Categories
Admin Consumer Interest Consumer Tech Firewall Home Computing Linux Scams Security Spam Web Site Technologies

Types of Cyberattacks and other terms from the world of cyber security

Intro

It’s convenient to name drop different types of cyber attacks at a party. I often struggle to name more than a few. I will try to maintain a running list of them.

But I find you cannot speak about cybersecurity unless you also have a basic understanding of information technology so I am including some of those terms as well.

As I write this I am painfully aware that you could simply ask ChatGPT to generate a list of all relevant terms in cybersecurity along with their definitions – at least I think you could – and come up with a much better and more complete list. But I refuse to go that route. These are terms I have personally come across so they have special significance for me personally. In other words, this list has been organically grown. For instance I plowed through a report by a major vendor specializing in reviewing other vendor’s offerings and it’s just incredible just how dense with jargon and acronyms each paragragh is: a motherlode of state-of-the-art tech jargon.

AiTM (Adversary in the Middle)
Baitortion

I guess an attack which has a bait such as a plum job offer combined with some kind of extortion? The usage was not 100% clear.

BYOVD (Bring Your Own Vulnerable Driver)
Clickfix infection chain

Upon visiting compromised websites, victims are redirected to domains hosting fake popup windows that instruct them to paste a script into a PowerShell terminal to fix an issue.

Collision attack

I.e., against the MD5 hash algorithm as done in the Blast RADIUS exploit.

Credential Stuffing Attack

I.e., password re-use. Takes advantage of users re-using passwords for different applications. Nearly three of four consumers re-use password this way. Source: F5. Date: 3/2024

Data Wiper
Authentication Bypass

See for instance CVE-2024-0012

Evasion

Malicious software built to avoid detection by standard security tools.

Password spraying

A type of attack in which the threat actor tries the same password with multiple accounts, until one combination works. 

Port Scan
Host Sweep
Supply Chain attack
Social Engineering
Hacking
Hacktivist

I suppose that would be an activitst who uses hacking to further their agenda.

Living off the land
Data Breach
Keylogger
Darknet
Captcha
Click farms
Jackpotting

This is one of my favorite terms. Imagine crooks implanted malware into an ATM and were able to convince it to dispense all its available cash to them on the spot! something like this actually happened. Scary.

Overlay Attack

Example: When you open a banking app on your phone, malware loads an HTML phishing page that’s designed to look just like that particular app and the malware’s page is overlaid on top.

Payment fraud attack

In a recent example, the victim experienced “multiple fraudulently induced outbound wire transfers to accounts controlled by unknown third parties.”

Skimmer
bot
Anti-bot, bot defense
Mitigation
SOC
Selenium (Se) or headless browser
Obfuscation
PII, Personally Identifiable Information
api service
Reverse proxy
Inline
endpoint, e.g., login, checkout
scraping
Layer 7
DDOS
Carpet bombing DDOS attack

Many sources hitting many targets within the same subnet. See:

https://www.a10networks.com/blog/carpet-bombing-attacks-highlight-the-need-for-intelligent-and-automated-ddos-protection/#:~:text=Carpet-bombing%20attacks%20are%20not,entire%20CIDR%20or%20multiple%20ASNs.

SYN flood
DOS
Visibility
Automation
Token
Post
JavaScript
Replay
Browser Fingerprint
OS
Browser
GDPR
PCI DSS
AICPA Trust Services
Grandparent scam

A social engineering attack where scammers target grandparents by pretending to be a grandchild in a bind.

GUI
(JavaScript) Injection
Command Injection
Hotfix
SDK
URL
GET|POST Request
Method
RegEx
Virtual Server
TLS
Clear text
MTTR
RCA
SD-WAN
PoV
PoC
X-Forwarded-For
JSON
Client/server
Threat Intelligence
Use case
Carding attack
Source code
CEO Fraud
Phishing
Vishing

(Voice Phishing) A form of cyber-attack where scammers use phone calls to trick individuals into revealing sensitive information or performing certain actions.

Business email compromise (BEC)
Deepfake
Threat Intelligence
Social engineering
Cybercriminal
SIM box
Command and control (C2)
Typo squatting
Voice squatting

A technique similar to typo squatting, where Alexa and Google Home devices can be tricked into opening attacker-owned apps instead of legitimate ones.

North-South
East-West
Exfiltrate
Malware
Infostealer
Obfuscation
Antivirus
Payload
Sandbox
Control flow obfuscation
Buffer overflow
Use after free
Indicators of Compromise
AMSI (Windows Antimalware Scan Interface)
Polymorphic behavior
WebDAV
Protocol handler
Firewall
Security Service Edge (SSE)
Secure Access Service Edge (SASE)
Zero Trust

Zero Trust is a security model that assumes that all users, devices, and applications are inherently untrustworthy and must be verified before being granted access to any resources or data.

Zero Trust Network Access (ZTNA)
ZTA (Zero Trust Architecture)
Zero Trust Edge (ZTE)
Secure Web Gateway (SWG)
Cloud Access Security Broker (CASB)
Remote Browser Isolation (RBI)
Content Disarm and Reconstruction (CDR)
Firewall as a service
Egress address
Data residency
Data Loss Prevention (DLP)
Magic Quadrant
Managed Service Provider (MSP)
0-day or Zero day
User Experience (UX)
Watermark
DevOps
Multitenant
MSSP
Remote Access Trojan (RAT)
SOGU

2024. A remote access trojan.

IoC (Indicators of Compromise)
Object Linking and Embedding
(Powershell) dropper
Backdoor
Data Bouncing

A technique for data exfiltration that uses external, trusted web hosts to carry out DNS resolution for you

TTP (Tactics, Techniques and Procedures)
Infostealer
Shoulder surfing
Ransomware
Pig butchering

This is particularly disturbing to me because there is a human element, a foreign component, crypto currency, probably a type of slave trade, etc. See the Bloomberg Businessweek story about this.

