The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
I haven’t been to blind bargains lately, but they post a lengthy blog post on whats new in version 18. I am not sure when it will be released, or if it has, but the post was posted on the 11th, and its better late than never. Maybe you’ll find this of interest.
I usually post lighter tech on a satturday, however this one was all over the net and it was not posted yet.
This comes from roiters.
If anything it shows that even with our most secure systems available, it is possible for hackers to take down the cloud.
Its hard, hundreds of infected computers and portables needed to be used but it can be done.
I coppied this from royters.
If you want a link search hackers hack dyn.
Dyn or dyndns, dynamic dns is a large address book managing a lot of sites including the amason aws s3 cloud, google, twitter and several online networks itunes, spotify, paypal and a few others.
For future refference a ddos or denile of service attack as was successfully done today is simply when you send as much data at a server or group of servers to overload and crash those servers.
While you can provent most breaches of this type the bad guys always are one step ahead.
It also demonstraits that a lot of users click links and download stuff they are not supposed to.
On the other side, us techs know that as long as we have dumb stupid users that get hacked we have jobs.
Though we would really like to play the latest game etc.
We would also prefur that we didn’t have as much work, but oh well we get payed still.
This news came on radio this morning during my gym session.
Cyber attacks disrupt PayPal, Twitter, other sites
By Joseph Menn, Jim Finkle and Dustin Volz
Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world’s best known websites on Friday, a stunning breach of global internet stability.
The attacks struck Twitter, Paypal, Spotify and other customers of an infrastructure company in New Hampshire called Dyn, which acts as a switchboard for internet traffic.
The attackers used hundreds of thousands of internet-connected devices that had previously been infected with a malicious code that allowed them to cause outages that began in the Eastern United States and then spread to other parts of the country and Europe.
“The complexity of the attacks is what’s making it very challenging for us,” said Dyn’s chief strategy officer, Kyle York. The U.S. Department of Homeland Security and the Federal Bureau of Investigation said they were investigating.
The disruptions come at a time of unprecedented fears about the cyber threat in the United States, where hackers have breached political organizations and election agencies.
Friday’s outages were intermittent and varied by geography. Users complained they could not reach dozens of internet destinations including Mashable, CNN, the New York Times, the Wall Street Journal, Yelp and some businesses hosted by Amazon.com Inc.
Dyn said attacks were coming from millions of internet addresses, making it one of the largest attacks ever seen. Security experts said it was an especially potent type of distributed denial-of-service attack, or DDoS, in which attackers flood the targets with so much junk traffic that they freeze up.
Dyn said that at least some of the malicious traffic was coming from connected devices, including webcams and digital video recorders, that had been infected with control software named Mirai. Security researchers have previously raised concerns that such connected devices, sometimes referred to as the Internet of Things, lack proper security.
The Mirai code was dumped on the internet about a month ago, and criminal groups are now charging to employ it in cyber attacks, said Allison Nixon, director of security research at Flashpoint, which was helping Dyn analyze the attack.
Dale Drew, chief security officer at communications provider Level 3, said that other networks of compromised machines were also used in Friday’s attack, suggesting that the perpetrator had rented access to several so-called botnets.
The attackers took advantage of traffic-routing services such as those offered by Alphabet Inc’s Google and Cisco Systems Inc’s OpenDNS to make it difficult for Dyn to root out bad traffic without also interfering with legitimate inquiries, Drew said.
“Dyn can’t simply block the (Internet Protocol) addresses they are seeing, because that would be blocking Google or OpenDNS,” said Matthew Prince, CEO of security and content delivery firm CloudFlare. “These are nasty attacks, some of the hardest to protect against.”
GOVERNMENT WARNED OF ATTACKS
Drew and Nixon both said that the makers of connected devices needed to do far more to make sure that the gadgets can be updated after security flaws are discovered.
Big businesses should also have multiple vendors for core services like routing internet traffic, and security experts said those Dyn customers with backup domain name service providers would have stayed reachable.
The Department of Homeland Security last week issued a warning about attacks from the Internet of Things, following the release of the code for Mirai.
Attacking a large domain name service provider like Dyn can create massive disruptions because such firms are responsible for forwarding large volumes of internet traffic.
