let you defer Windows 10 update downloads”:

See the TechRadar article by Joel Khalili 26 June 2020.

New upgrade regime kicks off with Windows 10 2004 update.

Microsoft will no longer allow users to manually defer Windows 10 update downloads in a bid to "prevent confusion", according to new documentation issued by the firm.

First introduced with Windows 10 1703, the update deferral facility allowed users to push back feature updates for a specific time, up to a maximum of 365 days.

However, starting with Windows 10 2004, users will no longer be afforded the same level of control, with Advanced Update options reduced to the ability to pause all updates for 35 days.

The company has provided the following advice for users who still want to take advantage of the deferral feature:

"If you wish to continue leveraging deferrals, you can use the local Group Policy. Go to (Computer Configuration > Administrative Templates > Windows Components > Windows Update > Windows Update for Business > Select when Preview builds, and Feature Updates are received or Select when Quality Updates are received)."

Read more »

“BootHole fixes causing boot problems across multiple Linux distros”:

See the ZDNet article by Catalin Cimpanu | 31 July 2020 — 13:07 GMT (23:07 AEST) | Topic: Security.

Debian, Ubuntu, Red Hat, CentOS, Fedora users report issues with booting or dual-booting their devices.

As many experts anticipated, patches for the BootHole vulnerability in the GRUB2 bootloader that is used by all major Linux distributions are causing problems and preventing some users from booting their systems.

While the list of affected distros only included Red Hat yesterday, it has now expanded to include users of Ubuntu [1, 2, 3], Debian, CentOS [1, 2], and Fedora.

Microsoft security researcher Kevin Beaumont, also reports issues in cloud environments. "A bug in cloud-init is causing problems across major cloud providers with Grub, such as Digital Ocean and Azure, having the same impact: patched systems then fail to boot."

WHAT IS BOOTHOLE?

Details about the BootHole vulnerability were published earlier this week, on Wednesday. Discovered by security firm Eclypsium, the vulnerability impacts GRUB2, a bootloader component used to help launch operating systems on servers and desktops.

GRUB2 is currently the default bootloader on all major Linux systems but is also used for Windows, in some scenarios, such as a custom bootloader or for dual-boot purposes.

The BootHole vulnerability allows attackers or malware to modify the GRUB2's config file and insert malicious code in the bootloader, and inherently the operating system that it launches.

Systems using GRUB2 in a Secure Boot mode were also deemed vulnerable, as the Secure Boot process checks do not protect the GRUB2 config file.

The vulnerability was deemed severe enough that all major Linux distros had patches ready when Eclypsium went public with its research earlier this week.

MOST EXPERTS ANTICIPATED PROBLEMS

The issues were to be expected, Kelly Shortridge, VP of cybersecurity firm Capsule8, said in a blog post this week, where she analysed the impact of the BootHole vulnerability on system administrators.

The issues primarily arise because patching BootHole involves dancing around advanced cryptography, the safety checks of the Secure Boot process, and working with an allowlist-denylist managed by Microsoft, everyone expected issues to arise.

And so they did. As ZDNet reported yesterday, the first issues were reported with Red Hat, but more bug reports are now coming in from other distros.

Because a bug in GRUB2 usually stops the entire OS from booting, the issues result in downtime for those affected. In all cases, users reported that downgrading systems to a previous release to reverse the BootHole patches usually fixed their problems.

Regardless of the reported problems, users are still advised to apply the BootHole patches, as security researchers expect this bug to be weaponized by malware operators soon. Primarily because it allows the malware to implant a bootkit component on infected systems that operates below the antivirus level and survives OS reinstalls.

Read more »

“How to make your PC passwordless in the Windows 10 May 2020 Update”:

Referred by Jeff Garland: See the TechRepublic article by Lance Whitney on 3 August 2020, 12:52 pm PST.

You don't need an account password to sign in to Windows 10 version 2004.

Microsoft has long offered its Windows Hello feature to let you sign in to your Windows 10 PC with a PIN, fingerprint, or facial recognition. But when you're at the login screen, you'll notice that signing in with a password is still available. That's fine if you want your password as a backup method for authentication. If a hacker ever compromises your Windows password and gains access to your computer, they could easily sign in with your account. One way to guard against this is to remove the password option from the login screen in Windows 10. You can do that with the Windows 10 May 2020 Update, aka Windows 10 2004. Here are the steps.

