2021 Newsletter: 120/121 — PreviousNext — (Attach.)

Sydney Harbour

Hello and Welcome,

Season's Greetings

🎄 🎄 🎄 Wishing Everyone a Merry Christmas 🎄 🎄 🎄

🎄 🎄 🎄 and a Happy and Healthy New Year. 🎄 🎄 🎄

🎄 🎄 🎄 See you in 2022. 🎄 🎄 🎄

Meetings This Week


Meetings Next Week


Schedule of Current & Upcoming Meetings ‡

88 2021/12/04 — 14:00-17:00 — 04 Dec, Sat — Penrith Group, Penrith City Library Suspended
89 2021/12/10 — 10:00-12:30 — 10 Dec, Fri — Friday Forum, L1 Carmichael Room Cancelled
91 2021/11/09 — 17:30-20:30 — 14 Dec, Tue — Programming via Jitsi

As yet, NO MEETINGS have been scheduled for 2022 — Ed.

‡ As decided after assessing the Members' wishes (resumption of face-to-face meetings) via the latest Online Survey.

Tech News:

iTWire wishes you a Very Merry Christmas and a Happy New Year

See the iTWire article by Alex Zaharov-Reutt | Friday, 24 December 2021, at 05:58 am.

As we sit on the cusp of 2022, enduring a second year of the pandemic that is about to turn into the third, we still live in an era of incredible potential and amazing technologies, so while humanity continues facing ever-greater challenges, I'm always optimistic that the best is yet to come.

With the Omicron strain of COVID dominating around the world, the hoped-for passing of the pandemic is not with us yet. Still, as a strain that appears a lot milder, despite being more transmissible, we're hopefully closer to the end of this pandemic than we are to its beginning.

With advances in AI, processing power, manufacturing, AR, VR, MR and XR glasses and experiences, batteries, software, 5G, satellite broadband, wearable technologies, medical advances, and so much more, the 2020s continue being an exciting technological decade that ushers in significant changes to the way all of those things happen and are delivered.

Just as 2007 saw the iPhone and its various Android clones dominate the last decade and a half, so too will XR (extended reality) smart glasses define the next decade and a half. Or at least when Apple decides to launch its glasses, so the rest of the industry finally has a better model to copy.

Autonomous and electric cars seem perpetually on the cusp of genuine autonomy, thanks to Elon Musk's endless promises. Still, it will likely take another decade of processor, sensor, neural and software development before we can truly rely on cars to be robots on wheels.

Robots are another area that will be a lot closer to our sci-fi dreams and expectations within a decade, with today's tech impressive in its demos (such as that seen by Boston Dynamics). However, they're still far from the types of robots sci-fi movies take for granted.

iOS, iPadOS, Android, and Windows keep maturing impressively. Even though Microsoft seems to take two steps back now and then as it moves forward, computers today are the best they've ever been, with the promise of so much better still to come.

5G is more widely available than ever before and only getting faster, with satellite broadband set to explode in speed and popularity over this decade.

Even the NBN is rolling out ever more fibre direct to people's homes, which is great for consumers.

Cybercrime and online scams are dark spots. Still, cyber security companies have risen to the challenge, while consumers and businesses are getting cyber smarter because they have to, as it's no longer a case of if you'll be attacked, but when, and how often!

I know some people who proclaim to have lost faith in humanity, but despite the challenges the world faces today, I see plenty of hope, potential, and good out there.

Evil and problems will always exist, but it's how we react and adapt as a species — and individually — that makes the difference, so please, never give up, never give up hope, and if you need help — ask for it!

What 2022 will bring is yet to be seen, but I pray the world calms down geopolitically and focuses on solving problems, not creating new ones — with more peace and less war.

So… as I type this on Christmas Eve, may you wholeheartedly enjoy this extraordinary and amazing time, may you hug your loved ones, may you love them and bless them with all that is good.

May God bless us all, and may you have the most amazing Christmas week and let's hope the New Year 2022 is a genuine change for the better.

From all of us here at iTWire, iTWireTV and CommsWire, thank you for being loyal readers and viewers. We truly appreciate you and wish you the very best.

Onward and upward, to infinity and beyond, may all your bits and bytes be coursing along at 5G and fibre speeds as we reset 2021 and enter 2022 refreshed, re-energised and ready for everything the future will bring.

From Alex, Amanda, Andrew, Chris, David H, David MW, Kenn, Mark, Peter, Ryan, Sam, Shane, Stan, Stephen, Tony and everyone at the iTWire family to yours — Merry Christmas and a Happy New Year!