Dyn said it had resolved one morning attack, which disrupted operations for about two hours, but disclosed a second a few hours later that was causing further disruptions. By Friday evening it was fighting a third.
Amazon’s web services division, one of the world’s biggest cloud computing companies, reported that the issue temporarily affected users in Western Europe. Twitter and some news sites could not be accessed by some users in London late on Friday evening.
PayPal Holdings Inc said that the outage prevented some customers in “certain regions” from making payments. It apologized for the inconvenience and said that its networks had not been hacked.
A month ago, security guru Bruce Schneier wrote that someone, probably a country, had been testing increasing levels of denial-of-service attacks against unnamed core internet infrastructure providers in what seemed like a test of capability.
Nixon said there was no reason to think a national government was behind Friday’s assaults, but attacks carried out on a for-hire basis are famously difficult to attribute.
the origional link is here
Microsoft released a preview update for october for the next month’s update.
It includes 4 things.
1. a new certificate for windows catalog which is being revamped.
2. an improvment to its diagnostics tracking through secured servers.
3. and 4.
Fixes to security updates which made things go nuts.
Some of these like the printer fixes are in 10 to so.
This roleup is for 7 and server 2008.
On codecguide.com adobe released stand alone installers for the flash player.
However I recomend users still use the web versions as for one thing they work and are accessible.
These just install and are done but when I tried on a test system it locked it up and the installer crashed after stating it was done.
At any case the web version installs fast you just need to kill those checkboxes before you install that file.
You can also customise your installer before you download it.
Next, ccleaner 5.23 is out.
For those using firefox it will install chrome on your system.
You will need to uninstall chrome, you should clear data, there is no firefox to change your web brouser to sadly.
SSo after you uninstall chrome you won’t be able to go online at all.
Run firefox from the run dialog and answer the question to use it as default then it works again.
Its a pitty piriform doesn’t have checkboxes like others do its just as well its a good program thats all.
On the articles front.
Everyone gets hacked during elections and yeah I agree with you office stuff especially mail needs to be safe.
Also remember where your flash drive was.
A security company left flash drives all over the place usually buy universities and offices.
They were researching if people would just pick them up.
They installed simulated ransomware and other things into computers and also got access to lots of info.
They conclude that people picking up what look to be free usb drives is a problem.
I do know for a fact my brother got infected with malware once from a drive he got at uni.
I also know that at uni people often left and lost their flash drives.
My brother told me that at least 10 drives would be left on the desk or floor of every room he went to.
I am unsure how we would fix things but keeping track of our stuff and putting it away when done maybe not leaving lids and stuff on our desk where they can be easily knocked would be a start.
One thing to do not use personal email for work as its logged.
Do not do banking or other things even if legal during work and don’t tweat either companies hate that during work and in fact block it.
I have people that pay bills at work I am not sure how good that is either.
Your boss doesn’t want you to serf the net while you are supposed to be working.
Hi folks, what a relief I am seeing this. Hackers Hit U.S. Senate GOP Committee is the name of the article and this goes to prove what types of things are going on. I did see things about the democrats being hacked, but eventually, the other side would be published I’m sure. Now, its just a matter of time before the whole election is rigged, and I’m proven right that it really doesn’t matter if we vote, the outside always influences it whether its money or hacking.
I think that things to make our lives easier is going to be a good thing, especially in the software field. When I saw Find Out What Threats Are Lurking in Your Office 365 Email it does not surprise me as a problem only because E-mail is involved. As long as E-mail is in it, it is always going to be a threat. We can protect ourselves by running scanners if available, and good old common sense.
- Don’t open anything you are not expecting, even if it is from a known sender.
- If you are expecting something, but the message looks suspicious, feel free to write the sender back for clarification. I’ve done this when resume’s for potential job applicants did not open, even though I did not publish any job postings within the network. I never got a mailback when telling them I could not open the file and to resend it.
- If it is a known sender, know the writing patterns and know if they tell you whats attached to any type of E-mail.
- If you are expecting a package, go to the trusted carrier site or amazon to verify any type of issues or status. I would never open any attachment indicating that there was a problem on the date it was sent, especially if I was not expecting any package.
You will always want to make sure you’re going to trusted sites, and thats harder to do now since any site can be hacked, even ones you trust. Please be careful out there.