SEE: Windows 10 Start menu hacks (TechRepublic Premium)

First, make sure you're running Windows 10 version 2004. To check, go to Settings | System | About. Look in the section for Windows specifications. If the version says 2004 or higher, you're set (Figure A).

As usual, go to the actual article to see the Figures mentioned — Ed.

If you don't have Windows 10 2004 and want to install it, go to Update & Security and Windows Update. If the Feature Update To Windows 10, Version 2004 is ready for your PC, click the Download And Install link to apply it (Figure B).

After you install the update, make sure you've enabled some means of Windows Hello authentication, so you don't need to rely on your Windows password. If necessary, go to Settings | System | Sign-in Options. If you haven't already done so, set up a PIN, or a fingerprint, or facial recognition (Figure C).

Scroll down the Sign-in Options screen. Make sure the switch for Require Windows Hello Sign-in For Microsoft Accounts is turned off (Figure D).

Sign out of Windows and then go back to the sign-in screen. Click the link for Sign-in Options. Select each of the icons and notice that the option for a password is available as usual (Figure E). Sign in to Windows using your preferred method.

Go to Settings | Account | Sign-in Options. Scroll down the screen and turn on the switch for Require Windows Hello Sign-in For Microsoft Accounts (Figure F).

Sign out of Windows. Back at the sign-in screen, click the link for Sign-in Options. Select each of the icons, and you'll find that the option for the password is now no longer accessible (Figure G).

Read more »

“ABC promises truth about 5G, delivers FUD about Huawei”:

See the iTWire article by Sam Varghese Tuesday, 4 August 2020 11:45.

Author's Opinion
The views in this column are those of the author and do not necessarily reflect the views of iTWire.

The ABC's Four Corners program on Monday night was titled The Truth about 5G. It would have been better if they had titled it FUD about Huawei.

That was what the program brought to its audience. What exactly was the provocation to raise the issue now — when it has been around for yonks — was unclear.

Current affairs programs like Four Corners usually tackle what they claim to, "current affairs". But the matter of 5G misinformation and crank theories is very old hat; it was a thing at the time when practically all the submissions to a government inquiry into the technology were being held — and this was in November 2019.

Again, the burning of 5G masts is four or five months old, with the UK being the prime place where bonfires were set alight with the fuel being 5G towers.

Even the question of Huawei is years old now. It has been currency since a 66-page Congressional report was issued in 2012.

Finally, when the ABC got down to the core of the story — Huawei is a dangerous Chinese company waiting to put ants into your pants — the usual suspects were there again, in all their glory.

The defence industry lobby group, Australian Strategic Policy Institute, was represented by Dr Huang Le Thu, a senior analyst. Of course, the ABC never tells its listeners that this organisation is made up of China hawks who write hyped-up reports about the Middle Kingdom which can be used to increase the fear index in the Asia-Pacific region.

ASPI's sponsors then capitalise on this heightened fear to sell weapons to countries in the region, and the organisation gets its cut. I have yet to see a single ABC program on defence or security where some moth-eaten marmot from this propaganda outfit is not present.

And then, of course, there was the man in search of business for his new cybersecurity outfit, Alastair MacGibbon who loves to get on TV and make his presence felt. It all helps when you are touting for business, I guess — MacGibbon now runs a private company called CyberCX and finds occasions such as these an excellent way to push his credentials.

Communications Minister Paul Fletcher was there too, expanding on some ideas he had expressed on Radio National on Monday morning. Namely that people who are raising doubts about the safety of 5G — or tying it to the COVID-19 outbreak — could be state-based actors — aka spies from another country — who are spreading this misinformation to divide Australia.

He hinted that the foreign actor in question could be Russia. If there was any rationale to his claim, he should have expounded on it. But, he had nothing. He has thus laid himself open to allegations that he is pushing the same old tired Russiagate theory that the Democrats did to account for Hillary Clinton's loss in the 2016 Presidential election. Rather than admit that their candidate ran a poor campaign, not even bothering to visit Wisconsin, a key swing state, they blamed a convenient scapegoat — Reds under the bed. Or inside the ballot box, in this case.

