go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu

sections menu

fine menu sezioni pagina

The Security Box, podcast 5: Phishing and its various forms

Phishing and its various forms are covered. I didn’t cover it all, just the more familiar ones. Links are given, and we do play some tunes too.

Podcast 5 covered Phishing and its various forms. The main option we used was Wikipedia, but we also link to F-secure and a podcast talking about what this is. There is one aspect we did not cover which I think we should. Our things to ponder segment was a little adult in nature but appropriate in today’s environment of social media and the things that are allowed and not.

The show lasts 3 hours, 32 moinutes, and I hope you enjoy! No major news notes segments.

RSS has the program and its also on mixcloud for your enjoyment.

Have something to say? Contact me!

Comments (0)

Sans Institute gets breached, investigation in progress

This morning, we’re learning about the Sans Institute, an edducation portal for cybersecurity professionals and people interested in the field like myself got breached.

Since they’re an institution, they charge for their courses and they recently added some new ones. I receive Sans News Bites which I’ve read for quite awhile although not of late. Some of the things may be blogged, while others not so much.

According to cyberscoop, The SANS Institute, which trains cybersecurity professionals around the world, was hacked, resulting in the compromise of 28,000 records of personally
identifiable information, the organization said Tuesday.

The Maryland-based research and educational outfit said the breach was the result of a single phishing email sent to a SANS employee, which led to more
than 500 of the organization’s emails being forwarded. The breached data included names, email addresses, and physical addresses — information submitted
by attendees of a recent SANS virtual training event.

After discovering the breach on Aug. 6, SANS said it “quickly stopped any further release of information” from the compromised email account, which was forwarding the data to an “unknown external email
address.” The institute did not identify who was responsible for the hack.

The fact that Phishing was the leading cause is not surprising according to the article. Even the best make mistakes, and its bound to happen.

Can the institute learn from this mistake? The news is that they were right on it after discovering there was a problem, and that is what you want. If I see anything else, I’ll be sure to pass it along as I think people should see this.

Cyberscoop: SANS Institute, which drills cyber professionals in defense, suffers data breach is where you can read more. Today they just released new courses and hopefully new students won’t be effected.

Comments (0)

Patch Tuesday, I’ve been rebooted

This morning, I went ahead nd rebooted before the Security Box, as the computer indicated it had updates to install. I read the article on Krebs on Security, and this is the only article out at this time. This month, 120 security bugs have been patched. This makes the 6th straight month of over 100 patches during this trying time for the Washington based company.

At least 17 of the bugs squashed in August’s patch batch address vulnerabilities Microsoft rates as “critical,” meaning they can be exploited by miscreants
or malware to gain complete, remote control over an affected system with little or no help from users. This is the sixth month in a row Microsoft has shipped
fixes for more than 100 flaws in its products.

For complete information including links to several CVE’s, please check out Microsoft Patch Tuesday, August 2020 Edition for complete details. If I see more, I’ll be sure to pass it along!

Comments (0)

Looking for a job? Not so fast according to North Korea

The Koreas are at it. First we had South Korea getting Tik Tok in to some trouble, and now we have North Korea in the phishing game. I’ve seen numerous job offers in my email before, and even offers sent through my web site forms telling me that the supposed company has all these devlopers and they’re in China or some other country and they can do my site for cheap.

While some of this may be spam, some of it may be legitimate job offers. I’m unaware of a company that sends job offers to people randomly however, I believe that most legit job offers you have to go seek unless you call the company first.

Here is what I’d do.

  • If I got a job offer from what looks like a legit company, see if you can find a point of contact.
  • Contact them through the point of contact and ask if the company sends job offers by email.
  • Depending on what you get as an answer, proceed with caution, and remember to check the URL if clicking.

Macafee detected malware after job offers were sent, and this is why I highlighted some potentials to check. My hunch is that this isn’t normal to receive job offers by email, and we should be aware of that.

There are a lot of links within this article, so quoting it is going to be a little bit difficult, so I’ll leave you by putting the article to read if you’re in the market.

For North Korea, phishing with fake job-recruitment emails never gets old

I read this article on the 30th of July, and it isn’t completely old. It can be shared any time. That time is now.

Comments (0)

A scammer threatens to put data online unless paid

On the 20th of July, I read a very interesting article about a scammer that decided that it would be a good idea to ask for more than he probably deserved. Not only did he get paid for ransomware attacks, he decided to ransom more money for not publishing the stolen data he had.