Read More »

10 Israelis set to be indicted for illegally exporting missiles to China

See the Times Of Israel article by TOI STAFF | 20 December 2021, 8:16 pm.

Drone entrepreneur Ephraim Menashe and nine others are charged with various crimes, including missile tests near residential neighbourhoods.

On Monday, the Financial Department of the State Prosecutor's Office informed ten individuals and three companies that they would be indicted on serious security offences linked to selling missiles to China without approval.

According to the State Prosecutor's Office, the deal in question was brokered by Ephraim Menashe, an Israeli drone entrepreneur and founder of the Solar Sky company, who then hired Tzvika and Ziv Naveh, owners of the Innocon drone company, and other unnamed suspects.

The suspects were investigated as part of a large-scale security case in which it was suspected that they manufactured, brokered and exported cruise missiles for military use without a permit, said prosecutors.

The suspects will be summoned to a pre-indictment hearing before facing a range of charges, including security offences, weapons offences, money laundering, violating the Defence Export Control Law and more.

The Defence Ministry's Defence Export Controls Agency (DECA), established in 2006, manages the export and licensing of all Israeli-made defence equipment and technologies. Relevant companies must apply for a permit before brokering any overseas deals.

According to prosecutors, Menashe and the other suspects manufactured dozens of cruise missiles and conducted different tests in Israeli territory, endangering people's lives.

Once the missiles were manufactured, Menashe allegedly exported dozens of them to China covertly in exchange for millions of dollars that he hid from authorities, prosecutors allege.

News of the case was first exposed in February when the Shin Bet revealed that it was investigating 20 individuals for selling such missiles to what was identified at the time as an unnamed Asian country.

Israel is home to 1,600 licensed arms exporters, employing 150,000 to 200,000 people. In addition, there is a large supply chain of subcontractors who supply software, hardware, raw materials, and other goods necessary for arms production.

DECA is supposed to watch over this massive system, guided by strict rules governing Israel's arms export industry. The body, which operates with nearly no transparency, is supposed to vet deals to ensure that arms do not go to enemy countries, endanger Israel in any way, include classified technology, or stand to harm Israel's international standing.

The DECA mechanism was created in 2007, years after an Israeli fighter jet deal got tangled up in US-China tensions.

In the late 1990s and early 2000s, the US demanded Israel Aerospace Industries cancel separate deals with China for Phalcon airborne early detection radar systems and Harpy drones. After numerous threats from the US, Israel complied both times and agreed to stop selling military hardware to China, drawing anger from Beijing and damaging ties.

Since then, Israel will not export security products to China without Washington's okay.

Menashe was tangled up in a similar case in 2006 when he was investigated for attempting to sell drones to China without a permit. According to The Times of Israel, the munitions allegedly developed in the current affair use a more advanced version of the technology at the centre of the older case.

Read More »

Log4j software bug: What you need to know

See the CNET article by Bree Fowler | Dec. 21, 2021, 9:01 a.m. PT.

Casual computer users have probably never heard of this logging software, but it's used across the entire internet.

With Christmas just days away, federal officials are warning those who protect the country's infrastructure to guard against possible cyberattacks over the holidays, following the discovery of a significant security flaw in widely used logging software.

Top officials from the Cybersecurity and Infrastructure Security Agency held a call Monday with nearly 5,000 people representing critical public and private infrastructure entities. The warning itself isn't uncommon. The agency typically issues these advisories ahead of holidays and long weekends when IT security staffing is usually low.

But the discovery of the Log4j bug a little more than a week ago boosts the significance. CISA also issued an emergency directive on Friday that ordered federal civilian executive branch agencies to check whether software that accepts "data input from the internet" is affected by the vulnerability. The agencies are instructed to patch or remove affected software by 5 p.m. ET on Dec. 23 and report the steps taken by Dec. 28.

The bug in the Java-logging library Apache Log4j poses risks for vast swathes of the internet. The vulnerability in the widely used software could be used by cyberattackers to take over computer servers, potentially putting everything from consumer electronics to government and corporate systems at risk of a cyberattack.

One of the first known attacks using the vulnerability involved the computer game Minecraft. Attackers were able to take over one of the world-building game's servers before Microsoft, which owns Minecraft, patched the problem. The bug is a so-called zero-day vulnerability. Security professionals hadn't created a patch for it before it became known and potentially exploitable.

