it's 2020 and the cyber threat landscape
is changing so who better to talk to
than a rep from ESET head office in
Toronto Canada I went there on Monday
and had a chance to sit down stick
around we're gonna have the interview in
just a couple of moments
I live recordings are trusted only to
solid-state drives by Kingston
technology revive your computer with
improved performance and reliability
over traditional hard drives with
Kingston SSDs category 5 TV streams live
with Telestream wire cats and nimble
streamer tune in every week on roku cody
and other HLS video players for local
show times visit category 5 TV well
welcome to the show everybody nice to
have you here it's episode number 640
and been quite a week my fitness tracker
is working like crazy excellent yeah
how's yours going oh I was going yeah
everybody's kind of keeping track I got
42 hundred steps today I've got a 78
beats per minute heart beat right now
this thing is telling me my my blood
pressure as well which is kind of cool
that's a bonus for me because I do lean
toward a little bit of a higher blood
pressure right so knowing when I need to
see that yeah how does yours do blood
pressure well it actually uses a an
optical sensor it's it shines a green
light into the veins on my wrist right
and then there's a optical sensor that
reads that and is somehow able to
determine yeah it's very very so I'm 127
over 81 right now okay at 80 beats per
minute so does that does that sound
pretty close to good 89 beats per minute
I'm just learning how like all these
things kind of equate and I've got the
scale that's helping me to to get
healthy so you know off the top of the
show just kind of getting into it
because we're we're following up with
our kind of health tracking that for
20/20 because we're using technology
like our fitness track
in order to be able to get healthier for
2020 I've got the scale I'm using it
twice a day
oh and people are telling me you know
what just use it in the morning and I'm
like yes I would like to use it in the
morning because usually I'm lower weight
in the morning so I feel really really
good about that right but occasionally
after a good day of self-discipline I'm
actually lower in the evening and so you
know I'm like that's encouraging so I'm
taking averages and I'm sticking to that
my low-carb and alternative this week
because I'm trying for low carbs so that
I can burn fat is I replaced taco shells
with romaine lettuce oh that's actually
I had tacos in romaine lettuce and at
first you know when I'm making it I'm
like this is a dietary thing to try to
reduce the carbs as I'm eating it I'm
like this is freaking delicious
well also it doesn't break in the middle
and everything fall I was so good it was
really really good because I like to
have shredded lettuce on my tacos but
it's always like yeah yeah so you just
skip that and just roll it up in a piece
of romaine lettuce if you lose outside
as if the meat is really hot yeah that
heat transfers through the lettuce
Miller this is hot
so sometimes I've had to use a couple
layers of well lettuce but there you go
and in fact I've seen that that's funny
because I actually went out to and W
with my son
okay and A&amp;W we talked about they have
the vegetarian burgers and he's a
vegetarian so so he got that and I had a
regular burger but they have they're a
tmw so this is a fast-food restaurant
yeah what they call lettuce wrap so I
guess you know that maybe inspired the
idea but so they actually replace the
pun with lettuce yes it was messy as
heck it really was it was delicious
well sure it was really really good the
easiest way to do it those you take an
iceberg lettuce yeah yeah and chop the
slice off no yeah yeah they slice the
sides off so that way it has that bun
shape and yeah put in the middle see
that makes sense
see they wrapped it and let us so it was
like lettuce leaves wrapped yeah and it
was really delicious like it really has
a nice taste and I find
I'm actually I'm kind of realizing I
don't really like the button like the
button is like filler yeah and takes
away from the taste but as soon as you
wrap it in lettuce it's like you get the
full flavor explosion right and so I
really did like it
so that's funny that you mentioned that
maybe that birthday the idea yeah by the
way I'll take it I'm using the tech yes
like this and the digital scale to be to
be able to monitor my progress so that
and I'm using that text so that I can
try to achieve the goals that I've never
achieved before for New Year's right
like my New Year's resolutions like this
is the idea yeah
so we do have incidentally we have a new
chat channel on our discord service with
a social category 5 TV server
yeah it's called Biggest Loser and I've
never I've never really realized but I
really want to be the Biggest Loser in
school I was the Biggest Loser this is
completely different from like the last
episode when we were talking about it
and also from the the actual discord
chat so I have taken it up as have you
now yes but I'll tell you my my your
motivations are different than video
games video games yeah you just want to
play more video games so you're like I'm
gonna so this is my diet video games
well you all know that I have a VR yeah
you're showing off now so instead of
just sitting on the couch and watching
TV like I do all the time physical
fitness I've been playing a game called
the knockout League which if you do have
a VR headset please don't I want tell me
how to annihilate Crimson Fang but my
whole body hurts like it's obviously
doing something cuz okay because I'm you
know squatting to dodge and the
opponents are right in your face right
and they're throwing punches and the
accelerometers in the actual sensors can
tell how hard you're punching which for
me is not that hard so I never win
it sounds so cool like I'm sore because
I went to I took my youngest son to a
trampoline place yesterday that's and so
I was bouncing on the trampolines for
about 45 minutes and I'm the guy that
I'm not doing flips and stuff I'm just
bouncing bouncing bouncing bouncing and
then 45 minutes in you're like oh my
goodness everything my ankles really
hurt this is a painful thing but it was
worth it right yes yeah yeah I I just
have been fighting here I've been
playing video games that's really neat
like way way to take the whole like
technology for physical fitness and
physical health to the next level and