OK, here is an interview i hope you will find of interest. The Slashdot Interview With Security Expert Mikko Hypponen: ‘Backupception’ is in text and may be worth the read for new users.
Yeah looks like I am a busy dood today and I havn’t even got through the catchup I have thought about getting at today.
So, I agree about us streaming to much.
We tweat to much in general.
Security asside do we the users be interested in who fucked who this morning or if you are going for a crap because you ate to much french fries?
We need to actually see what we as users post from the aspect of our viewers.
Its insecure, not smart, wastes bandwidth and drives away potential users.
I have friends that will block/ spam anyone that posts everything they do.
My cousin uses youtube to stream all the games he has done and stuff like that.
I have a blog I try to blog about a few things I do every week.
I have read journals and posts where I have learned about others that are now friends, and that well have lives that are not my own.
Learning such things as for example that in europe and places in the us, the boiler is extremely important is something I would never use here in new zealand, as our law of central heating is just well not up to standard, etc.
From time to time I doodle with junk things but its only when I am bored stiff.
One thing we and all social media previders need to define right is what a friend or a follower is.
For me a follower is someone that follows my post or that I follow that has an interestt, they can see my posts, and comment on them.
A friend should be the next level up from follower, they can have access to my contact info, my address, phone number, etc, can send me stuff, can come to my place, interact with me in all the ways etc.
In the basic friend level they can use my email address.
I can choose who can get access to that info.
So everyone can follow me.
But I need to be the one that initiates that friendship.
Maybe if I like their posts a lot, I may volinteer my email address via form or something to say they can be a basic friend.
It gets a bit more involved maybe I want an audio conversation, my skype.
After that that should probably be the limit of the social site, sure I can give out more info putting the messages out, and then maybe if I get a real friend we could be teamed up somehow.
The networks are not as suffisticated.
Firsttly, you don’t have any friends.
Right now a friend is someone who follows your posts and can talk to you, but they could be your friends, your enemies, a spam bot, a hacker, or a murderer.
There is no distinction on what a friend actually is.
Usually, I have people friend me and I don’t do that.
I do have people follow posts and say they like it.
If I know them I continue with them.
I will if I want to talk to them get a skype contact for audio.
And email for chatting.
Rarely do I actually give out more info.
If they say they are from my country, then I do give my phone number and they will give them mine then its outside the digital net sphere and after that anything goes.
While my digital username, skype and email address are fair game, I don’t much care who gets those, I wouldn’t want my cell, phone or address to come out for use at all.
Even when I get an international job, I don’t give them out unless I get an official legal requests with an official terms aggreement which I can read.
This is not 1999.
Last week a user on my net of friends, got bored and setup a public ftp just to see what past his door.
For me it was harmless fun.
I got some midi music and a few audio recordings and found out about some artests I never knew about.
However for others it was cracks, ransomware and other junk which made it on there, the server is dad now.
But I got what I wanted out of it.
Now I just need to kill the dammaged data files and see what I got but still.
One thing I have noticed net wize is the fact it closely mirrors the real world.
There are a few different rules.
1. cops, there are some but not many.
2. security, there is, but not as much as you’d think or like.
3. robbers, there are a lot of those.
4. tourists, a lot of those to.
5. terrorists, same as 4.
6. people that just are like you or me, same as above.
7. adds, yes and spam bots, more junk than is necessary etc, etc.
On the net, you are a name, a number, an ip link.
You are probably someone but who knows what you are actually.
You never sleep, never eat, never feel the sun, you do what you have done.
Some have jobs but not everything costs.
You don’t eat either.
Now, thats fine and all, but when this world crashes with ours, and since we don’t know how to use the virtual world right sometimes it leaks more often than not into our world it makes a mess.’
THe yahoo breach, yeah, yahoo is going to ditch all its mail next year local isps are moving cloud servers back home.
On the gaming front, I do think what needs to happen is simply have more security on these games, if a hacker wants in he will get in, the same is with a burglar or other such bad guy, the net is the same as the real world.
We just have a few more classes of badys out there thats all.
One thing we need to do is treat the net the same as the eal world to some extent we do but not enough.
The risks havn’t gone up, it would be like lumping all the world into a room, we have the seedy bit of the world and the good part.
Its dangerous if you are not carefull, etc, same is usual on the net.
In most cases everyone has their lives and some want to be your friends, but you wouldn’t trust all, etc.
