2021 Newsletter: 19/121 — PreviousNext — (Attach.)

Sydney Harbour

Hello and Welcome,

Meetings This Week


Meeting Next Week

Programming - Tuesday, 9 Mar - 5:30 pm (6:00 pm meeting start) - 8:00 pm

Hi Team,

We will be running this meeting using Jitsi; details later by e-mail.

See the Progsig Meeting Reports:


The next meeting is on Tuesday 9th March 2021, at 6 pm.


— Steve OBrien

Current & Upcoming Virtual Meetings

17 2021/03/09 — 17:30-20:30 — 09 Mar, Tue — Programming, via Jitsi
21 2021/03/20 — 13:30-16:30 — 20 Mar, Sat — Web Design, via Zoom
22 2021/03/23 — 17:30-20:30 — 23 Mar, Tue — MAIN Meeting, via Zoom
23 2021/03/26 — 09:30-12:30 — 26 Mar, Fri — Digital Photography, via Zoom


Tech News:

Edward Snowden 2021 | This Is The BIGGEST SCAM of The Century (NEW).

See the 10-minute YouTube interview of Edward Snowden | 23 Feb 2021.

Edward Snowden, a former employee of the NSA [ National Security Agency ] in the US, talks about privacy and the "ownership" of your data collected by big Corporations. They own all that data, not you.

The insidious part of all this is that every "cash" transaction you make in the day requires a "card" of some sort, proving your identity. Cash is often not accepted. It's all "tap 'n' go" these days, leaving a traceable trail of your activities throughout every day.

Snowden says that it's precisely what the NSA does, and increasingly what Google, Facebook and others are doing. We should be aware of these activities.

It's eroding our freedoms and passing control of our lives to others.

Please watch the whole of the 10-minute interview. You will be amazed.

— Ed.

Uninstall the ShareIt Android App Now to Avoid Critical Vulnerabilities.

See the ReviewGeek article by JOSH HENDRICKSON | @canterrain | FEB 17, 2021, 1:45 pm EST | 1 min read.

Do you have the popular Android app ShareIt installed on your phone? You should uninstall that as soon as possible. Sooner if possible. According to researchers at Trend Micro, ShareIt suffers from many fatal flaws that could let hackers execute code on your device, install malicious apps, and more. And after three months, ShareIt chose to do nothing about the problem.

According to Trend Micro, the vulnerabilities would allow bad actors to "leak a user's sensitive data and execute arbitrary code with ShareIt permissions." ShareIt comes with extensive permissions requirements due to being an "everything in one" app.

As the name suggests, it started life as a sharing app, which already calls for plenty of permissions. But the app ballooned, and now it's a gif app, a video player, a song finder, a game store, a movie store, and more.

ShareIt can request access to the camera, microphone, location, the entire user storage, and all media. But while it requests all those permissions, it fails to put in the proper restrictions Android calls to prevent abuse.

The problem stems from how the developers enabled external storage permissions. If developers follow proper guidelines, everything will be fine. But ignore them, as ShareIt's developers did, and you'll leave your users vulnerable to a "man-in-the-disk" attack.

Apps install files should be sent to protected storage to keep them safe during the critical install period. If the developer stores those files in public storage instead, a bad actor can intercept the install files, replace them with new versions, and essentially upgrade an app to a malicious app. The same thing happened with Epic's Fortnite installer in 2018.

If that's not bad enough, ShareIt's game store downloads app data over unsecured network connections (HTTP), which leaves the app open to man-in-the-middle attacks. With the right know-how, a bad actor can update ShareIt to a malicious version, steal your user data, or both.

Trend Micro says it notified ShareIt's developers three months ago about the problems and never heard back. Hopefully, all the bad publicity will help change the course, but in the meantime, you'd be better off uninstalling ShareIt, at least for now.

Read more »

Assange has until 29 March to respond to US appeal over extradition.

See the iTWire article by By Sam Varghese Friday, 19 February 2021 08:34 am.

WikiLeaks founder Julian Assange has been given time until 29 March to respond to the US appeal to revoke a British judge's decision not to extradite him to America to face trial on espionage charges.

The British High Court will decide later whether it will allow the US permission to appeal after the same date, Assange's partner Stella Moris said in a tweet on Thursday.

On 4 January, British District Judge Vanessa Baraister ruled that Assange should not be extradited, saying the risk he would commit suicide in a US jail was too high.

Assange faces criminal charges for publishing classified information leaked to WikiLeaks by an American soldier, then known as Bradley Manning, but now, after gender reassignment surgery, known as Chelsea Manning.

On the day of the judgment, the US was given a fortnight to decide whether it wanted to appeal against the judgment.

After saying it would be doing so, the new administration confirmed on 10 February that it would be continuing its bid to extradite Assange.

In a statement, Moris said: "The Biden Administration will soon appoint its new attorney-general, and this will be an important moment to raise the pressure on the Biden administration to live up to its commitments to defend press freedom and drop the charges against Julian."

"The Obama administration, of which Biden was vice-president, decided not to pursue charges against Julian because it recognised that to do so would be a wider attack on press freedom."

"It was the Trump administration which charged him and pursued the extradition as part of its war against journalism."

Read More »

Fun Facts:

What is the Purpose of the Raspberry Pi?

See the ReviewGeek article by ANDREW HEINZMAN | @andrew_andrew__ | FEB 22, 2021, 8:00 am EST | 4 min read.

Raspberry Pi computers are a go-to solution for home theatres, NAS devices, and other personal projects. But the Raspberry Pi Foundation's latest products and partnerships have left DIY-ers scratching their heads. Why would the Pi Foundation release a pre-assembled computer kit or partner with Microsoft to bring new software to Raspbian OS? The answer is simple — Raspberry Pi exists to help kids and adults learn about computing. It isn't just a tool for hobbyists and geeks.

