Category: Tech Talk

Understanding DRM

tech talk

By Adam Barber

As we very rapidly transition into a digital world, the content that we consume — our entertainment — has gone from a physical copy you can hold to something that you access via a device or platform. I’m talking about music, movies, TV shows and video games. The concept of owning a movie or a video game has gone from having the disc in your hands to having access to a file on a server. Sure, you could download it, but many times you can only use the piece of entertainment through a designated platform or a certain number of times. Sometimes you need an internet connection to access the content, or you are unable to make a backup copy of the media you have purchased. What stops these downloads from being downloaded and pirated throughout the internet? Why can I only watch my movie or play my music through designated platforms?

This is where Digital Rights Management (DRM) comes into play. DRM is essentially a protection for copyrighted material. It’s a method of securing content released digitally to prevent piracy and unauthorized use. DRM is a set of access control technologies that control the distribution, modification and use of the above-mentioned software and digital multimedia content, as well as devices and systems. If you were going to protect physical goods by putting a lock on them, then DRM is the digital equivalent of the lock.

It works by encrypting the digital content that is stored and transmitted so only authorized users can use it. Before the content is streamed or downloaded, it must be encrypted using multiple DRM schemes for device compatibility. Let’s say you just bought a movie from Amazon. So when a user tries to play back a video, the video player requests a key to decrypt the content from a license server. The server then determines whether the user and the device are authorized for playback. If they are, then the license server issues a decryption key. The video player can then decrypt and play the content for the user.

Is this a good thing, though? Some say yes, some say no. The general idea of DRM is to protect copyrighted material and to thwart would-be software pirates. This is to ensure that only someone who has purchased the media is able to use it, protecting the owners of the intellectual property and hopefully keeping sales numbers where they should be. There are several downsides, though.

Let’s take the computer-game industry as an example and how they implement DRM. They use several methods, but one is limited install activations. This is where the owner of the game is only allowed a limited number of installs. It’s usually about three or five. That number may seem fair, but what if a computer is reformatted or upgraded? This can be an issue for someone who is planning on playing this game for years to come on multiple computers. Another method is persistent online authentication. This is where a game must always be online to play. This is also intrusive as it forces someone to be online to play their game. What if their network is down, or the servers that are enforcing the DRM are not accessible some day?

So DRM is a complicated issue. I am all in favor of a digital future and in favor of paying full price for entertainment because I like supporting the industries and people that create it. It bothers me that a game I love, which I am totally willing to pay the full price for, may not make its money back or get a sequel because of lost sales due to piracy. I’m not sure if DRM is the answer, but it does attempt to protect the industries that create content.

Some are saying that relaxing the restrictions of DRM may actually be beneficial. Look at the content that is available on YouTube. Some artists are happy to get the word of their art out even if it means losing a few sales. What is lost at first may be gained via new revenue through an unofficial copy. DRM-free is actually regarded as a good thing to many, and even is looked at as good marketing. If the price is right, some people are happy to support DRM-free media and play video, music, or a game through any medium they see fit. It’s an interesting argument and one that affects us all in some form or another.

Adam Barber is a member of the Information Technology Senior Seminar course and is planning a career in network and systems administration.

Advertisements

Password Security and Why It Is Important

tech talk

By Joshua Duplessis

As a college student pursuing a degree in Information Technology, passwords have been a big interest to me. Passwords are what keep us secure when a majority our of social and financial interaction has migrated online. The pace of our greater and greater reliance on technology for the sake of convenience is putting us more at risk for security breaches. The reason for that is 61 percent of people have admitting to using the same password for multiple accounts. If one company that you have an account with gets hacked and uses the same password as another online service you have, that other service has a chance of getting compromised as well. In 2016 even Mark Zuckerberg did this and got his LinkedIn, Twitter and Pinterest accounts compromised for using the same password. (I don’t know what’s funnier, that it happened to Mark Zuckerberg or that he has a Pinterest.)

An average U.S. citizen has around 130 online accounts attached to an email address. Let’s say 10 percent of those 130 companies do not store your password securely: 13 of those companies could easily get hacked and that hacker could have all your account information, and some of those accounts could be tied to financial institutions. So how can we prevent ourselves from being hacked and having our security compromised?

First, by making a password that meets complexity standards, with at least one uppercase letter, one lowercase letter, one number 0-9, and one distinctive character (~!@#$%^&*_-+=`|\(){}[]:;”’<>,.?/). Having just a complex password alone help in an immense way.

Another way to help with password security is to use something called a passphrase. Instead of using a password that is just a single word in the dictionary, use a combination of words to make a phrase while still meeting the complex-password rule set.