The government of Cyprus has extradited a 21-year-old accused cybercriminal to the United States after he was accused of breaching a number of U.S. companies
as part of a years-long extortion effort.

Joshua Epifaniou, a Cypriot national, arrived in New York City on Friday, more than two years after he was initially arrested in connection with a corporate
hacking spree.

According to the article from Cyberscoop, the gentleman stole from multiple sites, than asked for more money to not publish the data.

To add insult to injury, the article states:

Epifaniou also hacked Ripoff Report, a business accountability site, and charged his clients between $3,000 and $5,000 to delete relevant complaints, prosecutors
contend. Epifaniou also allegedly worked with a search engine optimization firm to research companies disparaged on Ripoff Report that would be most likely
to pay for his services.

How does it feel to get caught now?

He was scheduled to appear in Georgia several days after this article was published, and I’d sure like to know what defense he has, seeing that the government has quite a bit on him.

Accused Cypriot scammer threatened to publish stolen data if victims didn’t pay huge extortion fees is the article from Cyberscoop, have fun!

Comments (0)

Here’s some very interesting phone stuff to chew on

Recently, I covered for one of our technology shows and mentioned bluetooth as part of a permission base that an app for Donald Trump had when you installed the app. I was later linked to a podcast which covered this aspect and bluetooth as a whole is not necessarily a bad thing over all.

After reviewing that, I remembered I had an article talking about researchers finding a vulnerability in the operating system when it came to Android and it is not an IOS bug as they tested it.

I don’t honestly know of the first way researchers targeted bluetooth, but the article in question talks about how the latest round can be used to get at very specific things.

It works by allowing attackers to disguise themselves as a trusted application, requesting permissions that allow one Bluetooth-enabled device to share
data with another device, such as a headset or car’s “infotainment” system. For the attack to run successfully, Bluetooth must be enabled on the target
device and victims must approve the attackers’ request for privileges. In the end, this action gives attackers access to data on the victim’s device, according
to the California-based company.

The good news is that you still need to approve this thing, so if you’re not looking for any connections on bluetooth especially when traveling, its recommended to turn off bluetooth so you’re not discoverable, or deny connections you’re not expecting.

Researchers found another way to hack Android cellphones via Bluetooth is the article here and I think its still worth a read.

In other news speaking of phones, who here would ever trust the NSA with giving advice when it comes to security? OIn an article I also read around the same time I read the first one linked above, the NSA is trying to go around telling us what to do about hiding our location even if we turn off location services.

In part, a paragraph says:

The NSA warns, for instance, that in addition to mobile devices storing location data in their own mobile device logs, cellular networks receive real-time
coordinates for cellphones every time they connect to the network. That communication with the network also can make location information vulnerable.

So you’re telling me that this isn’t part of how cell phones work, because if there ever an emergency and you needed to call emergency services that you couldn’t get it?

Another paragraph says:

Bad actors using devices that imitate legitimate cellular towers could also obtain sensitive location information even without providers’ cooperation,
the NSA warns.

I have heard of devices that are like cell phone towers, and can act like the real thing, but I am unaware if I’ve came across them. I don’t think we can ever know if we have come across them.

There are two headings that might be of interest. The first: The public is definitely in mind and the second Smart devices and social media. I’m sure that you might want to take a look at this if you’re interested in this type of thing. I hope I am not sharing my location with a bad actor, even if I had turned off my location services. Here’s the NSA’s advice for reducing the exposure of cellphone location data is the article from Cyberscoop here.

A third article is more in the “oopse, we’ve been targeted” department as it talks about robocalls. A company who is supposed to give legal aid to various companies got their database lifted and from my estimation, people won’t be too happy about this one.

Chew on this paragraph. It says:

A California company that helps telemarketing firms avoid getting sued for violating a federal law that seeks to curb robocalls has leaked the phone numbers,
email addresses and passwords of all its customers, as well as the mobile phone numbers and other data on people who have hired lawyers to go after telemarketers.

Big time problem much? I still wonder why these databases are stored online and in the clear? My database is stored in a folder, in many files. MENVI has its roster but it too, is in a file on the computer, not online for everyone to peruse and lift data.

While Dropbox was targeted in 2016 according to have I been powned but I’m not concerned because I have two factor on and my password is strong as it is anyway. I should think about changing it, but I’ve not been overly concerned.