Not all real world laws, like copywrite, privacy, etc will work as they do on the net, and not all net rules will quite work outside of it.
With the net becoming part of our world, we will have to start treating it as such and modifying our laws else we will have conflict.
Privacy as it stands with the event of the net is no more.
Copywrite as it stands with the net is no more though we are trying to adapt that some what.
With privacy, there are still those that believe that it should remain the same as it always was and means, thats not the same really.
With some of the non incrimental services, you can’t for example turn your real friends on and off, you can’t kill them then say you didn’t mean it etc.
On the net you can just do that and it doesn’t mesh right.
If I have to read into this we still have a long way to go.
I just read this article entitled Teens Are Live Streaming More Than Ever: The Security Risks and we do need to teach our younger friends about the types of things they’ll encounter now. The landscape has definitely changed since we were kids, and it is definitely not the same. We’ve got so much to worry about now on the net, we just keep busy with whats happening and don’t think about it.
The big question is what should we be telling our young teens and tweens? I think we should tell them that it is not the same as we used it in the 90s and early 2000s. There is a lot more danger, and posting everything isn’t going to be a good idea.
I sure don’t post about everything, even when i was at a previous employer. While that employer in question didn’t pay much, there was a risk of me posting about everything, as it could come back to bite me later on. While I wasn’t happy, posting about everything just wasn’t going to solve anything, and kids should know that posting video about every fight, every little thing they do, may be a problem later. You just don’t know who you’re going to come across later, and you just don’t want to have that risk later.
What are your thoughts? Sound off in the comments.
I want to give my thoughts in regards to Yahoo and their biggest breach of many millions of Yahoo accounts. While I’ve read the blogs from my RSS feeds talking about it, and also heard Steve Gibson on a recent Security Now, I left Yahoo a long time ago. While SBC let me link to my Yahoo account years ago, the things on my SBC Yahoo account are staying, but I haven’t really used that address for communication purposes in years.
Ever since I got jaredrimer.net, I slowly got things away from SBC. There are a few lists I’m on with Yahoo and SBC, one is an oldies list I look at occasionally, NBP’s E-mail list, the Clippers E-mail list, and the Los Angeles Kings E-mail list. I’ve moved everyone else over to my domain for contact.
This was done because I’m not at home checking E-mail, and SBC was not one of the addresses by choice I did not put on my phone. There are several addresses I have not put on my phone, but the important ones I have.
This was a decision i had made long before news of the Yahoo breach ever came to lite. Its recommended to abandon the account, and for the most part, I have, except for these E-mail lists which people can have.
What will the Yahoo breach do to people? Yahoo hasn’t been doing much as far as I’m aware for years. Yahoo news is still around, but even KNX has changed the way their site runs with a blog format and other video and app options through CBS.
What is really sad about this breach is that it is a two year old breach now coming to lite. If I can, I’m going to try and get these newsletters on my lists account over on jaredrimer.net and forget SBC Yahoo altogether. Next time newsletters come around, I’m going to start changing things around here.
I know that Yahoo doesn’t just power SBC global, what are other providers doing that can link their addresses to Yahoo? What are you doing with your yahoo account now?
Please sound off in the comments. The boards await you.
Hi folks, just released tech 251 on the rss feed talking about audio boom.
Hi jared and all.
Well, read through the
One thing that interests me is do they mean online gaming such as gambling of disreputable sites or do they mean online gaming in general.
A lot of games now days call of duty, etc have a crappy story but are meant for online team play.
Pear to pear, via ip, via game subscription or via central server with subscription.
A lot of people do it.
The password one is interesting.
I have a password for my bank, my paypal account, my wireless, my twitter, my blog, this one and my wordpress share a word I think all free sites have one of 6 different passwords based on importance.
Remembering this stuff is a challenge.
I know, I should get keepass or something to mange things but I just never get round to it.
My dad has loads of passwords written down and so does my mum, I have had to spend days changing all the passwords because I can’t remember them and or havn’t used the account often enough to remember what that is.
On to my reads for this week.
As you may or may not be aware samsung has been having issues with its note7 devices.
All devices are now recalled, and production is off till samsung can see what the heck it fucked up this time.
Shortly after that civil aviation followed up with the fact that it is an offence punnished by fine and jail if you carry one of these onto an aircraft.
