Dr. Bill | The Computer Curmudgeon

People don’t like not having a 1/8 inch jack in their phone, what would you think of NO jack of any kind in their phone?

Apple will reportedly release an iPhone without any ports in 2021

The Verge – By: Chaim Gartenberg – “Noted Apple analyst Ming-Chi Kuo has a new research note predicting Apple’s next two years of iPhones, and there’s a wild new detail: Apple’s 2021 flagship iPhone will reportedly kill off the Lightning port, but USB-C fans (like myself) shouldn’t get too excited. According to Kuo’s note, Apple won’t replace the proprietary port with USB-C; rather, it will rely on an entirely wireless experience for charging and syncing, via 9to5Mac.

The change would be a big one for Apple, which has relied on the Lightning port for all of its phones since it was first introduced on the iPhone 5 in 2013. And while modern-day iPhones are certainly less reliant on physically syncing data, going to a fully wireless model would have huge ramifications across the tech industry, with everything from charging cable companies to headphone manufacturers being impacted. Obviously, we’re still a long way out from 2021 — Apple’s 2020 iPhones aren’t even here yet — but Kuo does have a good reputation for predicting Apple’s plans, meaning it’s entirely possible that this is what the future of iPhones will look like.

Additionally, Kuo’s note goes into more details about what to expect from Apple’s 2020 lineup, which he notes will feature five new phones. First up is the long-rumored iPhone SE 2, which Kuo says will have a 4.7-inch LCD display and a form factor nearly identical to the iPhone 8.

The fall lineup of iPhones is where things get a little odder. Kuo’s note says that Apple is planning four OLED iPhones, all of which will have 5G. Similar to this year’s phones, there’s reportedly going to be a high-end triple-camera model (which will also feature ToF technology), which will come in two sizes: a 6.1-inch model and a 6.7-inch model. Presumably, these two are replacements for the existing iPhone 11 Pro and iPhone 11 Pro Max.

There’s also a lower-end dual-camera model, similar to the standard iPhone 11. But unlike the current lineup, that dual-camera model will also come in two sizes. According to Kuo, the new model (let’s call it the iPhone 12) will feature a 6.1-inch size, similar to the current iPhone 11, but it’ll also come in a smaller 5.4-inch size.”

Yes, I know it is going everywhere, but we now have real, actual 5G coverage in the Piedmont Triad of North Carolina through T-Mobile. Check the coverage here:

T-Mobile 5G Coverage Map

I used my Zip Code of 27265 and I was impressed!

You may not care for Glenn Beck, but ignore the source on this one. Whether you like the interviewer or not, the issues discussed are real and thought provoking. PLEASE take the time to watch the discussion all the way through. It is FASCINATING!

“Technology is advancing faster than ever, and it’s not slowing down. This decade was the era of smart phones, streaming, and the internet of things. But with 5G and AI on the rise, high-tech executive Jeff Brown believes 2030 will be a new world. Brown is an early-stage tech investor and analyst who’s seen the modern technological revolution firsthand. He describes quantum computing as a moon landing and 5G as game-changing. He predicts a near future full of artificial intelligence, self-driving cars, wireless surgeries, genetic healing, cryptocurrencies, and more! But with equal advances in encryption hacking and the AI tracking abilities of Google, Facebook, and even China, we must control our own data!”

I just recently signed up for Disney +, and probably, so did you! Sigh. Watch out!

Thousands Of Disney+ Accounts Are Up For Sale On Hacking Forums

Forbes – By: Lee Mathews – “Disney’s hotly-anticipated streaming service Disney+ finally launched this week. Despite being open to the public for just a few days, hackers have already hijacked thousands of accounts and put them up for sale on the Dark Web.

Reporting for ZDNet, Catalin Cimpanu discovered several listings for Disney+ accounts on different underground hacking forums. The going rate for a hacked account appears to be somewhere between $3 and $5.

That’s three to four times more than the asking price for a hacked Netflix account. Logical enough, given the excitement around the Disney+ launch.

So how is it possible that these accounts – many of which are just a few days old – have already been taken over by hackers? I haven’t seen any reports confirming the root cause, but it seems likely that bad habits are to blame.

One bad habit in particular: password re-use.

You should never, ever use the same password for multiple websites or online services. Security professionals have been repeating this refrain for years.

One bad habit in particular: password re-use.

Their warnings often fall on deaf ears, unfortunately. To users creating yet another account, it can feel like too much trouble to come up with a unique password to protect it.

When you’re creating a new account – whether for a hot new service like Disney+ or any other – remind yourself that hackers are always lurking in the shadows and ready to attack.

