Posts Tagged

technology

Sony’s DRM Nightmare

Elizabeth Technology March 21, 2024

In 2005, an organization had been covertly installing a program similar to a rootkit onto consumer devices without warning. For those who haven’t heard it before, a rootkit is simply a program that is designed to remain unfindable on a device. They aren’t all bad, but their difficult-to-detect nature and ability to evade even aggressive anti-virus makes them a top-of-the-line tool for hackers. Back to the story.

The rootkit was on the lookout for ‘suspicious activity’, and if it detected any, it would quietly alert the parent company. However, even if you had nothing to hide, you still had something to fear: the rootkit left a gaping security hole, and a smart enough hacker could piggyback off of it to get Trojan Horses, Worms, and other nasty bugs in without alerting the computer that “hey, there’s an .exe file doing weird stuff!”

The rootkit was designed to hide itself, and it would hide the bugs behind it. There was no mention of this anywhere in the EULA agreement for the program that had the rootkit.  The parent company hadn’t meant to leave a backdoor, but they did, and attempts to fix it without removing their own program just made the problem worse. Attempting to fake fixing it with an uninstaller only hid the program deeper in the system, and trying to uninstall it could brick the computer, depending on which program you got. They’d really screwed themselves, and they hadn’t expected to get caught.

This wasn’t some Russian hacking scheme, or some government overreach – it was Sony, attempting to keep copyrighted material off of pirating websites. Talk about an overreaction.

The History

At some point, a company has to admit it would rather ruin the legitimate user’s experience than let a pirate go unpunished. That’s very understandable: stealing is wrong, and smug pirates behaving like they’ve gotten one over on ‘the system’ are frustrating. Ordinary responses to this can be anything from asking for the license # on the inside of the clear case to more subtly ruining the audio quality of pirated copies. This is a normal level of copyright protection. Very determined pirates could still get around these measures, but hey, you can’t spend all your resources on the fringe cases.

Companies are aware of this, and some begin to factor ‘unstoppable piracy’ into their calculations – you know, like grocery stores will factor in ‘lifting loss’ and spoiling produce. Companies usually determine they’d be spending more on preventative measures than they’d be keeping on the shelves. Theft is wrong, but so is littering and driving without a license. Somehow, all three still happen anyway. Sony is very mad that pirates are getting away with fresh content, and they want to do the equivalent of TSA pat-downs on everybody at the exit of the grocery store to stop a small percentage of thieves.  They don’t care anymore; nobody is going to get away with it.

Was it Reasonable?

Napster and LimeWire are making inroads into the music industry’s profit, and 2005 was the peak. The pirating of copyrighted content is only made easier with the rise of the internet, and Sony realizes it’s nigh impossible to find the illegitimate downloaders, and uploaders were only marginally easier. They decide to go for the source, but they decide to hit hard.

“The industry will take whatever steps it needs to protect itself and protect its revenue streams… It will not lose that revenue stream, no matter what… Sony is going to take aggressive steps to stop this. We will develop technology that transcends the individual user. We will firewall Napster at source – we will block it at your cable company. We will block it at your phone company. We will block it at your ISP. We will firewall it at your PC… These strategies are being aggressively pursued because there is simply too much at stake.” – Sony Senior VP Steve Heckler

This quote was said in 2005, after Sony had merged with another company, BMG. BMG had an incident in Europe in the 2000’s, when they’d released a CD without warning users of the copyright protection on the inside. Apparently, burning money to replace those CDs (and burning goodwill) was not enough of a lesson, and Sony and BMG together prepared to take a stand against pirates.

The Problem

They’re going after the big boys, the folks downloading music to upload everywhere else…for free.

These are the people depressing profits, in theory. Some companies theorize that once these people are gone, the people passively pirating by downloading stuff from them will also disappear and go back to buying the content. They’re somewhat right, and this audience shrinks over time. More on that later.

This is illegal and very annoying! The estimated lost sales from piracy were in the billions, and many companies were beginning to look at more intense DRM: Digital Restriction Management.

To some people, DRM is the root of all evil, the seed of the eventual downfall of consumer’s rights. After Sony’s screw-up, they were right to call it as such. John Deere, Apple, Sony, Photoshop, etc. are all slowly eating away at their own best features for the sake of pushing users into proprietary software. Software they’re not allowed to repair because of DRM. Take Deere: if a new Deere tractor detects a common tractor repairman’s diagnostic software, a Deere tractor will stop working until you call out a Deere technician. This obviously drives up demand for Deere technicians, and it’s horribly restrictive to the user. Lawsuits are in progress right now over this because the obvious result is that Deere can cost you your farm by doing this.

To others, DRM is an essential part of the free market. Companies should be allowed to protect what they made, and if users find their methods extreme, they shouldn’t have bought it. And in less extreme circumstances, they’re right! That’s what the EULA, the End User License Agreement, is for. The user can decide if they’re willing to put up with the DRM specified in the Agreement, and if they’re not, they don’t have to buy it. ‘If you pirate this, it will only play static’ is reasonable.

Sure, some super-cheapskate who found a sketchy download off some sketchy site is going to listen to static with Hint of Music, but the average user would rather buy the disc and be done with it. If the company can make the ripped upload sound like garbage when it’s off its home CD, they won. The company has successfully used DRM here to keep their honest customer honest, and any would-be pirates away. And they did it without destroying either computer! As Stewart Baker of the Department of Homeland Security said, “it’s your intellectual property – it’s not your computer”.

Doing it this way means normal consumers still get a high-quality product, and if the DRM is limited entirely to the content itself, there’s no risk of it coming back to bite the company in the butt.

Still, if you really disagree with DRM, there were companies that successfully reduced their piracy problems in other ways. Some found that guilt was enough, others found that once certain websites were gone, their piracy problems disappeared too. Warning folks that piracy was still a crime got the people who didn’t know any better to stop. Fines did a number on the folks who were too bold or too dumb to not get tracked with non-DRM means, and for the people who were doing it because it was more convenient? They reduced their pirating when better paid methods became available. Sony’s problem could have been solved in a lot of ways!

Besides, Sony wasn’t struggling. Lost sales are not the same as losses! Companies are still making profit, just not as much as they’d like. Property is not being damaged, and nobody is experiencing physical harm as a result of pirating.

The Response

Sony’s DRM was a severe overreaction to the problem at hand, and it did lead to several lawsuits. As said at the beginning, Sony had not only installed software without the user’s knowledge, but they’d then left a big entry point for security threats to get in undetected. Hundreds of thousands of networks were affected, and some of them were government. Once someone blew the lid on the DRMs, they released a cover-up “uninstaller” that just hid the rootkit better and installed more DRM content on the user device.

This does not help!

The blown cover for the rootkit meant that black-hat hacking organizations could tool around and create something that could get into anything with that rootkit on it, undetected. Eventually Sony was forced to admit this was wrong, but not before screwing over a couple million people who just wanted to listen to Santana or Celine Dion from a CD they paid for. Over pirates.

Yeah, there’s some lost profit – but it doesn’t outweigh the regular customers.

The Aftermath

Sony’s first instinct is to hide it. As mentioned in the article above, the uninstaller available didn’t actually uninstall it, and some users reported issues of system crashes and their machine bricking up when the uninstaller’s poor programming tried to interact with the rest of the device’s programming.

Their second decision is to lie – ‘the DRM has no backdoors and doesn’t pose a risk to your computer’s security’. This is demonstrably untrue, and given that they were already in the beginning stages of recall, could be considered a deliberate lie.

Sony’s third action is to recall the discs with the DRM on it, but they don’t get all of the discs. Some users aren’t sure if their disc is affected or not, and even non-profit organizations dedicated to maintaining free internet can’t figure out what discs have it and what discs don’t. The best they can do is a partial list. Stores in New York and Boston are still selling the discs three weeks after the recall. However, users do get to swap their disc with an unprotected one through the mail. Sony seems to have acknowledged their screw-up at this point.

