RaveEd — Volume 11, Issue 10

RaveEd — Volume 11, Issue 10 — May 16, 2019

May 21, 2019 | Volume: 12 | Issue: 10

I got a tip last week (Thanks, Stefan!) about a patch Microsoft released for a vulnerability in Remote Code Execution (CVE-2019-0708) that affects some older version of Windows. This vulnerability is "wormable," which means that it could be used to infect machines without any user action, and it can be done so remotely. You may recall that in the spring of 2017, a ransomware called WannaCry (or WannaCrypt) wreaked havoc on systems, primarily in Europe, by encrypting files until a ransom was paid. This ransomware held hostage the UK's National Health Service, schools and government institutions, among others, as well as German state railway operater Deutsche Bahn, which had its digital signage network hacked. See our story on WannaCry here.

Microsoft has found this new vulnerability, which could be exploited in a similar way, before anything like WannaCry has happened, so there's no excuse. If you're running any servers with Windows 7, Windows Server 2008 R2 or Windows Server 2008, you need to install this patch immediately (apparently it's particularly important for Windows 7 and Server 2008). See Microsoft's incident report with details on how to patch here.

This issue has so much pre-InfoComm show news. If you're going to InfoComm, don't forget to register with our code RAVE to get in free. Were also helping InfoComm do a 5K on Friday before the show opens to benefit the AVIXA foundation, which you can register for here. Gary and Chuck Espinoza are also getting into some dunk tanks to help raise more money. You can donate to take some shots at them here. (Yes, really.)

Enjoy the issue. And go patch your Windows servers!

-Sara Abrons

COLUMNS

+ Collision Course [Mark Coxon]

I've said in the past that the problem with Moore's law (the law that says transistor size decreases by 50 percent, essentially doubling computer power, every two years) is that doubling computing power doesn't necessarily yield innovation. I can put two engineers with the same mindset in a room, doubling their collective human computing power and get absolutely nothing new. That is unless I somehow add a creative spark. That spark usually comes from something outside the system.

+ Notes From the Trenches [Joan Vandermate]

But it’s not just traffic congestion and real estate costs that are helping drive IT and AV deployments. It’s also the desire to enable efficiencies. Many employees would rather jump on a video call than walk 15 minutes across campus to attend a 30-minute meeting. Given the structural and cultural changes impacting the way people work (especially remote workers), our customers are adapting their collaboration capabilities and spaces to support smaller, shorter and more ad-hoc meetings.

+ The Evolution of Technology Spaces [Christopher Gillespie]

One of the most consistent things we see in corporate facilities/classrooms/lecture halls worldwide is that they have been equipped with some manner of technology package that is there for the users of that space to better communicate with others. And one of the most consistent things about these spaces is that in general… they are "meh." They aren't terrible, they don't blow your socks off, they get the job done… but they aren't without issues. And that is what I want to talk about. Let's not focus on the technology stack in use — what I am going to talk about is how we approach these spaces.

+ Security: Start from the Beginning [Scott Tiner]

Security has arisen as a significant issue over the past several years in the AV industry. Several high profile issues have made people question what they should be doing about security. I (and others) have written about it, trying to give our readers some thoughts about where to start. As I read more about security and consider what we need to do, I realize that many of us have skipped ahead. We are reacting to problems that have occured, rather than developing a strong strategy and then being tactical in executing that strategy.

+ Privacy and the Public Interest [Christopher Jaynes]

Technology has largely evolved within a capitalism petri dish, mostly undisturbed. The result can be companies like Facebook and Google who find themselves forcibly changing direction and mired in privacy scandals that could have been avoided. If you work in the AV space, you’re introducing technology every day to individual’s workspaces, classrooms, offices, and other areas where humans do human things. We are a homo-bureaucratis species that both loves technology and hates privacy violation with good reason.