Over 2 million devices have been recalled.
Further on this thing, everyone has failed products even microsoft has bad days however this is the biggest failing and its happened twice.
Apple sales will be going up its prodicted.
Google is releasing a new phone called the picsel.
It is supposed to be a good phone, coolblindtech.com has details on how narly this thing actually is.
There is already a cool pair of headphones for it.
the orbit reader 20 the new 300 dollar braille display is getting closer to its release.
Tidbits of information were released on aph this week including its manual and technical guides.
Well one of its test group released an recording of the prototype.
https://dl.dropboxusercontent.com/u/545 … _00_58.ogg?dl=1
Google has released new updates to its voice assistants including updates to its chromecast line of products with a home device aimed to control just about everything.
Android 7.1 has been made exclusively for the new google lineup and will come out to other phones at some point as will its new headphones.
Its also rumored that google are entering the vr market or stepping it up some.
As a further edit to the posts, its been confirmed via ent gadget, that after its recalls, samsung retested all their batteries in house and found they had a problem maybe but others by another company didn’t seem to.
They have just retested every battery for all their devices and they are not blowing up.
Its not the batteries.
It may be just the latest note device or thats how I read into it.
So far those that certify their stuff say that everything checked out, this is the first time there was an issue.
So I read it as being a device problem rather than a battery problem.
At least this narrows it down some what.
Its either software or hardware.
Both things will need to be checked, but the battery packs should be fine.
On another tangent news on tv had an expert interviewed, and he said that we should have had all our phones exploding on us because of the large amount of cpu power used, the fact the heat energy needs to go somewhere.
As you know in the older days your average 386 and lower laptop had no fans or anything.
Even the units up to the first duel cores didn’t have fans that went all the time.
Now my latest i5 has a fan that runs all the time.
Luggables had fans as well as desktops, however cellphones don’t have them.
Saying that if its in a case it would overheat anyway, and a fan would use a lot of power, but there is no argument that when under massive load our phones get really hot.
Even in the older days people were up in arms about radiation dammage from the then week non smart devices, so this may be the start of us realising the old coolent technology that powers our new generation of smart computers just doesn’t cut it anymore.
This would actually make sence, our smart phones are now minni computers, and computers especially 64 bit units no matter the size of their cpus generate heat and that heat needs to go somewhere.
Maybe one day someone will make a machine where you could fry an egg or make coffee from your phone, use the heat to recharge a battery or even power something.
Right now all heat does is destroy the devices.
Its been awhile since I’ve posted about what I’ve read, and I’ll try to post some of the highlights of what I think people should check out. This won’t be an exaustive list, however, this will be things that I think you should read in the tech field. I do tweet what is interesting, but some of my twitter may not meet your needs, so i’ve posted the tech stuff and compiled it here. Hope you enjoy the list, and leave those thoughts.
- 5 Things You Need to Know About the Threat of Election Hacking Safe and Savvy Blog On October 14, 2016 I read this article and its almost election time. Definitely some very interesting things coming, and do we really know if the election is going to be controled by bots swaying people based on retweets or the like? I guess we’ll find out over time.
- October is cyber security month, and various blogs are doing blog posts talking about various things. This one is from Last Pass and The Password Paradox: What’s With Our Risky Online Behavior? All of these types of posts talking about every day habits we do should be read to change our behavior. I agree with what this article is talking about, because even i have similar passwords for accounts I don’t much care about like IFTT, but yet I have an 8 character password with numbers and letters just the same. This password is not word generated, but yet, I can see if someone tried to guess it I’d be screwed. I should run the lastpass security challenge, as there could be multiple sites that do have the same password, and I do need to change that behavior in lite of recently known breaches which are not known to go away.
- I ended up looking up phishlabs after they have E-mailed us in regards to some issues, and I’ve subscribed to their blog to learn how we can protect users from Phishing. It has to do with user awareness and training, and I like their work. This time, All Phish are Not Created Equal: The Evolving BEC Scam and it is true. Phishing, as you all are aware, talks you in to divulging information because the E-mail claims that you are a winner of a prize, you may have missed a package, you need to review this shipper to go get your package, all sorts of things of this nature. Some of this can lead to malware or now, ransomware. I briefly talked about this in this work awareness course i’m on my 4th time taking, and there have been some changes, but the same thing as I remember it. This time, i did talk about ransomware, and the multi-part series that I posted.
