The Geek’s Reading List – Week of January 22nd 2016

The Geek’s Reading List – Week of January 22nd 2016

Hello,

I have been part of the technology industry for a third of a century now. For 13 years I was an electronics designer and software developer: I designed early generation PCs, mobile phones (including cell phones) and a number of embedded systems which are still in use today. I then became a sell-side research analyst for the next 20 years, where I was ranked the #1 tech analyst in Canada for six consecutive years, named one of the best in the world, and won a number of awards for stock-picking and estimating.

I started writing the Geek’s Reading List about 12 years ago. In addition to the company specific research notes I was publishing almost every day, it was a weekly list of articles I found interesting – usually provocative, new, and counter-consensus. The sorts of things I wasn’t seeing being written anywhere else.

They were not intended, at the time, to be taken as investment advice, nor should they today. That being said, investors need to understand crucial trends and developments in the industries in which they invest. Therefore, I believe these comments may actually help investors with a longer time horizon. Not to mention they might come in handy for consumers, CEOs, IT managers … or just about anybody, come to think of it. Technology isn’t just a niche area of interest to geeks these days: it impacts almost every part of our economy. I guess, in a way, we are all geeks now. Or at least need to act like it some of the time!

Please feel free to pass this newsletter on. Of course, if you find any articles you think should be included please send them on to me. Or feel free to email me to discuss any of these topics in more depth: the sentence or two I write before each topic is usually only a fraction of my highly opinionated views on the subject!

This edition of the Geeks List, and all back issues, can be found at www.thegeeksreadinglist.com.

Brian Piccioni

 

Click to Subscribe

 

 

1)          The Future of Jobs

Davos is a week-long party where deep thinkers like Bono and Di Caprio, whose individual carbon footprints are the size of large towns, can opine on what the untermensch need to do to save the planet. Strangely, politicians go, presumably to bask in the glow of these sages and they can share reports such as this. The link actually links to a 167 page PDF, and no I haven’t read it through. Nevertheless the summary, quote below, shows that the authors need to get a grip on reality: few of these technologies will advance much in the next 5 years and even the ones which do will not cause much disruption in that or even a 10 year time frame. The major impact of major technological shift is to improve the lot of the aforementioned low life, for the most part.

“The Fourth Industrial Revolution, which includes developments in previously disjointed fields such as artificial intelligence and machine-learning, robotics, nanotechnology, 3-D printing, and genetics and biotechnology, will cause widespread disruption not only to business models but also to labour markets over the next five years, with enormous change predicted in the skill sets needed to thrive in the new landscape. This is the finding of a new report, The Future of Jobs, published today by the World Economic Forum.”

http://www.weforum.org/reports/the-future-of-jobs

2)          Amazon exec: Our drones will deliver in 30 minutes or less

Good luck with that! These drones are large enough and heavy enough to cause damage to people and property when they fall from the sky and some eventually will. A 60 pound object falling from any height could easily kill or maim someone and rush delivery of a package is not a valid reason to put people at risk. Hopefully the government will deny Amazon the right to operate the service before someone gets killed rather than after.

“Amazon is making some headway in plotting the tricky logistics of how its drones someday will get your shopping orders to you. The e-commerce company now has a good idea of how hefty the drones themselves will be, as well as the loads they’ll carry, and how far they’ll be able to go, said Amazon’s vice president of global public policy, Paul Misener, in an interview with Yahoo published Monday. The packages will have to arrive within 30 minutes of the order being placed. “The goals we’ve set for ourselves are: The range has to be over 10 miles. These things will weigh about 55 pounds each, but they’ll be able to deliver parcels that weigh up to 5 pounds,” said Misener.”

http://www.cnet.com/news/amazon-exec-our-drones-will-deliver-in-30-minutes-or-less/

3)          Surprise, Apple’s OS X comes out as most vulnerable software of 2015

Actually that is somewhat of a surprise. Since Windows 10 came out half way through the year it is understandable that fewer vulnerabilities would have been discovered. Nevertheless it is surprising that OS X and iOS had so many issues. Of course, one might question whether the methodology is valid.