Sony’s fourth action is more a consequence – they stick a class-action lawsuit sign-up notice on their home website, and users affected can claim damages up until 2006. Class-action lawsuits filed by individual states start to drag down Sony’s profits more than the piracy ever did, and the end result is a mandate to put warnings on the cover of discs and to stop using DRM that could damage a user’s computer. DRM is still allowed, it just can’t be possible to destroy a computer to protect a song license. The feds actually considered this a breach of federal law and stated that it was engaging in deceptive and unfair business practices. Sounds about right – consumers wouldn’t have bought a disc that downloaded DRM without their knowledge. From conception to execution, this was a moral, ethical, and legal mistake. While pirating is wrong, it’s possible to be more wrong trying to stop it.

https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal

https://us.norton.com/internetsecurity-malware-what-is-a-rootkit-and-how-to-stop-them.html

https://www.wired.com/2006/12/sony-settles-bm/

https://www.theregister.com/2005/11/01/sony_rootkit_drm/

https://money.cnn.com/2005/06/24/news/international/music_piracy/

https://www.networkworld.com/article/2998251/sony-bmg-rootkit-scandal-10-years-later.html

https://fsfe.org/activities/drm/sony-rootkit-fiasco.en.html

https://digitalscholarship.unlv.edu/cgi/viewcontent.cgi?article=4058&context=thesesdissertations

https://www.networkworld.com/article/2194292/sony-bmg-rootkit-scandal–5-years-later.html

The Worst Way To Make A Password

Elizabeth Technology March 19, 2024

There are many ways to make good passwords.

How do you make a password that barely protects you at all?

1) Use something really identifying

Using a password like “dadof4” or “kayaking” when you regularly tell people that you have four kids or that you kayak is a good way to let your acquaintances know that you might be easy to Facebook-hack. The same goes for any interest, really! If your password is a political slogan or something to do with something you own and regularly post about – like a classic car, or #vanlife – you’re in for a bad time.

2) Use a Sequence

This goes beyond something like “12345” or “2468”.  Don’t try the Fibonacci sequence, don’t try whatever the DaVinci Code had going on with that codex thing – don’t try pop-math as a password. Most brute-forcing AI is designed to try these numbers first. Trying a single instance of an eight character password in a dictionary attack takes less than a tenth of a millisecond on a reasonably powerful home-desktop computer, of course a cyber-criminal is going to put all the memorable sequences at the front of the queue.

3) Use Pop Culture

In fact, stay away from pop password references in general. Ramses2? Someone who knows you like Watchmen could guess this. EequalsMCSquared? If your buddies know you like Big Bang Theory, the password’s not good enough. There are plenty of nonsensical pop-culture references that make good passwords – so you don’t need to be using the passwords that are super obviously passwords, the passwords the characters use in the show. Just stick to the sayings or catchphrases that are somewhat obscure, and make sure it’s A) long enough and B) mixes in enough special characters to thwart brute-force AI. Don’t let your hint (if the website lets you set one) become a trivia game.

4) Make it too short

Most websites won’t even let you get away with anything less than eight characters, but in case you find a really ancient one that doesn’t have these requirements, a surefire way to get yourself in trouble is to make your password very, very short. I’m linking a better description that goes over the equation in more detail here.

The equation they use assumes it will take 0.0017 milliseconds to compute a hash, or (1.7*10^-6) seconds. Multiply that by the available character libraries: 26 (all lower- or all upper-case only), 52 (upper and lower cases), 62 (upper and lower cases and also numbers), or 80 (all of the above + special characters allowed in the password field). You multiply the character library by the number of characters in the password, and then divide all of that by two. For an eight character password written with upper and lower case libraries, the equation is this: ((1.7*10^-6)*52^8)/2 (seconds).

This is the time it takes to compute one hash multiplied by the number of characters that could be in any one spot, times the number of spots, on a regular computer. Botnets and super computers, which hackers may have access to if they’re well-funded, take a thousandth of that time. When it’s very crucial to keep bad actors out, limiting login attempts and 2FA can help hold back even the most powerful of computers – but most people aren’t going to be targeted by someone with a botnet.

Basically, what you should glean from this is that a ten-character password using all available character libraries (26 upper case plus 26 lower case plus numbers 0-9 plus special characters) takes about three years to crack on a bot-net or a supercomputer and may as well be impossible on a single desktop.

An eight-character password with the same libraries takes approximately 4 years on a desktop, minutes on that botnet/supercomputer. Still powerful, not as powerful as a ten-digit one though. An eight-character password with only lowercase or only uppercase (26 total possible characters) will take two days on a desktop, seconds on the botnet.

A four-character password with all the full character libraries takes 34 seconds on a desktop, using the equation provided.  On the botnet, it’s broken in less than a blink. The number is even worse if you’re sticking to upper or lowercase letters only. If you want a bad password, shorter ones are the best way to make problems for yourself! Vice versa, the longer a password is, the harder it is to crack. Every character adds exponential amounts of time to the botnet’s attempts.

5) Make it a Sequence with numbers

Using “Password – Password1 – Password2…” can turn into a security problem, even though an AI might not be able to guess what you’re doing right off the bat. Using “ILovePuppies2” should, in theory, not be any less secure than “ILovePuppies1” or “ILovePuppies3”. Mathematically, they’re the same number of guessable characters to an AI. However, if your coworkers know that you use a base password with numbers behind it, they could brute force your account with knowledge the AI doesn’t have, and get in.

6) Use special characters in places you won’t remember them.

Doing the bare minimum eight to ten characters with an @ or a & sign thrown in there makes you more secure. However, it also makes the password more difficult to remember. If you were online in the 2000s, you might remember LeetSpeek, wh353 3W3 T&P3 L1%3 7H12. It was awful. Entire paragraphs were unreadable because the writers didn’t have solid rules for letter replacement, and would mix in homophones for words just to up the difficulty even more.

If you don’t remember your own rules for replacement (is 2 an S, or a Z? Do you always use % for K, or can it sometimes also be X? etc.) when writing a LeetSpeek password, you’re just making an easy-to-forget password with more steps. The same goes for using special characters in general – if you know you’re not going to remember replacing A with @ or 4, you’re going to give yourself a lot of trouble by trying to force these special characters in when you could use others, like punctuation characters, in easier-to-remember spots.

LeetSpeek makes great passwords – if you’re used to it, and if you know that your word or phrase will always come out with the same replacements. If SPEAKFRIEND is always 5P34KFR!3ND and never SP34%5R13|\|D, you’ve got a good code going on. Otherwise, you may as well be keysmashing.

7) Keysmashing

Don’t do this unless you have a password manager. You’re not going to remember the keys you hit. Your browser might, but then what do you do when you’re not on your native browser? You’re stuck resetting the password. Don’t keysmash. Just…don’t. It’s a bad way to make passwords. If you’re truly obsessed with randomness in your password, a solid password manager is a great way to make sure you a) always have your password with you and b) always pick a password with peak randomness. After all, keysmashing usually makes all the characters lowercase and keeps special characters out – it’s not actually fully randomized.

8) Make it something you won’t remember at all

Having to regularly reset your password is definitely annoying – and it can lead to security gaps when users get fed up with having to hit the reset password link, go to their email, hit that link, go back to the website, pick a new password, type it in twice, wait for the two-factor authentication message to come in, yada yada. CIS recommends no more than once a year because this is so common. The frustration of having to do this song and dance every couple of weeks can lead users to write their password down – which is significantly worse than just leaving the old, strong password that they remember as it is. Regularly resetting passwords won’t improve the security of the system if the user got it right the first time, and there’s solid 2FA in place – even the FTC agrees!