thinking VR could be used yeah I've seen
VR games that are really really
physically intensive and taking you know
looking at the Wii Fit for example way
back in the day and thinking okay this
is the next evolution of that where
you're actually like beat saver looks
amazing to me yes I can't wait to try it
I play a game called audio shield which
is very similar to beat saver yeah
and so I'm holding shields and these
orbs are coming at my face and I have to
punch them out of the air but every once
in a while depending on the beat of the
music I also have to duck under the bar
like oh nice yeah okay so you're
physically like get man 2 yeah yeah
that's what I'm saying is to help you in
2020 yeah yeah together
Sacha did I mention two shows ago that
my budget was a hundred bucks total if
everybody buys the scale that I
demonstrated how does that sound then
we'll get into some VR and we'll see how
that looks I think that that would be a
little really really fun way to get
physically like just into the game for
sure even looking at like the Orville
interactive fan experience like I would
love in VR to be able to walk through
the Orville ship yes that would be so
cool you know what I'll do is I'll have
Dave record on my phone yeah a video of
me trying to beat Crimson Fang which I
will not because I I cannot but this is
a video of legacy
moving up to the screen or is he are you
gonna do this you'll be able to see the
fight on the video like on the TV so
just be sash of being like be amazing so
I mean I've just been using the tech
that I have and it's really really
rudimentary compared to the kind of cool
stuff that you have but you know it's a
it's a start anyway so I'm going for the
low-carb to try to burn fat that's the
idea like have you increased your like
veggie intake and incidentally because
you gotta eat right and it's like okay
well if I'm not eating buns and bread
and pasta I'm gonna get what am i doing
instead of pasta I'm doing spiralized
zucchini yeah which looks and tape and
has the texture kind of of like a like a
linguini yes if you will so but but
tastes fantastic
so yeah I'm getting more vegetables
today's lunch was like cucumber and
carrots and cottage cheese and some
peanuts right you know as something to
get through the day you guys are just
having this conversation what's going
through my head is a lesson I learnt
back when I used to watch Sesame Street
one of these things just doesn't belong
here yeah because I had a sub and pulled
pork for supper and my watch
congratulated me for getting up to go to
the bathroom oh this you're still able
to stand congratulations we are polar
opposites right about now I don't know
that that's true because my motivation
is not like I'm not like okay I need to
lose a hundred pounds I'm not we're
looking to educate yourself I'm looking
to educate myself so that I can be more
healthy for the future because I want to
live a long healthy life I want to be
here for my kids I want to be as
physically fit as I can be without like
I understand my limitations as a tech
nerd I know that I'm not going to be the
guy that's working out every day it's
just not me it's not gonna happen and
even if I set that as a goal which some
of us tend to do as a goal
I'm not going to achieve that it's
impossible for me so my goal instead is
just to educate myself and try to eat a
hell
your diet based on the information that
these digital apparatuses give me and
and it's really making a difference so
I'm down about three pounds which is you
know it's a it's little but it's
something and and its direction always
happen at the beginning so ya lost one
year off of my metabolic age you'll also
find that as you start losing weight you
start to pick up losing weight it's kind
of like a trade yeah takes a while to go
once my body gets used at the low carb
it's gonna start burning the fat that's
that's right by the by like Episode
seven hundred we won't see you because
you're gonna be so ephant oh it's gonna
be amazing
like guys I'm so weak no bye then no
it's just like a two-month experiment
let's see what we do yeah I will make
both of you feel it's working yeah if it
doesn't work you'll buy a VR headset
that's the next step alright if my wife
is watching that's what we're putting my
Christmas bonus to her see how I pulled
that off thanks Sasha yeah that's for
wonderful hey before we jump into the
actual content of the show today I want
to remind you to make sure you subscribe
to us on YouTube and click that bell
that's gonna make sure that you are
gonna receive notifications anytime we
are live any time that we are posting
new and superb videos here at
category-five TV I want to say hey to
everybody who's new here if you're
watching the show for the first time
it's great having you here we've seen an
increase in our viewership and our
subscribership on YouTube that's good
and it's nice to have you here so thank
you for be a count's that I created are
helpful it really does make a difference
just so yeah it was a lot of clicking of
the belt let me tell you thanks dude I
was like why is he like I'm subscribing
and re subscribing and unsubscribing who
is this oh good times so this week I
spent some time in Toronto yeah this is
like second nature to you you're there
all the time but this week I was Toronto
to Kingston to Hamilton
place yeah so I I headed down to Toronto
because I wanted to spend some time with
the folks at ESET we wanted to talk
about
yeah the cybersecurity landscape for
2020 and when we come back we've got an
interview that I held with with Rafa var
he's one of the lead sales engineers
they call them but basically he's the
tech guru at at the head office at he
said we're gonna be talking a little bit
about some of the the evolution of cyber
threats what ESET themselves are seeing
how you can protect yourselves in
business and kind of what they expect to
see over the next 12 months so stick
around for that interview it's coming up
right after this
[Music]
I had the pleasure
this past Monday to head down to Toronto
I jumped on the train about 6 o'clock in
the morning and then when I got off the
train at Union Station in Toronto I was
met by some of the the head folks from
ESET Canada and got to spend the day
speaking with ESET Canada about some of
the the evolution of cyber threats
what can customers and viewers and
individuals in Canada and the u.s.