“In a study conducted by CVE Details, the most vulnerable software of the previous year has been identified as Apple’s OS X and the tech-giant is also the company with most bugs. With 2016 coming, people in all sectors have been busy summarizing 2015 with reports and lists of who have been the winners and who have been the losers. The tech experts and security personnel have been at it too, with CVE Details producing a list of most vulnerable software of the past year. Many would have expected the list to be topped by Adobe Flash, for the software had reported a number of zero days right from the beginning of 2015. However, the final list took everyone by surprise, for it was Apple’s OS X that came out as the most vulnerable software of 2015. What was more shocking was that Adobe Flash didn’t even make it to second place, for that spot was taken by iOS, another Apple product.”

https://www.hackread.com/apples-os-x-most-vulnerable-software-of-2015/

4)          Apple’s Tim Cook Lashes Out at White House Officials for Being Wishy-Washy on Encryption

At least Cook is doing the right thing: by pretending Apple products are secure – because they haven’t been proven not to be – he reinforces the importance of the illusion of security. Meanwhile dimwitted politicians continue to demand or legislate for weak encryption which simply reminds people they are being monitored. The NSA is going to do what the NSA does whether it is legal or not and whether tech CEOs collude or not. It would be best if everybody just shut up and pretended encryption was secure so the NSA could insert backdoors as it always has.

“Apple CEO Tim Cook lashed out at the high-level delegation of Obama administration officials who came calling on tech leaders in San Jose last week, criticizing the White House for a lack of leadership and asking the administration to issue a strong public statement defending the use of unbreakable encryption. The White House should come out and say “no backdoors,” Cook said. That would mean overruling repeated requests from FBI Director James Comey and other administration officials that tech companies build some sort of special access for law enforcement into otherwise unbreakable encryption. Technologists agree that any such measure could be exploited by others.”

https://theintercept.com/2016/01/12/apples-tim-cook-lashes-out-at-white-house-officials-for-being-wishy-washy-on-encryption/

5)          German high court rules Facebook “Friend Finder” is unlawful

You have to hand it to Facebook: it’s bad enough they get people to willing sign away their privacy, now they clone user contacts and use that information to spam people. In other words, Facebook is doing what many viruses do, except somewhere buried in their terms of service you gave them permission to spam your friends. This looks like a stark violation of most anti-spam laws and one can only hope the company faces massive fines as a consequence.

“Germany’s highest court has declared unlawful a feature that encourages Facebook users to market the social media network to their contacts, confirming the rulings of two lower courts. A panel of the Federal Court of Justice ruled that Facebook’s “friend finder” promotional feature constituted advertising harassment in a case that was filed in 2010 by the Federation of German Consumer Organisations (VZBV). The Facebook feature invites users to grant it permission to vacuum up the e-mail addresses of friends or contacts in the user’s address book, which in turn allows the social network to send an invitation to non-Facebook users to join the service. The court concluded this was a deceptive marketing practice, confirming decisions by two lower courts in Berlin in 2012 and 2014, which had found that Facebook had violated German laws on data protection and unfair trade practices.”

http://www.reuters.com/article/us-facebook-germany-idUSKCN0US27W20160114

6)          Netflix’s Opaque Disruption Annoys Rivals on TV

You can sort of see their point: Netflix is making claims about the popularity of its proprietary content and yet it doesn’t release view numbers nor does it participate in ratings services such as Neilson. Nevertheless, the proof would be in the pudding: if the Netflix services offering, including original content wasn’t compelling people would discontinue the service since they only subscribe month to month. Besides Netflix carries no advertising – which is the main use of ratings – and so much of the business is puffery in either event.

“Television executives have been frustrated because Mr. Sarandos has at times suggested Netflix shows would fare better than what is on cable and broadcast television. Last month, for instance, he said the Netflix show “Narcos” would be the most-viewed show on cable, not HBO’s “Game of Thrones.” “Netflix brought it on themselves when they make assertions like their show would be the highest-rated cable show,” Gary Newman, co-chief executive of the Fox Television Group, said in an interview. Likewise, Mr. Landgraf said in an interview, “If Ted doesn’t give ratings, he shouldn’t then be saying, ‘This is the biggest hit in the history of blah blah blah.’ He shouldn’t say something is successful in quantitative terms unless you’re willing to provide data and a methodology behind those statements. You can’t have it both ways.””

http://www.nytimes.com/2016/01/18/business/media/disruption-by-netflix-irks-tv-foes.html

7)          HBO is replacing its cable TV option in Spain with a new streaming service

One of the big trends in broadcasting is streaming and many broadcasters are evaluating the technology or have already implemented it. This particular move is remarkable because HBO is considering dropping cable distribution altogether and moving to a “streaming only” model in Spain.

