Mind Your Step: A New Rant Series

by phorneker

In my last article on Ruby, I mentioned the phrase mind your step a couple of times. Where did this come from?

Mind your step is another way of saying "watch your step", or of saying "be careful".

If you have ever taken a flight to or from Amsterdam, this phrase should be familiar. It is the prerecorded message played continuously through speakers located at the end points of the moving walkways between terminals. In fact, this is one of the things that makes Amsterdam's Schiphol airport famous.

BTW, The name Schiphol is pronounced as skip-hole.

Also, Mind Your Step happens to be the name of their integrity program for those employed at the airport, and for those doing business with the airport. This means that complete integrity is expected in everything that happens at that airport, hence the name "mind your step" for the program.

Source:
https://www.schiphol.nl/en/schiphol-group/page/code-of-conduct-integrity-guidelines-compliance-and-supplier-code/

...and on that note, I would like to begin this series with a statement on integrity.

Capital One Data Breach

It seems there has been a data breach every week. What happened at Capital One was no exception.

There is one difference, however. Unlike most recent data breaches, the perpetrator of this data breach is a former software engineer at Amazon.

This could well be the first time anyone was caught committing a cybercrime. This news supports my speculation as to who is really behind these cybercrimes.

It is enough that Amazon has Alexa-powered devices have been known to listen in on personal conversations. But what the h*** was a former software engineer at Amazon doing in a Capital One customer database?

While the latter has nothing to do with Amazon, what evidence we do have does not necessarily prove that Amazon was somehow involved in this data breach? There is no proof that Amazon was not involved either, but the connection here is enough to warrant suspicion about Amazon.

It is that very suspicion that caused the European Union to prosecute the major tech companies for various misdeeds (especially those that breach our trust) over the past two decades.

Why De-Googling is not effective

Amazon is not the only company that can be placed under suspicion. It is no secret that Google and Facebook have had their share of integrity issues.

So how come they are still popular? While we may know how to exit Google and Facebook services, there is still a majority of the world's population that is not aware of how to get around these problems, not to mention that most (if not all) of the Fortune 500 companies are still somehow in bed with these tech titans.

Fortunately, DuckDuckGo has recently aired some new television advertisements that bring up the privacy issues associated with Google. So there is some hope here. (I saw these on the Tennis Channel while watching the Western and Southern Open tournament.)

Meanwhile in eastern Asia

The icons that are part of the user interface are simplified outlines of icons found in KDE's Breeze package. But that is only the basic look.

HarmonyOS was designed as an Internet of things operating system rather than something that can be installed on a PC or Intel-based Mac (such as PCLinuxOS).

As it is an open source product, and whether it can be made available as a developers kit for PCLinuxOS depends on political factors, such as countries banning Huawei from doing business as the United Kingdom has done, or tariffs that Donald Trump has placed on Chinese goods so far.

This is not the first time a technology developed outside the US never made it into the marketplace in the US.

MSX comes to mind here. MSX was a set of standards developed for home computers sold in Japan in the 1980s, and was developed in part by Microsoft. Unfortunately, there was no market for these machines in the US.

The same could be said for Amstrad CPC-464, which was a popular home computer in many of the countries that made up the European Union back in the 1980s.

The JavaCPC package contains a fully functional emulator implemented as a desktop environment running in a Window on your favorite window manager.

The name Amstrad stands for AMS Trading Company, which operated as a London based distributor of merchandise sold to retailers.

If you bought televisions and stereos in the 1960's and the 1970's from a major retailer such as Sears, Montgomery Ward, or JCPenney, manufacturers of these products produced lots of their merchandise with the retailer's private brand embedded.

For example, the Atari 2600 gaming console was sold by Sears as the Sears Video Arcade. We all knew this was a rebranded Atari 2600.

In the case of the Amstrad CPC-464, this machine was developed specifically for AMS Trading Company to compete with Clive Sinclair's ZX80 and ZX81 machines (sold in the US as the Timex Sinclair 1000 and Timex Sinclair 1500 machines).

What killed off these machines was the demand for IBM compatible computers and the MS/PC-DOS operating system (now available as FreeDOS).

