Wormhole Newsletter December 2016

News from

THE GLORIOUS SOCIETY OF THE WORMHOLE

December 2016

Hello Worms

We will again meet at the Oakhurst United Methodist Church located at 13400 Park Blvd.

I trust all had a good Thanksgiving with friends and family.

Merry Christmas and Happy New Year. OK, a little early but this is the last newsletter for the year and the stores have had Christmas stuff out since Halloween. I won’t see most of you in January because I will be in the Tampa EOC for the National College Championship football game. Our esteemed Vice President will preside.

I am making another shirt order so if you want a Wormhole shirt please send me an email with the name you want on the shirt, the call you want on the shirt and the shirt size.

I do expect to see most of you at the Tampa Bay Hamfest on December 9 & 10 in Plant City. Stop in at the Wormhole table to say hi or even have a seat and man the club table for a bit. We can always use a volunteer or three so if you have an hour or two let me or one of the staff know and we will put you to work. The Future Farmers run the concession stand and assure me that the strawberries will be ready for the shortcake. Two club members have tables under the club name for $15 each. Anyone wanting a table next to (or far far away) from the Wormhole tables get me the information ASAP. You can pay for your table at the meeting and also buy your tickets from me or Dee at a discount.

Talk-in is on the Wormhole repeater and I will be monitoring the simplex call frequency, 146.52.

 

This is from Fred N3BUL. He says it better than me so I will just forward his email. If you don’t support your Section Convention and Hamfest why should anyone else?

OK, you stuffed yourself on Thursday, spent too much on Black Friday, watched too much football Saturday and Sunday, and now they want you to spend again on Cyber Monday.

 

Well, all I want is 2 hours of your time helping at the Hamfest which you are going to anyway. Seven spots are left, see below, and except for one they are all BARS. Where is TARC??   Thanks—FRED/N3BUL

 

Listed below are the positions and times needing volunteers; (I’m sorry but email seems to always shifts my columns)

FRIDAY, DEC 9

TICKET BOOTH                  TAILGATE VENDORS          CROSSING GUARD

TIME A1    A2    A3              TIME B1     B2     B3               TIME           C1    

12-2  JimM RON ____           11-1  Fred  Don   Tom            12-2           Dick

2-4    FRED          ____                                                            2-4              ____ 

4-5    ____                                                                                4-5              ____

 

SATURDAY, DEC. 10

 

TIME A1    A2    A3              TIME B1     B2     B3    

8-10  Rich. Ivan  ____           7-9    Fred  Don   ____

10-12FRED          Dick

12-2  JimS 

 

Volunteers will receive a raffle ticket for each hour worked. The tickets will be put in a hat and one will be drawn for a $50 prize.

 

Email me, FRED/N3BUL, at fred.hendershot@verizon.net with name, call sign, position and times.—-THANKS—       

 

*SUNSPOT CYCLE LOWEST IN FIVE YEARS*

Space Weather News for Nov. 17, 2016,

Sunspot counts have reached their lowest level in 5 years, a clear sign that Solar Minimum is approaching.  Contrary to popular belief, Solar Minimum is neither dull nor uneventful. Instead, space weather changes in interesting ways. Today’s edition of Spaceweather.com lists some of the changes we can expect, including one that is happening right now: a measurable increase in atmospheric cosmic rays. Check it out.

* GOOGLE PROTECTING USERS FROM REPEAT VIOLATORS*

Googleblog.COM, Posted by Brooke Heinichen, Safe Browsing Team, November 8, 2016

Since 2005, Safe Browsing has been protecting users from harm on the Internet, and has evolved over the years to adapt to the changing nature of threats and user harm.

Today, sites in violation of Google’s Malware, Unwanted Software, Phishing, and Social Engineering Policies show warnings until Google verifies that the site is no longer harmful. The verification can be triggered automatically, or at the request of the webmaster via the Search Console.

However, over time, we’ve observed that a small number of websites will cease harming users for long enough to have the warnings removed, and will then revert to harmful activity.

As a result of this gap in user protection, we have adjusted our policies to reduce risks borne by end-users. Starting today, Safe Browsing will begin to classify these types of sites as “Repeat Offenders.” With regards to Safe Browsing-related policies, Repeat Offenders are websites that repeatedly switch between compliant and policy-violating behavior for the purpose of having a successful review and having warnings removed. Please note that websites that are hacked will not be classified as Repeat Offenders; only sites that purposefully post harmful content will be subject to the policy.

