Mycroft Sued, Natural Gas Ransomware, Bezos Funds Climate Initiative, Ring 2FA Required

  • Episode 643
  • February 19, 2020
The weekly tech news from Category5 TV is provided free of charge. If you enjoy what we do, please consider becoming a Patron so we can continue offering more great content.
Support This Free Content

Here are the stories we're following for the week of Wednesday February 19, 2020

Mycroft AI's Linux voice-assistant has attracted a lawsuit, and the creators decided to fight the 'patent troll' tooth and nail.

Startup Mycroft AI stood up to a patent troll who filed a lawsuit against it for building an open-source Linux-based voice-controlled assistant.

Mycroft AI develops voice-assistant software that runs on Linux systems, including Raspberry Pi. The device can then respond to spoken requests--similar to Amazon Echo or Google Home--such as setting alarms and reminders, searching the web, and so on.

Mycroft AI first learned trouble was brewing when it was contacted in December by a lawyer at a Texas law firm focused on intellectual property. In an email to the startup’s CEO Joshua Montgomery, the lawyer claimed Mycroft AI's technology infringed two US patents belonging to their client, Voice Tech Corp. These patents describe a system for handling “voice commands from a mobile device to remotely access and control a computer."

Initially, the lawyer offered Mycroft AI a non-exclusive license of Voice Tech’s patents. However, after Montgomery ignored the emails, Voice Tech sued Mycroft AI for patent infringement.

Earlier this month, Montgomery declared he's ready to fight the lawsuit all the way. He told The Register, “This is a textbook case of why the US patent system is fundamentally broken. Software is math running on a microchip. Sure, it’s written in a particular language and that is copyrightable, but math is not patentable.”

According to their abstract, the patents involve "receiving audio data from a mobile device at the computer. The audio data is decoded into a command. A software program that the command was provided for is determined. At least one process is executed at the computer in response to the command. Output data is generated at the computer in response to executing at least one process at the computer. The output data is transmitted to the mobile device."

Montgomery argued the patents do not reflect the complexity and architecture of modern assistants, and pointed out Mycroft AI doesn't even involve a separate mobile device.

Because Mycroft AI is based in Missouri, they'd have had to spend money hiring a law firm in Texas to work with its attorney.

Montgomery described Voice Tech, in his opinion, as a "patent troll," and compared such organizations to playground bullies. He said, “If you don’t stand up the first time, you’ll get picked on forever.”

On February 11th, Voice Tech voluntarily dismissed the case.

In an update posted to the Mycroft blog, Montgomery says, "we have won the battle, not the war."

He also noted the outpouring of support from the open source community, saying, "Over the last week, we have been humbled by the outpouring of support," "Thousands of you shared the post, sent in further evidence of the invalidity of the patent claims, offered your expert testimony and even wanted to contribute financially to the legal defense. From everyone at Mycroft, thank you all!"


Sent to us by: Roy W. Nash

Dell Technologies is selling its infosec business, RSA.

Dell Technologies is selling its infosec business RSA for $2.075bn as it tries to reduce its longstanding debt.

RSA helps companies confirm user IDs and manage other digital security risks. It serves 30,000 customers ranging from banks to consumer-goods makers. It also runs security conferences, including one scheduled for this month in San Francisco that IBM dropped out of recently.

The sale, rubber stamped Tuesday, was made to a consortium led by STG Partners, a private equity investor that specialises in tech; Ontario Teachers' Pension Plan Board; and Dutch private equity group, AlpInvest Partners.


Sent to us by: Roy W. Nash

A US-based natural gas facility shut down operations for two days after being hit by ransomware.

The Department of Homeland Security said on Tuesday that a US-based natural gas facility had to shut down operations for two days after sustaining a ransomware infection that prevented personnel from receiving crucial real-time operational data from control and communication equipment.

The advisory didn’t identify the site except to say that it was a natural gas-compression facility. Such sites typically use turbines, motors, and engines to compress natural gas so it can be safely moved through pipelines.