expect to come across this year here we
are in 2020 what should we expect in the
cyber threat landscape and so it was a
great opportunity for me to express kind
of my own concerns and opinions and and
and it was really nice to have been well
received by ESET Canada and indeed even
following up on that
ESET North America also following up and
and you know thanking me for the time to
to be there and and sharing with with
the ESET staff the direction that I feel
that things should go and and it was a
great opportunity for me to learn more
about how threats are evolving and and I
always try to keep on top of the latest
technology trends and threats are a
really big part of tech because I need
to protect myself I need to protect my
customers and I need to be responsible
to you my viewers and and help you to be
ready and prepared for the threats that
are coming over the horizon here as you
know here the first month of January
starts to wrap up the first month of
2020 I should say January being that my
first month yes you're saying you knew
what I meant
January does feel very long though but
we're really it does and when we're
seeing an evolution in malware we're
seeing things transition from viruses to
malware to ransomware
and now even file-this attacks we're
seeing Hardware attacks and firmware
infiltrations and things that we've
never ever even encountered before but
those are very real threats here as we
enter 2020 so the opportunity arose and
I spent some time there I want to jump
into an interview with Raph bovar
at ESET headquarters in Toronto Ontario
hey sorry man
thanks for being here thanks for was
half done heavy well thanks can you tell
the folks who are watching a little bit
about what you do here at ESET
headquarters so Robbie I am actually the
sibling here I am the lead sales
engineer for the for the attack team in
Canada and I am mostly the tech guy that
will support sales in general between
the Canadian territory so a very
technical mind very familiar with the
inner workings of the products yep I am
doing that has all the geeky talk with
the other text and reflect customers
yeah and the main driver for that is to
be able to technically position the
products and see if we can address all
the customer requirements sure so part
of that comes from educating end-users
to understand what the cyber security
threat landscape looks like absolutely
yeah and we've really really seen that
change over the past couple of years I
think especially was it 2017 when wanna
cry dropped yeah this is like the first
ransomware that really made its way
around the world and was really really
huge how did that impact the direction
of a kind of like you said we should not
see any any numbers going down whenever
it comes to the ransomware it's still
the the really prevalent and and
everybody in a way is kind of
experiencing it we do have a pretty good
protection against it so I I don't
expect my existing customers that are
running updated products and everything
from being acted to those threats but
it's something that's already very very
live very very present in our day-to-day
operations something else that right
that I usually highlight on the on the
threat landscape that we have recently
is
the upcoming releases of the file as
malware's so if you have for example an
endpoint security product that's running
on your computer either an AV
anti-malware or whichever name you
prefer to call it yeah I still have the
need to scan files so however the idea
of a file is malware is there's no files
ok so how do you scan something if it's
it's not available in your computer so
those those malware's are in general
being running by script on draw webpages
malicious web pages right and the most
common one today is probably the quaint
miners so it's a script that we run on a
given computer and that computer will
start mining bitcoins for the for the
malware so you call these file lists
malware so does that mean that it just
loads right into RAM from a website yes
it will actually be it it will be a
script that will be running in memory
whenever you go to those websites and if
your existing endpoint security product
cannot scan or cannot protect your
memory in real time you will be subset
susceptible to that kind of threat in
general so sounds to me like another
like wanna cry as the first kind of
example of ransomware another threat
where basic like antivirus and you use
the absolutely virus because your
anti-malware is a term that we in the
industry use these days because really
it's not just viruses that we're dealing
with us threats anymore so so is
antivirus is it sufficient anymore I
don't believe in C virus has been
sufficient for a long time so not only
we have the viruses out there we have
those files as malware's we have the
crypto actors in general the ransom
layers we have Trojans we have back
doors we have exploits so in general is
antivirus enough you know is it better
than not having anything yes but if you
have the option and yes you do have the
options sometimes we are talking about
one
more expensive or something like that
you can go to a full suite of an
endpoint security product which will
provide you a much better protection
overall protection on your computer okay
so I don't want to I don't want to give
the impression that this is a sales
pitch that we're trying to say you know
choose ESET endpoint protection advanced
because it's a sales pitch I want to
instead kind of what what features of a
product like endpoint protection
advanced isn't it that are taking
protection to the next level for those
users so file this attacks yep
ransomware attacks like these are
threats that can take businesses and put
them out of this gifts yep then and
bankrupt their owners yeah absolutely
that's the reason saying yeah so what
what features so are those more advanced
why do I need to pay Morris and yeah
absolutely
specifically reset the modules that we
add those more advanced features is
called hips which stands for host
intrusion prevention system and that's
where we have the advanced memory
scanner which is basically protecting
your memory in real time the final and
that mostly associated to the file as
malware we have the exploit blocker so
let's say whenever a new company
releases a publicly available exploit
for a vulnerability let's say this week
we actually had a pretty severe
vulnerability with Microsoft and they
actually release the patch the next day
or something like that
we will prevent that vulnerability from
being exploited we this is exactly what
he said accomplished with wanna cry
absolutely yes it was eternal it was
yeah it was the summer vulnerability and
yes we were able to actually prevent
that vulnerability from being exploited
in the first place so even though one
cry had never been discovered before
ESET was already proactively protected
absolutely and we were actually
providing that kind of fix two weeks
before when a crime actually existed
fantastic we had that kind of preventive
maintenance let's say you're not pro and
you want an anti-malware product that is
going to be proactive instead of
reactive absolutely yes because in the
case of something like ransomware you
can lose everything
yep and so there is no reactive response
to that then I hope your backups are