Lawyers representing TCPA claimants typically redact their clients’ personal information from legal filings to protect them from retaliation and to keep
their contact information private. The Blacklist Alliance researches TCPA cases to uncover the phone numbers of plaintiffs and sells this data in the form
of list-scrubbing services to telemarketers.

“TCPA predators operate like malware,” The Blacklist explains on its website. “Our Litigation Firewall isolates the infection and protects you from harm.
Scrub against active plaintiffs, pre litigation complainers, active attorneys, attorney associates, and more. Use our robust API to seamlessly scrub these
high-risk numbers from your outbound campaigns and inbound calls, or adjust your suppression settings to fit your individual requirements and appetite
for risk.”

Wonder if anyone will trust these guys again?

Found anything in this space we should talk about on any of the podcasts? Drop me a line!

Comments (0)

Phony covid and unemployment claims to boot

I’ve been sitting on stuff, and its time to try and catch up. We know that thieves have been taking advantage of our situation of not being able to work for some time now, and even before the pandemic, we’ve gotten the various phishing emails, sms messages, and even the telephone calls.

One phone call that I got within the past while had to do with someone claiming to call from the police department. They wanted me to donate $10 to help the police. While I support the police department, we are not responsible to pay the police department, they get paid by our taxes and other funding I may not be familiar with.

If the guy calling me was from the police department, the police department would probably be happy to send me information on what the money donated was to be used for. I told the guy to send me the packet, and he never asked for my address. I don’t believe police departments ask for money from the general public, they are paid again through the fines you pay and other means.

In June, KrebsOnSecurity was contacted by a cybersecurity researcher who discovered that a group of scammers was sharing highly detailed personal and financial
records on Americans via a free web-based email service that allows anyone who knows an account’s username to view all email sent to that account — without
the need of a password.

The source, who asked not to be identified in this story, said he’s been monitoring the group’s communications for several weeks and sharing the information
with state and federal authorities in a bid to disrupt their fraudulent activity.

The source said the group appears to consist of several hundred individuals who collectively have stolen tens of millions of dollars from U.S. state and
federal treasuries via phony loan applications with the U.S. Small Business Administration (SBA) and through fraudulent unemployment insurance claims made against several states.

This is only the first few paragraphs of this very interesting article I recently read from Krebs. Lets all be informed.

Comments (0)

This week in security news, news ending August 8, 2020

I’m a little bit late with this one but this week in security news for this past week has some very inteeresting things in it.

I think the big thing for this past week’s news is in regards to programming industrial systems to do jobs. There’s now a thing called Smart Factories, and its only going to get worse if the programming for them is not going to be updated. I’ve not read the article, but if this interests you, click on through.

The other big news is Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts which really talks about this particular threat. Trend Micro named this threat, and the article really goes in to their MO.

As part of our discussion of Phishing for tomorrow, we’ll have to talk about Business Email Compromise, and its effect. Because of the pandemic, its not going to be going away any time soon.

A third item is talking about … what else? Covid-19 and the landscape we nbow live in. Instead of going after the individual, cyberactors are going after the companies with the big bucks, and it is only going to get worse as this year progresses.

If you’re interested in the big time deal with many articles talking about the industrial aspect of our security, than this last week’s security news is where you’ll want to go. This Week in Security News: Robots Running the Industrial World Are Open to Cyber Attacks and Industrial Protocol Translation Gone Wrong is the blog post, and I urge people to check out the new phishing attack if nothing else. Thanks so much for reading!

Comments (0)

a twitter update worth reading: there’s more to the masterminds than we once knew

One week ago, one of my twitter followers posted a story they read through Wired talking about how the masterminds were caught in the twitter hack. MO stands for Motis Operanda, and of course, they talk about the social engineering ploy which these guys and others have done for many many years.

We later learn that Kurt is not a twitter employee, but possibly another persona of one of the elledged 3 that mastermined this scheme. To learn more, please feel free to check out the article: How the Alleged Twitter Hackers Got Caught with the subtitle: Bitcoin payments and IP addresses led investigators to two of the alleged perpetrators in just over two weeks.. While my post will be short and to the point, you need to read the article to get the complete story. As I say, better late than never. Have fun!

Comments (0)

Finally a line on election security? Maybe this is the beginning of cleaning this up

The blog and its various itterations have talked about election security. We know that 2016 was mettled with, and this year has the potential of the same thing. With the corona virus, its going to get interesting

The article I read last night talks about one company who is updating their policies to allow the good guys to find and report issues which the company will fix, and I think it is a long time in the making.