Forensic analysis
Sitting Ducks

An entirely preventable DNS hijack exploit. See https://blogs.infoblox.com/threat-intelligence/who-knew-domain-hijacking-is-so-easy/

Attack vector
Attack surface
Economic espionage
Gap analysis
AAL (Authentication Assurance Level)
IAL (Identity Assurance Level)
CSPM (Cloud Security Posture Management)
Trust level
Network perimeter
DMZ (Demilitarized zone)
Defense in depth
Lateral movement
Access policy
Micro segmentation
Least privilege
Privilege Escalation (PE)
Breach
Intrusion
Insider threat
Cache poisoning

I know it as DNS cache poisoning. If an attacker manages to fill the DNS resolver’s cache with records that have been altered or “poisoned.”

Verify explicitly
Network-based attack
Adaptive response
Telemetry
Analytics
Consuming entity
Behavior analysis
Authentication
Authorization
Real-time
Lifecycle management
Flat network
Inherent trust
Cloud native
Integrity
Confidentiality
Data encryption
EDR (Endpoint Detection and Response)
BSOD (Blue Screen of Death)

Everyone’s favorite Windows error!

BSI (Bundesamt für Sicherheit in der Informationstechnik)

German Federal Office for Information Security (Bundesamt für Sicherheit in der Informationstechnik)

ICS (Industrial Control System)
Reverse shell

A text-based interfaces that allow for remote server control.

Crypto Miner
RCE (Remote Code Execution)
Threat Actor
APT (Advanced Persistent Threat)
Compromise
Vulnerability
Bug
Worm
Remote Access VPN (RAVPN)
XDR (Extended Detection and Response)
SIEM (Security Information and Event Management)
User Entity Behavior Analytics (UEBA)
Path traversal vulnerability

An attacker can leverage path traversal sequences like “../” within a request to a vulnerable endpoint which ultimately allows access to sensitive files like /etc/shadow.

Tombstoning
Post-exploit persistence technique
Volumetric DDoS
MFA bomb

Bombard a user with notifications until they finally accept one.

Use-after-free (UAF)

use-after-free vulnerability occurs when programmers do not manage dynamic memory allocation and deallocation properly in their programs.

Cold boot attack

A cold boot attack focuses on RAM and the fact that it is readable for a short while after a power cycle.

Random Prefix Attack

A type of DNS attack. https://developers.cloudflare.com/dns/dns-firewall/random-prefix-attacks/

Famous named attacks

Agent Tesla
Cloudbleed
Heartbleed
log4j
Morris Worm

Explanations of exploits

Famous attackers

APT29 (Cozy Bear)

A Russia-nexus threat actor often in the news

Volt Typhoon

2024. A China-nexus threat actor

IT terminology

2FA (2 Factor Authentication)
802.1x
ACL (Access Control List)
AD (Active Directory)
ADO (Azue DevOps)
AFK (Away From Keyboard)
AGI (Artificial General Intelligence)

AGI is the theory and development of computer systems that can act rationally.

ANN (Artificial Neural Network)
Ansible

I would call it an open source orchestrator.

anti-aliasing

When you smooth out color in neighboring pixels.

anycast
apache

A formerly popular open source web server which became bloated with features.

APM (Application Performance Management)
ARIN
ARM

A processor architecture from ARM Corporation, as opposed to, e.g., x86. Raspberry Pis use ARM. I think Androids do as well.

ARP (Address Resolution Protocol)
ASN (Autonomous System Number)

Each AS is assigned an autonomous system number, for use in Border Gateway Protocol routing

ASN.1 (Abstract Syntax Notation One)

A standard interface description language (IDL) for defining data structures that can be serialized and deserialized in a cross-platform way.

ASPA (Autonomous System Provider Authorization)

An add-on to RPKI that allows an ASN to create a record that lists which ASNs can be providers for that ASN. The concepts are “customer” (an ASN) and “providers” (a list of ASNs). This is used to do hop by hop checking of AS paths.

ASR (Aggregation Services Router)

A high-end Interent router offered by Cisco for business customers.

AV (anti-virus)
AWS (Amazon Web Services)
Azure AD
BGP (Border Gateway Protocol)
Blast Radius

One of those dreadully overused terms borrowed from the military that mostly only marketing people like to throw around. It means what you think it might mean.

Blue Team – see Red Team
BOM (Bill of Material)
Boot start

A flag for a driver in Windows that tells it to always start on boot.

broadcast
Browser
BSI (The German Federal Office for Information Security)
BYOD (Bring Your Own Device)

I.e., when employees are permitted to use their personal smartphone to conduct company business.

BYOL (Bring Your Own License)

F5 permits this approach to licensing one of their cloud appliances.

CA (Certificate Authority)
CDN (Content Distribution Network)
CDP (Cisco Discovery Protocol)

This protocol allows devices connected to switch ports to learn what switch and which switch port they are connected to. It is a layer 2 protocol.

CGN (Carrier Grade NAT)

The address space 100.64.0.0/10 is handled specially by ISPs for CGN. RFC 6598

CHAP
Chatbot

A computer program that simulates human conversation with and end user.

CI (Configuration Item)
CI/CD

An ITIL term referring to the object upon which changes are made.

CISA (Cybersecurity and Infrastructure Security Agency)
CISO (Chief Information Security Officer)
CMDB (Configuration Management Database)
CMO (Current Mode of Operations)
CNN (Congruential Neural Network)
Computer Vision

A field of AI that leverages machine learning and neutral networks to enable machines to identify and understand visual information such as images and videos.

CPE (Customer Premise Equipment)
CSR (Certificate Signing Request)
CUPS (Common Unix Printing Systems)
Customer Edge (CE)
CVE

CVEs, or Common Vulnerabilities and Exposures, are a maintained list of vulnerabilities and exploits in computer systems. These exploits can affect anything, from phones to PCs to servers or software.  Once a vulnerability is made public, it’s given a name in the format CVE–. There are also scoring systems for CVEs, like the CVSS (Common Vulnerability Scoring System), which assigns a score based on a series of categories, such as how easy the vulnerability is to exploit, whether any prior access or authentication is required, as well as the impact the exploit could have.

CVSS (Common Vulnerability Scoring System)

Part of CVE lingo.

DAST (Dynamic Application Security Testing)
Data at rest
Data in motion
Data Plane

A physical security appliance separates data traffic from its management traffic, which transits the managemenbt plane.