good yes actually
going back to that initial question
about the current threat landscape you
are seeing the still you're seeing a
really prevalent presence of the
wrestler however now the the crypto
actors in just in this general they are
not only encrypting your data and
holding you for ransom but if you're not
paying they are actually releasing the
data and selling that data so it
shouldn't be left yes well that can be
even worse yeah so Wow yeah that's scary
stuff so what else does does your
product so again to just look at why I
get the question all the time RAF
yep why should I buy the greater product
when the antivirus has been working so
well for me for so long
so as you said it might be a couple
bucks more dollars so more per seat
which can be a lot if you've got 10,000
computers but in a in a small medium
business it's not that much why would I
pay more the additional features that we
have in the full endpoint security
solution from a technical perspective
and again I'm talking about 150 dollars
more is well worth it the value is
actually there so I'm thinking of not
only adding additional layers of
protection to your computer either at
home or at your business but I'm also
getting additional visibility on what's
happening on your environment as well so
let's say one of the features on that
new on that bigger product let's say the
endpoint security is a personal firewall
which will potentially hit place your
Windows Firewall in my computer and not
only it will allow you to actually have
visibility on the network layer so
instead of only looking for viruses or
Trojans or brain somewhere I'm also
looking for duplicate IP address and
looking for DNS poisoning that's
interesting yeah so now possibly network
traffic problems or even social yes
which are not necessarily security
incidents but it can be a natural threat
so for example one of the detection that
is a port scanning so maybe your users
is a given actor inside your network is
scanning your servers for whatever
reason
where's they're not supposed to be doing
that so yeah it gives you that
visibility so you can actually go to the
user and have a conversation to see
what's what's going on yeah I've never
really thought about that as a threat
yeah because like a duplicate IP address
you just think oh well I accidentally
assigned that same IP to a printer or
something but what if it's a threat
actor exactly yeah
maybe someone is ruining their IP
address yeah mm-hmm interesting and you
mentioned about the firewall how and I
don't want to put you too much on the
spot but absolutely I mean Microsoft
Windows 10 comes with a firewall yep so
do I really need to supplement my
anti-malware with a firewall for Mesa we
do see a two main approaches for that
replacement let's say so the first one
is ease of use so we do provide a
management console that will allow you
to have much more user-friendly
configuration and deployment of that
that's specific and we're talking
centralized manner not certainly okay so
all 10,000 of my computer's yeah
all five of my computers just create the
policies and push it out to your
computers yes again it's fully automated
so it's pretty convenient to use and the
second reason is the visibility so you
do have access to a lot of reporting
that's actually coming from the main the
natural fire road component let's say
you can get a list of all the users on
your network that's had a port scanner
on your environment on a given time
frame so that's the kind of awareness
the kind of visibility that some other
vendors will not allow you to have great
so looking at now here we are it's 2020
yep q1 2020 being that we're here at
ease at headquarters what kind of
threats are we preparing for in this new
year is is there an evolution like in
2017 we really saw an evolution from
viruses ransomware and things are
continuing to progress yep mention file
list attacks what else our thank you for
actually
touching based on that one and I will
actually look at the camera say
everybody we have the depth demand wares
or the the the actual evil players in
the industry every single day they are
going better and better and better so
it's not only important to hit new your
license it's imperative that you guys
actually keep your ESET product or any
other product that you might have today
as updated as possible so you have the
evolution of the rest where you have the
evolution of the file as a malware if
you are running your antivirus or your
anti-malware products from three years
ago you might be losing some advant
advantage in there so you might be
actually lagging behind and sometimes
they will eventually win over your
computer and you might experience some
some laws or some incidents in general
so it's really important as a vendor to
be as updated as possible whenever
release a new a new feature a new
feature a new version of the product
it's important that you actually try to
be as updated as possible work with your
vendor work with your partner work if
your IT departments so so you you are
well protected we are seeing coming back
to a question we are seeing a lot of the
the movements in general whenever we are
looking at the data so we are seeing a
lot of the new threats coming from two
main avenues let's say so the first one
is hardware so whenever thinking of FEMA
for example you have a BIOS update you
have a new chipset on your computer yes
it's actually possible to in fact or
true to - in fact that that given a
component on your computer another point
that we have and we actually have a lot
of research going on on that specific
one is the user behavior so let's say
that usually when you think user
behavior probably the biggest example is
credit card company so you have your
credit card in Canada that credit card
has been used in somewhere in Asia and
Hey even though online shopping is
available everywhere it might create a
trigger hey it's something that card is
not supposed to be used in Asia for
example in Europe or anywhere else and
we are started to see some some some
efforts from different vendors actually
to try to correlate all the incidents or
all the the the incidents in general the
security stance that we flag we also try
to map that to the actual user behavior
so hey that user has just had his email
access in Canada being accessed in
Europe nape that's a user that's always
traveling so yeah it's kind of expected
maybe not that user is an internal user
he has no reason to have that kind of
exposure in there so we can actually
create a ticket and we can flag that as
a potential incident so your admins can
can take a look at it interesting and we
can do that so this is not as a
third-party service but as an internal
absolutely powerful yeah in mastering
and again the amount of data that's
coming out of those surfaces is so big
that automation is critical for that and
so we do have a lot of automation
capabilities in our products yeah and
again it's everything to make your life
easier and I've never really thought of
it outside the context of the credit
card like a perfect example if I view it
and you see it sometimes where is it's
an inconvenience but if your credit card
ever was stolen and used maliciously
then you want to know about it and
here's a service that you're offering
