Category Archives: Media and Technology

Vol. 11, No. 10 – Feb 14 – Feb 27, 2018 – Tech Today with Ken May

Securing the home

Several years ago, creating a cybersecure home was simple. Today, technology has become far more complex and is integrated into every part of our lives, from mobile devices and gaming consoles to your home thermostat and your refrigerator. Here are simple steps for creating a cybersecure home.

Almost every home network starts with a Wi-Fi network, controlled by your Internet router or a separate, dedicated wireless access point. They both work the same way: by broadcasting wireless signals. Securing your wireless network is a key part of protecting your home. We recommend the following:

• Change the default administrator password to your Internet router or wireless access point. The admin account is what allows you to configure the settings for your wireless network.

• Ensure that only people you trust can connect to your wireless network. Do this by enabling strong security.

Currently, the best option is to use the security called WPA2. By enabling this, a password is required for people to connect to your home network, and once connected, their online activities are encrypted.

• Ensure the password used to connect to your wireless network is strong and that it is different from the admin password.

• Many wireless networks support what is called a Guest Network. This allows visitors to connect to the Internet, but protects your home network, as they cannot connect to any of the other devices on your home network. If you add a guest network, be sure to enable WPA2 and a unique password for the network.

The next step is knowing what devices are connected to your wireless home network. Almost anything can connect to your home network today! Once you have identified all the devices on your home network, ensure that each one of them is secure by having automatic updating enabled on them. By enabling automatic updates, your devices are always running the most current software, which makes them much harder for anyone to hack into.

The next step is to use a passphrase for all your accounts. This is a type of password that uses a series of words that is easy to remember, such as “Where is my coffee?” or “sunshine-doughnuts-happy-lost”. The longer your passphrase is, the stronger. Use a different passphrase for each device and account. This way, if one password is compromised, all your other accounts and devices are still safe. We recommend you use a password manager, which is a special security program that securely stores all your passwords for you in an encrypted, virtual safe.

Finally, enable two-step verification whenever available. It uses your password, but also adds a second step, such as a code sent to your smartphone or an app on your smartphone that generates the code for you. Two-step verification is probably the most important step you can take to protect yourself online, and it’s much easier than you think.

Sometimes, no matter how careful you are, you may be hacked. If that is the case, often the only way you can recover your personal information is to restore from backup. Make sure you are doing regular backups of any important information and verify that you can restore from them. Most mobile devices support automatic backups to the Cloud.

Vol. 11, No. 7 – Jan 3 – Jan 16, 2018 – Tech Today with Ken May

What is Cryptocurrency? Part 1: Blockchain

There’s so much talk about Bitcoin, Ethereum, Litecoin and other cryptocurrency in the news right now, it might seem overwhelming. Everyone is proclaiming it’s the future and we should all be invested in it, but what the heck even is a Bitcoin? To understand Bitcoin, and Cryptocurrency as a whole, first we need to discuss the underlying technology concept: blockchain.

From a cruising altitude, a blockchain might not look that different from things you’re familiar with, say Wikipedia.

With a blockchain, many people can write entries into a record of information, and a community of users can control how the record of information is amended and updated. Likewise, Wikipedia entries are not the product of a single publisher.

However, while both run on the internet, Wikipedia is built using a client-server network model. A user with permissions associated with its account can change Wikipedia entries stored on a centralized server.

Whenever a user accesses the Wikipedia page, they will get the latest ‘master copy’ of the Wikipedia entry. Control of the database remains with Wikipedia administrators.

Wikipedia’s digital backbone is like the highly protected and centralized databases that governments or banks or insurance companies keep today. Control of centralized databases rests with their owners, including the management of updates, access and protecting against cyber-threats.

The distributed database created by blockchain technology has a fundamentally different digital backbone. This is also the most distinct and important feature of blockchain technology.

Wikipedia’s ‘master copy’ is edited on a server and all users see the new version. In the case of a blockchain, every node in the network is coming to the same conclusion, each updating the record independently, with the most popular record becoming the de-facto official record in lieu of there being a master copy.

