TechByter Worldwide

Speak softly and carry a large microphone

 

23 Dec 2018

Security Challenges Coming in 2019

It doesn't get any easier. Those who deal with data security are constantly facing new challenges. That's one of the primary reasons I look forward to Cybereason's on-line conferences that are intended mainly for chief security officers at large organizations. Earlier this week Cybereason's chief security officer, Sam Curry, took a look at 2019 and it's not pretty.

Although these programs are directed at CSOs, the information should be of interest to anyone who uses a computer, a cell phone, or any devices that uses or stores data. One of Curry's primary points was that those who manage security put too much blame on users. Users aren't going to change, Curry said. If there's good news, it's the predictability of some cybercriminals.

The more worrisome attackers are the ones who are state sponsored and those who have no desire for monetary gain. They're less predictable, and yet Curry believes that we're unlikely to see Cyber weapons of mass destruction or the equivalent of a Pearl Harbor attack.

Curry mentioned FUD several times. If you're not familiar with the acronym, it's short for fear, uncertainty, and doubt. Although bot nets are not generally perceived by the public to be true cyber threats, Cybereason's Sam Curry says that attitude will need to change in the coming year.

Not surprisingly, the biggest targets will continue to be critical infrastructure, but those attacks might be staged primarily as diversionary tactics. Although we saw several large, splashy ransomware attacks this year, Curry says that the technology might be used more frequently to cover a criminal's tracks: After breaking in and stealing data, a clever crook might leave behind a bit of obvious ransomware code. The security team will find it, remove it, and re-image all of the company's computers, thinking that they've thwarted an attack. In fact, the clean-up effort would also remove evidence of the real crime.

Computers and the internet are great levelers. There are people who have money (mostly in the developed nations) and there are people who need money (generally in third-world and undeveloped countries). Those who simply need money to provide food and shelter for their families but live where no jobs exist are finding that cybercrime pays well. Additionally traditional crooks have discovered that crimes such as spear phishing gives them access to money or valuable information with little risk of being captured. Until now, spear phishing has been limited to large companies and individuals with high incomes, but Curry says that well written spear phishing messages with legitimate personal information about the recipient will be used across the entire financial spectrum.

Curry says there will be more attacks that use the Internet of Things; attacks that infiltrate through printers, firmware, and routers; and an increase in attacks either from or aimed at political hot spots.

So it looks like we should expect even more of what we've been seeing, along with expanding attacks on connected devices, the further militarization of cyberspace, more political action intended to reduce confidence in the electoral process, and a flood of spear phishing attacks for everyone.

Happy 2019!

Short Circuits

Maybe You'll Have the Windows 10 October Update Before January

Microsoft has resumed the process of rolling out Windows 10 version 1809, also known as the October update. Also known as the update that deleted files and folders. If it's not yet on your computer, version 1809 might be there before the end of the year. Or maybe not.

It's not yet on my primary computer (right), but I'll probably install it during the week between Christmas and New Year.

Installing the 1809 update on another computer ran to a successful conclusion with no problems.

Microsoft had been talking about artificial intelligence and its machine-learning system that examines drivers and anti-virus applications before pushing feature updates to PCs. That would make the process faster and less painful, they said. Missed it (as Maxwell Smart used to say on the old TV show) by THAT much!

If you want to download and install the version 1809 update, you'll find it on the Windows 10 download page. Or you can just wait. If you choose to wait, you may have a relatively long wait because of the way Microsoft phases feature update roll-outs.

The October 2018 update was supposed to improve operations for home and business users. There's a cloud-based clipboard that allows users to access a history of copied and clipped content across different devices. Improvements to Storage Sense provide new options for automatically removing old and junk files from hard drives. For businesses, the IT department will appreciate a simpler interface for managing security and a variety of other additions and updates that won't make much difference to individual users.

Many users have told Microsoft that a slower and more accurate update process is essential to avoid the release of unstable updates such as the one in October and Microsoft now gives those in the Windows Insider fast ring program a way to call the company's attention to the most severe bugs. After all, no application or operating system is bug free, but it's essential for developers to eliminate severe bugs such as ones that delete or damage files before releasing the software.