The attack started with a malicious link in a phishing email that allowed attackers to pivot from the facility’s IT network to the facility’s OT network, which is the operational technology hub of servers that control and monitor physical processes of the facility. With that, both the IT and OT networks were infected with ransomware.

The attack knocked out crucial control and communications gear that on-site employees depend on to monitor the physical processes.

The infection didn’t spread to programmable logic controllers, which actually control compression equipment, and it didn’t cause the facility to lose control of operations. The advisory explicitly said that “at no time did the threat actor obtain the ability to control or manipulate operations.”


Sent to us by: Roy W. Nash

Jeff Bezos, the richest person in the world, has pledged $10bn to fight climate change.

Amazon boss Jeff Bezos has pledged $10bn to help fight climate change. He wants the money to finance work by scientists, activists and other groups.

He said: "I want to work alongside others both to amplify known ways and to explore new ways of fighting the devastating impact of climate change."

Writing on his Instagram account, Mr Bezos said the fund would begin distributing money this summer.

Mr Bezos has an estimated net worth of more than $130bn, so the pledge represents almost 8% of his fortune.

Some Amazon employees have urged him to do more to fight climate change. There have been walkouts and some staff have spoken publicly. Also, Mr Bezos is financing the Blue Origin space programme.

The Seattle-based company is a neighbour of Microsoft, which in January unveiled a plan to become carbon negative by 2030.

Closing his post, Mr. Bezos says, "Earth is the one thing we all have in common - let's protect it, together."⁣⁣⁣


Sent to us by: Roy W. Nash

Ring doorbell makes two-factor verification mandatory.

Ring, Amazon's video doorbell system, has introduced additional steps to the way users log in to their accounts, and is making two-factor verification mandatory.

Users will need to enter a password and unique six-digit code when they first log in to view their security footage or access the Neighbors app.

Two-factor authentication was an option for Ring users before, but it was not the default setting.

On Tuesday, Ring also said it would pause its data-sharing with third-party firms.

The change comes as Ring and Amazon face increasing scrutiny about privacy protection and data sharing.

In a blog post Ring's president Leila Rouhi said the company takes "digital security and privacy seriously" and would look at additional ways to improve security.

Ring's new log-in system will be similar to other two-factor authentication processes. After signing in with a username and password the app will ask to send a text message or email with a one-time six-digit code. Once the code is entered the user will have access to the app and be able to view footage from outdoor and indoor cameras.

Owners will then be able to use their mobile apps for 30 day before they are required to go through the two-step process again, unless they log out of their account in the meantime.

Last week, Nest - Google's home security device - began requiring two-factor authentication as well.


Sent to us by: Roy W. Nash

Windows 10’s New Update Is Deleting People’s Files Again.

Microsoft released a buggy security update for Windows 10 last week. Some Windows users report all the files on their desktop have been deleted.

Thankfully, those files aren’t actually deleted. The update just moved them to another user account’s folder. That's better than the time Microsoft actually deleted people’s files with the October 2018 Update.

While files appear to be deleted and settings such as the start menu and desktop customizations appear to be reset to default, what's actually happening is that Windows 10 is signing people into a temporary user profile to be used during the update process, but for some people, it's failing to restore the user's proper profile when the update is complete.

The buggy update is KB4532693, which Microsoft released for Windows 10 on Feb. 11, 2020. Windows Update will automatically install it on your PC. If your system has already installed the update and you haven’t experienced the bug, you don’t need to take any action.

However, if you’ve encountered the bug, there’s one simple way to fix it and get your files back: Uninstall the update that caused the problem.

Since Microsoft will likely re-release the update in the future when the problem is solved, removal is the quickest and easiest fix.

Since the update is "to improve security when using Internet Explorer and Microsoft Edge" we suggest you stop using those browsers.


Sent to us by: Robbie Ferguson


Season 14 starts soon!

Episode 664 will be live October 14! See you then.

Twitter Posts

Login to Category5

Error message here!

Hide Error message here!

Forgot your password?

Register on Category5

Error message here!

Error message here!

Hide Error message here!

Lost your password? Please enter your email address. You will receive a link to create a new password.

Error message here!

Back to log-in