Transactions are broadcast, and every node is creating their own updated version of events.

It is this difference that makes blockchain technology so useful – It represents an innovation in information registration and distribution that eliminates the need for a trusted party to facilitate digital relationships.

Defining digital trust

Trust is a risk judgement between different parties, and in the digital world, determining trust often boils down to proving identity (authentication) and proving permissions (authorization).

Put more simply, we want to know, ‘Are you who you say you are?’ and ‘Should you be able to do what you are trying to do?’

Authentication is not enough. Authorization – having enough money, broadcasting the correct transaction type, etc. – needs a distributed, peer-to-peer network as a starting point. A distributed network reduces the risk of centralized corruption or failure.

This distributed network must also be committed to the transaction network’s recordkeeping and security. Authorizing transactions is a result of the entire network applying the rules upon which it was designed (the blockchain’s protocol).

Authentication and authorization supplied in this way allow for interactions in the digital world without relying on (expensive) trust.

In fact, the idea that cryptographic keys and shared ledgers can incentivize users to secure and formalize digital relationships has imaginations running wild. Everyone from governments to IT firms to banks is seeking to build this transaction layer.

Authentication and authorization, vital to digital transactions, are established as a result of the configuration of blockchain technology.


Vol. 10, No. 3 – Nov 8 – Nov 21, 2017 – Tech Today with Ken May

What’s new in Windows 10 Fall Creators Update

After a little more than two years, Microsoft has finally settled into a rhythm with its new, fast-paced development for Windows 10.

What Microsoft’s marketers are calling the Fall Creators Update (officially version 1709) began arriving on desktop PCs on 10/18 via Windows Update and will soon be available for download at all the usual places.

This is the fourth feature update to Windows 10 in a little over two years. And that pace will continue, with new feature updates (essentially full upgrades) due on a predictable twice-yearly cadence going forward. As with previous feature updates, there are no last-minute surprises in this update. It’s been developed in the open, with dozens of preview releases to members of the Windows Insider Program.

Every Wi-Fi connection now has a prominent option to configure whether it’s part of a public or private network, as shown here. In previous versions, that option was difficult to locate.

Similarly, the venerable Task Manager has several small improvements, including options that allow you to track GPU activity on a per-application basis and more convenient grouping of related processes. This release also incorporates changes designed to improve the experience of running Windows on high-DPI displays; built-in utilities like Registry Editor and Snipping Tool are no longer blurry when moving between multiple displays running at different scaling factors.

The Power Throttling feature makes its debut in this release, offering a simple slider-based option that lets you tune Windows 10 for better battery life or better performance. The built-in Windows 10 apps also include major improvements in this release.

Windows Update has also evolved significantly in the two years since Windows 10’s initial release. When new updates are available, you’ll see an interactive toast notification that doesn’t interrupt whatever you’re doing now. In addition, the Windows Update display now offers detailed information about the status of individual updates, so you don’t have to wonder whether anything’s happening in the background.

The long list of improvements to the security architecture of Windows 10 starts with a momentous change. The horribly insecure SMBv1 protocol is being removed from clean installs of Windows 10. (The SMBv1 components will continue to be included on upgrades where they are already installed.)

The Windows Defender Security Center, which was introduced in an earlier feature update, has two major additions. The first is Exploit Protection, which offers many of the mitigations that were previously part of the separate Enhanced Mitigation Experience Toolkit (EMET).

The Fall Creators Update also debuts an anti-ransomware feature called Controlled Folder Access, which is also available through the Windows Defender Security Center, under Virus & Threat Protection Settings. When this feature is enabled, only approved apps can access Windows system files and data folders. (You can customize the list of data folders and whitelist specific apps, using the instructions in this online documentation: Protect important folders with Controlled folder access.)

If your business needs help updating to this version, call Swift Chip at 1-866-326-2008.

Finally, there’s Windows Defender Application Guard, a security feature that uses Hyper-V virtualization to create sandboxed browser sessions using Microsoft Edge. For now, this feature is available only in Windows 10 Enterprise edition.