- In the DNS department, Trend Micro posted on Octoberr 13 about a vulnerability in bind. I did not know that this was a system done by Berklee, so this is something new. The vulnerability isn’t good, as if we update server information or change something in the records for the domain, Bind takes care of it. For example, if I created test.jaredrimer.net on jaredrimer.net, bind would create the sub domain and bind it to the domain on the account. The article: A Look at the BIND Vulnerability: CVE-2016-2776 and it is a good read. I am not sure how we are updated, but I am going to make sure my provider sees this one in a few days. I just need to find out and call them in regards to how I should report such things so they can update things or notify the cpanel company or how this all works so we can stay as safe as possible.
- This next one posted yesterday that I saw comes from our good friend Brian Krebs. IoT Devices as Proxies for Cybercrime is the article, and it is a good read as it talks about how Brian may have been attacked with this massive 620gb flood which forced him off the net. It also talks about the massive amounts of devices that are now coming online and the fact we do not necessarily have much knowledge of it once it is connected. The issue we have is that we don’t change the default credentials, and that is part of the problem.
- Phishlabs talks about the data breaches and where they begin. Rewinding the Headline: Where Do Data Breaches Begin? This article was posted on the 12th, and it was a great read. If you want to take a look at this one, you may.
- There are several blog postings talking about the monthly patches of Windows. October Patch Tuesday: Microsoft Releases 10 Security Bulletins, Five Rated Critical is one and Microsoft: No More Pick-and-Choose Patching is the other. One from Trend Micro which is more detailed and we talk about what is in the rollups, and Brian talks about the rollups and Adobe’s updates as well. If you really want a third article, read October 2016 – A brave new world of security updates which is also detailed as well.
- In the legal vs tech department, you better check What A Murfreesboro Court Case Tells Us because Ubber and Lyft both use apps to book your rides. This is good to see, and we’ll see what happens with this one.
I am looking for your comments on some if not all of these articles. If you want to do an audio segment on your thoughts, and you want to submit, please let me know and i’ll see what I can do. I want to try and post daily, but I just don’t have time anymore, but looking to change this. Thanks for reading and we’ll chat later.
Well this is better late than never, been trying to focus since my return from holliday.
As it stands the first windows 7 and dotnet roleups basically the cumulative updates for 10 are out.
In addition the 1607 build updates are the same as server 2016 updates.
Security wize, updates to note are video playback security, multimedia security and internet messenger protocols.
Over that its the normal web, kernal, graphics and font, and web updates you see on your regular install.
Also packages for office, almost the same deal as it always is.
This month we see the quarterly adobe reader dc update as well as the updates for flash.
The procedure for indeviduals getting flash for a multi system approach has changed, this will happen for a multibrouser environment.
1. go to http://get.adobe.com/flashplayer
Select the other computer link.
from the combo boxes, select your os, and version of web brouser and click download, do that for every brouser you have.
on 8 and lower ie oppera and firefox are supported on 10 and up internet explorer module is included so is left out of the download list.
One thing to note, please turn off the 2 checkboxes, these are to install 2 security products by intel and mcafee.
Then click download.
Once the installers are on your system run them and either set updates to notify or simply don’t update to avoid unwanted software installed.
Next hit next and the thing will download and install.
After you quit the installer it will kill itself and it will go away.
Thats all for now.
Read the latest ransomware articles, and yeah they suck its about all I will say.
Ransomware reaches a new low? Decrypt THIS! Ransomware dev taunts security researchers in support forum takes this game to a whole new level. This is absolutely horrifying. If I were infected with this, I would pretty much be screwed as well as everyone who may read this blog. Most of the people I know couldn’t do the type of work to decrypt a piece of software, or in this case, malware. Terrible.
Some days ago, I posted about part 1 of this series on how to protect yourself from ransomware. This is part 2 of that series. I hope that people will take a look on this article and I’m sure we’ll talk about this one.
I just found this resource someone gave me.
nomoreransom.org is a site to educate the users on ransomware and its prevention.
Its funded by kaspersky, intel, and a couple of international and europian police forces and seems quite good though I did the standard malware, spying, virus, spam, fishing and scam word searches to make sure nothing was a miss.