“The Time Warner-owned network has made similar moves in the past. The company’s US streaming service, HBO Now, launched in April of last year, although US customers have been able to access a subscriber-only web service, HBO Go, since 2010. It also launched a streaming service in Norway, Denmark, Finland, and Sweden in 2012 called HBO Nordic, which has about 650,000 subscribers and also offers shows from AMC, Starz, and Showtime. HBO now has a similar service in Colombia that it hopes to expand to other Latin American countries.”

http://www.theverge.com/2016/1/19/10792640/hbo-spain-streaming-service-killing-cable-tv

8)          Apple Frustrated by Inability to Reach Deals With TV Programmers for Television Service

I’ve read about how Apple is going to disrupt the TV business every month or so for the past few years and yet they don’t seem any more of a force than Roku. Unfortunately, any Apple product is basically a mechanism to get you to buy other Apple products so I stay away from anything the company has to offer. Apple also has a nasty reputation among content providers, developers, and so on, so it is scarcely surprising any of them would want to get into a deal with them.

“Skipper’s comments are in line with recent rumors made by CBS CEO Les Moonves, who said Apple “pressed the hold button” on its streaming television plans after it was unable to establish the necessary deals. Rumors throughout 2015 suggested Apple was aiming to create a web-based television product that would offer a small bundle of channels for $30 to $40 per month. Apple has been attempting to create some kind of television service since 2009, but the company has run into resistance from cable and content providers time and time again because of a reluctance to interrupt existing revenue streams and fundamentally shift the way cable is provided.”

http://www.macrumors.com/2016/01/19/apple-frustrated-by-inability-to-reach-tv-deals/

9)          Memory capacity of brain is 10 times more than previously thought

Remember this the next time you hear a futurologist blathering on about artificial intelligence: we don’t only not know how the brain works, let alone how to emulate it, we evidently don’t even know, within an order of magnitude, what its memory capacity is.

“Salk researchers and collaborators have achieved critical insight into the size of neural connections, putting the memory capacity of the brain far higher than common estimates. The new work also answers a longstanding question as to how the brain is so energy efficient and could help engineers build computers that are incredibly powerful but also conserve energy. “This is a real bombshell in the field of neuroscience,” says Terry Sejnowski, Salk professor and co-senior author of the paper, which was published in eLife. “We discovered the key to unlocking the design principle for how hippocampal neurons function with low energy but high computation power. Our new measurements of the brain’s memory capacity increase conservative estimates by a factor of 10 to at least a petabyte, in the same ballpark as the World Wide Web.””

http://medicalxpress.com/news/2016-01-memory-capacity-brain-previously-thought.html

10)      Cisco fixes hard-coded password ‘backdoor’ flaw in Wi-Fi access points

This just goes to show you that companies who are supposed to know a thing or two about security seem to forget stuff. This is most likely not an NSA or other security agency backdoor because it is much too primitive – most likely it is due to straight up incompetence or inserted by a hacker. Either way, the fact it is so rudimentary and yet existed in Cisco products tells you something about the amount of care they take with their products.

“In an advisory posted late Tuesday, Cisco explained the flaw is “due to the presence of a default user account that is created when the device is installed,” but added that the account does not have full administrative rights. “An attacker could exploit this vulnerability by logging in to the device by using the default account, which could allow the attacker to gain unauthorized access to the device,” the advisory read. The company disclosed another flaw, rated “critical,” in some versions of Cisco’s Identity Services Engine (ISE), which could allow a remote attacker attackers to gain unauthorized access to the device’s administrative portal.”

http://www.zdnet.com/article/cisco-fixes-wi-fi-access-points-with-hard-coded-backdoor-access/

11)      Cheap web cams can open permanent, difficult-to-spot backdoors into networks

This is an example, albeit a bit stretched, of how someone can create a backdoor into a corporate or personal network. Although the camera itself was modified it is not necessarily the case that somebody would notice that their camera had been compromised. Once inside the firewall, hackers can gain access to much more than videos of cats.

“After accessing the Linux image filesystem, they unearthed a binary that performs verification and update of the firmware (checks if the filed opened correctly – its size – its signature – if the update is newer than the current one – checks if the file checksum is the right one). “At this point, adding a backdoor roughly devolves to adding a service inside a Linux system – in our case, all we want is a simple connect-back Socks proxy. This can either be accomplished with a srelay and netcat in the startup script or more optimized C code, or one could go with a simple callback backdoor with a shell using netcat and busybox which are already present on the system,” the researchers explained.”

http://www.net-security.org/secworld.php?id=19330

12)      Nest Thermostat Leaked Home Locations Over the Internet

IoT is a happy hunting ground for hackers since most of the products are slapped together by companies with no particular expertise in security (or, judging from most of the news about Nest, much else). These are, for the most part, low cost products put together by people for whom security is an afterthought.