There are many other useful new features and updates as well, so this looks like a must-do free upgrade!

Vol. 10, No.1 – Oct 11 – Oct 24, 2017 – Tech Today with Ken May

News about the massive Equifax data breach has been unrelenting since the credit bureau publicly disclosed its lapse at the beginning of September. It’s difficult to keep up with all the company’s blunders, not to mention the complicated fiscal policy and regulatory debates the incident has fueled. But weeks later, most consumers in the United States are still just trying to figure out what the whole thing means for them, and how to steel themselves against identity theft and fraud.

Equifax will be extending the enrollment period for its credit monitoring and freezing services through January. Credit monitoring sends you alerts so you can catch any suspicious activity early, while credit freezes actually lock down your credit files so institutions you don’t already do business with can’t access your data without specific permission from you and special PIN numbers. A freeze significantly reduces the chance that a fraudster will be able to do things like take out a line of credit in your name. Personal identity security advocates have long favored freezes, but acknowledge that the measure isn’t necessarily for everyone (say, someone who anticipates applying for student loans) since it is fairly rigid and restrictive.

It is worth utilizing one or both of these tools, but at the end of the free year 143 million social security numbers (not to mention other valuable data) will still have been compromised in the breach, necessitating ongoing defense. “We generally tell people that if an entity is offering a free service they should strongly consider taking advantage of it,” says Eva Velasquez, president of the nonprofit Identity Theft Resource Center. “Consumers have to demand security over convenience so that businesses will respond. Just don’t be the low hanging fruit. Anything is better than nothing long term.”

The free monitoring and freezes have a short time span, perhaps because they are services Equifax wants to resume capitalizing on as quickly as possible.

The third service Equifax is rolling out, a so-called “credit lock” tool, will debut in January, and will be a more flexible option through which consumers can lock and unlock access to their credit data whenever they want.

Experts agree that to protect themselves, consumers need to see past the gimmicks and noise to the long game of utilizing what Equifax and other companies that have experienced data breaches provide while planning to supplement as needed. If your data is compromised in multiple breaches over time you may be able to daisy chain years of free services together. And everyone can pull and review one complete credit report per year for free from Additionally, consumers need to be aware that credit monitoring, locks, and freezes alike don’t protect against things like tax fraud and medical fraud, in which identity thieves can file bogus tax returns on your behalf to claim your refund or jeopardize your insurance coverage by scamming your provider.

Vol. 10, No. 25 – Sept 13 – Sept 26, 2017 – Tech Today with Ken May

What Are Password Managers?

One of the most important steps you can take to protect yourself online is to use a unique, strong password for every one of your accounts and apps. Unfortunately, it is most likely impossible for you to remember all your different passwords for all your different accounts. Reusing the same password for different accounts is dangerous, because once someone compromises your password, they can access all your accounts. A simple solution is to use a password manager. These are programs that securely store all your passwords, making it easy to have a different password for each account. Password managers make this simple, because instead of having to remember all your passwords, you only must remember the master password.

Password managers work by storing all your passwords in a database, which is sometimes called a vault. The password manager encrypts the vault’s contents and protects it with a master password that only you know. When you need to retrieve your passwords, such as to log in to your online bank or email, you simply type your master password into your password manager to unlock the vault. In many cases, the password manager will automatically retrieve your password and securely log in for you. This makes it simple to have hundreds of unique, strong passwords, since you do not have to remember them.

Most password managers include the ability to automatically synchronize your password vault’s contents across multiple devices that you authorize. This way, when you update a password on your laptop, those changes are synchronized to all your other devices.

When you first set up a password manager, you need to manually enter your logins and passwords. Afterwards, the password manager can detect when you’re attempting to register for a new online account or update the password for an existing account. This is possible because most password managers work hand-in-hand with your web browser. This integration also allows them to automatically log you into websites.

It’s critical that the master password you use to protect the password manager’s contents is very difficult for others to guess. In fact, we recommend you make your master password a passphrase, one of the strongest types of passwords possible. If your password manager supports two-step verification, use that for your master password.