9) Use a master password for everything

It’s good to have a strong password. It is not good to use that same strong password everywhere! Let’s say you subscribe to an online game website. The game website is free, and the account is purely for age verification, so there’s no payment details. Only your email and password. (This applies to online forums, too!) They don’t invest in top-notch security because there’s no real reason to, no payment details, no SSNs stored somewhere, so a hack wouldn’t destroy their users – it would just be annoying to lose save progress for games. Unless…

Unless those users use a master password that’s tied to their email for every account they have. And if a hack were to get both off some little website that doesn’t even store payment data, like they frequently do, suddenly a hacker has access to everywhere you’ve used that master password. They’ll try everywhere. Every bank, every shipping company, every streaming service. That’s why the gaming website is even a target in the first place. It’s tempting – don’t do it.

10) Don’t use Two-Factor

If you really want an unpleasant online experience, don’t use two-factor anywhere. That way, even good passwords can act like bad passwords! Consider bullet number 4 here to imagine the power of a very determined hacker. Ultimately, if something’s really, really determined – it will spend all the resources it can to get in. Using two-factor can only help you! An eight-character password with no attempt limit is not nearly as much protection as it used to be, so Two-factor is essential unless you’re looking to have a bad time.

Sources: https://thycotic.force.com/support/s/article/Calculating-Password-Complexity

https://www.ftc.gov/news-events/blogs/techftc/2016/03/time-rethink-mandatory-password-changes

What is an RFID Chip?

Elizabeth Technology February 27, 2024

Definitions

RFID stands for Radio Frequency Identification, and it’s usually used in the context of a chip! There are active and passive types: an active RFID chip has a tiny battery with it, while a passive one is powered by the energy of the reader’s signals alone. Active chips can be read from much greater distances, but the battery makes them heavier and more expensive. Meanwhile passive chips have to be blasted with the RFID signal to be read.

How do they work?

RFID chips are great because they’re small, and they don’t take line-of-sight to read like many other cataloguing techs do.

There are three major parts to an RFID chip: the microchip, an antenna for receiving and broadcasting signals, and substrate to hold it together. RFIDs work with radio waves, a form of electromagnetic radiation. They actually got their start during the end of WWII, where a Soviet engineer created a passive listening device activated by radio waves, which would then store a small amount of information about the transmission. It wasn’t really the same as what we use in security tags and inventory systems today, but it was a tiny passive chip with information stored on it passively, and that’s close enough! 1973 saw a real attempt at the kind we have today, and ever since, they’ve been shrinking in size.

RFID chips can also come with read-only or read/write memory, depending on the style of that chip. Essentially, it has a very small amount of memory on it, just enough to store things like batch number, serial number, or address, in the case of pet tags. They’re not very complex: in the case of an active tag, the reader simply dings the RFID chip, which then responds on a compatible wavelength with the relevant information via that antenna.

Some chips broadcast constantly, while others broadcast on a regular interval, and some wait for the RFID reader to ding them before they send their data. In a passive chip, the RFID reader has to ding the chip so hard that it absorbs enough EM radiation to respond – energy hits the antenna, travels to the chip, and powers it enough to activate the antenna for signalling, which then causes the chip’s signal to travel back up the antenna and transmit to the reader. Neat!

Utility

An RFID chip’s low profile and small size makes them great for inventory management. Since the chip doesn’t need line-of-sight like barcode scanners do, production doesn’t have to worry about maintaining a certain orientation towards cameras for their items, they can just pass them over an RFID scanner and they’re good to go. Radio waves can pass through solid objects!

The RFID chips are also good at tracking inventory while in the store: you’ll notice many big box stores have an exit with detectors alongside the doors, which prevents unscanned or active chips from getting out the door. It also sometimes triggers on nametags and items the cashier had to scan in the cart, but most of the time it works as intended.

RFID chips are great for livestock and pet chipping – they’re small, and not only are they less painful than a tattoo, the data is also unlikely to migrate or blur like ink could in a pet’s ear. The initial wound is also smaller, which makes infection less likely. That doesn’t mean they’re perfect, but they carry a lot more information for less relative risk to the animal.

On the human side, RFID chips are frequently used in employee identification badges – the theory is that it’s harder to copy and easier to read than a barcode scanner for restricted areas. Some people go so far as to get them implanted, but the ethics of that are… iffy, to say the least, even if they want the implant. The long-term effects in humans just aren’t that well-known, and while pets are a good indicator that nothing should go wrong, pets also don’t have to worry about getting their phone hacked because their pet tag carried a virus along.

RFID chips are now popular in credit cards! The chip in the card is (in theory) safer than the regular magnetic stripe, and it’s supposed to be much harder to copy. Of course, early versions still had their issues, but now they’re difficult to signal from a distance.

Flaws

RFID chips aren’t free from flaws.

Security can be a problem, especially for active chips, which can be read from hundreds of meters away. Most vendors have some sort of protocol in place, but for a hot minute, RFIDs in cards were a potential security nightmare. Remember all those anti-RFID chip wallets? That’s because readers were able to access the chip as though they were being used for a purchase. It just wasn’t very safe before protocols were established.

Secondarily, a bunch of folks went out of their way to prove that the more complex RFIDs could become transmission sites for computer viruses – one guy had one implanted in his hand, and if the virus could infect that hand, then the virus could get anywhere he could wirelessly. The perfect crime! Airgapped networks were no longer safe if RFIDs were on the table.

Incompatible readers can make inventory transfers more painful than they need to be, as well – the ISO sets standards for which channels get to be used for what purposes, but the companies have to comply with them first. They also have to have the right kind of reader – is it scanning for active or passive chips? The two have very different needs. An active reader might not be able to find a passive chip!

There’s also the sticky issue of privacy and destruction. How do you get rid of the tag on the product once it’s no longer needed for inventory? RFIDs can be destroyed by microwaves, but that doesn’t help if they’re attached to an electronic, which can also be destroyed by microwaves. They can be wrapped in foil a couple of times, and stop transmitting long distances – on some objects, that makes them unusable. It takes special equipment and some professional skill to actually scan a building for RFIDs, but it’s not totally impossible.

It just takes work, the kind of work a stalker or government agent might be willing to put in if they needed info on a person so badly that they’d want to see what items they had in their house. This is also more difficult than it sounds because most chips go by something vaguely specific, like a batch or serial number with no product name attached, but it’s not impossible. It would just take quite a lot of effort when stalking via binoculars is much easier.

It’s also still possible to clone RFIDs – passports with RFIDs in them could be an especially large problem for both the original holder and the government of that country. The obvious option, credit cards, are still cloneable too, although with modern banking it’s often not worth the investment for the scammers.

However. With tech improving every day, it may be possible to limit what chips respond to which scanners, which would make it much more difficult to invade privacy. Chips get smaller and smaller every day, so it’s entirely possible a password- or signal- protected RFID may some day come into power.

Sources:

https://www.researchgate.net/publication/224328848_Impacts_of_RF_radiation_on_the_human_body_in_a_passive_RFID_environment

https://www.atlasrfidstore.com/rfid-insider/active-rfid-vs-passive-rfid

https://electronics.howstuffworks.com/gadgets/high-tech-gadgets/rfid.htm

How the EMV credit card chip works and why it matters

https://www.reuters.com/article/factcheck-coronavirus-vaccine/fact-check-magnet-test-does-not-prove-covid-19-jabs-contain-metal-or-a-microchip-idUSL2N2N41KA

https://www.reuters.com/article/uk-factcheck-vaccine-microchip-gates-ma/fact-check-rfid-microchips-will-not-be-injected-with-the-covid-19-vaccine-altered-video-features-bill-and-melinda-gates-and-jack-ma-idUSKBN28E286

Reasons to Recycle Your Phone

Elizabeth Technology February 22, 2024

1.Lithium batteries are not biodegradable.