“Nest may be the poster child for the so-called Internet of Things, but as it turns out, even one of the most popular connected devices—owned by Google’s parent company Alphabet, no less—isn’t free from the sorts of security flaws plaguing other smart devices. Researchers at Princeton University have found that, until recently, Alphabet’s popular Nest thermostat was leaking the zip code and location of its users over the internet. This data was transmitted unencrypted, or in the clear, meaning that anyone sniffing traffic could have intercepted it, according to the researchers.”

http://motherboard.vice.com/read/nest-thermostat-leaked-home-locations-over-the-internet

13)      Microsoft says new processors will only work with Windows 10

Microsoft’s move is generating a fair bit of backlash but it does make sense on a number of levels: most new processors are sold with the most recent OS and it doesn’t make a lot of sense to spend money supporting the small numbers who are going to build their own systems or downgrade the OS to earlier versions. From Microsoft’s perspective it is a way of saving money and probably lowering the odds of bugs and vulnerabilities.

“Soon, when you buy a new PC, it won’t support Windows 7 or 8. Microsoft has announced a change to its support policy that lays out its plans for future updates to its older operating systems, and the new rules mean that future PC owners with next-generation Intel, AMD, and Qualcomm processors will need to use Windows 10. It’s not usual for old PCs to fall short of the minimum requirements of a brand new operating system, but in this case, the opposite is happening. Microsoft and its partners will not be putting in the significant work necessary to make new hardware work with older versions of Windows. The old operating systems, at best, will merely lack the latest updates. At worst, they might not function properly.”

http://www.theverge.com/2016/1/16/10780876/microsoft-windows-support-policy-new-processors-skylake

14)      Adobe will try anything to stop a Creative Cloud cancellation

Adobe has a terrible reputation for customer service and, for that matter, buggy software. (Pro-tip: stop using Adobe PDF reader: practically anything else takes 5% of the disk space and doesn’t require biweekly security updates). It makes sense for some customers to use Adobe’s Creative Cloud Software as a Service, but it seems a lot easier to sign up than to cancel. Investors should be aware that a shift in business model might be good for earnings growth in the near term, but the company has no prospect for growth.

“Devon refuses all offers, so Chaitra changes approach and attempts to scare him into continuing to subscribe. Chaitra claims that he will be forced to pay 50% of his monthly rate for all remaining months as an early termination fee (in this case that would be for 12 months). Devon points out that his annual subscription expires “today” – the day they are chatting, but Chaitra says it’s too late and the billing has already gone through. It’s not until Devon asks to speak to a supervisor that Chaitra decides to allow the cancellation without any further charges being incurred.”

http://www.geek.com/apps/adobe-will-try-anything-to-stop-a-creative-cloud-cancellation-1644869/

15)      Government urged to use Bitcoin-style digital ledgers

Bitcoin is a combination of a mirage and a scam but the underlying blockchain and distributed ledger technology is interesting, especially if it is adapted and improved to remove some of Bitcoin’s numerous deficiencies. Unfortunately, governments have a remarkably even and consistent track record when it comes to implementing new technology: it rarely works as expected, invariably costs at least an order of magnitude more and is always late.

“Bitcoins are powered by blockchains – digital ledgers that record information from Bitcoin transactions to DNA. Sir Mark Walport has argued that they could be used by government departments as a more secure way of managing data. They could be used to help with tax collection, benefits or the issuing of passports, he has said. Blockchains consist of “blocks” of data in a digital ledger. Copies of these ledgers are shared by all the computers that access them, meaning they are distributed across the network. Because blockchains act as permanent records of every time that data is added to them – and because private blockchains allow access to specific users only – they are thought to be highly resistant to malicious tampering.”

http://www.bbc.com/news/technology-35344843

16)      PayPal and zero dollar invoice spam

There is probably no greater creative force than the mind of a criminal. Spam is a lot harder to produce than it used to be, but you can cut through most spam filters if you send from a trusted source, in this case PayPal. The spammers appear to open PayPal accounts and invoice people $0 which allows them to effectively send an email which is likely to be read, despite being traditional spam.