Meanwhile, when trying to find the password manager that’s best for you, keep the following in mind:

• Your password manager should be simple for you to use. If you find the solution too complex to understand, find a different one that better fits your style and expertise.

• The password manager should work on all devices you need to use passwords on. It should also be easy to keep your passwords synchronized across all your devices.

• Use only well-known and trusted password managers. Be wary of products that have not been around for a long time or have little or no community feedback. Cyber criminals can create fake password managers to steal your information.

• Make sure whatever solution you choose, the vendor continues to actively update and patch the password manager, and be sure you are always using the latest version.

• The password manager should include the ability to automatically generate strong passwords for you and show you the strength of the passwords you’ve chosen.

• The password manager should give you the option of storing other sensitive data, such as the answers to your secret security questions, credit cards, or frequent flier numbers.

Vol. 10, No. 23 – Aug 16 – Aug 29, 2017 – Tech Today

Tech Today with Ken May

Backup and recovery

If you use a computer or mobile device long enough, sooner or later something will go wrong, resulting in you losing your personal files, documents, or photos. For example, you may accidently delete the wrong files, have a hardware failure, lose a device, or become infected with malware, such as ransomware. At times like these, backups are often the only way to rebuild your digital life.

Backups are copies of your information stored somewhere other than on your computer or mobile device. The first step is deciding what you want to back up. There are two approaches: (1) backing up specific data that is important to you; or (2) backing up everything, including your entire operating system. If you are not sure what to back up or want to be extra careful, back up everything.

Second, you must decide how frequently to back up. Common options include hourly, daily, weekly, etc. Other solutions offer “continuous protection,” in which new or altered files back up immediately each time you save a document.

There are two ways to back up your data: physical media or Cloud-based storage. If you are not sure which approach to use, you can use both at the same time. Physical media is devices you control, such as external USB drives or network devices. The advantage of using your own physical media is it is very quick. The disadvantage is if you become infected with malware, it can spread to your backups. Also, if you have a disaster, such as fire or theft, it can result in you losing not only your computer, but the backups as well.

Cloud-based solutions are online services that store your files on the Internet. An advantage of Cloud solutions is their simplicity–backups are often automatic and you can usually access your files from anywhere. Cloud backups can help you recover from malware infections, such as ransomware, as many Cloud solutions allow you to recover from pre-infected versions. The disadvantages are it can take a long time to back up or recover very large amounts of data.

Finally, don’t forget your mobile devices. Your mobile app configurations, recent photos, and system preferences may not be stored in the Cloud. By backing up your mobile device, not only do you preserve this information, but it is easier to transfer your data when you upgrade. An iPhone/iPad can back up automatically to Apple’s iCloud. Android, or other mobile devices depend on the manufacturer or servicer provider. In some cases, you may have to purchase an app for backups.

Backing up your data is only half the battle; you must be sure that you can recover it. Check periodically that your backups are working by retrieving a file and making sure it is the same as the original. Also, be sure to make a full system backup before a major upgrade (such as moving to a new computer or mobile device) or a major repair (like replacing a hard drive) and verify that it is restorable.

Vol. 10, No. 19 – June 21 – July 4, 2017 – Tech Today

We all WannaCry
by Ken May

On Friday, May 12, a new ransomware, called WannaCry, began circulating throughout the United Kingdom and Spain, rapidly infecting over 400,000 exposed workstations and servers at healthcare, financial, and other business sectors. This ransomware stood out for several reasons, including being the largest ransomware attack in history, and the first widely spread ransomware worm.

I had an exciting time analyzing this as it happened. I was in San Diego for the SANS Security West 2017 Cybersecurity conference as a facilitator. We all piled into a room late one night for an emergency session, while we shared data and studied what was happening in real time. Because of some of the connections I made there, I later was able to provide some assistance to the FBI Special Agent in charge of the WannaCry investigation.