One last tip would to be to make sure you change your password frequently. Tips on strengthening your password may only go so far, though; how companies store your information is just as important or even more important. No matter how strong your password is, if the company isn’t secure, a hacker will still get your information.

One way to know if a company you have an account with is secure is if it has a two-way authentication tool, which texts or emails you a code when you try to log in. This security feature adds another layer on top of your strong password, and the likelihood of some hacker getting your information is not likely. Two-way authentication is becoming more of a common thing now. Most social media sites and Google will let you set up two-way authentication. Banking applications are starting to implement biometric authentication, which requires your face, voice or fingerprint to log in.

Our online lives are growing every day, and with more online accounts, there are more passwords we are going to have to remember. I hope this made you more conscious of your data footprint as you go online today and take what type of data you put on the web and the integrity of the website you trust.

Some of the Worst CPU Exploits in History – Should You Be Worried?

tech talk

By Andy Li

If you wanted the quick answer, then yes, you probably should be — or at least be paying attention. For those of us that don’t follow tech that much, January for the tech world has been abuzz with two words: Spectre and Meltdown. They’re two computer exploits that can give an attacker the ability to read data in parts of the system that are normally completely secured and unreadable by conventional means.

Normally, data that’s being input and processed into a computer system, such as passwords, usernames and other sensitive information, isn’t readable straight from the these heavily restricted areas of the hardware. This is thanks to industry conventions and standards that require developers to ensure these areas are well secured and encrypted against prying eyes. But thanks to researchers at Google’s Project Zero and other independent research teams, these parts of the computer are now no longer as nearly secured as everyone once thought.

Being called “one of the worst CPU [computer processor] bugs ever found” by one of the researchers who originally discovered them, every major hardware and software vendor is currently in a frenzy trying to determine what should even be done with the exploits. That’s because they affect nearly every CPU within the last 20 years, with Intel CPUs being especially vulnerable.

This means that billions of devices are potential targets. While bugs and exploits are usual fare when it comes to technology, Spectre and Meltdown expose not just security problems with computer hardware, but inherent design flaws made by CPU developers trying to squeeze out as much performance as possible for their hardware. It comes as no surprise then that current fixes to these exploits come at potentially steep performance costs, with some major companies reporting up to a 30 percent performance decrease for their systems after applying fixes for the exploits.

As of now, Google and Amazon have already reported that their infrastructure has been secured against the exploits with minimal performance issues. Microsoft has had mixed results for Windows patches, where some AMD CPU users reported unbootable computers before a subsequent fix was pushed out to address the problem.

Meanwhile, Intel has remained vague in their plans to address the exploits, despite it being their CPUs that are affected the most by the exploits. Early attempts by Intel to fix the problem through firmware updates have been lambasted by some developers, including Linus Torvalds, as being “complete and utter garbage.” Longer-term solutions announced by Intel, such as the development of Spectre- and Meltdown-proof chips, have only raised more questions than answers as scant details have been given other than that they’ll be released later this year.

So the question remains: What can we, as normal consumers, do to protect ourselves against these threats? Unfortunately, even with current fixes, you won’t be protected from certain variants of Spectre. Keeping your system up to date, though, will go a long way in keeping you safe from becoming a victim of a new class of attacks. Use this tool created by the Gibson Research Center to determine if you’re still vulnerable: https://tinyurl.com/y98na5c4. Pay particular attention to your web browser and operating system and update those as soon as possible to the latest versions.

In the long term though, the only way to be totally rid of these exploits would be to replace the system with Spectre- and Meltdown-proof machines. However, with Intel still being the titular CPU in use for most computer systems and given how long many of us can hold on to our computers for, this will certainly be no simple task. So for now, while we can only wait and watch to see what the big players will do next, one thing’s for sure: Meltdown and Spectre will be haunting us for quite some time.

Andy Li is a member of the Information Technology Senior Seminar course and is planning on an eventual career in database administration.

How I Became a Geek

tech talk

By Jamie West

My name is Jamie West, and I started in SMCC’s Computer Technology program in 2012. It has taken me five years to get to where I am now. I will graduate with my Associate in Applied Science with a major in Information Technology this spring. It has been a struggle at times. However, with help from all of my instructors and encouragement from my supporters, I will graduate.

Before attending SMCC, I was intimidated by today’s technology. I grew up with Atari, then the Nintendo gaming systems. The only PC I used was an old Commodore 64. I had no idea of the differences between Macs and PCs. I couldn’t tell you what a bit or a byte was, let alone a VM.

Now, after all the classes I’ve taken, I’m hoping to get into the tech industry and make a career out of it. I can now maintain desktops, laptops, tablets and cell phones. I’m pretty good at troubleshooting hardware and software issues. I know what a VM is (Virtual Machine). I can set up basic networks for SOHO (Small Office/Home Office) environments.