Once Safe Browsing has determined that a site is a Repeat Offender, the webmaster will be unable to request additional reviews via the Search Console for 30 days, and warnings will continue to show to users. When a site is established as a Repeat Offender, the webmaster will be notified via email to their registered Search Console email address.

We continuously update our policies and practices to address evolving threats. This is yet another change to help protect users from harm online.

From Ian Paul PCWORLD: Google’s harsh stand on harmful sites will undoubtedly protect many people from being unwitting victims to malicious software. But I wonder if it’s an approach that is truly fair. It’s one thing to enforce a thirty-day waiting period for sites that deserve it, but what if a second offence is explicable? Perhaps it’s too little too late for those sites, but a 30-day sentence to purgatory without any chance of appeal seems almost guaranteed to ensnare sites that don’t deserve it.

*THE IoT, A CYBER SECURITY CONCERN*

 

COMPUTERWORLD, By Grant Gross |Senior Editor, IDG News Service

The U.S. government needs to pass regulations mandating internet of things security measures before device vulnerabilities start killing people, a security expert told lawmakers.

A massive distributed denial-of-service attack aided by IoT devices in October “was benign” because a couple of websites crashed, said Bruce Schneier, a veteran cybersecurity researcher and lecturer at Harvard University. But the next attack may be more dangerous.

With cars, airplanes, thermostats and appliances now connected to the internet, “there’s real risk to life and property, real catastrophic risk,” Schneier told two House of Representatives subcommittees Wednesday.

While some Republican committee members questioned the need for IoT security regulations, Schneier suggested that sellers and customers of IoT devices have little reason to fix them without a push. 

Many IoT devices are low-profit products with little security built in, no easy avenue to patch vulnerabilities, and no way for customers to know their devices are compromised, he and other experts said. And while users replace smartphones every 18 months, a compromised DVR may be used for five years, a car for 10, and a thermostat may be replaced “approximately never,” Schneier said.

This leads to a market failure where regulation is needed, he said. “The market really can’t fix this,” Schneier added. “Buyer and seller don’t care.”

Schneier’s call for IoT regulations is likely to meet resistance in the Republican-controlled Congress, however. Regulations aren’t completely off the table, but they would be a “knee-jerk reaction” to recent attacks, said Representative Greg Walden, an Oregon Republican. “The United States cannot regulate the world.”

Many IoT devices are manufactured overseas, Walden noted, and U.S. regulations can’t mandate their security measures.

Here are some of the ways technology is supporting and driving business in a number of industries

In addition, regulations could limit innovation from U.S. IoT companies and hurt the nation’s chances to be a world leader in the IoT industry, Walden said. “We don’t want this to be an innovation killer,” he added. “I don’t think I want my refrigerator talking to some food police.”

Other witnesses during the hearing called on the U.S. government to push for IoT standards that the industry can adopt. On Tuesday, the U.S. National Institute of Standards and Technology released updated guidance on securing IoT.

IoT security remains “woefully inadequate” even as security experts saw the problems coming, said Kevin Fu, CEO of Virta Labs and a computer science professor at the University of Michigan. “We are in this sorry and deteriorating state because there’s almost no cost for a manufacturer to deploy products with poor cybersecurity.”

Fu called for national IoT security standards, more federal research on IoT security, and a national testing lab for devices. 

The U.S. should start with standards and “apply pressure” to IoT device makers, added Dale Drew, CSO for Level 3 Communications. “They can be applied globally, and I think we can get some traction and momentum before we start regulating.”

*ARRL LOOKING FOR QUESTION POOL COMMENTS*

ARRL Bulletin:

SB QST @ ARL $ARLB043 ARLB043 NCVEC Question Pool Committee Seeks Comments on the Technician Question Pool ZCZC AG43 QST de W1AW   ARRL Bulletin 43  ARLB043 From ARRL Headquarters   Newington CT  November 18, 2016 To all radio amateurs  SB QST ARL ARLB043 ARLB043 NCVEC Question Pool Committee Seeks Comments on the Technician Question Pool The National Conference of Volunteer Examiner Coordinators (NCVEC) Question Pool Committee (QPC) is reviewing the 2014-2018 Technician question pool for revisions and updates. The QPC will accept comments and suggestions from the Amateur Radio community via e-mail through March 31, 2017 at, qpcinput@ncvec.org . The NCVEC QPC will take all comments and suggestions into consideration as it updates the Technician question pool for 2018-2022. Input from the Amateur Radio community may include suggestions for new questions, changes to the topic areas, or changes to existing questions in any of the current Amateur Radio examination question pools.