In general, modern materials don’t really degrade much. When was the last time something you owned rusted away completely? And if it did – did it really? The spot below the cheap, neglected grill in my friend’s back yard has no grass growing on it. The rust is still there to interfere with that grass’s growth, even though it’s technically degraded. That grass may eventually come back if the rain ever washes enough of the contaminated dirt away, but until then, the ground is inhospitable. Now picture that with metal that’s not designed to spoil, and chemicals that are much harsher. Batteries are by far one of the most concerning items to trash. They tend to corrode and release acid if not disposed of properly, and the bigger the battery, the bigger the concern for acid to leach into whatever it’s laying on top of. You don’t want something you threw away to make a mini-superfund site, surely?

2. They also don’t behave well when the internals are exposed to air.

You cannot just dump a phone in the trash when you’re buying a new one. Besides the environmental effects (which can be anywhere from acid leaching to heavy metal poisoning, depending on battery type) there’s also a real danger of starting an unquenchable fire in a garbage truck. If it’s one of the fancy ones that can compact garbage as it picks it up, the battery being punctured can set off a fire inside the bin. If you’re unlucky, and others have thrown out paper trash or flammables, you’ve got a serious problem on your hands. Recycle the phone! If not the phone, then at least the battery!

3. The phone contains rare earth metals.

These are metals that are common in the Earth’s crust, but very difficult to actually mine out and purify economically. After a point, mining them might make phones too expensive for the average consumer – so it’s important to harvest what parts are harvestable! Besides that, the phone itself isn’t going to bio-degrade because it’s completely inorganic. Rather than let all those precious minerals and non-degrading materials go to waste, recycle!

4. The hard drive may not be wiped the way you hope it is.

It’s very possible to recover deleted documents off of a hard drive months after ‘wiping’. Wiping a traditional hard drive completely is difficult, and solid states only make it harder. The hard drive still has a phantom copy of the old doc until it’s written over with something else, or grazed with a magnet. Doing this thoroughly is difficult, which is why you should recycle through a reputable hardware recycler. This is especially important for things like email apps, which frequently don’t ask users to log in after the first time they’re used on the phone!

5. Having a secondary market is essential for the health of the industry.

If the number of workable phones is low, people are forced to buy the new model because it’s all they can find. This is why planned obsolescence is so insidious. They’re deliberately cutting down the market for their users so they can sell more new phones at a high price. If this was a perfectly efficient world where consumers had perfect information, this would lead to the company dying, because nobody wants to pay 700$ for something that breaks in three years. But it’s not – it’s a world where people drop an extra $200 on a phone for its camera. It’s a world where the phone carrier forces you to upgrade as part of their contract. It’s a world where branding is the fashion. It is not perfectly efficient, and as long as the manufacturers recognize this, they will make attempts to money-grub.

Keep those second-hand phones in the market and force manufacturers to keep making phones at least as well as their old products. This is still recycling! It’s keeping the phone from its final death in a landfill, and extending it’s life for as long as possible.

6. Broken Phones Still have Valuable Parts

If the phone’s so broken that it’s not possible to re-sell it, consider recycling it anyway – lithium batteries have many uses, and as mentioned before, those rare earth metals aren’t getting any less rare. Recycling the phone by sending it somewhere to get it broken down is also valid recycling. If you can squeeze just a little bit more use out of a device by dropping it off or passing it on – why wouldn’t you?

Besides, the facility will know how to handle that battery!

Sources:

https://www.independent.co.uk/news/science/mobile-phones-elements-periodic-table-endangered-chemicals-st-andrews-a8739921.html

https://www.npr.org/2020/11/18/936268845/apple-agrees-to-pay-113-million-to-settle-batterygate-case-over-iphone-slowdowns

Online Investment In Dud Projects

Elizabeth Technology February 13, 2024

During the 2010s, a number of huge enterprises got investor money, started a project, maintained it with great success until the investors started wanting their money back, and then the service of the project started absolutely sucking – if it actually managed to live through the ‘you must turn a profit’ phase of its growth, which many did not.

The internet had a hand in this. By giving a large crowd of people a place to say they’d definitely use any service that does X, investors can see demand for a product that doesn’t yet exist, which makes a return seem easier to achieve. A secondary effect is that they don’t have to understand what the service does, they just have to know that customers want it – a formidable barrier for innovators of times past is now an escalator for inventors who can simply dazzle a crowd with buzzwords and get demand out of them. Customer/investor hybridizing sites like IndieGoGo and Kickstarter were notorious for this until they also changed their terms of service.  

Smaller Ones

More attainable goals on crowdfunding websites are not less likely to run into issues than their larger funding counterparts, they’re just smaller. The stakes are usually lower, but often still painful if they fail. After all, if you pay 1,500$ to get an extra special package of products and services for a startup that goes belly-up before anything goes out the door, you’re out the money, even if it probably didn’t bankrupt you. IndieGoGo and Kickstarter generally can’t recoup that loss for you if the side taking the money didn’t formally announce a failure or otherwise initiate a refund.

Unfortunately, it can be hard to tell when a project is going to fail, especially if you tried to get in early. While some projects can raise red flags on first sight (unrealistic wholesale/retail product pricing ratios, overemphasis on a personality to sell the product, or unrealistic production means for example), many others look fine. The best way to avoid spending money with nothing to show for it is to look at other examples of failed projects and see if you spot any uncomfortable similarities.

Early NFT projects, for example, were totally uncharted. The product itself was so new that nobody knew what signs of scams or failure would look like. A number of NFT projects promised access to something of value (a game, a cartoon, a virtual world/networking site, etc.) for the purchase of the NFT, but once they were fully funded, a bunch of them would rug-pull their investors and bounce with the money. Some didn’t bounce (by which I mean they stayed in contact with NFT buyers), but still failed to produce anything. The Bored Apes project at least managed to make a couple episodes of the cartoon they promised, but because the show was pitched and directed by people specializing in tech, not animation, it didn’t exactly come out like Rick and Morty.

But say you wouldn’t have fallen for the NFT hype – it doesn’t have to look like a bad investment to be one. In a more recent, more material example, James Somerton’s film production company sucked up a ton of money (achieving nearly 10x its initial goal for fundraising) and then had huge wait times for the films promised, and the person in charge – James himself – was quiet for months, only rarely updating with news about the delays. James, a video essayist, was really well-liked up until a couple of months ago when some terrible news about his content came out, so his backers were extra lenient. They made excuses for him, and many possibly forgot they’d contributed to his project at all because of the length of the wait. Now, it seems unlikely he’ll get anything out the door at all because of recent controversies, and that money is probably not going to be refunded.

Similarly, video game projects from first time game-makers have a high chance of failure, oftentimes because they don’t know the true scale of the work required before they start developing it and promise more than they can deliver. Internet personalities will sometimes have an idea for a game that is far beyond the skill of the studio they partnered with to make it (which happened to the Yogscast group on Youtube) or become so invested in what they already had built beforehand that they won’t let anyone else touch it (which happened to the game Yandere Simulator). For beginners, starting wrong and having to tear down and rebuild is okay when it’s a private project, but when it’s someone else’s money, the idea of ‘losing’ progress makes them more likely to double down on a road that won’t produce a good finished product. Failed games that ‘should’ have been simple to make instead spent months in development hell with nothing to show for it.

Why Even Bother Talking About It?

