Thank the NSA for latest global ransomware – Bangkok Post

Everyone is talking about WannaCry(pt), the latest ransomware worm that attacked over 150 countries across the globe. It hit hospitals, universities, businesses, a telco, train stations and more. Microsoft responded by releasing emergency security patches for Windows versions as far back as XP. To Microsoft's credit they had released a patch for the issue in February, well before this exploit hit, so those that did not update were the ones hit. The lesson here is to install your security patches when they are available.

The exploit was via a vulnerability in the SMB file share system. The bug was found after the NSA's EternalBlue tool was stolen, yes, the NSA was using the exploit. Initially the tool was used to hack into devices but this latest version was added to ransomware. The unlock cost is between US$300 (10,400 baht) to $600 regardless of the target. It also adds Doublepulsar, a backdoor that allows the machine to be remotely controlled, also stolen from the NSA. BitDefender sent an email saying I was already protected but many were not. The attack was stopped when a clever person in the UK found the kill switch. There are rumours that North Korea was behind this attack like they were with the big Sony hack a while back. Others are suggesting it was a much smaller group.

The potential next version of Android, or its replacement, called Fuchsia has been tested in an early development build. The need for such a product was triggered by Oracle's litigation against Google to get Android royalties. It is open source and you can find it on Github. Hotfix's Kyle Bradshaw compiled the most recent version and you can see what it looks like by searching for "Fuchsia OS Armadillo preview" on YouTube.

With the world moving away from the PC and towards the notebook many are looking for a solution for multi-monitor support. Modern notebooks are so thin they no longer have monitor ports but don't despair, there are many solutions to try. Thunderbolt ports support video, audio, standard data transmission and power. You will of course need a Thunderbolt compatible monitor. Another solution, for those with only one Thunderbolt or USB-C port, is to get a docking station. For older users, the options include a splitter cable, a splitter box and perhaps some USB-to-HDMI adaptors. If you have the right kind of notebook, e.g. a Razor, then you may even be able to use a proper graphics card inside an external box. Those that have tried or used multiple monitors rarely want to go back to one.

The MP3 or MPEG Audio Layer III format has been officially killed off by the Fraunhofer Institute, which did not renew the IP rights and ceased their licensing programme. No, MP3 is not gone, it has essentially become free. MP3 is still a popular format even though others like AAC variants and MPEG-H have more features, better audio quality and use less bandwidth. With the growth of memory on devices many also now use FLAC, a lossless format rather than MP3 which reduces information but "tricks" the ears into hearing all the sound. The most recent example is MQA that may be the basis for the next great streaming technology.

Since I didn't get the LG V20 phone I'm now looking at the Huawei P10 Plus. This is a 5.5-inch QHD+ phone with 6GB of memory and 128GB of storage for a fraction of the price of the Samsung S8. The Leica dual camera is very good and it comes with the latest Kirin 960 processor. It supports a microSD but you would have to be doing a lot of 4K recording to even need such an expansion of up to an additional 256GB. A 3,750mAh non-removable battery adds some extra life and it is Android 7. Unlocked versions are already available for as low as US$630 (21,750 baht) in some places.

I was at a presentation demonstrating the SQLServer on Linux recently and besides the fact that it installs quickly, the advantage of this is that you can set up a virtual machine on a Windows 7 PC and run the latest versions like 2016 or the newest 2017. For Red Hat, Ubuntu and SUSE the product is fully integrated and an update is a simple command line. In the demo using Oracle's free VM, an Ubuntu core virtual machine was created and then SQLServer installed, which was then accessible from the Windows SQL Server Management Studio. Apart from one step involving partitioning, it was all seamless and fast. There are plenty of tutorials on the internet to walk you through this.

Finally for this week, Cray the supercomputer people are moving to supercomputing as a service model, which given how everything else is going should come as no surprise.

The rest is here:
Thank the NSA for latest global ransomware - Bangkok Post