Experts warn that the vulnerability is being actively exploited. Cybersecurity firm Check Point said Friday that it had detected more than 3.8 million attempts to use the bug in the days since it became public, with about 46% of those coming from known malicious groups.

"It is one of the most serious vulnerabilities on the internet in recent years," the company said in a report. "The potential for damage is incalculable."

The news also prompted warnings from federal officials who urged those affected to patch their systems immediately or otherwise fix the flaws.

"This vulnerability poses a severe risk," CISA Director Jen Easterly said in a statement. She noted the flaw presents an "urgent challenge" to security professionals, given Apache Log4j's wide usage.

Here's what else you need to know about the Log4j vulnerability.

Who is affected?

The flaw is potentially disastrous because of the widespread use of the Log4j logging library in all kinds of enterprise and open-source software, said Jon Clay, vice president of threat intelligence at Trend Micro.

The logging library is popular, in part because it's free to use. That price tag comes with a trade-off: Just a handful of people maintain it. Paid products, by contrast, usually have extensive software development and security teams behind them.

Meanwhile, it's up to the affected companies to patch their software before something terrible happens.

"That could take hours, days or even months depending on the organization," Clay said.

Within a few days of the bug becoming public, companies including IBM, Oracle, AWS, and Microsoft had all issued advisories alerting their customers to Log4j, outlining their progress on patches and urging them to install related security updates as soon as possible.

Generally speaking, any consumer device that uses a web server could be running Apache, said Nadir Izrael, chief technology officer and co-founder of the IoT security company Armis. He added that Apache is widely used in smart TVs, DVR systems and security cameras.

"Think about how many of these devices are sitting in loading docks or warehouses, unconnected to the internet, and unable to receive security updates," Izrael said. "The day they're unboxed and connected, they're immediately vulnerable to attack."

When prompted, consumers can't do much more than update their devices, software and apps. But, Izrael notes, there's also a large number of older internet-connected devices out there that just aren't receiving updates anymore, which means they'll be left unprotected.

Why is this a big deal?

What's the fallout going to be?

Read More »

Fun Facts:

Answer to Last Week's Supermarket Puzzle

Yes, you can easily put two bags length-wise in the Woolies' Output Area.

So, if you only have two bags of items, you don't have to use your EFTPOS card twice.

— Ed.

Launch of the James Webb Space Telescope

The Space Telescope was due to launch yesterday, December 24th, from Kourou* in French Guiana.

THIS JUST IN: NASA's James Webb Space Telescope launch is now delayed to Christmas day due to bad weather.

The JWST Transport

Watch the incredible YouTube video entitled "Fingers Crossed for the James Webb Space Telescope". It talks about the risks and dangers of the flight.

One of the comments after this video says, "I heard the 344 points of failure and did some Feynman math and thought 'wow, that could be as low as a 50/50 chance this thing just never works'."

Another commenter questions why NASA puts all of its eggs in one basket. The rocket has to take the telescope out to the L2 Lagrange Point (1 million miles away from the Earth), where there is no hope of repair or fixes with current technology if anything goes wrong with the launch.

A better strategy might have been to initially put the telescope into an Earth orbit, thus allowing astronauts some hope of correcting glitches if necessary. Then later, boost the telescope to L2 after everything checks out.

Well, we'll just have to spend Christmas day (TODAY) waiting and watching TV for the launch into space.

Good luck, JWST, and all fingers crossed.

*Kourou is a town and district on the Atlantic coast of French Guiana, a South American overseas department of France. Northwest of the town, the Guiana Space Center, a European Space Agency spaceport, has a rocket launch site and space museum.

Boats go to the nearby Íles du Salut, former prison islands with restored buildings. The Kalapa Centre d'archéologie amérindienne shows pre-Columbian rock art. [ Google Wikipedia ]

— Ed.

Meeting Location & Disclaimer

Bob Backstrom
~ Newsletter Editor ~

Information for Members and Visitors:

Link to — Sydney PC & Technology User Group
All Meetings, unless explicitly stated above, are held on the
1st Floor, Sydney Mechanics' School of Arts, 280 Pitt Street, Sydney.
Sydney PC & Technology User Group's FREE Newsletter — SubscribeUnsubscribe
Go to Sydney PC & Technology User Group's — Events Calendar
Are you changing your email address? Would you please email your new address to — newsletter.sydneypc@gmail.com?
Disclaimer: We provide this Newsletter "As Is" without warranty of any kind.
The reader assumes the entire risk of accuracy and subsequent use of its contents.