As the next generation sidles up to the plate, it’s important to make sure they actually know what they’re doing when they whip out a credit card to buy or ‘invest’ in something. A lot of kids raised on electronics don’t understand the fundamentals behind the internet. Think about it – what does playing RoBlox have to do with learning how to type in a professional voice? Does buying skins from Fortnite tell kids that digital assets are only worth the joy they bring? Does watching Cocomelon on Youtube teach kids about online safety or that adults can lie to them? Just granting access to the tools necessary to learn important lessons isn’t the same as teaching, and can have disastrous consequences when they learn something the hard way. Without actual, guided teaching about spotting scams, these kids learn only what is necessary to have fun online, lose their data, get scammed, get viruses, and suffer for an assumed level of knowledge that they don’t actually have because they were only taught how to click and tap on things. It’s worth talking about. It’s worth teaching. It’s necessary. It probably always will be.

Why Is Everyone So Disappointed in the CyberTruck?

Elizabeth Technology February 1, 2024

Safety Concerns

You’ve seen the body. You’ve probably seen the interior dash. If this thing gets into an accident, it will win over any other vehicle or passengers, including its own. It is a return to the old steel-body cars but worse, with small crumple zones and a 3 mm thick steel plate for a shell. It’s undeniably sturdy. The car itself could survive a lot, which sounds cool and futuristic for a car that one day might not need passengers, but anything inside of it is subjected to its design in the event of a crash.

Secondly, pinch points! One video of the CyberTruck’s motor-driven hood-closing mechanism shows it cleaving through a carrot without stopping (Out Of Spec Reviews on TikTok and Youtube). There is no pinch detection in the front, which wouldn’t be a problem if it weren’t motorized! Isn’t this the car of the future? Why is there no pinch detection? Human fingers are tougher than carrots, yes, which is why when it comes to safety demos, you don’t want it to cut through the carrot to demonstrate that it definitely won’t hurt your precious fingies. The guy in that video then put his fingers further down into the seam (so the sharp point at the window area wouldn’t break the skin) and the trunk simply shut over them, leaving him stuck. He couldn’t reach the button on the front that would tell the truck he wanted to open it again. It didn’t break anything, but getting unstuck alone would have been painful. At least there is a phone app allowing you to remotely free yourself, but without proper pinch protection, it’s at best capable of trapping someone, at worst capable of biting off fingers, if it’s someone with the keys but not the app.

One major and one minor complaint for safety seems about right for a major deviation from the norm for cars, and the pinch detection should be relatively easy to include in later models – that’s not all people are concerned about, though.

Electronics

While stringing electronics together seems to make sense, it’s actually not a great idea! We stopped making Christmas string lights that way because of the massive inconvenience of finding a dead bulb when the strand went out, because you had to find it to get the whole string working again. Unfortunately, from consumer complaints online, it seems like this philosophy is working similarly for the Cybertruck, alongside another major issue – dead screens!

Dead Screen errors on these Cybertrucks make it impossible to drive thanks to the huge amount of functionalities relying on the screen as a controller. In fairness to Tesla, most cars with screens instead of proper center consoles with buttons have that problem, so this isn’t Tesla-specific, but when your car is called The Cybertruck, some level of advancement beyond the competition is expected. The truck of the future shouldn’t be so much like the Disney Park Star Wars zone in both appearance, wait to access, and functionality.

 Lastly, the battery life. This is the biggest sticking point, which sucks because it’s tough to tell who is reporting reliably and who’s just pointing and laughing at the car because they don’t like the brand. Trucks are, generally speaking, meant for hauling stuff. The design of the Cybertruck’s truck bed is already straining supporter goodwill given how little it holds, but the truck has a front trunk to boost its storage space, so as long as what you’re hauling can be split into two separate loads, this isn’t such a huge point of contention. A lot of people don’t buy trucks out of a need to haul stuff every weekend, after all. What really has fans ticked off is the inconsistent range of the battery under load! The car itself is heavy, but so is every electric vehicle. Unlike that screen thing above, the Tesla sells itself on being the better electric car, so to not beat Ford and Rivian’s range while hauling or towing makes its marketing feel like it was fudging its numbers. Especially in the cold! Electronics run out of juice faster in the cold thanks to a number of chemical processes slowing down under the hood – the Cybertruck, according to early reports from consumers, can’t hit 80% of its expected range in the cold if it’s hauling too. Those are not ideal conditions, obviously, but if we’re going to keep getting freak snowstorms as far south as Texas, car manufacturers must adapt, or at least do some additional testing in the cold to avoid stranding customers who took ‘470 miles in ideal conditions’ as simply ‘470 miles’, full stop.

All in all, the Cybertruck is simply another electric truck. It looks cool, it’s made (perhaps too) tough, and it suffers many of the same issues as its competitors. For fans who were used to Tesla leading the way, this is a let down.

Optical Memory

Elizabeth Technology January 30, 2024

Optical storage is defined by IBM as any storage medium that uses a laser to read and write the information. The use of lasers means that more information can be packed into a smaller space than magnetic tape could manage (at the time)! Better quality and longer media time are natural results. A laser burns information into the surface of the media, and then the reading laser, which is less powerful, can decipher these burnt areas into usable data. The surface is usually some sort of metal or dye sandwiched between protective layers of plastic that burns easily, producing ‘pits’ or less reflective areas for the laser to read.

This is why fingerprints and scratches can pose such a problem for reading data; even though you aren’t damaging the actual data storage, like you would be if you scratched a hard drive disk, fingerprints prevent the laser from being able to read the data. Scratch up the plastic layer above the dye, and the data’s as good as destroyed.

Destroying data can be even more complete than that, even. Shredding the disc in a capable paper shredder (ONLY IF IT SAYS IT CAN SHRED DISCS) destroys the data, as does microwaving the disc (don’t do that – most discs contain some amount of metal, and that can damage your microwave badly enough to be dangerous).

CDs

“Burning a CD” replaced “making a mix tape” when both CDs and downloadable music were available to teenagers, and for good reason. The amount of content may be roughly the same, but the quality is significantly higher.

Most CDs are CD-Rs – disks that can only be written on once but can be read until the end of time. A CD-ROM is just a CD-R that’s been used! The average CD-R has room for about an album’s worth of music, and maybe a hidden track or two, about 75-80 minutes depending on the manufacturer of the disc. Alternatively, if you’d like to store data instead of high-quality audio, you’ll get about 700 MB of data onto a single disc.

To burn a CD, you’d need an optical drive that’s capable of also lasering information into the disc, which wasn’t always the standard. The laser will burn the information into the metal-dye mix behind the plastic coating the outside of the disc, which permanently changes how reflective those sections are. This makes it possible to visually tell what has and hasn’t been used on a disc yet, and CD-Rs can be burnt in multiple sessions! Data is typically burnt from the center outwards.

But everybody knows about CD-Rs. What about CD-RWs, their much fussier brethren?

CD-RW

The primary difference between a  CD-R and a CD-RW is the dye used in the layers that the optical drives can read. CD-RWs are burnt less deeply than CD-Rs, but as a result, they take a more sensitive reader. Early disc readers sometimes can’t read more modern CD-RWs as a result!

To reuse the disc, one has to blank it first (the same drive that can write a CD-RW in the first place should also be able to blank it), which takes time. After it’s been wiped, new data can be put onto the disc again. CD-RWs wear out quicker than other memory media as a result of their medium. That wafer-thin dye layer can only handle being rearranged so many times before it loses the ability to actually hold the data. It’s pretty unlikely that the average user could hit that re-write limit, but it’s more possible than, say, a hard drive, which has a re-write life about 100 times longer than the re-write life of a CD-RW.

DVDs

DVDs store significantly more data than CDs do, even though they take up about the same space. Where a CD can hold about 700 MB, a DVD can hold up to 4.7 GB. This is enough for most movies, but if the movie is especially long or has a lot of other extra features, it has to be double layered, which can store up to 9 GB. Why can it hold so much more in the same space?