“So in short, without any feedback from PayPal or other evidence to the contrary, it looks like they’re serving as the delivery mechanism for spam which, of course, won’t be flagged as spam because it’s a “legitimate” email from them. The message in the “invoice” is quite clearly just that – spam – and this is almost certainly an abuse of the PayPal invoicing system. I assume that there’s either no cost to the sender for a $0 invoice or it’s low enough to justify the upside of the spam. This is one they certainly should get on top of though and allow me to make a suggestion: The same account sending out volumes of $0 invoices is probably something that should raise a red flag!”

http://www.troyhunt.com/2016/01/paypal-and-zero-dollar-invoice-spam.html

17)      Volvo promises deathproof cars by 2020

This is an appalling stupid thing to say, but probably good marketing. Safety is largely a question of how much energy hits you and so not even a tank is “deathproof”. Nevertheless most large auto manufacturers are working on these sorts of advanced safety features which will have a significant impact on injury rates. Volvo may get there early but their cars are prone to a variety of other deficiencies which they may consider addressing as well.

“Volvo has made a shocking pledge: By 2020, no one will be killed or seriously injured in a new Volvo car or SUV. Seriously. “If you meet Swedish engineers, they’re pretty genuine,” said Lex Kerssemakers, CEO of Volvo Cars North America. “They don’t say things when they don’t believe in it. “There is one big caveat. If someone really wants to hurt themselves, or is just really, really stupid… well, Volvo can’t do anything about that. But, assuming you’re not a suicidal maniac or a total idiot, in four years, you’ll be safer driving a new Volvo than you are climbing a ladder to screw in a light bulb.”

http://www.ktuu.com/news/business/volvo-promises-deathproof-cars-by-2020/37530414

18)      Toshiba Prepares Amphibious Robot for Fukushima Reactor Pool

In this case they aren’t talking about a C3PIO style autonomous robot but more of a remote control machine which can work in the reactor pools. If you think about it, remote controlled rovers have been in use in deep sea exploration for some time so this should be comparatively easy to pull off.

“If you had to pick somewhere to eat a picnic lunch in the Fukushima Daiichi nuclear power plant, inside the containment building of reactor 3 probably wouldn’t be at the top of your list, but it also wouldn’t be at the very bottom. The radiation inside the reactor 3 building isn’t as bad as inside reactor 1, but it’s still enough to prevent humans from working there long term. This is a problem, because there are a bunch of spent fuel rods in the reactor 3 swimming pool that really should be somewhere else, so Toshiba has come up with this hulking amphibious robot to perform the job remotely.”

http://spectrum.ieee.org/automaton/robotics/industrial-robots/toshiba-amphibious-robot-for-fukushima-reactor-pool

19)      Orbital ATK tests 3D-printed hypersonic engine combustor

Although most of the hype and hysteria associated with 3D printing has died down, it remains an interesting technology with great potential in industrial and medical uses. Here we have a company which has produced a functional, high tech rocket engine using the technology. It is a pity that the release doesn’t say more about why they chose 3D printing, etc.

“Orbital ATK has announced a successful test of a 3D-printed hypersonic engine combustor at NASA Langley Research Center. The combustor tested was produced through an additive manufacturing process known as powder bed fusion, which either a laser or electron beam to meld and fuse material powders together. Tests included exposure to a variety of high-temperature hypersonic flight conditions during a 20-day period, which included one of the longest recorded duration propulsion wind tunnel tests. Researchers involved say the unit met or exceeded test requirements. The tests were performed to verify a powder bed fusion-produced part could meet mission objectives.”

http://www.upi.com/Business_News/Security-Industry/2016/01/19/Orbital-ATK-tests-3D-printed-hypersonic-engine-combustor/8701453212239/

20)      British voice encryption protocol has massive weakness, researcher says

It is not clear whether the protocol was designed with mass surveillance in mind but it is hard to believe it is a coincidence. One can imagine that encrypted voice is the sort of thing mostly used by government and military so you probably don’t have to worry about your phone calls being listened to since NSA and other agencies already do that. Most likely the bad guys don’t use government sanctioned equipment to communicate and have their own codes, etc., which are inherently secure.

“A protocol designed and promoted by the British government for encrypting voice calls has a by-design weakness built into it that could allow for mass surveillance, according to a University College London researcher. Steven Murdoch, who works in the university’s Information Security Research Group, analyzed a protocol developed by CESG, which is part of the spy agency GCHQ. The MIKEY-SAKKE (Multimedia Internet KEYing-Sakai-KasaharaKey Encryption) protocol calls for a master decryption key to be held by a service provider, he wrote in an analysis published Tuesday. “The existence of a master private key that can decrypt all calls past and present without detection, on a computer permanently available, creates a huge security risk, and an irresistible target for attackers,” Murdoch wrote.”

http://www.pcworld.com/article/3024269/security/british-voice-encryption-protocol-has-massive-weakness-researcher-says.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s