“Hackers are going to hack, researchers are going to research, whether or not there’s a policy in place,” Chris Wlaschin, ES&S’s vice president of systems
security, told CyberScoop. “We think it’s important to have that safe harbor language out there to set expectations.”

I can’t agree more. The article has other links and things, and its only going to get more interesting from here. Top voting vendor ES&S publishes vulnerability disclosure policy is the article, and lets see if more vendors get on board!

Comments (0)

The Security box, episode 4 notes reissued

I found and corrected some formatting and Hopefully Shaun’s last name spelling based on a comment on a prior post.

Here are the corrected notes.

Welcome to podcast 4 of the Security Box. On this show, we’ve got one main topic, a very interesting talk by Shaun Everess about a big time breach which effects GPS, news, notes, and more!

Our main topic:

Our main topic is the Computer Fraud and Abuse act. What is it? How did it come about? Do you think its working?

Shaun’s topic

Shaun Everiss talks about some blog stuff, but he also talks about a big time GPS hack that could possibly be effecting all of us in some aspect. The topic is also being cross posted to the technology podcast as a whole, but I’m putting it here for comment by this podcast.

  • This blog post from the Technology blog and podcast This has to be the biggest breach to date gives my thoughts, along with Shaun’s email. It also links to the story both linked in his email, and actually linked at the bottom.

Other newsy things

Twitter News

This isn’t possibly the entire news, but some items that may be of interest. Please check the blog for more, contact me to tell me what you want discussed, and thanks for listening!

Comments (0)

More Zoom issues, settings not set correctly, judge terminates proceedings and the meeting

Yesterday, I was alerted to an article from Krebs on Security that talks about the teenager in Florida that is part of the attempted hack on Twitter that took place on July 15th. The article doesn’t necessarily talk about anything new, since the judge or whoever set up the meeting didn’t set things correctly, so it wouldn’t surprise you if you heard that porn was streamed in to the conference and people were able to unmute themselves and cause havoc.

The incident occurred at a bond hearing held via the videoconferencing service Zoom by the Hillsborough County, Fla. criminal court in the case of Graham
Clark. The 17-year-old from Tampa was arrested earlier this month on suspicion of social engineering his way into Twitter’s internal computer systems and
tweeting out a bitcoin scam through the accounts of high-profile Twitter users.

Notice of the hearing was available via public records filed with the Florida state attorney’s office. The notice specified the Zoom meeting time and ID
number, essentially allowing anyone to participate in the proceeding.

Even before the hearing officially began it was clear that the event would likely be “zoom bombed.” That’s because while participants were muted by default,
they were free to unmute their microphones and transmit their own video streams to the channel.

Sure enough, less than a minute had passed before one attendee not party to the case interrupted a discussion between Clark’s attorney and the judge by
streaming a live video of himself adjusting his face mask. Just a few minutes later, someone began interjecting loud music.

It became clear that presiding Judge Christopher C. Nash was personally in charge of administering the video hearing when, after roughly 15 seconds worth
of random chatter interrupted the prosecution’s response, Nash told participants he was removing the troublemakers as quickly as he could.

To add insult to injury, the information was available to the public which could be a good thing, just like court hearings are available for anyone to come in if they want. But my question is whether or not its possible to change settings while a meeting is in session for people not to be allowed to unmute, and other critical settings to have a successful meeting or court proceeding in this case?

The article goes on to talk about the defendants history including sim swapping and social engineering. In 2019, according to the article, the defendant was responsible for lifting 160 bitcoin from someone, and when he was arrested, they were able to recover 100 of those bitcoin and I believe returned it back to the rightful owner.

For more on this including an article linked within, please read Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker from Krebs on Security, and make it a great day!

Comments (0)

The Security Box, podcast 4: News, Notes, CGFAA, breaches and more

Ok a little over than three hours, we cover quite a number of things. Below, please find the show notes, and remember to go to the RSS feed to pick them up.

Here are the show notes.

Welcome to podcast 4 of the Security Box. On this show, we’ve got one main topic, a very interesting talk by Shaun Everess about a big time breach which effects GPS, news, notes, and more!

Our main topic:

Our main topic is the Computer Fraud and Abuse act. What is it? How did it come about? Do you think its working?

Shaun’s topic

Shaun Everiss talks about some blog stuff, but he also talks about a big time GPS hack that could possibly be effecting all of us in some aspect. The topic is also being cross posted to the technology podcast as a whole, but I’m putting it here for comment by this podcast.