Data Remanence

The residual representation of data that remains even after attempting to erase or initialize RAM.

DDI (DNS, DHCP and IP address management)
Deep Learning

A subset of machine learningthat focus on using deep neural networks with multiple layers to model complex patterns in data.

Deepfake

A manipulated video or other digital representation produced by sophisticated machine-learning techniquies that yield seemingly realistic, but fabricated images and sounds.

DHCP (Dynamic Host Control Protocol)
DLL
DLP (Data Loss Prevention)
DNS (Domain Name System)
DNSSEC (Domain Name System Security Extensions)
Docker
DoH (DNS over HTTPS)
Domain
DRM (Digital Rights Management)
EAP
East-West

Data movement with a data center, I believe, as oppose to North-South.

EBITDA (Earnings Before Interest, Taxes, Depreciation and Amortization)

Hey, an IT person needs to know some business terminology!

Eduroam
Enhanced Factory Reset (EFR)
Entra

From Microsoft. The new name for Azure AD

EU AI Act
EULA (End User Licnese Agreement)
Exact Data Matching (EDM)
FAQ (Frequently Asked Questions)
FEX (Fabric Extender)
FIFO (First in, First Out)
FMO (Future Mode of Operation)

As opposed to CMO.

FN (False Negative)
Forensics
FOSS (Free and Open Source Software)
FP (False Positive)
Fritz!Box

A popular home router in Germany.

GA (General Availability)
GBIC

A type of fiber optic transceiver that converts electric signals to optical signals.

GCP (Google Cloud Provider)
GDPR (General Data Protection Regulation)

An EU directive to achieve data privacy.

Generative AI

AI which can create new human-quality content, including text, images, audio or video.

GMT – see UTC
GRE
GSLB (global Server Load Balancing)
GUI (Graphical User Interface)
HA (High Availability)
Hallucination

When an LLM perceives patterns that are non-existent creating nonsensical or inaccurate outputs.

Hands and Eyes

When you don’t have physical access to a server, you need someone who does to be this for you.

HIBP (Have I Been Pwned)

https://haveibeenpwned.com/

HPC (High Performance Computing)
HSM (Hardware Security Module)
HTML (HyperText Markup Language)

I started with version 0.9!

Hypervisor
IaaS (Infrastructure as a Service)

E.g., brining up a VM on AWS.

IANA (Internet Assigned Numbers Authority)
ICANN (Internet Corporation for Assigned Numbers and Names)
ICS
IDE (Integrated Development Environment)
IdP (Identity Provider)
IDS (Intrusion Detection System)
Incident Response Team

Variations include: Computer emergency Response team, Security incident Response Team, etc.

IPAM (IP Address Management)
IPI (IP Intelligence)

At least in the world of F5 this means IP Intelligence, i.e., the reputation of a given IP address.

IPS (Intrusion Prevention System)
IPSEC
IPv6 (Internet Protocol version 6)
ISO 9001
ISP (Internet Service Provider)
ITIL (IT Infrastructure Library)
Kanban

Agile way of tracking progress on tasks and brief meetings.

Kerning

Adjusting the spacing between letyters in a proportional font.

Kernel mode
Kubernetes
L2TP (Layer 2 Tunneling Protocol)
L3, L4, L7 (Layer 3, Layer 4, Layer 7)

Refers to ISO 7-layer traffic model.

LAMP (Linux Apache MySQL and PHP)

An application stack which gives a server needed software to do “interesting things.”

LaTEX

A markup language based on TEX I used to use to write a scientific paper. I think it gets transformed into a DVI, and then into a postscript file.

LEC (Local Exchange Carrier)
LLD (Low Level Design)
LLD (Low Level Discovery)

A command-line browser for unix systems.

LLDP (Link layer Discovery Protocol)

See also CDP

LACP (Link Access Control Protocol)
Link
Linux

An open source OS similar to Unix.

LLM (Large Langiuage Model)
lynx

A command-line browser for linux systems.

MAC (Media Access Control) Address

Layer 2 address of a device, e.g., fa-2f-36-b4-8c-f5

Machine Learning

A subfield of AI that deals with creating systems that can learn from data and improve their performance without explicit programming.

Management Plane

See Data Plane.

Mandiant
MD5 (Message Digest 5)
MDM (Mobile Device Management)

Management software used to administer smartphones and tablets.

MFA (Multi Factor Authentication)
MITRE ATT&CK
Modbus protocol
MS-CHAPv2
MSS (Maximum Segment Size)

Set by a TCP option in the beginning of the communcation.

MTU (Maximum transmission unit)

Often 1500 bytes.

multicast
Named pipes

I read it’s a Windows thing. huh. Hardly. It’s been on unix systems long before it was a twinkle in the eye of Bill gates. It acts like a pipe (|) except you give it a name in the filesystem and so it is a special file type. It’s used for inter-process communication.

NDA (Non-Disclosure Agreement)
.NET
NGFW (Next Generation FireWall)

Palo Alto Networks describes their firewalls this way.

NGINX

A web server that is usually superioir to apache for most applications.

NLP (Natural Language Processing)

A branch of AI that uses machine learning to enable computers to understand, interpret, and respond to human language.

NOC (Network Operations Center)
North-South

Data movement from/to the data center. Also see East-West.

NSA (National Security Agency)
OAuth bearer token

A security token with the property that any party in possession of the token (a “bearer“) can use the token in any way that any other party in possession of it can.

OCR (Optical Character Recognition)
Offensive Security – see Red Team
OpenRoaming
openssl

A common open source implementation of SSL/TLS.

OS (Operating System)
OSFP (Open Shortest Path First)
OSS (Open Source Software)
OT (Operational Technology)
OWASP (Open Worldwide Application Security Project)

An online community that produces freely available articles, methodologies, documentation, tools, and technologies in the fields of IoT, system software and web application security.

PAP
Patch
PaaS (Platform as a Service)
PBR (Policy Based Routing)
PDF (Portable Document File)
PDU (Protocol Data Unit)
PEM (Privacy Enhanced Mail)

The format certificates are normally stored in.