Its fully accessible and works fine enough.
Lets hope the mouse happy people stop clicking things they shouldn’t.
Sadly however the only bad thing that may be from this is that this site heavily advertises kaspersky tools and intel tools, its for small businesses mainly.
However there is a free prevention second opinion tool for small businesses that may be used by standard users.
There are also decription tools and a sherrif online tool that you can upload readmes of hackers into as well as samples of incripted files and active ransomware examples.
I am happy that this has come out.
It means I don’t have to spout about this every other week.
I will spout about the site as much as I can though.
General protections include keeping your security updated, keeping your software and drivers updated where possible.
It goes a step further than not clicking on emails you don’t know and says you shouldn’t trust anyone that sends you files not even if they say its ok.
Sadly it doesn’t mention sites like virustotal to handle their scanning.
In stead the page is plastered with adds to install and buy kaspersky products all of which we know are not accessible.
In fact it is mostly about how carspersky can help with a small blurb at the end about intel security.
You can even report new stuff with this thing so its worth even just reading.
There is a complete history of everything from 1986 to the present day and its well worth just a look if anything else.
Today as well as the klite codec pack version 12.42 update, I recieved a win10 upgrade defs upgrade.
This looks to be in my opinion ms responce to windows 10 2016.7 update not working right putting it into the upgrade pool rightly with extra compatability tracking diagnostics.
However it got me thinking and searching.
I found several articles on a few uk newspapers.
The facts are clear, win10 while ms says its the best cake in the world, the rumors about its issues are now official.
Aparently a international consumer group is ordering ms to pay for dammages.
8 out of 10 people have had issues with their systems after 10, mostly hardware incompatability, speakers, webcams and the like.
There have been and continue to be syncing issues with their online account services, email syncs and data loss due to the upgrade and install of win10.
While I have not had any issue on the workstation I have used, I do know a couple friends had things crash out due to power cut and have had to resort to restoring their accounts fully from ms online.
The closest I had was when icloud decided to corrupt, taking down email completely.
I had to revoke all permition to pop access, delete all email profiles, fortunately the databases were still in tact, upgrade to imap which I was going to do anyway, then do a repair on icloud service and finally reinstate icloud service.
It worked but to someone that had no idea it would be a problem I had to spend several hours trying to get it up and it did come up.
Sadly for a lot of people they have lost all their files, and well had computer issues, some have had to et their computers fixed and or replaced.
And a lot of people had to role back.
A lot of businesses were effected to.
Fact is, for those of us on 7 it proves the point that windows 7 is and will always be more stable and functional than win10 will ever bee.
It proves that windows10 destroys data and is not reliable.
It also proves to meat least that the ms account is a load of fucking shit especially if you are a home user and not a business one with a lot of stuff.
On the other side I have no problem getting cloud services intergrated with my apps not ms ones.
For example google drive is intergrated with my office and ms products now.
Sadly ms I won’t be making a windows account any time soon on ms account.
I may if they allow me to do it make a google one because google makes android, and other services and its stable.
This is not mine.
I got it on twitter of liamerven, from tyler spivey, from dug lee maker of scripts.
Basically if you use twishort via twblue to post tweats your credentials are posted to the twblue server.
This is probably a bug and will probably be fixed.
However with security being as it is, it appears we still have developers making rash decisions.
Hi jared and all.
Well, the world is full of dumb people.
This goes back to an situation I had on the network last week.
Never click what you don’t know, using noscript and ublock or similar in firefox which by the way are free does stop things some what.
Spam, spam, lovely spam is only good if tinned and only in small quantities its full of fat and its processed, you shouldn’t be even eating that stuff.
As I have said before, fishing emails and spam is where most of it comes from.
Don’t click, kill spam and no nasties.
Cracking software again, don’t do, heck guys as a retired pirate I should know, opensource and free apps are on the rise, there is no need for it.
Yeah, yahoo is total bs.
A message last month from my previder that uses yahoo as its main email system has decided after several breaches to ditch it.
So what should you do about the latest breach.
I don’t usually say that, but don’t bother doing anything.
Yahoo is going to retire its email system next year.
Use something like gmail its good for the nation.
I am not saying its safer but its fine for me.
Heck if google goes down we loose more than email anyway.