The ransomware infection is Version 2.0 of WanaCypt0r (also known as WCry, WannaCry, and WannaCryptor). Unlike previous instances, this version takes advantage of the SMB vulnerability outlined in Microsoft Security Bulletin (MS17-010). This vulnerability was first exploited by the ETERNALBLUE malware, revealed by the ShadowBrokers leak in March, and targeted the Microsoft MS17-010 SMB vulnerabilities. SMB (Server Message Block) is a protocol primarily communicating on port 445 and is designed to provide access to shared resources on a network. Last fall, Microsoft propounded system administrators to disable SMB Version 1 on systems.

According to an FBI FLASH Alert, the WannaCry ransomware infects initial endpoints via a phishing campaign or compromised RDP (remote desktop protocol). Once the ransomware gets into a network, it spreads quickly through any computers that don’t have the patch applied. The worm-like capabilities are the new feature added to this ransomware.

New instances of this ransomware worm dramatically decreased following the activation of a “kill-switch” in the ransomware. A security researcher going by the Twitter handle @MalwareTechBlog noted an unregistered domain (www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea[.]com) in a sample of the malware. WannaCry checked to ensure non-registration of the domain at some point prior to infection. According to the researcher, this was likely intended as a way to prevent analysis of the malware in a sandbox. If the domain is registered, WannaCry exits the system, preventing further infection. While this doesn’t benefit victims already infected, it does curb further infection. Of course, shortly after that, a new variant began making the rounds.

At least three separate Bitcoin wallets, controlled by unknown criminals were identified as part of the ransomware campaign. As of May 25th, a total of 302 payments totaling over $126,000 had been transferred. All in all, a shockingly small amount.

Some interesting notes:

  1. This was patched by Microsoft back in March, so anybody who got infected is over 2 months behind on installing security updates.
  2. 98% of the victims were running Windows 7.
  3. It’s estimated that there are currently over 1 million computers connected to the internet, according to scans, that are still vulnerable, and still haven’t been updated.

Install those updates, folks!


What Is WannaCry? Analyzing the Global Ransomware Attack

Robots descend on Ventura

The future of the world is in the hands of these kids.

Article and photos by Richard Lieberman

Teams faced off at FIRST (For Inspiration and Recognition of Science and Technology) Robotics regional competition at Ventura College. Teams from Ventura County, Chile and Hawaii compete in the FIRST Robotics competition.

The local team is Team 3925 from Ventura County. The team is comprised of seven different local high schools competing against 42 high school teams, including teams from Newbury Park High,  Construction and Engineering charter high school in Camarillo and the Ventura County Career Education Center, where students from six county high schools make up the team.

This event called FIRST Steamworks incorporating a Steampunk theme. The student designed robots are required to pick up an item then throw it, climb and then hang on a tower and to carry an item and place it on a platform.  The teams were given a starter kit to help design and build their robot. Students were allowed six weeks to build, program and test their robots.

More than 5,000 teams, totaling 78,000 students world-wide are taking part in the FIRST Robotics competition this year. Aiding the students were teachers, and mentors from the programming, engineering, manufacturing field to help students design their robots and form their business plans. All team participants have the option to apply for twenty-two million dollars in scholarships from more than 200 colleges and universities.

Event chair Velma Lomax said “This is what I love so much, it’s not just about robotics and competing, it’s about everything these kids learn” There are regional competitions that will move on next month to western competitions in Houston, then on to eastern competitions in St. Louis and a final world championship in New Hampshire in July.

Lomax added “These kids are in business fields, they design their own brochures, they do all of their own promoting, their own fundraising. They don’t get money from anyone. These kids are amazing and every child can fit in. Additionally, Lomax said “They call it a varsity squad for the mind, another important thing they learn is time management.”

Three teams who won the regional with their robots are Team 114 from Los Altos high school, Team 3925 from Career Education at Ventura High School, includes members from Ventura High School, Buena High School, and Foothill Technology. Ventura’s team 3925 won a spot to advance to the upcoming competitions.

“It’s a lot of components this year, event chair Velma Lomax said.” She added  “It’s an interesting competition.”