PII (Personally Identifiable Information)
PKCS (Public Key Cryptography Standard)
PKI (Public Key Infrastructure)
PLC (programmable logic controller)
PM (Product Manager)

Could also be Project Manager but for me it usually means Product Manager.

PO (Purchase Order)
POC (Point of Contact)
POC (Proof of Concept)
Port Channel
Portable Executable (PE)
POV (Proof of Value)
Private Cloud
Prompt Engineering

The practice of crafting effective prompts that elicit high-quality answers from generative AI tools.

PS (PostScript)

A file type I used to use. It is a vector-oriented language, stack-based, which tells the printer how to move its ink pens around the page. Before there was PDF, there was postscript.

PS (PowerShell)

A versatile scripting language developed by Microsoft and available on all Windows computers.

PTO (Paid Time Off)
Purple Team

Purple teams combine red team and blue team functions. See Red Team.

Python

A popular programming language, not the snake.

QSFP (Quad Small Form factor Pluggable)

A newer kind of SFP.

Rack Unit
RADIUS
RAG (Retrieval Augmented Generation)

A method to train LLMs.

Ray

An open-source unified compute framework used by the likes of OpenAI, Uber, and Amazon which simplifies the scaling of AI and Python workloads, including everything from reinforcement learning and deep learning to tuning and model serving.

RBAC (Role-Based Access Control)
RDP (Remote Desktop Protocol)
Red Team

 In a red team/blue team exercise, the red team is made up of offensive security experts who try to attack an organization’s cybersecurity defenses.

Redirect
Remediation

Addressing a security flaw.

Remote Desktop Licensing (RDL) services

Often deployed on Windows severs with Remote Desktop Services deployed.

Retrieval-Augmented Generation (RAG)
Reverse Proxy

A TCP gateway which terminates a tcp connection and maintains a separate tcp connection to a back-end server.

RFC (Request for Comment)
RFI (Requst for Information)
RFO (Reason for Outage)
RFP (Request for Proposal)
RFQ (Request for Quote)
RIPE
RIR (Regional Internet Registry)
RMA (Return Merchandise Authorization)

You hear this a lot when It guys need to get a replacement for failed equipment.

ROA (Route Origin Authorization)
ROCE (Return on Capital Employed)

Hey, an IT person has to know a few business terms!

RPKI (Resource Public key Infrastructure)

Provides a way to connect Internet number resource information to a trust anchor.

RPi (Raspberry Pi)

A popular small, inexpensive server aimed at the educational crowd.

RPZ (Response Policy Zone)

A concept in DNS for either a DNS firewall or way to overwrite DNS responses.

RR (Resource Record)
RSA

Asymmetric encryption standard named after its creators, Ron Rivest, Adi Shamir and Leonard Adleman.

RTFM (Read The “flippin'” Manual)
SaaS (Software as a Service)
SAML
SANS

Private outfit in the US which specializes in information security and cybersecurity training.

Sans-Serif

A font type which does not have the fancy rounded blobs at the tips of the letter, such as Helvetica.

SASE (Secure Access Service Edge)
SCADA
SDWAN (Software defined WAN)
SEO (Search Engine Optimization)
SFP (Small Form factor Pluggable)

A type of optic transceiver that converts electric signals to optical signals.

SGML (Standard Generalized Markup Language)

If you ask the French they proudly point to this as the predeccesor to the more widely known HTML.

SFTP (Secure file Transfer Protocol)
SHA (Secure Hash Algorithm)
SIEM (Security Information and Event Management)
SRE (Site Reliability Engineer)
SMTP (Secure Mail Transfer Protocol)
SNI (Server Name Indication or similar, I think)

When multiple HTTP[S web sites whare a single IP this technology can be used to identify which certificate to send to a requester.

Spoofing

When a source IP address is faked.

SSH
SSL (Secure Socket Layer)
SOC (System on a Chip)

I believe the RPi is described to be this.

SOC (Security Operations Center)
SSL (Secure Sockets Layer)
SSL labs

A Qualys (so you know it has to be good quality) service where you can test a web site’s SSL certificate.

SSO (Single Sign On)
Steal with Pride

To unashamedly build on someone else’s work.

SVI (Switch virtual Interface)

A layer 3 on-switch routing between vlans on that switch. It’s a Cisco thing.

TAC (Technical Account or something?)
TAM (Technical Account Manager)

Another Cisco term.

Cisco uses this term a lot.

TCP (Transport Control Protocol)
Telnet
Terraform
The epoch

The first moment of January 1st, 1970

TI (Threat Intelligence)
TLP (Traffic Light Protocol)
TLS (Transport Layer Security)
udev rules

udev rules in Linux are used to manage device nodes in the /dev directory. Those nodes are created and removed every time a user connects or disconnects a device.

UI5

SAP’s UI for HTML 5.

Unit testing
UPS (Uninterruptible Power Supply)
URL
UTC (Universal Time Coordinated)

What used to be called GMT.

VLAN
VM (Virtual Machine)
VMWare

Will Broadcom destroy this company the way they did to Bluecoat/Symantec?

VNC (Virtual Networking Computer)

VNC is a software used to remotely control a computer.

VPC (Virtual Private Cloud)
vPC (Virtual Port Channel)

A virtual port channel (vPC) allows links that are physically connected to two different Cisco FEXes to appear as a single port channel by a third device.

VPN – Virtual Private Network
WAF (Web Application Firewall)
Webhook
Website
Wiki

A less formal and usually more collaborative approach to documentation, the prime example being Wikipedia.

Windows PE or Win PE

A small OS for repairing or restoring Windows systems.

WWW (World Wide Web)
x86

A type of processor architecture. Found in most Windows PCs.

YAML
YARA
Categories
Consumer Interest Consumer Tech

Consumer Tech: How I fixed my Samsung Galaxy A51 Black Screen of Death

Intro

After its customary overnight charging my A51 simply showed me a black screen in the morning. Yet I felt something was there because when I plugged it into the computer’s USB port the device was recognized. I was very concerned. But I did manage to completely fix it!

The symptoms

So various sites address this problem and give somewhat different advice. I sort of needed to combine them. So let’s review.