*FAKE BLUE SCREEN OF DEATH WITH 1-800 NUMBER IS A SCAM*

NY TIMES, By MATT APUZZO and MICHAEL S. SCHMIDT NOV. 15, 2016

For about $50, you can get a smartphone with a high-definition display, fast data service and, according to security contractors, a secret feature: a backdoor that sends all your text messages to China every 72 hours.

Security contractors recently discovered preinstalled software in some Android phones that monitors where users go, whom they talk to and what they write in text messages. The American authorities say it is not clear whether this represents secretive data mining for advertising purposes or a Chinese government effort to collect intelligence.

International customers and users of disposable or prepaid phones are the people most affected by the software. But the scope is unclear. The Chinese company that wrote the software, Shanghai Adups Technology Company, says its code runs on more than 700 million phones, cars and other smart devices. One American phone manufacturer, BLU Products, said that 120,000 of its phones had been affected and that it had updated the software to eliminate the feature.

Kryptowire, the security firm that discovered the vulnerability, said the Adups software transmitted the full contents of text messages, contact lists, call logs, location information and other data to a Chinese server. The code comes preinstalled on phones and the surveillance is not disclosed to users, said Tom Karygiannis, a vice president of Kryptowire, which is based in Fairfax, Va. “Even if you wanted to, you wouldn’t have known about it,” he said.

Security experts frequently discover vulnerabilities in consumer electronics, but this case is exceptional. It was not a bug. Rather, Adups intentionally designed the software to help a Chinese phone manufacturer monitor user behavior, according to a document that Adups provided to explain the problem to BLU executives. That version of the software was not intended for American phones, the company said.

This is a private company that made a mistake,” said Lily Lim, a lawyer in Palo Alto, Calif., who represents Adups.

The episode shows how companies throughout the technology supply chain can compromise privacy, with or without the knowledge of manufacturers or customers. It also offers a look at one way that Chinese companies — and by extension the government — can monitor cellphone behavior. For many years, the Chinese government has used a variety of methods to filter and track internet use and monitor online conversations. It requires technology companies that operate in China to follow strict rules. Ms. Lim said Adups was not affiliated with the Chinese government.

At the heart of the issue is a special type of software, known as firmware, that tells phones how to operate. Adups provides the code that lets companies remotely update their firmware, an important function that is largely unseen by users. Normally, when a phone manufacturer updates its firmware, it tells customers what it is doing and whether it will use any personal information. Even if that is disclosed in long legal disclosures that customers routinely ignore, it is at least disclosed. That did not happen with the Adups software, Kryptowire said.

According to its website, Adups provides software to two of the largest cellphone manufacturers in the world, ZTE and Huawei. Both are based in China.

Samuel Ohev-Zion, the chief executive of the Florida-based BLU Products, said: “It was obviously something that we were not aware of. We moved very quickly to correct it.”

He added that Adups had assured him that all of the information taken from BLU customers had been destroyed.

The software was written at the request of an unidentified Chinese manufacturer that wanted the ability to store call logs, text messages and other data, according to the Adups document. Adups said the Chinese company used the data for customer support.

Ms. Lim said the software was intended to help the Chinese client identify junk text messages and calls. She did not identify the company that requested it and said she did not know how many phones were affected. She said phone companies, not Adups, were responsible for disclosing privacy policies to users. “Adups was just there to provide functionality that the phone distributor asked for,” she said.

Android phones run software that is developed by Google and distributed free for phone manufacturers to customize. A Google official said the company had told Adups to remove the surveillance ability from phones that run services like the Google Play store. That would not include devices in China, where hundreds of millions of people use Android phones but where Google does not operate because of censorship concerns.

Because Adups has not published a list of affected phones, it is not clear how users can determine whether their phones are vulnerable. “People who have some technical skills could,” Mr. Karygiannis, the Kryptowire vice president, said. “But the average consumer? No.”

Ms. Lim said she did not know how customers could determine whether they were affected.

Adups also provides what it calls “big data” services to help companies study their customers, “to know better about them, about what they like and what they use and there they come from and what they prefer to provide better service,” according to its website.

Kryptowire discovered the problem through a combination of happenstance and curiosity. A researcher there bought an inexpensive phone, the BLU R1 HD, for a trip overseas. While setting up the phone, he noticed unusual network activity, Mr. Karygiannis said. Over the next week, analysts noticed that the phone was transmitting text messages to a server in Shanghai and was registered to Adups, according to a Kryptowire report.

Kryptowire took its findings to the United States government. It made its report public on Tuesday.