Four Corners reporter Sean Nicholls should have called out some of the uneducated types who were claiming that 5G was behind the coronavirus outbreak and that it can end the world as we know it or even burn your breakfast. But he was somewhat restrained on this front. However, he did not hesitate to up the ante when it came to insinuating that Huawei was a threat to the stability of the universe.

Just for once, I would like to see the ABC getting hold of an unaffiliated techie, a real nerd, one who knows bits and bytes, one who is willing to provide a technical view about the claims that the Americans have been throwing around about Huawei.

Engineers don't lie as a general rule; nobody from this profession will create two wires that convey 12 volts to a device and then tell you that, hey, it's only five volts. That doesn't happen.

And that does not mean one should get a man from China. There are numerous Americans, technical types, who know this whole FUD stream is a big lie and are more than willing to talk about it. There are even numerous Australians who will blow up this entire nudge-nudge, wink-wink rubbish that the Chinese are about to spy on our breakfast.

But does the ABC want that kind of truth? Or does it prefer to host those who insinuate that China is waiting with a nuclear bomb designed individually for Scott Morrison and getting ready to blow him up? That, of course, pleases the government.

The ABC is an organisation that claims to be the most trusted news source in Australia. If this is the most trusted source, then one shudders to think of the FUD that is being poured into the brains of those who watch the other TV channels available in Australia.

Read more »

“Hello! Has anyone seen 2004?”:

The latest AskWoody e-mail issue of the August 2020 Newsletter says:

ISSUE 17.30.0 | 2020-08-03 | Hello! Has anyone seen 2004?
Are you having trouble reading this issue? Click here for the online version.

Written by Susan Bradley.

Have you received the May feature release of Windows 10 — aka Version 2004?

So here it's the start of August — 68 days after the release of Microsoft's newest Windows — and I have not seen Win10 2004 offered to any of my home PCs. These are my unmanaged machines: a home-built SilverStone small-form-factor desktop, a Lenovo ThinkPad X1 Carbon laptop, an older Surface, and a newer Surface Go. I'd thought Microsoft was removing the upgrade block on Surface devices — but it never took place, as ZDNet's Mary Jo Foley reported. And Woody pointed out yet another block for the Surface X devices.

On every one of my systems, Windows Update taunts me with a message that effectively says "your machine isn't worthy." And it's not just me: I know other Windows users who are in the same holding pattern — and wondering why it's taking Microsoft so long to offer us the 2004 release. (We Windows users might not want this feature upgrade at this time, but we do want the option.)

Recently, I found an excellent article that sheds some light on this puzzle.

I think we'd all feel some small amount of comfort if Microsoft were more transparent about the upgrading process, clearly stating why so many of our machines aren't "ready" for Win10 2004. (Perhaps the new OS isn't "ready" for our PCs.) That said, I'm in no hurry to move to the next level of Windows. I haven't seen any earth-shaking, must-have changes that would compel me to install Version 2004 immediately.

At this point, I'm perfectly comfortable waiting a month or two — or three. I think I'll leave my home systems as they are — and see how long it takes Microsoft to consider my PCs worthy. Moreover, Win10 1909 is working just fine, and it will be supported for many months to come. (Note: If you're running a no-longer-supported version of Win10, Microsoft now makes it difficult to upgrade to Versions 1903 or 1909.)

— Susan Bradley

“[Updated] A Tampa, Florida Teenager Has Been Arrested for the Giant Twitter Hack”:

See the ReviewGeek article by JOSH HENDRICKSON | @canterrain | 31 JULY 2020, 3:35 pm EDT.

The FBI, IRS, US Secret Service, and Florida law enforcement arrested a 17-year old Florida resident this morning, accusing him of 'masterminding' the recent Twitter bitcoin hack. Over 130 accounts were compromised, with dozens sending promises out of doubling bitcoin, including high profile names like Bill Gates, Barack Obama, and Kanye West.

