view in plain text or web browser  
Tech Tails | Apple news straight from the Tech Room | SmallDog.com | 800-511-MACS
 
#916: Mobile Device Security, Update From Rutland, IPv6 Is On Its Way

 
     
 

Good afternoon friends,

I hope you’ve had a great holiday weekend. The season for watching our thermostats is upon us. Like the seasons, businesses change as well. Our team has added some new members lately, and their smiling faces would be happy to greet you in our stores.

I’m Mikhael Cohen (pronounced “mi-KALE”) but you can call me Mike. To introduce myself: I’m a long-time Apple Certified Macintosh Technician, and Small Dog Pup, who has recently taken the role of Service Operations Manager at Small Dog Electronics. When not in one of our stores, I can be found running (with icicles on my face), playing Scrabble, or taking the occasional college course.

If you have a Mac, Android phone, Internet-Enabled Refrigerator, or anything else that looks sort of like a computer, this week’s articles may interest you. Scott talks about IPv4 (your computer’s home address on the internet…for now) and Kyle talks about the black box that is your electronic hardware as well as discussing his experience operating on a new Retina 5k iMac in Rutland — our floor demo model that arrived with a bad graphics processor.

-Mikhael
mikhael@smalldog.com

 
   
     
  Mobile Device Security  
   
 

A lot has happened for me in the past few months since my last article. I have gotten involved with corporate level security and data management, and with that comes a lot more information to digest. I have actually begun questioning the integrity of software that I have used for years. I have even begun to question the applications on my phone. Why does an application really need access to everything it requested access to? Is there a legitimate reason? Is there possibly malicious code hidden somewhere to gain access and possibly do something that I wouldn’t want it to do? I guess you could call it paranoia (and yes, I agree that it is) however how much do you truly understand what is happening behind the scenes in your electronics? I have discovered that I don’t know enough, or in some cases just enough to screw something up.

I have been following news articles about hacking and security vulnerabilities that are discovered in widely used software or operating system packages that can cause a lot of problems if exploited by those that know how to do so. When the bash scripting vulnerability announcement was made, people started taking advantage of that within hours. There are a lot of computers that still aren’t protected from that vulnerability. These articles got me to thinking about how easy it is for someone to start taking advantage of vulnerabilities without really learning about it. I started by looking at phones.

iPhones and iOS devices are actually pretty protected in that they have built in application sandboxing, which means apps aren’t allowed to communicate with anything but the internet and a few other apps. Unless you jailbreak your iPhone and put a third-party app on it, your iOS device is pretty well protected. Android is a little different, you can install any application from the app store, and the app store isn’t monitored or regulated like Apple’s is. Anyone can submit to the Android app store and if you aren’t paying attention to the reviews, you could be installing something that is capable of reading all your information or even accessing the cameras whenever they are commanded to by an outside source.

These intrusive acts can be done with mobile devices. You have to give them superuser (AKA “root”) access which means elevated privileges. I rooted an Android phone, installed a few applications and was pretty amazed at what it could do. I managed to intercept my friends WiFi connection and replace every .jpg image on every webpage he visited with a picture of my beautiful face, with his permission of course. I did this all from an Android phone with an app downloaded from the app store. Once I found that piece of software, I began to hunt for additional tools that would give anyone with a little knowledge, the ability to hijack a WiFi connection on a connected access point.

 
   
     
  Update from Small Dog Electronics Rutland  
   
 

I have been moved down to Rutland from South Burlington to cover the tech position for a short duration. The queue down here is running smoothly and the average turnaround time is actually doing pretty well considering I can only be in the store three days a week and normally after hours. One repair that I ran into that took me off guard was for a brand new Retina 5K iMac 27 inch that just came out. It had a defective display where it displayed both vertical and horizontal bars in different colors with varying screen flickering. I ran it through normal diagnostics and narrowed it down to the actual display itself and ruled out the graphics card. The display is on order and I’m just waiting for it to come in.

I didn’t anticipate having to repair a 5K iMac so soon, but it did give me a unique opportunity to see how the internals were arranged and changed from the previous generation of iMac. Everything appears to have been shifted to the bottom of the machine, leaving open space where it tapers towards the top of the machine. Apple went back to a 3.5” hard drive in the new iMacs, where the previous two generations all used 2.5” drives. Externally it does look very similar to all the previous iMacs but internally its completely different. For example, the speakers are larger and the boards are smaller and shaped differently. It looks beautiful on the inside, a technicians dream with how modular everything is getting. The most difficult part of having to service the new(er) style of iMacs is having to deal with the adhesive that holds the display to the back housing. Having to cut the adhesive with the provided pizza-style cutter can be frustrating if the display refuses to come off the back housing, as happened with this repair.