and evolving in 2020 that is in-house so
absolutely I have control over that so
you're thinking of your credit card what
if it's your email access or maybe your
scene number
public data basically it's private it
should be private and we are trying to
make it remain private so is that the
evolution of malware do you think is
targeting data yeah I would say so I
don't see specific data to confirm that
that application but I do believe that's
that's something that is going to happen
we are having we are we as as citizens
we are actually
producing more data every single day the
amount of data that we have associated
to our profiles is massive either from
financial data health care data social
networking data work data basically so
we should see more custom attacks
targeting specific users or specifically
organizations interesting so well RAF
it's been a pleasure having you here
we've learned excellent I don't want to
overwhelm the viewers grand scheme of
things
I mean 2020 is going to be an
interesting year I think from the
cybersecurity land absolutely are we
still seeing attacks in the ransomware
end of things are we still you know ease
that customers are generally protected
against them yes there is - a lot of
ransomware going on I don't see that
going down not not not not in the near
future at least it's still evolving and
the actual organizations that are
actually organization the backend that
are running with those rare some layers
they are still making a profit that's
the same yeah so yeah the question for
years when it was just viruses on the
landscape the question was always what's
the motivation of a hacker yep to do
this
yeah and you say all money yep because
makes money ransomware is a perfect
example or it's like will there bring in
a ton of money in order to create
malware yep which you know if that's a
scary thing so thank you for working to
combat that
Thanks now of course you can find out
more about the particular protections
that we were discussing there by
visiting the website endpoint security
dot CA and incidentally we've got some
more video help and and some great
educational content there that is really
geared toward businesses so that
information is there as a resource for
you to be able to to just watch videos
that help you to understand the threat
landscape and and with that at endpoint
security dot CA you're able to arm
yourself with more information and as I
kind of mentioned it and alluded to in
the interview it's not a sales pitch for
a particular product or
and but it is an educational piece that
helps you to understand what you need to
know because things are really evolving
ESET has proven themselves to be as we
talked about with wanna cry very very
proactive being able to block a threat
before it was even ring yeah it wasn't
even a thing
they actually blocked the exploit that
allowed the thing to exist right so that
meant the thing existed the exploit was
already blocked by ESET so so that
proactive nature of the protection to me
is like that's where it's at that's what
I want um they do have Linux services
available as well
incidentally they're centralized
management console that we discussed is
based on a Linux environment so the one
that they provide is sent OS I have a
github repository that allows you to
install it on Debian buster
that is github.com slash cat 5 TV slash
ESET you'll see the installers there if
you're interested so there's a whole lot
of support there and endpoint security
dot CA is a great place that it all
comes together with blogs videos
podcasts of course the products
themselves recommendations for what
would work in your environment so if
you're in business that's where you want
to go endpoint security dot CA yep big
thanks to Raph for being a part of the
show this week and everyone else for
hosting me at ESET Canada in in Toronto
that was cool it was a great day for
today we've got a head over the newsroom
so Sasha if you're ready for us here's
what's coming up in the category 5 TV
newsroom hey Windows users are you still
using Internet Explorer stop it there's
yet another zero day exploit that will
give hackers the ability to remotely
take over your computer
Pyne 64 is $200 pro grade Linux laptop
is now available with a u.s. keyboard
and customers who pre-ordered theirs are
receiving the first shipment now secure
a security shocker out of Microsoft as
it has been revealed that 250 million
customer records have the
exposed online and not to create false
hope but this is too huge not to mention
scientists at Cardiff University have
discovered a part of our immune system
that can kill prostate breast lung and
other cancers in lab in lab tests stick
around the full details are coming up
later in the show this is the category 5
dot TV newsroom covering the week stop
texting with a slight linux bias
saturated joined this week by Jeff
Weston and Robbie Ferguson all right
some quick honorable mentions this week
or at least one hey you ready for this
Patrick Stewart appeared on the view
this week personally invited host Whoopi
Goldberg to appear in the second season
of Star Trek Picard I think it's so
yes sir while promoting the premiere of
the Picard series Stewart surprise
Goldberg sang quote I'm here with a
formal now I'm here with a formal
invitation it's for you will be for me
Alex Kurtzman who is the senior
executive producer of Star Trek 2 and
all of his colleagues of which I am one
want to invite you into the second
season Stewart's invitation was met with
a big smile from Whoopi who played the
beloved and timeless Guinan character in
Star Trek The Next Generation since the
well as soon as the applause from the
studio audience subsided and following a
warm hug between the two actors what be
responded enthusiastically saying yes
good season two of Star Trek Picard was
already confirmed a month before the
first season even began airing Wow
other confirmed TNG alumni are Jonathan
Frakes as William Riker Marina Sirtis
as Deanna Troi brent Spiner as data aka
be for and I must say Brent we love you
and Jonathan del arco as Hugh of Borg
also along for the show is Star Trek
voyagers Jeri Ryan as seven of nine Star
Trek Picard is available as of January
23rd in Canada and the US and the very
next day worldwide nice let's get into
the top stories we're following this
week Microsoft
set sent out an advisory on Friday
detailing and under it an under attack
zero day vulnerability for Internet
Explorer the scripting engine flaw can
be exploited to gain remote code
execution of a vulnerable machine by way
of
pacifically crafted a specifically
crafted webpage well this particular
flaw can be mitigated by restricting
access to the JavaScript component
jscript dot d ll there is no patch
available to actually fix the
vulnerability even if Microsoft is Swift
to create a patch they plan to release
it on an upcoming patch Tuesday since we
know that's the second Tuesday of each
month
they're leaving this take over exploit
active in the wild for a good four weeks
or so at least these kinds of horrendous
security practices are another reminder
of why we shouldn't be trusting
Microsoft to provide our antivirus to
there is no practical reason to be
running Internet Explorer these days if
you must use Microsoft Windows download