  • Black screen
  • Holding power button down for any length of time does nothing
  • plugging in to USB port of computer shows A51 device
What kind of works, but not really

Yes it’s true that holding the power button and volume down button simultaneously for a few seconds (about three or four) will bring up a menu. The choices presented are

  • Restart
  • Power off
  • Emergency Call

There’s no point to try Emergency Call. But when you try Restart you are asked to Restart a second time. Then the screen goes black again and you are back to where you started. If you choose Power off the screen goes black and you are back to where you started.

What actually works

Continue to hold the power button and volume down button simultaneously – ignore the screen you get mentioned above. Then after another 15 seconds or so it displays a lightning bolt inside a cricle. And if you keep holding that will disappear and you have a black screen. Keep holding and the lightning bolt appears, etc. So let them go. I don’t think it matters at which stage.

Now hopefully you have realy powered off the phone. So then hold the power button for a few seconds like you do to start the phone after it’s been powered off. It should start normally now.

As the other posts say, when you see Samsung on your screen you know you are golden.

Conclusion

I have shared what worked for me recover my Samsugn Galaxy A51 from its Black Screen of Death.

Categories
Consumer Tech Web Site Technologies

Starlink Internet service: a first look: UPDATED

Intro

Many of us were quite enthusiastically awaiting the availability of SpaceX’s Starlink Internet service. On paper it sounded promising. the first results came in and the reality was far less impressive, but the update I got yesterday (July 2023) is that the service got better and better.

July 2023 Update

I guess they continued to add more satellites making the coverage better and better. When there is an outage it is only for a second – short enough for even real-time media to easily recover.

The original post, written when the service was newer, is below.

The details

I do not have this service but spoke with someone who does. He lives in Puerto Rico where the broadband option are limited. There’s the local cable company, then maybe some boutique services where you use microwave dishes, and this year, finally, Starlink. He had just a couple users on it. I think the net results are that it basically works, but with a big caveat. It sucks for real-time communication. And that’s precisely what he needed it for.

So you know when you’re streaming a movie, that downloads the movie in six(?) second chunks, so it’s a bit robust in the face of brief outages. But when you’re doing web conferencing an outage is very noticeable. And that’s what they experienced, time and again. Brief outages that interrupted their real-time applications. Perhaps lasting for a few seconds, but enough to spoil the broadcast.

Then one night, knowing their cable provider, Liberty, was out, they tested it again. It seemed fine at night. But during the day next day it failed in the same way – brief, disruptive outages.

Maybe some of it is due to holes in the satellite coverage and will get better as the fleet fills out. We’re not sure at this point.

And, yes, the dish was placed in a place where the app showed something like 98% visibility to the satellites in the sky.

Some interesting screenshots of what a Starlink IP looks like in Puerto Rico
ipinfo.io
ipchicken.com
speedtest results

That speedtest looks quite good to me!

Results of Starlink app for this actual user in Puerto Rico
Running PING to google.com shows a single dropped packet
A few words from the actual user

Liberty Cable is not working even after a change of the cable modem. So this past two weeks his household has been exclusively using Starlink. In his own words:

“The single most important thing to consider when using Starlink is how obstructed your northern facing view of the sky is. I am attaching a screenshot from my Starlink app. The red shows the obstructed area. My placement is 2.5% obstructed but I still get an interruption every 4 minutes the app says. In reality it might be every 20 minutes for a few seconds. 

“While my Liberty service has been out Starlink has been a life saver for us. A second user can still do her video calls but it will freeze during those 20-ish minute intervals for a few seconds. It’s not the end of the world for her but not totally idea.


“For me, my VPN will disconnect for those same few seconds and then will reconnect. If I’m entering a trade that can be a crucial few seconds while my vpn and software reconnects, but it’s workable. 


“The Starlink app is free and available for everyone to use. I would suggest that anyone who is interested in the service to first download the app and scan the sky where they think they have the freest point of view north. They will only get purely uninterrupted service if the app registers 100% obstacle-free view. The properties that are most suited for Starlink are the ones at the top of a hill, with a field, or a roof taller than the surrounding trees, especially the trees to the north. An obstructed view like mine is perfectly suitable for streaming movies as they tend to buffer a few minutes in advance, downloading files, and surfing the web. Without a completely obstructed view of the sky, video calls, VPN connection, Remote desktop connection, and online gaming will be interrupted in a frustrating manner. 


“I am also attaching a text file of my results from running a  ping -t to google.com from my Starlink connection. This test ran for about 25 minutes. The request time outs are the times when the Starlink satellite was not able to connect due to my obstructions. However, also notice that during these times it only lost 1 ping and was immediately able to reconnect. Again, somewhat frustrating but it’s a usable product. 

And during Hurricane Fiona?

Starlink performed like a champ during the hurricane. I assumed that coverage would be spotty during the drenching downpour but the user said no he was streaming Netflix. It was just a little more spotty than usual. Now that the island is without power as I write this, his Internet service is as good as usual and the day after the hurricane was a normal (remote) work day like any other.

Conclusion

Don’t throw away your cable modem*. In general as of this writing in June 2022, Starlink is a good solution for those working from home, but be prepared to be bumped every 20 minutes or so from your video conferencing or other real time uses. And of course it’s good for surfing the web or on-demand streaming.

I don’t cnosider this the final word however. There’s still hope. I’ll update this post if the quality of service ever improves.

*Unless you’re one of the many whose cable modem service isn’t all that great to begin with.

References and related

https://en.wikipedia.org/wiki/Starlink

This is a fascinating article providing insight into how the StarLink network of satellites is being built and the problems that can occur: https://www.msn.com/en-us/news/technology/destruction-event-from-sun-annihilated-dozens-of-spacex-satellites/ar-AA11TIwE?ocid=winp1taskbar&cvid=4c9b1b5306484cdcd2ab6bf99748bf01

Categories
Consumer Tech Web Site Technologies

Consumer tech: Edge new tab in Chinese

Intro

If you’ve ever had the misfortune to access a web site in China in your Edge browser, you may find that from that point onwards all your new tab pages display in Chinese despite of your best efforts to eradicate it.