The long answer is that there are a number of small differences that ultimately lead to a DVD having more burnable space, including a closer ‘laser spiral’ (the track a laser burns, like the grooves in a vinyl record), as well as smaller readable pockets. It all adds up into more data storage, but a more expensive product as well.

DVD +R DL

That double-layering mentioned earlier isn’t present on every disc. Sometime in the later 2000s, double layer discs hit the market at about the same price as single layer discs (although that changed over time). The first layer that the laser can read is made of a semi-transparent dye, so the laser can penetrate it to reach the other layer.

Most modern DVD drives can read dual layer, but if your computer is especially old, it would be wise to check its specs first – DVD readers programmed before their release might not understand the second layer, and readers that can read them might not be able to write to them. DLs are a great invention, it’s just a struggle to find good disc readers when everything is switching to digital.

Compatibility

CD players aren’t usually also able to play DVDs. CDs came first, and the reader would have to be forwards compatible. Obviously, this would have taken a time machine to actually assemble. Picture expecting a record player to read a CD! The gap between the two is almost that large. Nowadays, the manufacturing standard seems to be a DVD player with CD compatibility tacked on. You should double check before you buy a disc reader to be sure it can do everything you want it to, but it’s less common to see CD-Only tech when a DVD reader is only slightly more expensive to create, and can work backwards.

FlexPlay Self-Destructing Entertainment

Remember FlexPlay self-destructing entertainment? The disc that was meant to simulate a rental and could have generated literal tons of trash per family, per year? The self-destructing medium that the disc was coated in turned very dark red to thwart the disc reader’s lasers! The pits aren’t directly on the surface of the DVD, they’re under a couple of layers of plastic. All FlexPlay had to do was sandwich an additional layer of dye between the plastic and the metal/dye that’s being inscribed upon. When that dye obscures the data below it, it’s as good as gone! The laser can no longer get through to the information and read it. Even Blu-Ray tech was thwarted by the dye.

Blu-Ray

Blu-Ray discs have higher visual quality than DVDs because they hold even more information. The blue-ray technology enables the pits to be even closer together, so more optical data can be crammed into the same space. Blue light has a shorter wavelength than red light, which shrinks the necessary pit size! A single-layer Blu-Ray disc can hold up to 25 GB of information! Blu-Ray discs are most commonly used for entertainment media rather than storage. Disc readers have to be specifically compatible with that blue laser technology, rather than just programmed for it. An ordinary DVD player may be able to play a CD, but it wouldn’t be able to fully read a pit in a Blu-Ray disc before that pit’s passed the reader.

Right now, the state of the art is Blu-Ray: most good Blu-Ray readers are backwards compatible with DVDs and CDs. However, many companies still sell ordinary DVDs alongside their Blu-ray releases due to cost. If you have a DVD player, you can probably hold off on upgrading, at least for a little while longer.

Sources:

https://www.britannica.com/technology/optical-storage

https://www.dell.com/support/kbdoc/en-us/000149930/what-are-the-different-cd-and-dvd-media-formats-available

http://www.osta.org/technology/cdqa13.htm

All about CD-R and CD-RW

https://www.scientificamerican.com/article/whats-a-dvd-and-how-does/

https://kodakdigitizing.com/blogs/news/cd-vs-dvd-how-are-they-different

http://recordhead.biz/difference-blu-ray-dvd/

https://www.dell.com/support/kbdoc/en-us/000147805/guide-to-optical-disk-drives-and-optical-discs

Magnetic Memory

Elizabeth Technology January 25, 2024

Magnetic Tape

The most well-known version of tape-based magnetic storage is the kind used for media. When tape-based recording was first introduced, it revolutionized the talk show and DJ-ing scene of the time (mostly post WWII) because it enabled shows to be recorded and played later, rather than live in front of the audience. Music recording tech already existed of course, but it required physical interaction from the DJ, so it wasn’t as hands-off as tapes were.

The second-most well-known version is the kind used for computer memory! Data is stored on the tape in the form of little magnetic ‘dots’ that the computer can read as bits. Before each pocket of data dots is a data marker that tells the computer how long that pocket should be, so it knows when one set of data ends and the next begins. The polarity of the dot determines it’s bit value, and the computer can then read all these dots as binary code.

This method of data storage was a massive breakthrough, and other mediums continue to use the format even today! Tapes are still in use for big stuff – parts of IBM’s library rely on modern tapes, which can now store terabytes of information at a higher density than disks and flash drives alike. Other memory types relying on magnetic domains include hard disks and drums, to name a couple. All that separates them is material and know-how: the better the magnetizing material on the outside, the smaller the domains can get. The better the insulation between the domains and regular old entropy, the more stable the data is!

Carousel Memory

Carousel memory was an attempt at shrinking the space that magnetic tape took, but to the extreme. Instead of one very long piece of magnetic tape on a bobbin, the carousel memory system uses several smaller reels of tape arranged in a carousel pattern around the central read mechanism. To get to the right info is as simple as selecting the right reel! This has some issues with it, as you might imagine. Moving parts add complications and an increased risk of mechanical failure to any device, but a device carrying thin, delicate magnetic tape on it is an especially bad place to start.

However, it wasn’t all bad. Carousel memory was actually quite fast for the time because it didn’t have to rewind or fast-forward as much to get to the right area of code. It could skip feet of tape at a time! This advantage declined as tape tech improved, but it still helped companies trying to squeeze the most life from their machines. The bobbins and individual ribbons were all replaceable, so the tape wasn’t worthless if it got torn or damaged. The carousel itself was also replaceable, so the many moving parts weren’t as much of a curse as they’d be on, say, the first hard disks, which had irreplaceable heads.

Core Rope Memory

Core rope memory featured magnetic gromets, or ‘cores’ on metal ‘ropes’, and then those ropes were woven into fabric the computer could read. In ROM (read-only memory) format, if a wire went through the core, it was a ‘one’, or a ‘yes’. If it didn’t, it was a ‘zero’, or a ‘no’. In this way, the fabric is physically coded into binary that the computer can use. ROMd Core-Rope memory involved quite a bit of complicated weaving and un-weaving to get the cores in the right spots.

Core rope memory was chosen over tape memory for the Apollo missions, mainly for weight purposes. Tape was great, but not nearly dense or hardy enough for the mission yet, and neither were the other similar core modules available to NASA. A read-only core-rope memory module could store as many as 192 bits per core, where erasable core memory could only manage one bit per core. Where each core on the final module depended on reading the wires to determine the bit’s state, the erasable model (core memory) read the core’s magnetic state to determine the bit state, not the threads going through it. The final module sent up to get to the moon was a total of 70-ish pounds and read fairly quickly. Tape, core memory, or hard disks available at the time couldn’t have gotten to the same weight or speed.

Core-rope memory has its place. It’s very sturdy, and since it relies on the cores to act as bits, it’s possible to visually identify bugs before the memory’s even used, unlike core memory. Both are sometimes called ‘software crystallized as hardware’ because of the core system. It isn’t seen much today, since it is still incredibly bulky, but at the time of its use it was revolutionary.

Core Memory

Core memory is the older sibling of core rope memory, and it stores less. However, the people who got to work with it call it one of the most reliable forms of memory out there! Core memory works much the same as core rope memory, where the bits are stored in cores.

However, the formats are different. If core rope memory is like a binary-encoded scarf, core memory is more like a rug. Thin threads made of conductive material are woven into a grid pattern, with cores suspended on where the threads cross each other. The computer understands these threads as address lines, so asking for a specific bit to be read is as simple as locating the X and Y address of the core. A third set of lines, the sense lines, runs through each core on the diagonal, and this is the thread that does the actual reading.