It does worry me about having registered ids and devices that can not be killed easily its like a perminant cookie and no one wants that.
Kids are kids, again what you put into the net stays online, its why you are carefull what you put.
Don’t buy anything off of twitter or facebook it just makes sence.
Social networks are full of scams!
You just have to be carefull.
I think the article on ransomware is being quite polite.
You can not get ransomware unless you are totally dumb and stupid and just click that link or click the popup on screen.
And if you get the erge you can block all of those to if you care to do it.
I know this will grate with a lot of you security nerds, but there is no need for all that extra security software on your system.
You need a simple security package that will stop the stuff you miss.
The most secure package is in your skull.
If you don’t use that then you are as dumb as that thing you type on called a computer that accepts imput from your totally dumb head.
I have actually had situations where users both in businesses and outside have got secured to the nines and then can’t use their system.
After fixing all the dammage I have had to essentually shut down and uninstall their security, clear their systems, and just hope they work again.
I have had it where myself a while ago I used advanced security systems and slowed the system and caused dammage forcing me to reformat about 5 units just because they had been secured against windows itself.
I don’t think loading all the extras is the answer either.
I have msse on here which is fine.
Malwarebytes free serves if I think something has got past my scull.
I have firefox, noscript, and ublock.
Most email is scanned via google and if something appears which is spam you can report it and it goes away.
Similarly if something isn’t you can tell the filter its not.
On to my gripes.
Hidden windows are my chief gripe of the week.
You know if you get those updates, and those hidden things that notify you on something say that your web brouser is updating and to close and sometimes don’t see?
Last night my dad shut down his system and got a message windows was configuring or getting ready to do it and just locking so he turned off his system.
On restart the system worked but I wandered what it was he thought it was a virus.
What programs did you use? I asked, office and chrome.
I immediately checked sure enough chrome had an update stuck half way.
I opened it and it completed it and restarted fine.
However some of this stuff hides in the background and while good it can happen that you may be shutting down or other things while its doing something.
I once had an experience where a friend of mine got windows, outlook, and a few updates running.
The windows one finnished, the web one finnished.
the other one finnished.
But there was a last hidden account update to something that didn’t finnish, in fact it was hidden.
On restart the system would not restart.
ANd in the end had to be reformatted to get it to start.
The hidden update was the issue, and while I am happy for background updates as the next man I’d like the ability to have things more visible even if that means I get annoying windows or notifications or messages telling me that something is in progress now we don’t and it can get in the way.
Usually when I know something does this beforehand, I try to preempt the action by manually initiating the action but even then.
Here is some of what I’ve read the past 4 to 5 days.
It looks ,like Yahoo is at it with the biggest breach we’ve ever seem. First, from Trend Micro Think changing your Yahoo password is enough? Think again is the first article from Trend Micro. Then, we have Yahoo Breach: It’s Time to Keep Those Password Safe but both articles are needing to be read and I personally don’t think that it matters the order.
Ransomware is back in the news. This time, its a 172 percent rise as we learn How to Protect Yourself Against Ransomware – Part 1 and it is a great read. Goes back to the prior articles I’ve posted including phishing in the E-mail, and other odds and ends.
Next, in the business E-mail compromise department, we have the biggest heist I’ve ever seen in this article from trend micro Yet another company lost $6M to #BEC, and it could be a result of poorly implemented security protocol. and I don’t see this going away any time soon. If I were you, I’d search out these articles so you can learn how to protect your self and your business, especially if you’re a small business. BEC scams are not picky.
We even have more from the POS department, the same payment systems we use every day and had malware which captured credit cards and other data. This time: PoS Malware: Old Dog Learns New Tricks and it can’t be good.
In the hospital field, some 4 days ago or so, I read something about pagers and hospitals and the types of issues that can be found with that technology today. This article entitled Leaking Beeps: Here’s A Reason to Kick Pagers out of Hospitals and this one practically scared me. I wonder what the data was that was being transmitted, and what they’ll have to use next? What about the fax machines they use?
In the sex department, where sex and tech meet, sadly not in a good way with this article, Kids as young as 10 caught sending nude photos in #sexting scandal and some disgression should be taken when reading this one.
I think this is it for now, went several days back. Come and comment if you wish.
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
- The tech blog’s pages