The details

I was in that same boar until today. There are many bad leads out there on the Internet. In fact I never did find the solution on the Internet. I got it from a colleague.

You click on the three dots, go to Settings and search for reset.

Do the Reset. It is a little disruptive, as i have found. It does not delete everything, but it certainly resets some things. As soon as that’s done you will no longer have new tab pages be in Chinese.

Categories
Consumer Interest Consumer Tech

Consumer tech: Android phone tip of the day

Intro

My wife was stuck while using the WW app on her Samsung A51 smartphone. She needed to lookup a nearby “studio.” We’ve all seen these forms – you enter a zipcode and up pops their nearby locations. But in this case there was a problem. No keyboard was popping up! Instead the bottom of the screen below the search field was filled with some blather which we could not get rid of to reveal the presumably hidden software keyboard.

The (kludge) solution

Please note that I am a specialist in doing things the wrong way that manage to get it done. I noticed the field still permitted long touch, and hence paste (from the clipboard). So I told her to enter the zipcode into another app such as Evernote, copy that text into the clipboard, return to the WW app and paste it into that field.

And do you know – that actually worked!

Conclusion

So if you’re in a jam and just need to fill out a field on your Android phone but your software keyboard isn’t appearing, a way out is to paste the desired content from another app such as Evernote or Onenote.

References and related

I use this one all the time: find my phone – no BS apps, just the straight-up Google URL for this built-in service.

Categories
Consumer Tech

Consumer Tech: Setting up an Echo Dot while staying at a hotel

Intro

I’m sure many people have faced this. You like to query your Echo Dot for basic information and you’d like to take it with you and work in your hotel room so you can get the local weather, etc. But then you are foiled by the setup process until you finally give up after trying to discover it as a new device numerous times.

I was in that exact situation last week. Finally I thought of something that broke me out of the discover device loop, so I wanted to share that.

But my own trick mostly does not work. So my 2024 update is to simply buy a pocket vpn router. See further below at the end of this article.

The details

A hotel will typically offer Internet, but through a “captive portal.” This means, technically, the password they provide you at the front desk is not the SSID password, but a password to their portal’s web site. So it is technically not part of the WiFi information. That’s what makes it so hard for dumb devices like the Echo Dot to get past that page.

Normally you go to your room after checking in, and you perhaps set your phone to use their WiFi after dutifully logging in to the portal page. Then you get around to setting up your Echo device. I could not manage to finish the Echo Dot configuration under those conditions last week, though I tried many times over, including manual setup.

What I realized, though, is that it might help to start clean. So I “forgot” the hotel’s SSID (WiFi) on my phone. Then I was only using 4G communication. Then I went through the Device Setup in the Alexa App on my phone. At some point you get asked which WiFi to connect to, and you get redirected to the captive portal, where you put in the information. In other words I stumbled my way through it. But then it did work.

So I’d say the upshot is to configure the Echo Dot first before setting up your phone to use the hotel’s WiFi. I’m not sure it will always work, but at least it did work once! But if you did things in the wrong order go to your WiFi settings and “forget” the hotel’s WiFi – it may have the same effect.

2nd test – successful

Since I’m supposed to be the expert I had the opportunity to try my own technique at another hotel. It was about 10 minutes of stumbling, but then it did work in the end. Maybe my tip helped, maybe not.

As I do not have the straight recipe, you have to be willing to try different things. Pay special attention to whether or not your setup device is connected to the Dot’s WiFi (amazon-dkd or something like that) or not. That’s generally a good thing. Then you have it (the Dot) search for available WiFi networks. I guess. It’s confusing. You’ll probably need to put your Dot into setup mode mulitple times. Esimated time to stumble your way through it: 10 minutes. You can decide if it’s worth it or not.

Other ways

I’m thinking about mac address emulation, i.e., temporarily emulate the MAC address of the Echo device with a more amenable device, and do the poral login. But I haven’t had time to research it. I will post it here if I ever figure that out.

2024 update – give up and get a pocket vpn router

I’ve had a string of failed attempts at hotels with captive portals lately. I am going to throw in the towel and buy a pocket vpn which my boss told me about. Here’s how you use it to connect to a hotel’s WiFi login screen, AKA captive portal: https://docs.gl-inet.com/en/4/tutorials/connect_to_a_hotspot_with_captive_portal/

References and related

Probably the best solution is to buy the gl-a1300 pocket vpn router

Here’s how to set it up for a hotel’s captive portal: https://docs.gl-inet.com/en/4/tutorials/connect_to_a_hotspot_with_captive_portal/

Categories
Consumer Tech

Book Review: extraterrestrial The First Sign of Intelligent Life Beyond Earth

Intro

I don’t normally do book reviews but since someone wanted to get my thoughts on this one, I thought I would share with a broader community.

Source material

Extraterrestrial: The First Sign of Intelligent Life Beyond Earth: Loeb, Avi: 9780358278146: Amazon.com: Books

Let’s get into it

This book is mainly about what to make of the very unusual sighting of an object which came from outside our solar system in 2017, dubbed ‘Oumuamua.

This book is written at a very simple level – perhaps fifth grade or sixth grade? So I guess it’d be a great addition to a middle school library. I was aching for some more details.

I’m actually ready and willing to ‘believe.” For me the main thing was the paucity of facts presented.

The biggest failing of the author is to fail to be so guarded! Professor Avi, you are uniquely qualified to spin any plausible story about this object. Surely you have thought of many origin stories for this thing. Why not share them? This is a book, after all, not a scientific publication. We won’t peer review you for daring to create a plausible backstory for this object.

For me to make my points I have to give some background so everyone sees what I am seeing.

Professor Avi has this super cool lightsail project. Something like 10 GigaWatt lasers are required to send a super slender light sail up to 1/10th the speed of light.

An aside. Wouldn’t a multi Gigawatt blast create a plasma out of the atmosphere, thereby transferring its power to the air rather than the target lightsail? Maybe you overcome that by spreading the laser over a wide area. or using micosecond blasts. Not sure. And what about the reflecting rays? Can they be adequately disbursed to avoid singeing the earth?