The lessons that I’ve learned at SMCC and the skills that I’ve acquired I can now take with me into the workforce. I know what it’s like setting up VMs and having to configure the IP addresses so they work properly via the physical machine they are running through. I also know what it’s like to work and collaborate with others as a team to solve problems. Communication is a big part of all of the above. If I didn’t ask questions or answer questions and participate in classes, I wouldn’t have maximized the potential knowledge offered.

I’d like to say that it has been a long road with some bumps along the way. Regardless of life’s challenges that I’ve had to deal with, I didn’t give up.

Whoever you are, however old you are, regardless of what challenges you have to deal with, you can achieve your goals if you put your mind to it. Don’t be afraid of the bits and bytes that come along. They’ll usually update without you noticing. Things change, technology changes, and people change.

SMCC and the Information Technology department have helped me in more ways than I have words for. Not only am I able to network professionally, but I know how to set up networks as well. I understand servers and promoting them to a domain controller. I can set permissions on clients as well as myself within the network. I know what a login script is.

When I first heard some of these terms and acronyms, I was clueless. I still can’t quite speak “geek,” but I can do the tasks required to keep my grades up and learn skills that are sought after in our present time.

Had I not faced some of my own fears, I would not be writing this. If I can do this — go back to school later than the average student — anybody can. Keep on keeping on.

Jamie West is currently a member of the Information Technology Senior Seminar course and is planning on a career in networking.

How to Fix a Slow PC, in 7 Steps

By Joel Kabambi

Many of us think that when a computer starts performing slowly, it’s time to buy a new computer. Does your desktop or laptop often hang on the hourglass for several minutes at a time? Is it slow to load files or applications, and does it take a long time to boot? Even if you’re extremely careful about how you use your computer and never download questionable material, over time it is inevitable that your system will accumulate unwanted registry entries, errors, clutter and debris. It’s important to clean your computer up and get it running faster again.

Below are steps that can help speed up a Windows OS computer or determine why it is running slowly.

Reboot
If your computer has not been rebooted for a long time, make sure to restart it before following any of the steps below. This is the first step of all troubleshooting.

Disable background programs
Background-running programs can also be the cause of a slow-working computer. Remove or disable any program that automatically starts each time the computer boots — programs that are not needed. How to do it? The followed link provides details: https://tinyurl.com/y9lsjrhe.

Delete temp files
As a computer runs programs, temporary files are stored on the hard drive. Deleting these temp files can help improve computer performance. Programs like Disk Cleanup can be used to delete temp file, but there is also a way to do it manually. The following link provides details on how to do it manually https://tinyurl.com/ycd4e38h.

Free hard-drive space
Verify that there is a lot of space in your driver hard disk, at least 200 to 500MB of free hard-drive space. This available space allows the computer to have room for the swap file to increase in size, as well as room for temporary files.

Remove viruses
If a computer is infected, this can cause your computer to run slowly. Make sure you have antivirus software, and ensure that it’s up to date. Scan for viruses to remove. If you don’t have an antivirus program installed, you can run the free Microsoft antivirus Microsoft Security Essentials to scan for viruses on your computer and remove them. Microsoft Security Essentials can be downloaded from this Microsoft page: https://tinyurl.com/juupxbx.

Update Windows
Make sure you have all the latest Windows updates installed on the computer. If you are on the internet when your computer is slow, make sure all browser plugins are up to date. You can also try disabling browser plugins to see if one of them is causing the slowness.

Check for hardware issues
Finally, if your computer is still slow after trying all of the above recommendations, there may have a more serious hardware-related issue, such as a failing component in the computer. Examples of failing hardware could include a failing or bad hard drive, CPU, RAM or another component. This may require you to replace hardware that is causing slowness. If replacing hardware will cost too much, then it’s time to make the big decision of buying a new computer.

I Am Sick of Hearing About Cybersecurity, Too

By Alexander Kennedy,
SMCC Cyber Security graduate

As the year comes to a close, it’s a time for many to look back and reminisce about good times gone by. Some people may consider large news headlines of 2017 — we have a new president, hurricane season was worse than usual, and the United Kingdom started its transition out of the EU, to name a few. But for the first year in a long time, it’s safe to say many people probably recall one or two headlines relating to security breaches across the world.

So far, 2017 has seen at least one major security headline per month. In January, the U.S. Department of Energy reported that the U.S. electrical grid was in “imminent danger” of a cyberattack similar to ones seen in Ukraine a month prior.