Chrome Firefox or better yet get the
brave private what excuse me private
browser from cat5 TV slash brave to
automatically block ads while you surf
the web it's brutal yeah yeah Microsoft
has been continually letting us down
Windows 10 has been a nightmare as
Microsoft to ever not let us down
I mean maybe back like Windows 93 95 we
can say that but I mean I know it did
feel like they were giving it an effort
but at one point and they had the better
team they had the the testing team
before patches went out and but stuff
like this and having to wait for weeks
for it's actively exploited yes yes that
is a takeover bug like this is something
that could completely compromise an
entire network of machines and so if
somebody a miscreant knows of the
vulnerability within let's say a
business network and actively exploits
it because it is like understand folks
this is an exploit that is currently
being used by hackers to infiltrate
networks it is currently being used
so if that's the case wouldn't it be
prudent for a company like Microsoft to
say we need to fix this and we need to
fix this now yes instead they're waiting
a month at least at least four weeks I
mean we're talking the the second
Tuesday of February why four weeks
though like why that's that's arbitrary
it's just the second Tuesday of every
month is when they issue their patches
well I get that but yeah why not push
through an update because they don't
because it's the rollout happens on on
that schedule they this is the thing
they've said it they've set themselves
up for this type of failure see I their
infrastructure is set up for this type
of failure now but I don't know why they
couldn't even just post it to their
website and say update manually like
nobody's gonna do it but if you unless
you know but even if you know that that
patch exists imagine if you had a
hundred computers and you had to
manually go like the whole Windows
infrastructure right now is a brutal
nightmare that's true it's just
ridiculous and it's really causing
companies I especially companies that
are currently stuck on window like that
have Windows 7 machines intermixed in
their network yeah a lot of government
agencies and we're looking at okay well
what do we do next do we buy all new
systems so we can install Windows 10
because that's usually necessary unless
you can maybe put more RAM in them
because you're gonna need at least like
twice as much RAM you're gonna need an
SSD to you know make it right yeah like
you're gonna need to upgrade you're not
gonna be using a five year old computer
for Windows 10 that's for sure though at
least not without a couple of little
upgrades so you know we look at that and
then we say okay well what other options
are there and these are things that
we're gonna be talking about here on the
show but it really just makes you go wow
hold on let's back up a second and say
what's really you know what's what's
happening here mm-hmm maybe it's a
wake-up call to to say maybe Microsoft
has got way too much control over our
corporation didn't say that for a lot of
people have and I don't and I'm not even
saying that out of my Linux bias that we
call it here I'm saying that out of the
reality of this is actually happening
right now there is this active threat
that is being exploited and Microsoft is
not doing a darn thing about it until
the next Patch Tuesday yeah that's
ridiculous
it is Microsoft not vying for like some
special government contract for
something cloud related right now you're
talking like you know something but
you're not actually saying something why
I feel like we're hearing about like
there's the the US government's looking
to go cloud or something and I like
Amazon's like Amazon was in on and
there's a bunch of different companies I
thought Microsoft was in on as well well
there's only in the three big ones well
yeah but I mean I'm thinking about stuff
like this it's like if you do any push
every four weeks if I'm vying for a
government contract to create something
new you think you'd want to have a
better business model well like yeah I'm
not even touching on that like the
business end of things I'm talking like
the impacts this impacts all should it
should make the government's grow like
wise up and say maybe there are more
secure options out there yep maybe there
are better options out there and that
that my dear friends is where my Linux
bias comes in that's right
and speaking of Linux are you ready for
this there we go Pyne 64 is $200 pro
grade Linux laptop is now available with
a u.s. keyboard and customers who
pre-ordered theirs are receiving the
first shipment now nice the pine book
pro ships with a customized version of
Debian pre-installed that's right
this is a true Linux laptop it also has
a few other tricks up its sleeve like a
bootable micro SD card slot so that you
can easily run
another operating system off a cheap
memory card whenever you feel like it
just about all laptop all laptop
computers use Intel processors these
days only a very small percentage of
Windows laptops have started using
Qualcomm ARM processors the PI Book Pro
actually uses a 64-bit ARM processor
called the rockchip rk3288 60 mp4 GPU
which is made by the same company that
makes the Pine Book Pro Pine
Microsystems Inc Pine also makes other
computing hardware such as compute
modules and single board computers that
you can build into other projects and as
Robbie mentioned last week there even
they even bring a cheap privacy focused
smartphone to market that runs Linux
natively the Pinebrook pro includes 4
gigabytes of RAM which is the maximum
supported by the rockchip so it's not
upgradable by default it also includes a
64 gigabyte at emmc storage module which
you can upgrade if you want but as
Westerners the biggest problem we had
with the original pine book and even the
first run of Pine Book Pro was the
keyboard there's just no way to get
reviewers or in end-users in Canada or
the u.s. to truly love an ISO keyboard
which is a layout more familiar to users
in the UK but now as of last week users
who pre-ordered are receiving their
antsy keyboard pine book pros ANSI is
more commonly called the u.s. keyboard
layout so for $200 Linux fans can get a
solid professional and super sleek
laptop that has keys where they expect
them so how can i Pine 64 sell such a
find piece of kit for only $200 because
they love you that's why actually that's
not even sarcasm the pine Book Pro is
being sold at
as a gift to the open source loving
community so it's not technically meant
for regular users if you believe in
freedom and like to tinker and learn
about technology the pine Book Pro is
meant for you this is awesome I said it
last week with no words but pine
sixty-four yeah this is so good
I like it now when people first
purchased the original pine books and
the pine book prose did they know it was
coming with the alternate keyboard or
were they expecting the pine Book Pro
yes the pine book never did the brain
book came with the ISO keyboard that's
what it came with and when we reviewed
it here on the show you remember like it
was like I can't get my head around this
thing and for those of you who live in
the UK and places where the ISO keyboard
is you're like this is great this is
fantastic but no when you're used to an
American layout it's completely