Marsha Catron, a spokeswoman for the Department of Homeland Security, said the agency “was recently made aware of the concerns discovered by Kryptowire and is working with our public and private sector partners to identify appropriate mitigation strategies.”

Kryptowire is a Homeland Security contractor but analyzed the BLU phone independent of that contract.

Mr. Ohev-Zion, the BLU chief executive, said he was confident that the problem had been resolved for his customers. “Today there is no BLU device that is collecting that information,” he said.

graphicLine break

*CLUB MEETING*

Talk-in is on the Wormhole repeater system.  For those coming to the meeting who cannot hit the repeater we will be monitoring 146.520 simplex, the national calling frequency. We will keep an eye peeled for you. We will take advantage of the cooking facilities with an after-the-meeting Social and wormdog luncheon.

graphicLine break

*CLUB NETS*

Check in on the club net Thursdays at 1930.  442.625 + with a 146.2 tone or the 2M side at 146.850 – also with a tone of 146.2.  We are always looking for volunteers to be the net control operator.  Anyone interested, talk to one your club officers.

graphicLine break

*LOCAL NETS*

MONDAY

1730 147.030 + Receiver sites and tone info http://www.qsl.net/wd4scd/

St Pete Yacht Club ARC St Petersburg

1830 147.060+ no tone St Pete ARC daily net St Petersburg

1900 144.210 USB CARS, vertical polarization Clearwater

1900 147.135 +146.2 Zephyrhills ARC Zephyrhills

2000 147.165+ 136.5 Brandon ARS from Brandon

2000 50.135 Pinellas ARK Pinellas County

2030 NI4CE system EAGLE Net, NTS traffic net, NI4CE system

2030 145.450 Pinellas ARK Pinellas County

TUESDAY

1830 147.060 no tone St Pete ARC daily net from St Petersburg

1900 50.200 USB 6M net Brandon ARS

1900 28.450 WCF section net Clearwater

1900 NI4CE system WCF Section VHF ARES NI4CE system

1930 145.170 & 442.4 both pl 156.7 Pinellas ACS net Clearwater

1930 147.060 no tone Buy-Sell net on SPARC also on www.buysellnet.net

1930 444.900 +141.3 Sheriff’s Tactical ARC Tampa

2000 NI4CE system WCF Skywarn net NI4CE system

2000 147.105+ 146.2 Tampa ARC net from Tampa

2000 28.365 USB simplex Brandon ARS

2030 NI4CE system EAGLE Net, NTS traffic net NI4CE system

2100 28.465 USB 10/10 net from Orlando

WEDNESDAY

1830 147.060 no tone St Pete ARC daily net from St Petersburg

1845 147.060 no tone Buy Sell Net from St Petersburg

1930 52.020 simplex Suncoast 6’ers from St Petersburg

1930 NI4CE system WCF Section Digital Info Ne NI4CE system

2000 147.105 146.2 Greater Tampa CERT net from Tampa

2000 146.97- 146.2 Clearwater ARS from Clearwater

2030 NI4CE system EAGLE Net, NTS traffic net NI4CE system

2100 NI4CE system Tampa Bay Traders Net non-affiliated

THURSDAY

1800 146.52 simplex Hillsborough ARES/RACES North Tampa

1830 147.060 no tone St Pete ARC daily net from St Petersburg

1900 444.750 +146.2 Fusion net from Tampa

1930 146.850- & 442.625+ both pl 146.2 Wormhole from St Petersburg

1930 146.6385 -127.3 Lakeland ARC from Lakeland

1915 224.660- no tone St Pete ARC from St Petersburg

2030 NI4CE system EAGLE Net, NTS traffic net NI4CE system

FRIDAY

1830 147.060 no tone St Pete ARC daily net from St Petersburg

2000 147.360+ pl 127.3 METRO ARC Friday Net from St Petersburg

2030 NI4CE system EAGLE Net, NTS traffic net NI4CE system

SATURDAY

0830 3.911 (7.281 Alt.)+/- QRM WCF Section HF Net from Pinellas County

1830 147.060 no tone St Pete ARC daily net from St Petersburg

2030 NI4CE system EAGLE Net, NTS traffic net NI4CE system

SUNDAY

1830 147.060 no tone St Pete ARC daily net from St Petersburg

1930 NI4CE system WCF Section Net NI4CE system

2000 147.550 simplex 550 Simplex Net Pinellas County

2030 NI4CE system EAGLE Net, NTS traffic net NI4CE system

2100 144.210 USB Clearwater ARS vertical orientation

graphicLine break

*FOR SALE / WANTED*

Anyone having something for sale or who might be looking for an item let me know.  I will not print phone numbers or email addresses unless specifically told to since this newsletter might end up on the web.  The exception is when I get the information off the web.  If you are a member of the Wormhole then you have all the information you need on a club roster and if you are not a member  .. why not?  OK, if you are not a member you can contact me at the email address at the end of this newsletter, I will give you the information to contact the person involved.