They’re armed with billions of email addresses (likely including yours) and billions of previously-used passwords. Using automated brute-forcing tools they can quickly break into accounts en masse.

Recovering a compromised account can be tricky, too. Once a hacker has gained access they tend to move quickly. They revoke access to authorized devices and then change passwords to prevent users from logging back in. They’ll change the email address associated with an account, too, which stops users from using automated password reset tools to regain access.

If you’re getting ready to sign up for Disney+ – or any other service, for that matter – get yourself a password manager first. Use it to create a unique password and let it remember that password for you.

Otherwise you may find yourself fighting to regain access to your account before you even have a chance to enjoy what you’ve signed up for.”

Cyware.com: Understanding the difference between risk, threat, and vulnerability

Vulnerabilities refer to weaknesses in a system or program that can be exploited by threats to gain unauthorized access to an asset.

Cyber threats refer to cybersecurity circumstances or events that can result in harm to the target organization.

Terms like threats, vulnerabilities, and risks are often confused with each other when it comes to cybersecurity and cyber attacks.

The post aims to define each term while highlighting the difference between them.

Vulnerabilities

Vulnerabilities refer to weaknesses in a system or program that can be exploited by threats to gain unauthorized access to an asset.

They make threat outcomes possible and potentially even more dangerous.

Examples of common vulnerabilities are SQL Injection, Cross-Site Scripting, server misconfiguration, sensitive data transmit in plain text and more.

Cyber threats

Cyber threats refer to cybersecurity circumstances or events that can result in harm to the target organization.

For example, threat actors can exploit a vulnerability, intentionally, or accidentally and obtain, damage or destroy an asset.

Threats include organized crime, spyware, malware, adware, and disgruntled internal employees who start attacking the employers of the target organization.

Common threats are social engineering or phishing attack that leads to an attacker installing a trojan or stealing information from your applications or overloading the ISP of a data center with unwanted traffic.

Risks

Risk is a metric used to understand the loss (both in terms of finance and physical) caused due to loss, damage or destruction of an asset.

Usually, it is translated as Risk = threat probability * potential loss/impact.

To get a clear understanding, let’s take the example of a scenario involving SQL injection vulnerability:

SQL Injection is a vulnerability that can be exploited to steal sensitive data theft.

Financially motivated attackers are one of the threat actors that usually leverage the vulnerability.

The impact of sensitive data getting stolen will bear a significant financial cost to the business. It will also hamper the reputation of the business.

The probability of such an attack is high, given that SQL injection is an easy-access, widely exploited vulnerability and the site is externally facing.

Therefore the SQL injection vulnerability in this scenario is treated as a high-risk vulnerability.

Cyware.com: HTTPS, SSL, and TLS: How are they different from each other?

HTTPS is the ‘Secured’ version of HTTP which stands for ‘Hypertext Transfer Protocol’.

Secure Socket Layer (SSL) was created by Netscape Communications Corporation in 1994.

These above-mentioned three protocols are used between browsers and web servers for the safe exchange of data but the main difference lies in their functionalities. Let’s take a dive into what each one of them stands for and how they differ.

HTTPS

HTTPS is the ‘Secured’ version of HTTP which stands for ‘Hypertext Transfer Protocol’.

It is used by different browsers and web servers to communicate and exchange information.

In other words, the exchanged data is encrypted with SSL/TLS; hence called HTTPS.

HTTPS-based websites are less vulnerable to cybercrimes. For example: If your online site is not secured with HTTPS, then bad actors can intercept the content of the website and then easily create the exact replica of the payment page to capture your credit card numbers and other personal details.

By default, HTTP uses port 80 and HTTPS uses port 443.

SSL

Secure Socket Layer (SSL) was created by Netscape Communications Corporation in 1994.

It was designed to create a secure internet communication via the Web.

It is a standard protocol that encrypts communication between the browser and the server, thus allowing easy and safe transfer of sensitive information like social security numbers, credit card details and login credentials.

It utilizes two types of keys: (1) Public keys – that are known to everyone; (2) Private keys – that is known only to the person receiving the message.

TLS

Transport Layer Security (TLS) – a renamed version of SSL 3.1 – came into existence in 1999.

TLS 1.3, released in March 2018, is the latest version of TLS.

It is a protocol that allows communication between the internet and client-server applications. It forms a secure communication via the Web for email, data transfer and faxing.

TLS has two distinct layers: TLS Record Protocol and TLS Handshake Protocol.

TLS Record Protocol establishes a secure connection with encryption methods like data encryption standard. On the other hand, the TLS Handshake Protocol allows authentication for servers and clients together.