Updated, 7/31: The Department of Justice issued a press release with charges for two additional individuals. Mason Sheppard, aka "Chaewon," a 19-year-old in the UK was charged "with conspiracy to commit wire fraud, conspiracy to commit money laundering, and the intentional access of a protected computer." And Nima Fazeli, aka "Rolex," 22, of Orlando, Florida, was charged with "aiding and abetting the intentional access of a protected computer."

In a press conference, Hillsborough State Attorney Andrew Warren accused Graham Clark of perpetrating the attack and laid out 30 charges, including hacking, organized fraud, identity theft, and communications fraud.

"These crimes were perpetrated using the names of famous people and celebrities, but they're not the primary victims here. This "Bit-Con" was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that," State Attorney Warren said.

Warren explained that the State Prosecutors are handling the prosecution instead of Federal Prosecutors because "Florida law allows minors to be charged as adults in financial fraud cases such as this when appropriate."

When asked if Clark worked alone or had help, Warren declined to answer citing the ongoing investigation. He described Clark as "not an ordinary 17-year old. This attack was highly sophisticated, on a magnitude not seen before." Twitter described the method of attack as a phone spear-phishing campaign.

Below is the press release with all the details:

Hillsborough State Attorney's Office to prosecute worldwide "Bit-Con" hack of prominent Twitter users.

Tampa, FL (July 31, 2020) — Hillsborough State Attorney Andrew Warren has filed 30 felony charges against a Tampa resident for scamming people across America. He perpetrated the "Bit-Con" hack of prominent Twitter accounts including Bill Gates, Barack Obama, and Elon Musk on July 15, 2020.

The Federal Bureau of Investigation and the U.S. Department of Justice conducted a complex nationwide investigation, locating and apprehending the suspect in Hillsborough County.

"These crimes were perpetrated using the names of famous people and celebrities, but they're not the primary victims here. This "Bit-Con" was designed to steal money from regular Americans from all over the country, including here in Florida. This massive fraud was orchestrated right here in our backyard, and we will not stand for that," State Attorney Warren said.

The investigation revealed Graham Ivan Clark, 17, was the mastermind of the recent hack of Twitter. He was arrested in Tampa early on July 31. Clark's scheme to defraud stole the identities of prominent people, posted messages in their names directing victims to send Bitcoin to accounts associated with Clark, and reaped more than $100,000 in Bitcoin in just one day. As a cryptocurrency, Bitcoin is difficult to track and recover if stolen in a scam.

"I want to congratulate our federal law enforcement partners — the US Attorney's Office for the Northern District of California, the FBI, the IRS, and the Secret Service — as well as the Florida Department of Law enforcement. They worked quickly to investigate and identify the perpetrator of a sophisticated and extensive fraud," State Attorney Warren said.

"This defendant lives here in Tampa, he committed the crime here, and he'll be prosecuted here," Warren added. The Hillsborough State Attorney's Office is prosecuting Clark because Florida law allows minors to be charged as adults in financial fraud cases such as this when appropriate. The FBI and Department of Justice will continue to partner with the office throughout the prosecution.

The specific charges Clark faces are:

ORGANIZED FRAUD (OVER $50,000) — 1 count

COMMUNICATIONS FRAUD (OVER $300) — 17 counts

FRAUDULENT USE OF PERSONAL INFORMATION (OVER $100,000 OR 30 OR MORE VICTIMS) — 1 count

FRAUDULENT USE OF PERSONAL INFORMATION — 10 counts

ACCESS COMPUTER OR ELECTRONIC DEVICE WITHOUT AUTHORITY (SCHEME TO DEFRAUD) — 1 count

"Working together, we will hold this defendant accountable," Warren said. "Scamming people out of their hard-earned money is always wrong. Whether you're taking advantage of someone in person or on the internet, trying to steal their cash or their cryptocurrency — it's fraud, it's illegal, and you won't get away with it."

Read more »


Fun Facts:

“What is a Googol and a Googolplex?”:

Referred by Steve OBrien: See the Wikipedia article on Googol.

From Wikipedia, the free encyclopedia.

Not to be confused with Google or Nikolai Gogol.

A googol is the large number 10100. In decimal notation, it is written as the digit 1 followed by one hundred zeroes:

10,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000,­000,000,000.