FOR SALE, 13 element, 14.5 ft 220 beam. Wormhole property, $20, contact Bill AG4QX or any other officer. Free to any Wormhole member or other club. Pickup at Bill’s house.

graphicLine break

*HAMFESTS*

2016

December 9-10 Plant City, the 2015 Tampa Bay Hamfest is the West Central Florida Section Convention, Friday and Saturday, at the Ag Building in the Strawberry Festival grounds, for information contact Bill Williams AG4QX, chairman@fgcarc.org or go to http://www.tampabayhamfest.org or you can just ask me, Jim or Dee 😉

2017

January 28 DeSoto County Hamfest, Arcadia, Turner Center Exhibit Hall, 2260 NE Roan Street, Talk-In: 147.075 (PL 100), contact Dougb Christ KN4YT at 863-990-2507. The website at http://desotoarc.org has no information yet

February 10-12 Orlando Hamcation, Central Florida Fairgrounds, 4603 West Colonial Drive, Tickets $13 in advance, $15 at door. Talkin 146.4760 – no PL or D-Star 146.850 -, all the information at www.hamcation.com or call 407-841-0874

February 18 Brooksville Hamfest, Sand Hill Scout Reservation, 11210 Cortez Blvd., talk-In 146.715 – no tone, contact John Nejedlo WB4NOD, 813-838-5432, website is http://www.hcara.org/.

February 25 West Central Florida Section Technical Conference (3rd Annual TECHCON), Sarasota, Sarasota Red Cross, 2001 Cantu Court. Looking for presentations and displays. For info see http://www.arrlwcf.org/ or contact Darrell Davis KT4WX at kt4wx@arrl.net

May 27 WormFest 2017, Pinellas Park,  FREE,  Freedom Lake Park, 9990 46th St N, southeast corner of US 19 and 49th Street, 33782.  Park opens at sunrise, hamfest from 0800 till…  Talkin on 442.625 + or 146.850 – both with a tone of 146.2.  For a map and directions see http://www.TheWormholeSociety.org .

graphicLine break

Last full weekend January Winter Field Day, http://www.spar-hams.org/index.php

Late January Gasparilla celebration

March/April MS Walks

March/April Mass Casualty Exercises

Late April Southeastern VHF Society Conference, http://www.svhfs.org

Late April Walk For Babies (was March of Dimes)

Late April Florida QSO Party

Mid-May Annual Armed Forces Crossband Test

Mid May MS 150 bike ride

Mid-May Florida Hurricane Exercise

Late May Wormfest

Early June Museum Ships on the Air

Fourth weekend in June Field Day http://www.arrl.org/contests/announcements/fd/

July 3/4 Midnight Run in Largo

August International Lighthouse/Lightship Week

October, 3rd weekend JOTA, Scout Jamboree-on-the-AIR

Early December ALS bike ride in Walsingham Park

December, first full weekend Ride & Run With The Stars in Fort DeSoto Park

December, Second full weekend Tampa Bay Hamfest

graphicLine break

*YOUR WORMHOLE OFFICERS*

Bill AG4QX is President and editor of this newsletter, Vice-President is Mike K4ZPE,  Treasurer is Jim KD4MZL, Paul KA4IOX is the Secretary, Dee N4GD is the Repeater Trustee and Neil W4NHL and Mike K4ZPE are our club webmasters.

graphicLine break

*YOUR WORMHOLE REPEATERS*

442.625 +  PL 146.2

146.850 –  PL 146.2

The Wormhole repeaters are both now dual mode Yaesu DR-1X. FM analog as always and now Yaesu Fusion, a C4FM/FM digital mode. The repeater crew updated the software on May 3, 2016.

The Wormhole website is at: http://www.TheWormholeSociety.org.

West Central Florida Section website:  http://www.arrlwcf.org/.

The ARRL website is at: http://www.arrl.org/

This newsletter is written for The Glorious Society of the Wormhole, an ARRL affiliated amateur radio club located around the Seminole section of Pinellas County Florida. Anyone wishing to be added or removed from The Glorious Society of the Wormhole mailings please write to me at the address below and thy will be done.

73,

Bill Williams

AG4QX

ag4qx AT arrl DOT net

No Comments