different and it seems completely
whacked I mean I've seen reviews online
and and I'm part of that where it's like
I just can't get my head around the ISO
keyboard layout my keyboard is a French
layout and Robbie doesn't goodness yeah
I mean we're here in Canada up here in
Studio T and government I don't know if
his legislation or what says that things
have to be French and English combined
so if you walk into a Super Center and
buy a laptop it's a French English
keyboard and keys are all over the place
yeah and so even when I was setting it
up with with cloud-ready it was like I
was pushing the wrong Keys yeah I just
never notice the difference in keyboard
to be honest maybe you've just never had
to experience that oh great well I guess
connoisseur is a fine keyboard every
keyboard I use like I recognize that
they're all gonna be different so I just
roll with it
but I suppose what happens is that they
don't all have to be different and
that's the do touch type like do you
type 180 words a minute like Robbie like
if it's a cyborg it bits out of the if
it's out of place I am going to push the
wrong keys because the keys are meant to
be
where my fingers are trained to know
that they are commenting before the show
is like magic before the show I was
doing this on your you're like yeah he's
like what's your password because he
needed it to get into my and it's like
all this like suggest a strong password
it's like this long symbols that I
didn't even know the name of which on a
French keyboard incidentally is in the
wrong woman place so I showed Robbie my
phone and he was just like yes type in
for a minute that's how it works right
on a French keyboard too so I added a
slash at the end there because that's
where the Enter key is supposed to be so
yeah knowing that now a Nancy keyboard
is available which is the u.s. layout
I'm very excited I really appreciate to
that they're selling it it cost me it
feels like a big hug like it's a it's
just a sure thing to know that a company
cares that much and Pyne 64 I've always
felt cares about respects and is even a
part of that open-source community and
there's a mindset there's like a spirit
about the open-source community the true
open-source community not the there
there's kind of two facets of it there's
the the angry like if you use windows
you are the devil side of open-source
and there's the side that just really
loves freedom and really loves community
support and of giving help to people and
becoming part of communities and
becoming part of online forums and
helping other people like there's that
aspect and that's the aspect that I
really feel Pyne 64 really falls into
mm-hm
and so to offer yeah something like the
pine Book Pro which is a beautiful
notebook computer in two different
models now for ISO and ANSI so they
heard the call of the reviewers here in
Canada in the US yes and they're
offering it at cost for two hundred
bucks
what so for the cost of a premium
Chromebook you're getting
computer that you can just slap Linux on
it comes with Linux yeah it's got more
power it's got a lot of oomph mm-hm and
I'm really really keen and excited about
the Pine Book Pro so well done pine
sixty-four and to the community at Pine
sixty-four I mean we love you here at
category five yes we do and certainly
appreciate the entire team so thank you
for all that you do we've got to take a
quick break more of our this week's top
tech news stories are coming up don't go
anywhere
it has been revealed at 250 million
customer records have been exposed
online this is a facepalm we really
don't intend for the news to be all
about Microsoft but this week has been a
doozy there's the Internet Explorer zero
day vulnerability that's being actively
exploited yet Microsoft has hasn't
issued a patch for that revelation came
just days after the US government issued
a critical alert to Windows users
concerning the extraordinarily serious a
curveball crypto vulnerability and now
this 250 million Microsoft customer
records spanning an incredible 14 years
in all have been exposed online in a
database with no password protection the
data was accessible to anyone with a web
browser who stumbled across the
databases according to the report issued
by the security researcher team at
compare attack no authentication at all
was required to access them the nature
of the data appears to be that much that
much of the personally identifiable
information that was redacted however
the researchers say that many contain
plain text data including customer email
addresses IP addresses and geographical
locations descriptions of the customer
service and support claims cases
Microsoft support agent emails case
numbers and resolutions and internal
notes that had been marked as
confidential hmm while this may seem
like no big deal considering the number
of breaches many of which affecting even
more users the thing to consider here is
that Microsoft support scams are already
rampant and it doesn't take a genius to
work out how valuable actual customer
information could be to the fraudsters
carrying out such attacks and it puts
users at a severe disadvantage and risk
of being exploited by someone pretending
to be the very company they trust
Microsoft Security Response Center
posted a response dated January 22nd
2020 in that post they confirmed that
the exposure of the database started on
December 5th 2019 as a result of
misconfigured security rules and was
fixed on December 31st it's not known at
this point if the databases were
accessed but it seems very very likely
since whitehat security researchers
picked up on the issue and even
replicated its data to their own servers
it's very likely bad actors also got
their hands on it based yet another yeah
yeah just another what is going on at
Microsoft well like what do you say it's
like yeah it's that's a disheartening
story so I guess what it comes down to
is the the only thing we can say I mean
sure you're face palming I'm disgusted
you as as potential victims need to
understand that you just need to be very
very conscious that this has happened
you have to be very conscious that
phishing scams and now spear phishing
scams exist so these are now they have
your information you have a Microsoft
account right you've contacted their
support or activated software so now
somebody can call you and say I'm
calling from Microsoft and I've got your
case number here and blah blah blah and
I've got enough evidence on this piece
of paper to be able to prove to you that
I am who I say I am right just like the
last time we spoke when we offered you
this and this yes remember that yeah I
remember the time that you call just a
couple of weeks ago and we talked about
this and that oh yeah yeah okay well we
just found out that there's another
exploit and so I need to remote into
your computer to fix that for you
exactly so all of a sudden there's this
okay wait wait wait wait wait wait hold
up
so here's what you need to do hang up
the phone yes okay Microsoft does not
phone its users Microsoft will not offer
you support that's not the industry that
they are in that's right that's not how
they work and so just understand that
and maybe if you just at least at least
make yourself critical enough to be able
to say Microsoft does not offer this