February saw the breach of the internet company Cloudflare. The bug, known as CloudBleed, revealed sensitive information of users from companies such as OKCupid, Uber, and Fitbit.

In March, WikiLeaks unveiled Vault 7, a major compilation of data revealing CIA hacking tools that gave the agency the ability to listen to us via our smart TVs, as well as many other methods of turning our own computers against us.

Cybersecurity made it to the world stage in April when a phishing email scam was found to have successfully hacked the campaign of French presidential hopeful Emmanuel Macron.

May and June were dominated by ransomware attacks like WannaCry and NotPetya, which cost the global economy an estimated 4.2 billion dollars was well as compromising nearly half a million computers.
In July, security researchers proved voting machines were easily hackable. HBO was hacked in August, leading to the leak of “Game of Thrones” and “Silicon Valley” episodes.
September had the most notable hack of the year. Equifax reported that the Social Security numbers, names, addresses and other personal information of 145.5 million Americans had been compromised by hackers. For those who are counting, that is half of the U.S. population.

The past few months have seen breaches in Yahoo and Uber. Uber took it a step further and actually paid the attackers $100,000 in hush money.

Whether you’re in the technology field or not, 2017 has made it impossible to escape the news of cybersecurity. And most people couldn’t care less. It’s all too easy to become disillusioned with cybersecurity, with the sheer amount of articles saturating your news feed. But it is vital for us to care if we wish to keep building upon the connected world we live in.

For years, professionals in the cybersecurity industry have been trying to get people to understand the importance of security. The major cyber-events of 2017 have certainly kick-started the conversation on best practices for cybersafety and what you can do, as a consumer, to protect yourself from big-company data breaches. Hopefully, this trend will continue.

Hopefully, this year’s major security events do not scare us away from the awesome power and potential of the internet, but rather propel us into a new age of security-conscious communication and help us to discover what we can do, as consumers, to protect ourselves from big data breaches. Securing the internet is critical in keeping us safe as we interact together and grow our society in cyberspace.

CCleaner and How It Can Help Your Computer

By Jimmy Dasch

CCleaner has been one of my favorite programs to use on my computer for a long time. Ever since I can remember I’ve been using this program to clean and maintain almost every computer in my house. Besides just cleaning out computers of junk files and registry errors, which end up slowing down your computer, you can change other options, such as which programs start when your computer is turned on. This program has helped me keep computers healthy for a long time, and I’m going to tell you how you can do the same for your computer.

Once downloaded (go to http://tinyurl.com/mlxdwzm to download), CCleaner greets you with a user-friendly interface that has its options right in front of you. You’ll notice that there’s an upgrade button on the bottom of the options; that’s because there’s a free and a paid version of this program. The two versions are similar, one of the only big differences being that the paid version will automatically download updates. The free version will still ask you if you want to manually install the updates, so the paid version isn’t needed.

The “cleaner” tab is one of the most important parts of this program. Once you click analyze in the bottom right of the window, it will search through your computer for junk files, files that have been left behind by web browsers and other programs that shouldn’t be there. After the scan is finished, you can click on “run cleaner,” which will get rid of all of the files CCleaner found. This alone can provide a huge speed increase to your computer. So can using the “registry” option, which is the second important part of this program.

Upon clicking on “registry,” you’ll be asked to scan for any registry errors that your computer has. Registry errors are left behind from uninstalling and updating any programs that you have on your computer. Too many of these can result in a slow-down of your computer, just like with the junk files and temporary internet browsing files. After CCleaner has finished the scan, you can click on “fix selected issues.” This will get rid of the registry errors found, resulting in even more of a speed boost on your computer.

There is one more tab you should explore under CCleaner, and that’s the “tools” tab. So what’s under this tab? Once you click on it, you’re presented with a few different options. The only one you need to worry about is the “startup” tab. Click on it, and take notice of how many programs are “enabled” under that section. Whatever programs are enabled are what start up with your computer, and depending on how many programs are under that list, your computer startup time could take way longer than you’d like it to. The only program I recommend keeping enabled under that tab is a virus-protection program of your choice, just so you always stay protected while browsing the Web.

Once you sort through what programs you want to start up with your computer, you’re all set to close out of CCleaner. To finish up your computer maintenance, go ahead and restart your computer. You should notice a faster startup time as well as a speed boost from your previous cleaning of the temporary files and the registry errors. I recommend running CCleaner once a week — both the regular cleaner and the registry cleaner. This will ensure that your computer stays up to speed and functioning properly. CCleaner is one of the most useful free programs out there, and I hope after reading this guide you’ll download it yourself and try it out.

Jimmy Dasch is a member of the Information Technology Senior Seminar course and is planning on a career in the IT field in the near future.