2021 Newsletter: 91/101 — PreviousNext — (Attach.)

Sydney Harbour
WEEKLY NEWSLETTER 27 SEPTEMBER - 2 OCTOBER 2021

Hello and Welcome,

We're saddened to report the passing of our member, Reg Chasney.

From the Australian Association of Retired Airline Pilots (AARAP)

VALE CAPT REG CHASNEY

The NSW branch of AARAP has been advised that Reg passed away on Monday, Sept 13. He was 97 years of age.

Reg lived in East London, Essex and went to a grammar school

in Walthamstow until WW2. He then worked in his father's

shop until joining the RAF from 1941 to 1947.

After instructing for a while in Canada, Reg finished up in Java

via Europe. He flew a lot of very good aeroplanes in the RAF:

Harvard, Mosquito, Spitfire, Lancaster & Lysander. DC3

with British Airways and Constellations and Boeings with

Qantas. Reg still had a share in a hot sailplane.

Reg lived in Neutral Bay until moving to Ingleside with his partner Nelly.

AARAP NSW only received this yesterday, Friday 18 Sept, so we missed the service, but I will try and get details and

permission to view the streaming of it. I thought he was a real Gentleman who coped with some very

serious medical problems.

— Bill Parry

New Date Set for Our 2020/21 AGM

Regarding the continued lockdown due to COVID and in discussion with our group's committee, it has been decided to defer our AGM until Tuesday, 23 November 2021.

— Ron Ferguson
President

SMSA Closure and Future Hire

Dear Hirers,

I hope you have all been keeping well over the past few weeks.

In adherence with the current Greater Sydney Lockdown and Stay-at-Home orders, we regretfully confirm that the Sydney Mechanics' School of Arts will remain closed until further notice.

All events and Venue Hire due to take place during September have been cancelled. Please get in touch if you would like to discuss rescheduling your event.

We are now heading towards November and December when your groups are usually making plans to celebrate the end of the year together. Right now, those plans are uncertain, but we remain hopeful and will do all we can to accommodate these events. I will continue to communicate with you on our reopening and any regulations in connection to that.

Looking forward, we have opened our 2022 bookings early so that you can plan for next year. Please get in touch if you'd like to start making tentative bookings. Our current Venue Hire rates will remain unchanged until 31 December 2022.

SMSA staff continue to work from home during the lockdown, and I can still be contacted via email or on 02 9262 7300 from Monday - Thursday.

The SMSA encourages everyone to regularly check the list of hotspot locations and alerts on the NSW Health website and follow their advice.

I appreciate your continued patience and cooperation while we navigate the current circumstances. We look forward to welcoming you back to the SMSA post lockdown.

Kind Regards,
Kylie

Kylie Campbell
Venue & Building Services Coordinator

Meetings This Week

Main Meeting - Tuesday, 28 Sep - 5:30 pm (6:00 pm meeting start) - 8:00 pm

This will be a Zoom meeting; details later via email.

— Alex

Penrith Group - Saturday, 2 Oct - 2:00 pm - 5:00 pm at the Penrith City Library

The meeting starts typically with a Q&A session around the table to enable members to share problems, advice and computer tips.

The group will then discuss any other technology or computer topics of interest.

[ This meeting is suspended during the current COVID-19 Lockdown period — Ed. ]

— Jeff Garland

Meeting Next Week

Friday Forum - Friday, 8 Oct - 9:30 am (10:00 am meeting start) - noon

We'll have the usual Q&A and other discussions. [ SMSA CLOSED, see above. ]

— Tim Kelly

Schedule of Current & Upcoming Meetings ‡

64 2021/09/04 — 14:00-17:00 — 04 Sep, Sat — Penrith Group, Penrith City Library Suspended
65 2021/09/10 — 10:00-12:30 — 10 Sep, Fri — Friday Forum, L1 Carmichael Room Cancelled
67 2021/09/14 — 17:30-20:30 — 14 Sep, Tue — Programming via Jitsi
68 2021/09/18 — 13:30-16:30 — 18 Sep, Sat — Web Design via Zoom
69 2021/09/21 — 09:30-12:30 — 21 Sep, Tue — Tuesday Group, L1 Woolley Room Cancelled
70 2021/09/24 — 09:30-12:30 — 24 Sep, Fri — Digital Photography via Zoom
71 2021/09/28 — 17:30-20:30 — 28 Sep, Tue — MAIN Meeting via Zoom
——
72 2021/10/02 — 14:00-17:00 — 02 Oct, Sat — Penrith Group, Penrith City Library Suspended
73 2021/10/08 — 10:00-12:30 — 08 Oct, Fri — Friday Forum, L1 Carmichael Room Cancelled

‡ As decided after assessing the Members' wishes (resumption of face-to-face meetings) via the latest Online Survey.


ASCCA News:

Online Classes — October 2021

ASCCA is now calling for expressions of interest in our online classes.

Read or download October's Online Course Program.

It lists the topics, dates and times. It also contains a yellow highlighted link to a form where you can submit your requested classes.