Etymology

The term was coined in 1920 by 9-year-old Milton Sirotta (1911-1981), nephew of U.S. mathematician Edward Kasner.[1] Kasner popularized the concept in his 1940 book Mathematics and the Imagination.[2] Other names for googol include ten duotrigintillion on the short scale, ten thousand sexdecillion on the long scale, or ten sexdecilliard on the Peletier long scale.

Size

A googol has no special significance in mathematics. However, it is useful when comparing with other enormous quantities such as the number of subatomic particles in the visible universe or the number of hypothetical possibilities in a chess game. Kasner used it to illustrate the difference between an unimaginably large number and infinity, and in this role, it is sometimes used in teaching mathematics. To give a sense of how big a googol really is, the mass of an electron, just under 10-30 kg, can be compared to the mass of the visible universe, estimated at between 1050 and 1060 kg.[3] It is a ratio in the order of about 1080 to 1090. That is, at most one ten-billionth of a googol (0.00000001% of a googol).

Carl Sagan pointed out that the total number of elementary particles in the universe is around 1080 (the Eddington number) and that if the whole universe were packed with neutrons so that there would be no empty space anywhere, that would take around 10128 neutrons. He also noted the similarity of the second calculation to that of Archimedes in The Sand Reckoner. By Archimedes's estimate, the universe of Aristarchus (roughly two light-years in diameter), if fully packed with sand, would contain 1063 grains. If the much larger observable universe of today were filled with sand, it would still only equal 1095 grains. Another 100,000 observable universes filled with sand would be necessary to make a googol.[4]

The decay time for a supermassive black hole of roughly one galaxy-mass (1011 solar masses) due to Hawking radiation is on the order of 10100 years.[5] Therefore, the heat death of an expanding universe is lower-bounded to occur at least one googol years in the future.

References [1] to [5]:

[1] Bialik, Carl (June 14, 2004). "There Could Be No Google Without Edward Kasner". The Wall Street Journal Online. Archived. Subscribe or Sign In.

[2] Kasner, Edward; Newman, James R. (1940). Mathematics and the Imagination. Simon and Schuster, New York. ISBN 0-486-41703-4. Archived. Romanian: Obiţineţi cartea în format tipărit. Nu sunt disponibile cărţi electronice. [ Get the book in print. No e-books are available. ]

[3] McPherson, Kristine (2006). Elert, Glenn (ed.). "Mass of the universe". The Physics Factbook. Online, Free to Read.

[4] Sagan, Carl (1981). Cosmos. Book Club Associates, pp. 220-221. The book, Cosmos, has 13 chapters, corresponding to the 13 episodes of the Cosmos television series. In the original edition, each chapter is heavily illustrated. The book covers a broad range of topics, comprising Sagan's reflections on anthropological, cosmological, biological, historical, and astronomical matters from antiquity to contemporary times.

[5] Particle emission rates from a black hole: Massless particles from an uncharged, nonrotating hole, Don N. Page, Physical Review D 13 (1976), pp. 198-206. doi (digital object identifier): 10.1103/PhysRevD.13.198. See in particular equation (27). APS (American Physical Society) Member Log in Required.

The googolplex is defined as 10googol. This number is much larger than a googol, but is still finite, as the inventor of the name was quick to point out.

It was suggested that a googolplex should be 1, followed by writing zeros until you get tired.

The Googleplex, not Googolplex:

Google Headquarters (Googolplex)

The Googleplex

Read more on Googol » and Read more on Googolplex »


Bob Backstrom
~ Newsletter Editor ~

Information for Members and Visitors:

Link to — Sydney PC & Technology User Group
All Meetings, unless explicitly stated above, are held on the
1st Floor, Sydney Mechanics' School of Arts, 280 Pitt Street, Sydney.
Sydney PC & Technology User Group's FREE Newsletter — SubscribeUnsubscribe
Go to Sydney PC & Technology User Group's — Events Calendar
Changing your e-mail address? Please e-mail your new address to — newsletter.sydneypc@gmail.com
DISCLAIMER: We provide this Newsletter "As Is" without warranty of any kind.
The reader assumes the entire risk as to the accuracy and subsequent use of its contents.