  • This blog post from the Technology blog and podcast This has to be the biggest breach to date gives my thoughts, along with Shaun’s email. It also links to the story both linked in his email, and actually linked at the bottom.

    • Other newsy things

Twitter News

Comments (0)

Twitter prepared to pay a large amount of money

Many years ago, Twitter said that they would use mobile phone numbers as part of two-factor and making sure we can get in to our accounts. I know that during this major mistake where an individual was tricked in turning over credentials to a internal tool which eventually let other people take over big time accounts there. We also have learned that some passwords were changed either through reset, or through the tool.

In an article entitled Twitter prepares to pay up to $250 million for using security data for advertising it talks about this and the recent events as well.

Twitter acknowledged it could pay up to $250 million to the U.S. Federal Trade Commission for directing targeted advertising to users based off data submitted
for security purposes.

In a financial filing
submitted to the Securities and Exchange Commission,
Twitter estimated it would pay between $150 million and $250 million to the FTC. The penalty comes after the FTC drafted a complaint on July 28 alleging that Twitter used “phone number and/or email address data provided for safety and security purposes for targeted advertising during periods between 2013 and 2019,” Twitter said in the SEC filing.

The complaint suggests Twitter violated a 2011 FTC consent order that required the company to establish a data security program, which required them to
be transparent with users about the security and privacy measures in place. In October 2019,
the company said it used email addresses and phone numbers to improve targeted advertising efforts.

There is more to this story The company even says that they don’t know how many people were used for targeted advertising. As the breach isn’t bad enough, we’re finding out about this problem too?

I believe during the incident in July, Twitter was as transparent as possible under the circumstances. Why not earlier? I’m leaving my twitter, but now I’m really wondering about this.

“The matter remains unresolved, and there can be no assurance as to the timing or the terms of any final outcome,” Twitter said in its SEC filing.

Twitter submitted the SEC filing days after it’s second-quarter earnings report, in which the company said its number of daily users had grown by 12% to
186 million people, though its revenue fell by 19% from one year earlier to $683 million.

The boards await you and there’s more. Go on, read more. It was a very interesting article. Thoughts welcome.

Comments (0)

Yet Another booting problem found by researchers

In the Security Now podcast taped on August 4th, 2020: you will learn about yet another booting issue or yet, a booting problem similar to how Meltdown and Specter were headlines in 2018-2019.

In June, the antivirus company ESET stumbled across an insidious strain of ransomware that prevents a computer from loading and locks its data.

A saving grace was that, in order for the attack to work, a ubiquitous feature known as UEFI Secure Boot, which protects computers from getting malicious
code slipped on their systems, would have to be disabled.

This bootable problem effects the booting process of every Linux-based computer to date.

The article I’m going to be linking to comes from Cyberscoop. New bug in PC booting process could take years to fix, researchers say is the article. While this doesn’t effect Windows as far as we can tell like the others, we should be aware of what is going on with different operating systems. Feel free to take a read of this one if this interests you.

If I’m wrong and even though I read its linux-based, if it does effect windows, please leave a comment to clarify. I know it talked about UEFI, and the secure boot, but all or most machines have this in their bios. This type of work i don’t do, so my knowledge may not be correct. I’d love clarification, so comment away!

Comments (1)

Don’t make mistakes like the Twitter employees did

While looking for tik tok specific things, CNET has an article Protect yourself from phishing scams so you don’t fall prey to the next Twitter hacker which talks about Spear Phishing. Hopefully next week, we’ll be talking on the Security box about the different types of phishing. This article highlights what happened with twitter, and lays the groundwork on what you, the average consumer, can do to protect yourself.

  • Look at the “from” field. Is the person or business’s name spelled correctly, and does the email address actually match the name of the sender? Or are
    there a bunch of random characters in the email address instead?
  • While we’re at it, does the email address seem close, but a little off? E.g. Microsft.net, or Microsoft.co.
  • Hover your mouse over any links in the email to see the true URLs they will send you to. Do they look legitimate? Remember not to click!
  • Check the greeting. Does the sender address you by name? “Customer” or “Sir” would be red flags.
  • Read the email closely. Is it generally free from spelling errors or odd grammar?
  • Think about the tone of the message. Is it overly urgent or trying to get you to do something you normally wouldn’t?