But I digress. Sending any macro object to any fraction of the speed of light is wondrous. And dangerous. By conservation of energy I have to assume the thing at that speed would have 10? 100? gigajoules of energy (I will do the math later). Imagine the consequences of an earth-like planet being “visited” by one of those things. Either cataclysmic, or at least terrifying to those lifeforms. Yes, I know the odds of collision are infinitesimal. But they are not zero. And no way can these things be aimed with such precision to avoid that scenario altogether. Not to mention the idea is to send thousands or millions of them out. Welcome to mankind, extraterrestrials, we like to announce our entrance with a bang!

For instance, ‘Oumuamua, though it comes from outside our solar system, is at the local system of rest of the nearby stars. So that is pretty remarkable, and it means its speed is not anywhere close to a fraction of the speed of light, unlike Prof Avi’s lightsails. Why is that? This particular civilization felt they could wait around thousands of years?? Or did it start out at a fraction of the speed of light and then get decelerated as it neared its target? And if so, by what force?

And when I learned it sped up as it zoomed around the sun, I immediately thought of the analogy of our space missions which sometimes use giant planets like Jupiter to pick up speed and slingshot away faster than they had been going. Was ‘Oumuamua purposely aimed near to our sun for its boomerang effect? But it was tumbling like every eight hours. Should lightsails do that? Or does that show if it was a lightsail, it was no longer fit for purpose – inactive space junk? ‘Oumuamua trajectory deviated in the manner a lightsail might. But if it was slowly tumbling, how is that compatible with that statement? Aren’t lightsails only good for catching rays from one orientation? I actually don’t know but that’s what I would naively assume.

And it came from somewhere. if you reverse its trajectory, where did it come from? Was it an area with an inhabitable exoplanet?? Is that area receiving heightened scrutiny from SETI and company??

Going back to these lightsail things travelling at a good fraction of the speed of light, if one were to whip past us, would we even have a chance to see it? I believe it would be effectively invisible to us. How would they fare when colliding with space dust?

A manufactured lightsail would have great symmetry. The brightness profile was not a nice sine function, though close. What is the lightsail shape we can assume given the observed brightness profile fluctuation? A partially destroyed lightsail, perhaps? Where is the artist’s rendering of that?

So you see my point now? Don’t make me speculate. You’re the expert. Your speculations will be grounded in better science than anything I can dream up. So I guess Prof Avi, despite being a maverick in many ways and bucking current scientific thinking in promoting this as a thing created by alien life, reverted to the usual scientist’s conservatism in not making unprovable statements. And we are worse off because of it.

The great filter

And this term bothers me. It reads poorly. The first I heard it was from a fellow reader, and, even though I was familiar with the concept, I had to ask for a definition. A good term of art is self-explanatory. This is not a good term. Advanced civilizations probably last for only a few hundred or at best a few thousand years before they self-destruct. Looking at ourselves, we’re probably only going to get a few hundred the way we’re going. And this is supposed to be the great filter or something? I don’t have a better term, but far more clever people could come up with one I am sure. Like inevitable self-destruction, except something with more of a ring to it.

So I was asked, if this comes from an advanced civilization, is this a cause for hope, or a cause for despair? To argue the despair first, we got space junk from an advanced civilization. Probably they died out and we are left to do astroarchaeology on their junk. Not so great. But I am more hopeful. It’s incredibly difficult to target another star, they managed to do it. Maybe their lightsail had an accident or something. No worries because they sent out millions more like Prof Avi proposes to do. And, the main thing, we overlapped with them! We were advanced enough to detect another’s technology. Mostly because of the self-destruction tendencies, and the randomness of when advanced life forms, we’re not going to have any overlap with the vast majority of our fellow aliens. Their time in the sun was either way in the distant past, or will occur way in the future. That we overlapped in any way at all, probably means there are very, very many advanced civilizations, even in our stellar neighborhood, such that we had decent odds of intercepting and overlapping with one. And that gives me awe and excitement to learn about this advanced life. The hope comes from the viewpoint that these beings aren’t threatening to us. I have a naive belief that they would be trained in cultural sensitivities a la Star Trek The Next Generation or something as opposed to Independence Day, and decide not to wipe us out, nor to alter our technology (much), but more to observe us from afar. So on balance this encounter makes me hopeful.

Any insight if this was a civilization which reached the singularity? I.e., where it transferred its organic intelligence to a program in silicon or some other infinitely long-lasting, purpose-built medium??

So yes I am convinced the simplest explanation is the best one, and prof Avi’s hypothesis is by far the simplest. It raises a few questions which I would have preferred answered. And I was dying for more speculations. The speculations of an insider is worth 100 times the speculations of an outsider such as myself who doesn’t know what they don’t know!!

Philosophy

Prof Avi devotes a lot of time to philosophy. That’s all good. I didn’t learn too much from it, but I suppose others could find it useful. I don’t have an issue with it.

Resources

If I were really responsible, I’d do research, or at least read the darn book reviews on Amazon or get an answer to some of my questions on Quora or something. Probably a lot of my questions are addressed. But my time is not infinite and I’m not trying to impress anyone. As I learn more in the course of my ad hoc reading I will revise this blog with better information. And one more thing about my personal philosophy, I am writing this based solely on self-reflection and readings I’ve absorbed from years ago. I consider active research “cheating” in this regard, and I will inevitably be swayed and biased by the first educated opinion I come across.

Before reading this book, I was aware of this object from 2017 and that it was special, just based on my general reading of science news. It was only from this book that I realized how compelling the extraterrestrial case was.

Prof Avi took a few facts and made a book out of it. He should probably create a fictional but plausible back story for this object and make another book that addresses some of these basic questions.

February 2022 update

They have just discovered signs of a third exoplanet around Proxima Centauri, our nearest neighbor in the galaxy! That’s exciting. The place is only four light years away. Maybe a lightsail craft will visit it within our lifetimes.