The second worst part is putting the display back on, which requires having to get the adhesive perfect with everything aligned, because if it’s not aligned, you have to cut the display off and try again. One aspect of the new iMac that I really like is that the display isn’t screwed down to the main logic board and only has one connection internally. This makes diagnosing easier because the inverter board, which manages the backlight level of the display, is incorporated into the display itself rather than a separate board within the machine.

All in all, I can see the new 5K iMacs being an easier to diagnose machine then its predecessor but, hopefully for your sake, I don’t see too many of them!

 
   
     
  IPv6 Is On Its Way  
   
 

1981 was a very eventful year. The DeLorean Motor Company began production of the now infamous DMC-12 (the time travel package didn’t become available until 1985). President Ronald Reagan signed a top secret National Security Decision Directive authorizing the CIA to recruit and support Contra rebels in Nicaragua, and Joseph Gordon-Levitt was born. More relevant to our tech interests though, IPv4 (Internet Protocol version 4) was released in 1981.

There aren’t many things from 1981 that we still use, but IPv4 is one of them. The Internet Protocol’s job is to route traffic on the Internet. One of the most critical features of this protocol is addressing. We commonly refer to this as IP addresses. IPv4 specifies 32-bit addresses. This means we have only 32 bits in which to store any possible IP address. When you see an IP address in dotted-decimal notation, such as 198.18.22.111, each of those numbers can be represented by 8 bits (198 = 11000110 for example).

With 8 bits you can only represent 256 unique combinations. This is why each piece of an IPv4 address will always be a number between 0 and 255. In a full IPv4 address, you have 4 blocks of 8 bits for a total of 32 bits. A full 32-bit IPv4 address can represent 2^32 possible addresses or 4,294,967,296. That’s almost 4.3 billion possible addresses. In 1981, this was more addresses than they thought they would ever need. After all, most people couldn’t even use the Internet then…they’d never be able to use up all those addresses!

Fast forward to 2014 (or take a DeLorean). A huge number of homes and businesses have constantly connected internet modems. Many have more than one. Each of those devices needs a unique IP address. Add in every single smartphone, as well as other random internet-connected devices and 4 billion addresses starts to seem like a pretty small number. If that situation weren’t bad enough, you can’t even use every single address. Huge chunks are reserved for certain network systems, software and documentation. All in all, roughly 600 million addresses are unavailable for use on the public Internet. The full list of reserved addresses and their uses can be found here.

Fortunately, if you have a home with a single modem and all computers and devices connect to a wireless router, you’re only using a single IP address of public Internet space. The modem and router act as a gateway to the outside world and the public Internet. Inside your home, your router will give you one of the special reserved addresses. You might be familiar with these, since they almost always start with 192.168. This process is called network address translation or NAT. A private organization with a large number of machines can funnel all their traffic through the modem-router and appear on the public Internet as one single IPv4 address.

Even with mitigation, we are running out of addresses, and a solution does need to be found. Fortunately, IPv6 is on its way. IPv6 addresses contain 128 bits allowing for 2^128 possible addresses or approximately 3.4×10^38. In other words, a lot. In fact, IPv6 allows for approximately 7.9×10^28 more addresses than IPv4. Unfortunately, IPv6 adoption has been slow and IPv4 still carries something like 96% of all Internet traffic. As the Internet becomes more and more saturated with devices, we’ll eventually be forced onto IPv6. Hopefully we won’t be looking back around 2050 and wondering why we didn’t choose to use 256-bit addressing instead.

 
   
     
  SPECIAL | Seagate Backup Plus Slim Portable Drive USB 3.0 - 2TB  
   
 

TT | Save $30 on Seagate Slim Portable 2TB Drive

$ 69.99

The Seagate Backup Plus Slim Portable Drive is the simple, one-click way to protect and share your entire digital life. Perfect to take on the go, the sleek metal case design allows for the thinnest portable hard drive available with up to 2TB of capacity. It goes anywhere — without getting in your way. Available in Black, Blue, and Red.

View

 
     
  SPECIAL | iON Air Pro 3 WiFi - 1080p Action Waterproof Camera  
   
 

Holiday | Save $50 on iON Air Pro 3 WiFi - 1080p Action Waterproof Camera

299.99

Capture thrilling action moments with this iON Air Pro 3 Wi-Fi waterproof action camera. Record stunning panoramas with up to a 170° wide-angle field of view. Aimed at professional and amateur photographers, adventurers, adrenalin junkies and recreational sports enthusiasts alike, this product has a lot to offer!

View

 
     
  SPECIAL | Belkin NetCam HD Wi-Fi Camera w/ Night Vision  
   
 

Holiday | Save $30 on Belkin NewCam HD WiFi Camera with Night Vision

99.99

Not only does the Belkin NetCam HD allow you to keep tabs on kids or pets from your smartphone or tablet—it also allows you to see all the action in vibrant 720p HD video. Ideal for anyone who has kids, pets, or grandparents at home, the camera captures smooth video and crisp digital audio that makes you feel like you’re right there with them.

View