service if you can just say that to
yourself then maybe that's enough to
protect you so that when that call comes
in or when that email comes in that you
just don't click it last week we learned
as well last week we learned that a new
form of cookie attack is allowing
hackers to compromise PayPal accounts
just by you clicking on a link that
takes you to a site that creates the
session and then you can close that and
come back to it two weeks later and
login to the legitimate paypal.com
website and boom they've got your
information so we know that if you just
fall for it enough to click the link
they could have put something on your
computer that's enough to get you next
time so even if you don't fall for it
this time maybe you click the link and
you don't give them your information but
you clicked the link don't click the
link right stop yourself at that point
and realize Microsoft doesn't offer this
service I am NOT gonna click a link in
an email that says log into my Microsoft
account or any Microsoft service so
understand that's office 365 that's
exchange that's that's your like your
what is it Microsoft online even Xbox
whatever Xbox 360 online or whatever all
that stuff oh yeah all that stuff
Microsoft online account for for your
minecraft and like all these things
you're compromised yeah so don't trust
anything that comes in now
yes and that's that's a blanket
statement don't trust anything now you
have to decide you have to go to your
bank website and log in correctly you
don't you ever don't ever click a link
that takes you there and never don't
Google it don't search it and Bing don't
don't type it in the search
don't type your bank's name in the
search and click the first link on the
results no you type in your people do
that yeah and those same people get
compromised not to create false hope but
this is too huge not to mention
other cancers in lab tests the findings
published in Nature immunology have not
yet been tested in patients but the
researchers say that they have enormous
potential experts are saying that
although the work was still at an early
stage it is very exciting our immune
system is our body's natural defense
against infection but it also attacks
cancerous cells the scientists were
looking for unconventional and
previously undiscovered ways the immune
system naturally attacks tumors what
they found was a t-cell inside people's
blood this is an immune cell that can
scan the body to assess whether there is
a threat that needs to be eliminated the
difference is that the one in particular
that they discovered can seemingly
attack a wide range of cancers
researcher professor Andrew Sewall says
quote there is a chance to treat every
patient previously nobody believed this
could be possible it raises the prospect
of a one-size-fits-all cancer treatment
a single type of t-cell that could be
capable of destroying many different
types of cancers across the population
end quote
the discovered t-cell was able to kill a
wide range of cancerous cells in in the
lab including lung skin blood colon
breast bone prostate ovarian kidney and
cervical cancer cells Wow crucially it
left normal tissues untouched exactly
how it does all this is still being
explored the idea is that a blood sample
would be taken from a cancer patient the
t-cells in the sample would be extracted
and genetically modified so that they
were they were reprogrammed to make the
cancer finding receptor the upgraded
cells would be grown in vast quantities
in the laboratory and then put back into
the patient Daniel Davis a professor of
immunology at the University of
Manchester said quote at the moment this
is very basic research and not close for
two actual medicines for patients there
is no question that is a very exciting
discovery both for advancing our basic
knowledge about the immune system and
the possibility of future new medicines
more safety checks will be needed before
human trials can begin I like this this
isn't necessarily a text story but it's
a human interest story that is here
because of tech yeah the advancements
that we have made in science to be able
to get to the point where it's like what
else is there let's explore the body
even further let's alter this cell and
see what happens
yeah and boom suddenly we're going is
this it that is so cool exactly
the truth of the matter is right now
cancer treatments are just they seem so
barbaric right now they're life-saving
but they're super intrusive so I mean
you know the chemotherapy surgery the
things that that are just really
radiation things that are really
detrimental to the human body just to
keep it alive
you can have
an immune response against cancer that
that just annihilates any trace of it I
just cannot wait I don't really like
does anyone else feel that like a
excitement and the anticipation like
could it be like could that be possible
and all they're doing is taking the
t-cell that you already produce out and
they're just replicating it like they're
kind of growing more their own they're
altering it to put it in the receptor to
find the cancer cells so that's a bit of
a genetic modification and then they're
culturing more so there can't be adverse
reactions because it's your own sure I
mean I don't understand the science I
can't pretend to understand the science
but I know there was a time in our
history when penicillin didn't exist and
when and when it was discovered if you
will know it was a mistake yeah but so
when it was accidentally discovered how
earth-shatteringly like how many lives
were saved how many lives were improved
because of it it's you know what I was
having a conversation with one of my
clients the other day and her older
siblings were born before penicillin oh
wow he said the reason I'm not deaf
is because penicillin existed for me and
not for my brothers Wow right so
heartbreaking right yet at the same time
it's like dawn of a new era yeah right
it's very cool so are we at that point
with cancer I don't think we are but I'm
hopeful I'm like I'm so hopeful in
humanity and and our our ability to
accomplish that because I just want that
yeah that's a good news story yes
big thanks to Roy W Nash Jacob and our
community of viewers for submitting
stories us this week thanks for watching
the category-five TV newsroom don't
forget to Like and subscribe for all
your tech news with a slight Linux bias
and if you appreciate what we do become
a patron at patreon.com slash newsroom
from the category-five TV newsroom I'm
Sasha Rickman and I'm Robbie Ferguson
and I'm Jeff Weston it's been great
having you here
with us this week folks thank you so
much for joining us and we look forward
to seeing you again next week don't
forget though before we sign off to make
sure you subscribe to us on our I mean
follow us on Twitter we're at category 5
TV I'm personally on Twitter at Robbie
Fergus and you can follow all the
exploits of my culinary delights for
example and and see selfies of me
bouncing around on trampolines with my 9
year old son so that's that's at robbie
ferguson and that's a lot of fun
we're also on facebook we're on youtube
we're everywhere on the Internet just do
a search for category 5 technology TV
and we will be there we look forward to
having you part of this community
thanks everybody