Reference and related

Extraterrestrial: The First Sign of Intelligent Life Beyond Earth: Loeb, Avi: 9780358278146: Amazon.com: Books

An intelligent discussion of whether or not this was a lightsail: https://www.msn.com/en-us/news/technology/harvard-professor-defends-claim-that-alien-spacecraft-cruised-through-solar-system/ar-AA11PZZP?ocid=winp1taskbar&cvid=0ab827bbcc474cc38a877abc7676cce8

My cheese grater image of the 2017 eclipse.

Categories
Consumer Interest Consumer Tech Uncategorized

Screen Mirroring to Your Smart TV

With the advancements in technology, there are now many features that allow for seamless connection between devices using wireless connections. One of the things that allow this is smart TVs. Currently, the market for them is dominated by South Korean company Samsung. 39% of all sales come from them, which is a huge number in comparison to the 19% from LG and 9.3% from Sony.

There are also devices you can attach to your traditional TV to give it the functions of a smart one, so you won’t have to spend too much to upgrade. With this kind of TV, you can do many different things like stream from platforms like Netflix or Hulu, or even mirror the screen of a mobile device.

What is screen mirroring?


Screen mirroring is basically the ability to project what is on one device to a TV display. This is normally done through the internet and is comparable to connecting a laptop to a monitor using an HDMI cable. As mentioned earlier, there are different ways you can do this. Some TVs have built-in software that allows you to do this, while some use different hardware attachments.

Examples of these accessories are the Amazon Firestick, Apple TV, and Google Chromecast. The last two are some of the most popular ones on the market right now and they both have their own pros and cons. For those already in the Apple ecosystem, using the attachment from the same company will make connecting them easier. If you are looking for a cheaper alternative that can work on almost any device, the Chromecast is your best bet.

These accessories work because of their internet connection. The circuitry is specially designed to deliver signal integrity which ensures that digital and analog signals do not become distorted during propagation. Moreover, this guarantees that the signal can be recovered if temporarily lost, and that screen mirroring is smooth and won’t experience delays.

How to mirror your screen

Make sure your devices are connected to the same internet source


As the feature heavily relies on connection, the only way you can display what is on your other device is by being on the same internet source. Go to the settings of both of your gadgets and connect them to the same wi-fi line. This will make them identifiable to each other and make mirroring possible.

Read the instructions


If you are using a TV box or tool like the Apple TV or Chromecast, make sure to read the connection instructions on the manual. For example, the former requires you to use AirPlay and the manual should teach you which buttons to press on your phone or laptop. For the latter device, you might need a third-party app like the Google Home One to be able to get the accessory to mirror. Be sure to check the instructions given so you can make it a more seamless experience.

Check your Wi-Fi’s integrity


Because mirroring heavily relies on your internet, if the integrity (or speed) that your Wi-Fi is giving out is not enough or lacks bandwidth, you will have a lagging experience. Before you start, try to check the speed of your internet to be sure that it is strong enough. You can simply go on speed test sites on your browser. A good speed would be at least 25mbps, so if it is lower than that, you might not be able to connect or mirror easily.

Screen mirroring is just one-way technology has made life more connected. Gone are the days when other wires and connections were needed. The internet now enables you to perform tasks like projecting from a smaller device to a bigger one, hassle-free.

References and related

Some Firestick problems I’ve encountered are discussed in this post.

Categories
Consumer Tech

Consumer Tech: Dyson Animal vacuum cleaner stops and starts

Intro

I am kind of annoyed that my simple problem with a Dyson Animal vacuum cleaner took way more Internet research than should have been the case to resolve. I hope to spare someone else that grief.

The details

Actually this is a friend’s vacuum cleaner. I don’t think it would have played out this way had I been the exclusive user of it. She noted that it stops and starts. It goes for a few seconds and stops. Then you can start it up for a few more seconds. And so on.

More clues

This model shows the charge remaining on the battery. Still two bars out of three, so that’s good. It’s been properly charged. After examining it I get the gut feeling that the brush motor shouldn’t draw all that much power.

We also note that when the long tube is removed and its just acting as a short hand-held device, it doesn’t stop.

After doing some Internet research (not finding an exact hit for this model), I am inspired to take things apart and check all the filters. On other models the filters can do you in. This one has been very lightly used to date and so the filters are remarkably clean. No filter issue.

The solution

So I check the brush and that area. It is simply clogged with gray dirt. I begin to clear it out with my fingers – seems no easy way to do it – until all the gray dirt is gone from the brush area where it goes up into the tube.

The results

The results are in. Works like a champ now!

Comment

I am more used to a more obscure brand of vacuum cleaner, Miele. It has a simple orange status thing that visibly shows you when it can’t suck in dirt or what not due to a full bag, a clog, whatever. In addition you can pretty much hear the pitch of the motor’w whine increase when there’s a clog. With the Dyson I didn’t notice that pitch change, nor was there any indicator of a cloged system. So Dyson’s design is faulty.

Conclusion

A Dyson Animal vacuum cleaner was only running for a few seconds at a time. After a few more seconds it could run again. The power level showed two of three led bars. The filters were all clean, but the brush head was clogged with dirt. Cleaning that out fixed everything nicely.

Dyson’s design has to be faulted for not making this clogged situation more evident. Strange, coming from a company which obviously prides itself on its innovative design.

Categories
Consumer Tech

Consumer Tech: Netflix video and audio out of sync using Firestick

Intro

While watching Mad Men last night on IMDB we saw a terribly annoying audio delay – probably about three seconds after the video. Then it cuts to the commercials and they were perfectly in sync. Then back to the show – still a 2 – 3 -second delay. Is it the brand of TV? We use a Firestick plus a Samsung LCD TV.

The solution

Well, my first inclination was to look for audio settings on either the TV or the Amazon Firestick which might be set to delay audio. I had such a setting on an old sound system, though I think it was only for a sub-second delay. But, there are no such settings on either Firestick or Samsung TV, so that’s not it.

An Internet search proved not too useful.

What I eventually realized – the in-sync commercials was a hint – is that I could rewind the show a tiny bit, and that might pop it back into sync. And…it did!

How it happens

I think it happens when I pause a show one night, to return to it a later time. It remembers where I was, which is great. But it sometimes gets out of sync this way. I have seen this with Netflix and IMDB. The common element seems to be the Firestick.