When asked to, the computer sends a current down the sense threads and sees if the cores flip their magnetic polarity or not. If it doesn’t, it was a zero. If it does, it was a one, and it has been flipped to zero by the reading process. This method is known as ‘destructive reading’ as a result, however, the computer compensates for this by flipping the bit back to where it was after the reading. Due to its magnetic nature, the core then keeps this info even after power to it is cut!

This link here is an excellent, interactive diagram of the system.

Even though this improved the bit-to-space-taken ratio, core memory still aged out of the market. With the price of bits decreasing rapidly, core memory got smaller and smaller, but the nature of its assembly means it was almost always done by hand – all competitors had to do was match the size and win out on labor. Soon, its main market was taken over by semi-conductor chips, which are still used today.

Magnetic Bubbles

Magnetic memory has had strange branches grow off the central tree of progress, and magnetic bubble memory is one of those strange shoots. One guy (who later developed other forms of memory under AT&T) developed bubble memory. Bubble memory never took off in the same way other magnetic memory styles did, although it was revolutionary for its compact size – before the next big leap in technology, people were thinking this was the big leap. It was effectively shock proof! Unfortunately, better DRAM chips took off shortly after it hit the market and crushed bubble memory with improved efficiency.

Anyway, bubble memory worked by moving the bit to-be-read to the edge of the chip via magnets. The magnetic charge itself is what’s moving the bits, much in the same way electrons move along a wire when charge is applied, so nothing is actually, physically moving within the chip! It was cool tech, and it did reduce space, it just didn’t hold up to semi-conductor memory chips. They saw a spike in use with a shortage, but they were so fiddly that as soon as DRAM chips were available again, they went out of style.

Semi-Conductor DRAM – Honorable Mention

DRAM chips are a lot like core memory, in that the device is reading  the state of a physical object to determine what the bit readout is. In Semi-conductor chips, that physical object is a tiny capacitor, hooked up to a tiny transistor, on semiconductive metal-oxide material. Instead of determining magnetic state, the device is instead checking if the capacitor’s discharged or not. No charge = 0, yes charge = 1. These chips aren’t technically magnetic, but since they’ve killed so many of the other options, here they are!

DRAM stands for Dynamic Random-Access Memory, and it means that the memory can be accessed randomly instead of linearly. As long as the computer knows where the data’s stored, it’s able to pull it without pulling other files first. They’re still being sold today!

Magnetic Disk (Hard Disk Drive)

Hard drives work more like tape than core memory. A Hard drive is a platter (or a stack of platters) with a read-write head hovering above it. When you want to save data, the hard drive head magnetizes areas in binary to represent that information. When you want to read or recover that data, the head interprets these areas as bits in binary, where the polarity of the magnetized zone is either a zero or a one.

The zones of magnetization are incredibly tiny, which makes hard drives one of the more demanding memory forms out there, both now and back then.

Early hard drives could suffer from ‘de-magnetization’, where a magnetic disk’s domains were too close and gradually drew each other out of position, slowly erasing the information on the disk. This meant that the disks had to be bigger to hold the data (like everything else at the time) until better materials for data storage came along. Even though they held more capacity at launch, they were passed over for smaller and more stable stuff like tapes and core memory. The very early drives developed by IBM were huge. Like, washing machine huge. They didn’t respond to requests for data very quickly, either, which further pushed reliance on tape and core technology.

Over time, hard disks improved dramatically. Instead of magnetic zones being arranged end-to-end, storing them vertically next to each other created even denser data storage, enough to outcompete other forms of media storage entirely. Especially small hard drives also come with a second layer of non-magnetizable material between the first layer and a third layer of reverse-magnetized ‘reinforcement’ which keeps the data aligned right. This enables even more data capacity to be crammed into the disks!

Some time in the 80s, hard drives finally became feasible to use in personal computers, and since then they’ve been the standard. SSDs, which don’t have any moving parts whatsoever, are beginning to gain ground in the market, but they can’t be truly, irrevocably erased like hard drives can due to different storage techniques. Hard drives are going to stick around a while, especially for the medical and military industries, as a result!

Sources:

https://spectrum.ieee.org/tech-history/space-age/software-as-hardware-apollos-rope-memory

https://www.apolloartifacts.com/2008/01/rope-memory-mod.html

https://electronics.howstuffworks.com/vcr.htm

https://www.apolloartifacts.com/2008/01/rope-memory-mod.html

http://www.righto.com/2019/07/software-woven-into-wire-core-rope-and.html

https://www.computerhistory.org/revolution/memory-storage/8/253

https://nationalmaglab.org/education/magnet-academy/watch-play/interactive/magnetic-core-memory-tutorial

https://www.rohm.com/electronics-basics/memory/what-is-semiconductor-memory

https://cs.stanford.edu/people/nick/how-hard-drive-works/

https://psap.library.illinois.edu/collection-id-guide/audiotape

https://www.engadget.com/2014-04-30-sony-185tb-data-tape.html?guce_referrer=aHR0cHM6Ly9lbi53aWtpcGVkaWEub3JnLw&guce_referrer_sig=AQAAAC5GC2YOKsvhOs9l4Z2Dt1oHX3-YxjPyJC60qfkq6_6h8zyckkBK9V9JJC9vce3rCmcgyehT-RB6aORBfzB9b5oiBoF1Fbic_3653XVM8fsUTHHnTgxKx4piCeEl65Lp54bkbMcebEEddwlq-EDnAcM7zuv49TXYHcgq9lmnrBln

https://en.wikipedia.org/wiki/Carousel_memory (all primary sources regarding carousel memory are in Swedish)

Internet Of Things Items Can Create Vulnerability

Elizabeth Technology January 23, 2024

Internet of Things items are convenient, otherwise they wouldn’t be selling. At least not next to regular, non-wifi-enabled items. They don’t even have to be connected to the internet, and they should stay that way!

An Internet of Things item, or an IoT item, is a device that has a WiFi- or network-enabled computer in it to make the consumer’s use of it easier. This includes things like WiFi-enabled/networked washing and drying machines, ovens, fridges, mini-fridges, coffee makers, lamps, embedded lights, etc. anything can be an IoT item, if it’s got WiFi capability.

Network Entry Point

Internet of Things items, when connected to WiFi, represent a weak link in the chain. They’re poorly protected, they’re designed to favor user friendliness over all else, and they’re usually always on. You likely don’t unplug your fridge or washing machine when you go to bed – that computer may sleep, but it’s not off. You probably don’t disconnect the internet when you go to bed, either. Some devices take advantage of this, and only schedule updates for late at night so you don’t notice any service interruptions. Unfortunately, their strengths are their weaknesses, and an always-open port is a dream for hackers.

Outdated Password Policies

Internet of Things items are rarely password protected, and if they are, many users don’t bother actually changing the password from the factory default. This makes them excellent places to start probing for weaknesses in the network!

Assuming someone’s hacking into a place to ding it with ransomware, there are a number of worthy targets: corporate offices, nuclear facilities, hospitals, etc. are all staffed by people, and people like their coffee. A well-meaning coworker bringing in an internet-enabled coffee machine for his coworkers is suddenly the source of a critical network vulnerability, an open port in an otherwise well-defended network!

If the coffee machine, or vending machine, or the lights are IoT items, they need to be air-gapped from the networks supplying critical data within the center (or cut off from the network completely), the same way outside computers are. The devices are simply unable to protect themselves in the same way a PC or phone is – there’s no way to download a suitable antivirus. If something gets past a firewall, and that password’s still default or nonexistent, there’s effectively no second layer of protection for IoT devices.

Malware

For example, hacking into a fridge is not nearly as hard as hacking into an old PC. Even great antivirus can struggle with traffic coming from inside the network, and IoT devices are often missed in security checkups. After all, when McAfee or Norton or Kaspersky recommends you scan your computer, are they offering to scan your lightbulbs as well?