    • There’s more to the article that might help you. If the common tactics don’t help you, look at the address, even if it is spelled more correctly than other messages you could easily spot. We’ll be talking about this more hopefully next week. If not next week, on a future show.

    Comments (1)

    Tiktok, its fun for you, not for lawmakers

    I’ve been asked about what is going on in Tik Tok land. this CNET article entitled: TikTok: For you, it’s fun, but for Trump and lawmakers, it’s a security threat goes in to great detail about what is going on including the reported rumor that Microsoft may be buying this troubled app. There are articles reguarding the buying of this app, and they’re linked within this article.

    According to Michael in Indiana, they have until August 15th to make a deal, or the rumor is that the app will be banned in the United States.

    If they are that much of a threat, just ban it and be done with it.

    Comments (1)

    Technology podcast, podcast 349: Firefox and Jaws, Twitter, B2k, and a whole lot more

    We’ve got a lot here on today’s edition of the tech podcast which is now on the RSS feed. The entire show notes are below, and I hope you enjoy the program!

    Welcome to the technology podcast, podcast 349. This program is almost an hour and a half, and is packed with tons of stuff. Contact information is given throughout the program, so please get in touch!

    • Have you ever seen notations talking about fixes for screen reader users? Firefox fixed a very nasty crash with Jaws, but besides that, other screen reader updates were made to Firefox 79 which has recently been released. You don’t normally see fixes for access tech so this is quite a surprise and a welcome change. Thanks Firefox! blog post
    • Shaun Everiss, my second admin, is along with a segment talking about one of the biggest breaches I believe we’ve seen. This one, deals with a well known brand most people will be familiar with. Besides that, Shaun talks about the Spam problem I’ve been trying to fight for years. >blog post on the breach and find updates through the blog in regards to what he did for the Spam problem.
    • I have a twitter update. first blog post and second blog post
    • B2K is finally talked about on another podcast besides this one. In a long awaited podcast, Blind Bargains Interviews Jared Rimer who talks about the program, braille transcription, and more. Segment starts 15 minutes in. blog post
    • I give a talk on two different articles I’ve recently read on Krebs on Security dealing with credit and debit card fraud and EMV payment processes. This recent blog post should’ve been posted after I recorded the segment, but does link to the two articles.
    • Michael in Indiana talks about two different items. The first, is a very interesting Comcast story which turned out great. The second, an unconfirmed report about Microsoft buying Tiktok. We talk about TikTok as South Korea was fining this Chinese App maker due to Coppa violations and big time ones too. I also have comments following a video I found through the BBC. blog post

    Contact information, and information on what is going on in the security box ends the podcast. The total length of the file is 1 hour, 26 minutes. I hope the wide variety of topics is of interest to you. I’ll be back with more on the tech podcast very soon. Thanks so much for listening!

    Comments (2)

    What do you think about when you charge your credit or debit card?

    The blog title is asking a question. What do you think about when you charge something to your credit or debit card? Thinking about whether or not the transaction is as secure as possible? Probably not. I don’t blame you.

    In two different articles recently published by Krebs on Security, I started to think about some of what he is saying, especially when you read one of them.

    In the first article, Brian talks about why credit card fraud is still the thing. A well-known card shop, whose name was Brians Club, sold quite a number of stolen cards, but yet, a lot were still unsold. The amount of money made by this shop alone is staggering. Here’s Why Credit Card Fraud is Still a Thing is the article.

    This is a research project by New York University and I really think its worth the read.

    There is also a second artoicle about the security of chip cards. While a lot more merchants of late are installing chip based readers, we still stripe if there is a problem with the chip, yet the chip is more secure if used properly. Researchers found a very interesting work around if some banks don’t do the proper verification that is required. Is Your Chip Card Secure? Much Depends on Where You Bank is the article that goes in to all of the juicy details.

    Thanks for reading.

    Comments (1)

    Podcast released, Blind bargains interviews Jared Rimer for B2K Updates

    Its finally here! The podcast I’ve been wanting to do for quite a long time. On this podcast, J.J. from Blind Bargains interviews me with an update to B2K. For full details on the whole development process of B2K’s talking edition, check out the Braille2000 category on this very blog.

    Want to check out the podcast? B2K isn’t the only thing covered, but their podcast 212 can now be had.

    Thank you J.J. for your continued support of the effort Braille2000 is offering to the community. I hope we can continue to team up when updates worth sharing come up. We’ll be in touch!

    Comments (0)

    Older Posts »

    go to sections menu

    navigation menu

    go to sections menu