Episode 654- Aussie Tech Heads Shownotes

posted in: Show Notes







Netflix plans password crackdown

Netflix has promised to crack down on users who share their passwords with friends or family members.

It means that if you borrow someone’s login, you may have to start paying for your own account in full instead.

Netflix already offers some account-sharing features, designed to let people in a single household use one login.

But Netflix worries that some users are sharing their logins among different households, with distant pals or even strangers.

Speaking at Netflix’s Q3 2019 earnings last week, Netflix product chief Greg Peters said the firm wanted to address password sharing without “alienating a certain portion of (the) user base”.

“We continue to monitor it so we’re looking at the situation,” he said.

“We’ll see those consumer-friendly ways to push on the edges of that.”

But experts said we’re already seeing some early signs of a crackdown.

“They are policing this (already) by blocking the third concurrent screen if two screens are in use at the same time,” “That doesn’t help if the users are in different time zones, as many households with kids in college are.

“However, it definitely cracks down on widespread password sharing.”

He added: “They also have a way to track device usage and can require two-factor authentication, although they’ve haven’t rolled that out yet.”

The news follows a major announcement by tech firm Synamedia about a new AI system that cracks down on account sharing.

It uses machine learning technology to track shared passwords on streaming services.

And this technology could then be used to force users to upgrade to a premium service or even shut down their account.


Google has boosted Australia’s piracy crackdown

Google has come to the party on Australia’s piracy crackdown, making it harder to find illegal torrent sites through its search engine.

The tech giant has voluntarily agreed to remove sites that facilitate copyright infringement from its search results.

Google has reached a voluntary agreement with Australian ISPs and content rights holders to de-index sites that have been blocked by internet providers under recent laws.

The move will mean Australian rights holders won’t have to take Google to court to force the company to remove offending sites from search results.

In 2015, the Federal Government passed legislation paving the way for court-ordered blocking of websites hosting material in breach of copyright. By 2018, the Federal Court had ordered 65 piracy sites to be blocked and more than 378 related domains.

The laws have since been bolstered to allow for the speedy blocking of affiliate or mirror domains that pop up online and allow users to download pirated material. Last year’s boost to the laws also provided rights holders the ability to get an injunction against a search engine.

Google confirmed its latest co-operation with local service providers came after changes to the site blocking laws in Australia extended their operation to search engines.

“Google supports effective industry-led measures to fight piracy,” a company spokesperson said.

Mr Burke said there had so far been 832 sites blocked by Google thanks to the new collaboration.


Gmail Hooked Us on Free Storage. Now Google Is Making Us Pay

Google lured billions of consumers to its digital services by offering copious free cloud storage. That’s beginning to change.

The Alphabet Inc. unit has whittled down some free storage offers in recent months, while prodding more users toward a new paid cloud subscription called Google One. That’s happening as the amount of data people stash online continues to soar.

When people hit those caps, they realize they have little choice but to start paying, or risk losing access to emails, photos and personal documents. The cost isn’t excessive for most consumers, but at the scale Google operates, this could generate billions of dollars in extra revenue each year for the company. Google didn’t respond to an email seeking comment.

A big driver of the shift is Gmail. Google shook up the email business when Gmail launched in 2004 with much more free storage than rivals were providing at the time. It boosted the storage cap every couple of years, but in 2013 it stopped. People’s in-boxes kept filling up. And now that some of Google’s other free storage offers are shrinking, consumers are beginning to get nasty surprises.

“I was merrily using the account and one day I noticed I hadn’t received any email since the day before,” said Rod Adams, a nuclear energy analyst and retired naval officer. After using Gmail since 2006, he’d finally hit his 15 GB cap and Google had cut him off. Switching away from Gmail wasn’t an easy option because many of his social and business contacts reach him that way.

“I just said ‘OK, been free for a long time, now I’m paying,’” Adams said.

Other Gmail users aren’t so happy about the changes. “I am unreasonably sad about using almost all of my free google storage. Felt infinite. Please don’t make me pay! I need U gmail googledocs!,” one person tweeted in September.


WAV audio files are now being used to hide malicious code

Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code.

The technique is known as steganography — the art of hiding information in plain sight, in another data medium.

In the software field, steganography — also referred to as stego — is used to describe the process of hiding files or text in another file, of a different format. For example, hiding plain text inside an image’s binary format.

Using steganography has been popular with malware operators for more than a decade. Malware authors don’t use steganography to breach or infect systems, but rather as a transfer method. Steganography allows files hiding malicious code to bypass security software that whitelists non-executable file formats (such as multimedia files).

All previous instances where malware used steganography revolved around using image file formats, such as PNG or JEPG.

The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year.

The first of these two new malware campaigns abusing WAV files was reported back in June. Symantec security researchers said they spotted a Russian cyber-espionage group known as Waterbug (or Turla) using WAV files to hide and transfer malicious code from their server to already-infected victims.

The second malware campaign was spotted this month by BlackBerry Cylance. In a report published today and shared with ZDNet last week, Cylance said it saw something similar to what Symantec saw a few months before.

But while the Symantec report described a nation-state cyber-espionage operation, Cylance said they saw the WAV steganography technique being abused in a run-of-the-mill crypto-mining malware operation.

Cylance said this particular threat actor was hiding DLLs inside WAV audio files. Malware already-present on the infected host would download and read the WAV file, extract the DLL bit by bit, and then run it, installing a cryptocurrency miner application named XMRrig.

Josh Lemos, VP of Research and Intelligence at BlackBerry Cylance, told ZDNet in an email that this malware strain using WAV steganography was spotted on both Windows desktop and server instances.


Samaritan uses genius bank trick to reunite man with lost wallet

A man has used a clever method to communicate with someone after he found their wallet and bank card, but didn’t have a way to get in touch.

A cyclist was reunited with his wallet after a genius good Samaritan paid into his bank account multiple times — each with snippets of a message.

Tim Cameron, 30, had feared the worst after losing his wallet, containing a bank card but no contact details. The wallet had fallen from his pocket as he rode his bike to his North London home.

But Simon Byford, who found Mr Cameron’s wallet, figured out an ingenious way to get in contact with the man.

He made four online deposits of 19 cents (1p) each into Tim’s account — and used the 18-character reference box to communicate with him.

In the first deposit he wrote: “Hi I found your”, then added in the second: “wallet in the road.”

The third contained Simon’s number and the last urged him to “text or call!!”.