Once they’re in, the entire network is vulnerable. Ransomware events with no obvious cause, malware that’s suddenly deleted all the files on a server, stolen data and stolen WiFi – all of it’s possible with IoT devices. There’s more to gain than just bots for the botnet, which is why hackers keep going after these IoT items.

IoT devices are also much easier to overwhelm to gain access, even with firewalls and effective load balancing. DoSing an IoT item can be as simple as scanning it. No, really. A team in the UK found that they could shut down turbines in a wind farm by scanning them. The computers inside weren’t equipped to handle both a network scan and their other computing duties at the same time. Many user devices are in the same spot or worse!

Security

Besides turbines, items like cameras and door locks probably shouldn’t be connected to the internet just yet. A terrifying string of hacks let strangers view doorbell and baby monitoring cameras, for example, because the cameras themselves were difficult to defend even though the network was protected by a router. This is terrible for obvious reasons and class action suits were filed soon after. It even happened accidentally; Nest users would occasionally end up viewing other people’s cameras accidentally, a bug in the system that was only fixed after complaints were made. A consistent pattern is forming, here: security patches are only issued after vulnerabilities are discovered by the consumer! Any other type of programming wouldn’t get away with this without some public outcry – you shouldn’t have to become a victim of a security flaw to get it fixed.

And then there’s things that physically interact with the security features of a house, like electronic locks. There’s nothing wrong in theory with a password lock. However, electronics are not inherently more secure than physical locks, and adding in WiFi only gives lockpickers another ‘in’. Hacking the lock could lead to being locked out of your own home, or worse. Besides, a regular lock will never unlock itself because its battery died, or because you sat down on the fob while getting on your bike or into your car. If you do want a password lock, it’s better to get one that’s not network enabled.

We aren’t quite at the point where hacked self-driving cars are a legitimate issue, although the danger is growing on the horizon. Cars are also poorly protected, computer wise.

BotNets

The fridge doesn’t need a quadcore processor and 8 GB of RAM to tell you that it’s at the wrong temperature, or that the door’s been left open and you should check the milk. The voice-controlled lightbulbs only need enough power to cycle through colors. IoT items are weak. However, that doesn’t mean they can’t be used for things like Botnets, even if your main PC wards off botnet software.

Botnets are networks of illegitimately linked computers used to do things like DDoSing, brute-forcing passwords, and all other kinds of shenanigans that a single computer can’t do alone. By combining the computing ability of literally thousands of devices, a hacker can turn a fridge into part of a supercomputer. No one ant can sustain an attack on another colony, but an entire swarm of ants can!

This is another reason tech experts are worried about IoT items becoming widely used. Their basic vulnerabilities give skilled hackers the ability to ding well-protected sites and fish for passwords even if the network they’re targeting doesn’t have any IoT items on them. It’s a network of weaponizable computers just waiting to be exploited. Remember, password protect your devices!

Source:

https://eandt.theiet.org/content/articles/2019/06/how-to-hack-an-iot-device/

How to Protect Your IoT Product from Hackers

https://cisomag.eccouncil.org/10-iot-security-incidents-that-make-you-feel-less-secure/

https://www.courtlistener.com/docket/16630199/1/orange-v-ring-llc/

Pros and Cons of All Sites Becoming Five Sites

Elizabeth Technology January 2, 2024

The amalgamation of smaller websites’ features into bigger websites comes with ups and downs.

The Pros

1) Hardiness

The way that servers used to work, individual clicks to a site counted towards fractions of pennies of hosting costs, and bigger websites that had bigger requirements got better rates because they paid more overall. If a smaller website got linked to from somewhere bigger, and the ordinary traffic quintupled, the website’s owner could be out of a lot of money. The other option was to simply let the traffic take the website offline temporarily, which was also ugly: it made DDoSing smaller websites for political or social reasons pretty easy. Big websites with big servers and lots of through-flow don’t have to worry about that. DDoSing Facebook, for example, would be almost impossible, and would cost a ton of money in equipment and electricity to even try.

2) Family of Services

Amazon’s numerous smart home devices are undeniably convenient (although it comes with many trades). You can simply ask Alexa to turn on your Smart lights, add frozen onions to your shopping list, ask it what a new air fryer would cost from Amazon dot com, and ask it to order it for you all without getting out of bed. None of that would be possible if Amazon were not a sprawling mass of other, smaller services purchased or created for the sole purpose of supporting Amazon.

3) Ease of Communication

While websites that allow for small, closed groups to communicate (like Mastodon and Discord) have an easier time controlling their user culture, bigger sites like Reddit, Twitter, MySpace, etc. can connect people with what they’re looking for much easier. Crowdsourcing an answer to questions that don’t exist on informational pages is something that only forum and blogging websites can do, and only because they’re so easy to access and create an account for.

Social media is so common that some businesses extended their official helplines down into Twitter or Facebook to make it easier for customers to reach them wherever they can be found online.

The Cons

1) Tangled Services

The new Facebook (Meta) app Threads requires an Instagram account to log in. Threads demands a lot of info about you. If you made an account, saw some bad news about Threads, and wanted to leave, you wouldn’t be able to do so without deleting your Instagram account. Threads is holding that account hostage.

When big websites buy smaller websites, the services can become entangled, or watered down for profit-making reasons. If there’s no substitute, then tough luck – you’ll put up with the downsides or you’ll leave.

2) Being Presentable

Trying to bring up a site to meet censorship requirements held by giant access chokepoints like app stores or parent websites can make a purchased website stop working. For example, trying to make Tumblr fit into the Apple App Store’s standards crushed it! Tumblr’s NSFW ban also caught plenty of art and random unrelated pictures in the crossfire thanks to an open-sourced, poorly trained algorithm being deployed to moderate, and a big portion of the userbase left, never to return. Is the website better now? No, but it meets the App Store’s standards.

Similarly, if a web services vendor the size of Amazon decides they don’t like a website and won’t be supporting it any longer due to content concerns, that website may simply vanish as a result. Giving one big company the power to decide what is unacceptable behavior starts getting ethically tricky, very fast.

3) Standards for Banning

Being banned on some sites means being banned from their entire family of services. Meta in particular holds a lot of enforcement power because of the vast array of products it has (Instagram, Facebook, VR services, etc.) and some cost money. Unknowingly violating the ToS of a site could result in being kicked from multiple other places.

This also creates the problem of restricting access to ‘official channels’ of businesses or the government. As said above, some businesses want people to be able to reach them on social media. Oftentimes tweeting at a company gets them to respond quicker. Getting banned for something unrelated restricts access to help.  

4) Genuine Conspiracies

Conspiracies about everything from Flat Earth and Indigo Children to Cambridge Analytica riddle social media. Cults can recruit through Facebook now! On an even larger scale, misinformation campaigns designed to undermine elections or start fearmongering also target users on their favorite websites.

Big sites make a better target for the big, organized attacks using deliberate misinformation, although small sites are not immune to it – on a forum like Reddit, where everyone is a stranger and everyone is on the same standing, arguing something insane and sounding correct can sway people who’d never agree with someone who was standing right in front of them, saying the same thing. One big platform shared equally gives those people a better cost/reward ratio.

5) Trends In Site Design

You may have noticed that Instagram and Tumblr both became more video-focused after the success of TikTok. Facebook launched Threads after it started to look like Elon Musk’s “X” (formerly Twitter) might stop holding the average Twitter user’s attention. Most major social media works with the same handful of advertisers, and most have similar, but not identical, designs. 

When something is trending and working for another big website, the other big websites want to hop on and do the same, whether their original fanbase wanted that or not. If you were on Tumblr because you didn’t like TikTok, that sure sucks, because Tumblr is pushing a TikTok (Tumblr LIVE) tab update out whether you use it or not.

‹  Older posts