LibreOffice ends 32-bit support at Version 6.2

Sadly, another blow to the existence of 32-bit computing came with the Document Foundation making the decision to no longer produce a 32-bit version of LibreOffice.

As of Version 6.3 (the current version as of this writing), LibreOffice will be available as a 64-bit only product. The 32-bit version of LibreOffice 6.3 is available only for Windows. There is no 32-bit Linux or Mac OS-X binary available for download.

Source: https://www.libreoffice.org/download/download/, then open the operating system menu and see for yourself.

Thankfully for us, this is not an issue. This does suggest, however, that there will be other applications, such as the GIMP, Firefox, Audacity, and VLC which one day will no longer have a 32-bit version available.

But then, this should only affect machines with a Pentium 4 or older processor (which had been discontinued more than ten years ago). Even then, it is still possible to compile the needed 32-bit version from source code. The real issue happens with commercial software which never comes distributed with the source code.

Wine still supports 32-bit Windows Applications in PCLinuxOS

Thankfully, Synaptic still has the ia32-libs package for support of 32-bit binaries. This package works with 32-bit AppImages as well as 32-bit Windows applications running in WINE.

The reason I mentioned this is that I heard that Canonical made a decision to stop supporting 32-bit Windows applications in their WINE package. This means that as of Version 19.10 of their operating system (which I shall not mention its name), the wine package will be built without 32-bit binary support.

This could prove to be a really stupid decision as many Windows applications today are still built as 32-bit applications. Also, there are still many CD-ROM and DVD-ROM discs of classic Windows applications and games available at places such as Goodwill and GameStop, which were designed to run on 32-bit versions of Windows.

Thankfully, we still maintain the WINE package with 32-bit support.

Is this email address real or fake?

Finding messages with fake e-mail addresses has become a daily occurrence. Distinguishing a real e-mail address from a fabricated one is easy if you know what to look for. Most e-mails we get have a sender name attached to an e-mail address.

Zip Recruiter, the job search site, offers a service that allows you to get alerts on jobs that match your resumé. As you get these alerts, the emails have a sender label called "ZipRecruiter", which is associated with the e-mail address of alerts@ziprecruiter.com, which is legitimate for the notification service.

However, a header of "Smart Blood Sugar", with an email address of usephorneker@xhcfq-yieldingly.cu is not only not legitimate, the e-mail address does not make any sense whatsoever.

The xhcfq- portion of the domain name is a series of random characters, and that tells me that a template was used to generate the fake sender e-mail address, and that template was formatted as

use%1@%2-yieldingly.cu

where %1 is a parameter read in from a database generated from a data breach, and %2 is a parameter read-in from the random character generator.

Note: The .cu is the domain suffix for the country of Cuba.

When you consider the millions of e-mail addresses, account usernames, passwords that are harvested from data breaches, it only makes sense to outsource the dirty work to a cluster of machines. After all, we can prosecute a cyber criminal, but we cannot prosecute an algorithm.

So far, we have fake news, fake package tracking numbers, fake social media profiles, fake websites, fake phone numbers, fake identification cards, fake job offers (usually found on Craigslist), and even fake packages (remember the NASA engineer that solved his package theft problem by creating a fake package that exploded with multicolored glitter and rancid scents).

In fact, we could call the wine package "Fake Windows", but then, the same could be said for Windows 10.

With so many things being fake, it is difficult to distinguish fact from fiction, or from opinion for that matter. But, it is not impossible.

It is simply a matter of knowing what to look for.

One more thing...

Another clue as to my speculation about these fake emails coming into my Gmail account (I should really shut that account down) is the fact that these come almost every day and in varying amounts.

Fortunately, these messages end up in the Spam folder, so all I have to do is to select all such messages and delete them in one fell swoop.

If this were a person sending out these messages, it would occur to that person that maybe this practice is not working and that maybe that practice should stop, but that is not the case. Hence, I am convinced that these messages were sent out by a cluster of machines given the task mentioned in the previous topic on fake emails.

Enough of the rants for this month. Remember, mind your step.