If we can offer you a place in the classes you request, an email confirmation will be sent in early October. More detailed information about how to join a particular class will follow later.

Now that we have had to go back to charging fees for more advanced classes, we will, of course, reintroduce a discounted cost for members of the ASCCA Network of Clubs.

Best regards
Jean Martin
Trainer
training@ascca.org.au

Australian Seniors Computer Clubs Association
www.ascca.org.au
office@ascca.org.au
www.facebook.com/ASCCAau
0434 857 222


Tech News:

Microsoft Surface Event: What to Expect on September 22nd

See the ReviewGeek article by ANDREW HEINZMAN | @andrew_andrew__ | SEP 20, 2021, 3:47 pm EDT.

Microsoft is hosting its annual Surface event on Wednesday, September 22. It's the company's first opportunity to show off Windows 11 on all-new hardware, and judging by what's leaked, we expect some exciting new products. Here's what to look out for during the 2021 Surface event.

Of all the products rumoured to appear during this year's Surface event, a new Surface Pro 8 seems the most likely. Not only is Microsoft using a picture of the tablet to advertise its Surface event, but historically, Microsoft announces a new Surface Pro every two years. Oh, and we have leaks.

We expect the Surface Pro 8 to be a bit thinner than its predecessors. It may run on Intel's new 11th gen CPUs and sport a 120Hz display. Leaks indicate that the tablet lacks any bulky USB-A ports, opting instead for a dual USB-C Thunderbolt 4 setup. (Microsoft previously called Thunderbolt insecure and refused to support the standard, so take this claim with a grain of salt.)

And while it's only tangentially related to Windows 11, there's a good chance that Microsoft will show off the Surface Duo 2 foldable Android phone on Wednesday. Leaked photos show that Microsoft may thicken up the second Surface Duo release to improve its durability, and a new tri-camera array could replace the original's crappy camera.

There's also a chance that the new Surface Duo will run a Snapdragon 888 processor for flagship performance and 5G support — again, these are things missing in the original release.

Read More »

Apple Patches Critical Image Preview Bug

See the Infopackets article by John Lister on September 20, 2021, at 01:09 pm EDT.

Apple has patched a security flaw that could compromise phones and tablets just by users receiving a message. The exploit would use an attachment in iMessages but wouldn't require the user to click or open it.

Ironically, it's a potentially severe flaw that may be the saving factor for most ordinary users. Because it's so serious, experts believe it's most likely to be used for highly targeted attacks.

The bug was discovered by researchers at the University of Toronto, who say it's an example of "zero-click spyware". While they've seen similar attacks on Apple devices before, it's the first time they've been able to access the code used in the attack and analyze the tactics. (Source: citizenlab.ca)

Bogus Image Files Unlock Attack

According to the researchers, the attack involved messages with attached files that claimed to be GIF image files. Most were Photoshop (PSD) image files, while others were PDF files.

The attack was highly technical, but in simple terms, it took advantage of how Apple devices turn the information in an image file and then actually display the image on the screen. In effect, the attackers could manipulate the process to produce computer code much larger than the space Apple allocates for the operation. This code effectively "bursts through" into other parts of the device's memory.

Apple has confirmed the exploit could allow attackers to carry out arbitrary code execution. That's the holy grail for attackers as it means they can run malware directly on the device.

Attack Similar to Amazon CEO Jeff Bezos Hack

This type of attack is very similar to what affected Jeff Bezos (CEO of Amazon), which was also linked to Crown Prince Mohammed bin Salman. Around the same time, the Prince was also claimed to be responsible for Jamal Khashoggi's brutal death in which he was murdered for being dissident to the kingdom of Saudi Arabia. For those who are interested, refer to "The Dissident" documentary on Netflix.

Mercenaries Behind Attack

The Toronto researchers say they found the attack evidence on the phone of a Saudi political rights activist. They say they are highly confident it's the work of an Israeli group called NSO. That group isn't thought to be politically motivated but rather act as "hackers for hire".

Apple's security update for the problem covers most iOS devices, including phones and tablets dating back to 2014. Most users should have iOS updates set to download and install automatically. Those who don't should certainly do this manually.

The closest thing to good news in this situation is that the way an attack works, including sending a message, means it's probably not efficient for attackers to use "spray and pray" tactics where they go after as many people as possible in the hope of increasing their success. Instead, it's more likely they'll go after specific individuals who they either want to disrupt or access their personal data. (Source: bbc.co.uk)

Read More »

Microsoft offers passwordless feature to users

See the iTwire article by Kenn Anthony Mendoza | Friday, 17 September 2021 12:37 pm.

Passwords are inconvenient, and they're a prime target for attacks. For years, they've been the most critical layer of security in the digital realm — from email to bank accounts, shopping carts to video games.

People are expected to create complex and unique passwords and are expected to change them frequently.

Microsoft's Vasu Jakkal, Corporate Vice President, Security, Compliance and Identity, asks: what alternative do we have?