The Microsoft Power User website suggests never clicking the check for update selection on the control panel. The article cites a statement by Microsoft vice president Michael Fortin that explains selecting that option is interpreted (correctly, I think) that the user is seeking any available updates. Microsoft actually has several updates each month: The B release (second week of the month) is the one that's pushed out to all users, but C and D releases (third and fourth weeks) are available for testing of the following month's B release. The C and D releases are validated, production-quality releases that are optional. The Power User website seems to suggest that selecting the option just once will move the user into the Windows Insider program. That is not the case.

Coming Trends in Communication

Adobe has released a report called Seeing 2019: The Visual Trend Forecast from Adobe Stock and, although its aim is primarily visual communication, it offers some insights into overarching trends we'll see next year.

As I read the report, I kept thinking of the mid 1980s. Aldus released Pagemaker for the Mac in 1985 and for IBM computers in 1986. Ventura Publisher was released for IBM computers in 1986 and used the Gem operating environment. Eventually it was released for Mac systems (pre-OSX), but fell flat there. These two applications and those that followed were responsible for what became known as "ransom-note publishing" as people with no understanding of design started creating their own publications. The motto seemed to be This computer has 145 typefaces, so I should use all of them.

After a few years, the ransom-note publishers either learned enough about design or were sufficiently embarrassed to stop. There's still no shortage of bad design, but many non-designers who must design publications have reached the stage at which they are able to create publications that are at least not ugly. (Thanks to Rick Altman for describing the not-ugly trend that was beginning in the 1990s.)

Not only typesetting has come to desktop computers, but also video and audio creation and editing, photographic processing, website design, audio processing, and even user experience design. Various companies have applications that operate in one or more of these areas, but Adobe has applications for all of them and, with the exception of audio editing, illustrations are essential to each. That puts Adobe in a good position to analyze trends.

The report notes the massive change in how communications occur: "We’re no longer waiting for creatives to shape our visual worlds — instead, people are using technology to elevate and share their own unpolished, raw, authentic moments in full, vivid color. Each day, 95 million photos are uploaded to Instagram and people watch 100 million hours of video content on Facebook. Gen Z and Millennials are leading the charge but all ages are in on it, powered by mobile-first platforms that allow on-the-go content and live streams on social media."

Gone are the days when businesses and organizations used only high-quality, properly composed, accurately exposed images from professional photographers. Those high quality images are still needed, of course, but they're being joined by images provided by the companies' customers. American Eagle launched a campaign that encourages women to post unretouched photos of themselves to celebrate body positivity, and furniture companies such West Elm and Wayfair invite users to post photos of their new products, so that consumers can see how the products look in real homes.

Individuals, for better or worse, create and post political memes, some of which are accurate and others that are even less accurate than those produced by Russian hackers. I'm hopeful that most of us will eventually learn to identify untruthful images by asking intelligent questions about them and researching the claims. If that happens, the invalid claims will fade just as ransom-note publishing faded in the 1990s and early 2000s.

Adobe's visual trend forecast notes that even when there’s no political agenda, the new self-expression is all about inclusive, unapologetic, eye-catching visuals that cut through the noise. The images can be haunting and hypnotizing, the report says, citing images from "luxury fashion house Balanciaga’s ... bendable models to shiny and playful [photos] like ... Instagram posts ... [from] the KiraKira app."

The report predicts that 2019 will be a year in which our visual landscape will reflect far more than fleeting fads, likes, and shares. "We’ll be surrounded by images that capture passionate, beautiful, ageless, contentious, messy cultural conversations about values, how we express our individuality and experiences, and how we find refuge in tumultuous times." Well, we can hope.

The full report is available on the Adobe website.

See You Next Year!

This is the final program/podcast/blog for 2018. The final week of the year is the time when I relax with the family, have a beer or two, and amuse the cat. Also during the coming week, I'll be doing a bit of site remodeling. Spare Parts has been in a column at the right for several years and I've heard from a lot of people who don't care for the positioning, you'll find it in a new location when you return next year. It will still be only on the website and not included in the podcast.

I'll tell you more about the changes on January 6, so for now I'll say only that the new site should work better on mobile devices and it'll be more secure.