Raspberry Pi Is Primarily an Education Tool.

At its core, the Raspberry Pi is an educational tool manufactured by the Raspberry Pi Foundation — a charity. It's the spiritual successor to devices like the BBC Micro, which empowered public school teachers to introduce students to computing and programming at a time when very few families owned a home computer.

Computers are a lot more common now than they were in the '80s, but modern devices, operating systems, and software present few opportunities to tinker with computer hardware or learn about computing and programming. Today's laptops, desktops, tablets, and phones are rarely user-serviceable, with GUI-driven operating systems and company-owned closed-source software. It doesn't help that schools have a limited budget, so cracking open, modifying, and potentially breaking expensive desktop computers is a big no-no.

But the Raspberry Pi is different. It's small, cheap, and features standard components like USB and Ethernet. It runs Linux and comes with the Pi Foundation's Raspbian OS, which is preloaded with coding tools and requires the terminal for some basic functionality. Most importantly, the Raspberry Pi has a set of GPIO (general purpose input/output) pins, which make practical coding projects with LEDs, cameras, robots, and other accessories intuitive, hands-on, and exciting for kids.

Schools can purchase Raspberry Pis for computer science courses or after school programs. Still, the Raspberry Pi Foundation makes a point of donating Pi computers and learning resources to schools for free. That is, after all, the Raspberry Pi Foundation's mission. But Pi computers aren't just an at-school learning tool. Kids and adults also participate in community-led Raspberry Jam events to share computing knowledge and show off cool projects. Like the popular Kano and Piper computer kits, Raspberry Pis also provide learning opportunities at home (with a little help from an adult).

Hobbyists Help Fund the Pi Foundation.

Some of the Raspberry Pi foundation's recent endeavours, like the preassembled Pi 400 computer and collaboration to bring Microsoft's Visual Studio Code to Raspbian, have led some enthusiasts to question where the charity's priorities lie. The Pi 400 computer doesn't appeal to popular home theatre or robotics projects. While Visual Studio Code is both intuitive and open-source, Pi enthusiasts worry that the big bad Microsoft corporation will "track" Pi users who update their software.

That's because after a recent repo addition, running the 'sudo apt update' command automatically pings developers, including Microsoft, to ask for the latest software packages, which companies could theoretically use for targeted advertising. But those fears are unfounded. All the check does is look for updates to current packages, like Visual Code. "Check for updates" isn't the same as advertising.

When Pi enthusiasts complain about these endeavours, they're missing the plot. The Raspberry Pi is, above all else, a tool that makes computing and programming more accessible to everyone. Sometimes that means making decisions that empower or attract young people, not adult hobbyists.

Of course, enthusiasts are essential to the Pi Foundation's goals. Sales of the Raspberry Pi drive the charity's educational endeavours. People who post their Pi projects on YouTube or Instructables inspire young people to learn about computing outside and inside the classroom.

It isn't unreasonable for hobbyists to ask for new features or products, but it's also important to acknowledge that the Pi Foundation is an education-oriented charity. Something that may seem like a misstep to a Pi enthusiast could change a kid's life for the better, and demanding that the Pi Foundation only moves in one direction goes against its mission to make computing accessible for everyone.

The Future of Pi: An Affordable Computer for Everyone.

Remote learning and telecommuting are more critical now than ever before, yet there's an astonishing lack of cheap computers on the market. Finding a reliable Windows computer for under $300 is nearly impossible, and even the humble Chromebook costs at least $100.

Since its inception, the Raspberry Pi has been a very simple device, perfect for educational exercises and small projects, but not all that useful for web browsing and other typical, practical applications. In a pinch, the Raspberry Pi could stand in for a laptop or desktop computer, but you'd be hard-pressed to call it a reliable desktop replacement.

But that's changed in the last few years. Chromium became the default Raspbian web browser in 2016, solving web-compatibility issues that plagued the old Epiphany browser. The Raspberry Pi 4, released in 2019, was (arguably) the first Pi computer to offer a reliable browsing experience, and the Pi Foundation explicitly advertised it as a 4K-ready, desktop-capable computer.

The recent Pi 400 computer takes things a step further. Like Atari or Commodore computers from the 80s, the Raspberry Pi 400 is a full computer system tucked inside a keyboard. It's preassembled and comes with Raspbian preinstalled, so you can plug it into a TV or monitor and start browsing the internet. In a way, the Pi 400 is the Pi Foundation's first genuinely accessible computer, as it's incredibly cost-effective ($100 for the bundle, or $70 if you don't need the cables). It's easy to set up and powerful enough for web browsing, streaming, rudimentary photo editing, and other everyday tasks.

Because the Pi Foundation's goal is to teach people about computers and programming, it only makes sense to make the Pi as accessible and useful as possible. The Raspberry Pi could become a proper all-purpose computer shortly, with a sub-$100 price tag that will appeal to everyone, not just hobbyists and teachers.

Read More »

Meeting Location & Disclaimer

Bob Backstrom
~ Newsletter Editor ~

Information for Members and Visitors:

Link to — Sydney PC & Technology User Group
All Meetings, unless explicitly stated above, are held on the
1st Floor, Sydney Mechanics' School of Arts, 280 Pitt Street, Sydney.
Sydney PC & Technology User Group's FREE Newsletter — SubscribeUnsubscribe
Go to Sydney PC & Technology User Group's — Events Calendar
Are you changing your e-mail address? Please e-mail your new address to — newsletter.sydneypc@gmail.com.
DISCLAIMER: We provide this Newsletter "As Is" without warranty of any kind.
The reader assumes the entire risk as to the accuracy and subsequent use of its contents.