Microsoft has been championing that the future is passwordless. Last March, the software company announced that passwordless sign-in was generally available for commercial users, bringing the feature to enterprise organisations globally.

Today, Microsoft users can now completely remove the password from their accounts.

Use the Microsoft Authenticator app, Windows Hello, a security key, or a verification code sent to your phone or email to sign in to your apps and services such as Outlook, OneDrive, and Family Safety. This feature will be rolled out over the coming weeks.

Commenting on the feature, Microsoft chief information security officer Bret Arsenault says, Hackers don't break in; they log in.

According to Microsoft, weak passwords are the entry point for most attacks across enterprise and consumer accounts. There are a whopping 579 password attacks every second — that's 18 billion every year.

So, why are passwords so vulnerable? There are two big reasons.

Human nature

Except for auto-generated passwords that are nearly impossible to remember, we primarily create our own passwords. But, given the vulnerability of passwords, their requirements have gotten increasingly complex in recent years, including multiple symbols, numbers, case sensitivity, and disallowing previous passwords, Microsoft says.

Updates are often required regularly, yet to create passwords that are both secure enough and memorable enough is a challenge.

Microsoft says that people completely stop using an account or service rather than dealing with a lost password. This can also cause customer loss to businesses.

Microsoft says people rely on known and personal words and phrases to create passwords. According to a Microsoft survey, 15% of people use their pets' names for password inspiration. Other common answers included family names and important dates like birthdays. It also found that one in 10 people admitted reusing passwords across sites, and 40% say they've used a formula for their passwords, like Fall2021, which eventually becomes Winter2021 or Spring2022.

Hacker nature

Unfortunately, while such passwords may be easier to remember, they are easier for a hacker to guess. A quick look at someone's social media can give any hacker a start on logging into their personal accounts.

Once that password and email combination has been compromised, it's often sold on the dark web for use in any number of attacks.

Hackers also have tools and techniques at their disposal. They can use automated password spraying to try many possibilities quickly. They can use phishing to trick people into putting their credentials into a fake website. These tactics are relatively unsophisticated and have been in play for decades, but they continue to work because humans create passwords.

Go passwordless today with a few quick clicks

First, ensure you have the Microsoft Authenticator app installed and linked to your personal Microsoft account. Next, visit your Microsoft account, sign in, and choose Advanced Security Options. Under Additional Security Options, you'll see Passwordless Account. Select Turn on.

Finally, follow the on-screen prompts and then approve the notification on the Authenticator app. Once approved, people are free from their passwords.

But if people want to go back using their password, they can always add it to their account.

Microsoft says going passwordless is a great test case, citing that nearly 100% of its employees use passwordless options to log in to their corporate accounts.

Read More »


Fun Facts:

Razer Made Finger Sleeves for Mobile Gaming, and No That's Not Stupid

See the ReviewGeek article by JOSH HENDRICKSON | @canterrain SEP 19 2021, 10:24 am EDT.


Finger Gloves

You've probably heard of fingerless gloves, but Razer's new product is almost the opposite thing. The company's new finger sleeves slip on your index fingers or thumbs (or why not both!). In theory, they should enhance mobile gaming sessions by blocking sweat slippage.

If the term sweat slippage grossed you out, apologies, but it's a real issue in the competitive mobile gaming realm. Long, intense sessions on a phone or tablet can lead to sweaty digits, which in turn can hurt a gaming session. As the sweat pours, it both causes your fingers to slip across the display when you don't want it, and it interferes with touch sensors, too.

The Razer Finger Sleeves promise to solve all that for a mere $10, which nets you two sleeves. Slip them on your thumbs or index fingers, and Razer says the high-sensitivity silver fibre for enhanced aim and control will keep your digits cool and absorb any sweat. The sleeves work with tablets and phones by incorporating silver threads, similar to touch-friendly gloves you might wear in the winter.

And before you say Razer's just making products up, you should know gaming finger sleeves have been around a while, and there are dozens of options on Amazon. Razer's take is even competitively priced, though you can spend a similar amount and get more sleeves on Amazon.

Razer says the sleeves are thin enough you'll still get the sensation of touch. That means they're pretty lightweight, too, and shouldn't cause any fatigue issues. If you're interested, you can order the Finger Sleeves from Razer's site.

Read More »


Meeting Location & Disclaimer

Bob Backstrom
~ Newsletter Editor ~

Information for Members and Visitors:

Link to — Sydney PC & Technology User Group
All Meetings, unless explicitly stated above, are held on the
1st Floor, Sydney Mechanics' School of Arts, 280 Pitt Street, Sydney.
Sydney PC & Technology User Group's FREE Newsletter — SubscribeUnsubscribe
Go to Sydney PC & Technology User Group's — Events Calendar
Are you changing your email address? Would you please email your new address to — newsletter.sydneypc@gmail.com?
Disclaimer: We provide this Newsletter "As Is" without warranty of any kind.
The reader assumes the entire risk as to the accuracy and subsequent use of its contents.