Vol. 10, No. 14 – April 12 – April 25, 2017 – Tech Today

Tech Today with Ken May

How the ISP Law Change Affects Your Privacy

On Tuesday, March 28th, Congress sent proposed legislation to President Donald Trump that wipes away landmark online privacy protections, the first salvo in what is likely to become a significant reworking of the rules governing Internet access. The legislation would kill a set of Obama-era privacy regulations for internet service providers created by the Federal Communications Commission last October.

The most notable part of the rules, which has not yet taken effect, would require broadband providers such as Verizon, Comcast, and AT&T to obtain explicit consent before selling their customers’ web-browsing histories, app-usage data, and other personal information to advertisers and other third-parties. The vote is concerned with some recent changes to what the internet is in the eyes of the American government.

In February of 2015, The Federal Communications Commission (FCC) reclassified ISPs as “common carriers,” which means they traffic in utilities. This effectively put the internet in the same category as telephones, water, gas, and other necessary components for living in terms of how it’s regulated. This allowed the FCC to enforce net neutrality laws, which force all ISPs to provide access to all kinds of content on the internet equally. (In the past, ISPs would slow down users’ traffic when visiting certain websites or sharing files to discourage them from engaging in these acts.) Classifying the internet as a utility also meant ISPs had to follow the privacy guidelines previously written for telephones. This legislation would effectively roll back many of these changes, allowing ISPs to do whatever they want with their users’ browsing data.

So, this is a complicated issue. What’s the easiest way to get my privacy back?

Well, states could try to implement some form of the FCC rules for their own residents. ISPs might conceivably change their practices nationwide if enough states do so, or customers in some states could have fewer privacy protections than customers in other states.

“As on climate change, immigration and a host of other issues, some state legislatures may prove to be a counterweight to Washington by enacting new regulations to increase consumers’ privacy rights, a New York Times article said this week. The Times article mentioned laws in California, Connecticut, Nebraska, and West Virginia and proposals for new laws in Illinois, Hawaii, and Missouri, but none of these laws and proposals was specifically targeted at ISPs.

But let’s assume that doesn’t happen. Now what?

Last year, Opera, the little browser that everyone seems to forget about, rolled out a free VPN. It’s easily the simplest, cheapest, and most reasonably private way to access a VPN that will circumvent your ISP right now. It does come with a slew of caveats though. An Opera spokesperson said that the VPN is a no-log service, which is good, however, while Opera is a Norwegian company and therefore acts under Norwegian law, SurfEasy, the company that provides the VPN service, is a Canadian company, and Canada is known to hand over intelligence data. Regardless, using the VPN means you’re agreeing to SurfEasy’s Privacy Policy. Opera was also purchased by a Chinese consortium last year, so any data Opera does collect could be accessible by that company at some point. Also, keep in mind, only the web browsing you do in Opera will go through their VPN. It’s not perfect, but it’s a good step forward. Hopefully, we see something similar implemented in other browsers.

h/t Business Insider, Game Informer, Lifehacker, Ars Technica


The Lester Tong Visualization Center

3-D demonstration held at College Applied Science Center.

On March 23 a dedication of the Lester Tong Visualization Center at Ventura College Applied Science Center was held.  This 75-seat classroom utilizes a state-of-the-art 3-D dual rear projector system onto an 8′ tall glass “touch screen” where the viewing audience wear powered 3-D glasses.  A 3-D demonstration was held.

Lester Tong worked at the Ventura County Community College District Office and in the Information Technology department at Ventura College for over 30 years. He was dedicated to serving the campus and the community.  Retiring in 2016, Mr. Tong continues his devotion to service in Ventura County by volunteering at various non-profit organizations.

The son of Cantonese immigrants, Lester became a first-generation college student, receiving his B.S. in Business Administration from Pacific Union College in 1971. Lester attributes his success in life to the education he received. He is grateful for an education which created many opportunities for him, including his career at Ventura College.

His passion for education inspired him to leave a lasting impact at Ventura College by creating an endowment for the Ventura College Promise, a program that covers the enrollment costs for the first year at Ventura College.

The District Board of Trustees unanimously authorized the naming of the Ventura College Visualization Center: The Lester Tong Visualization Center.