go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu



WWDC, my thoughts

Hello folks,

While the Apple Vis coverage of WWDC isn’t what is usual, they do link to the press and other information that might be of interest. This blog post WWDC 23 Keynote: Apple Unveils Platform Updates and Introduces Apple Vision Pro Headset and New Macs covers this by linking to Apple and other sources instead.

This post from AppleVis titled apple vision pro VoiceOver support links to a demo with Voice over and the new glasses.

Here’s the thing, while my room I held wasn’t the most popular on Clubhouse, that’s ok. The people who were in there did have the same concern as I did when we were listening to the event. Apple Vision may become a very interesting problem.

Picture someone deciding to drive, then decide to watch a game on their glasses. Maybe they’re walking instead. We’ve got a problem with stupid already where people don’t pay attention in these modes of daily life, but this theoretical scenario is possible.

I am not saying that people will in fact do this, but it crossed my mind. Maybe its an over reaction, but I’ve had close calls with drivers through the years.

Some of the other things were interesting, especially with messages. Having pictures of folks as part of the contact card can be done, bbut what they talked about could be interesting. I’m not much of a memogy person, and I hate emogies as they stand now, although I do use a few emogies but not all the time. But the idea is cool where memogies can be used as part of the card too.

This is going to get interesting, and we’ll see what happens during the IOS 17 betas and whether they actually decide to start fixing some of the long standing issues with Voice Over and other accessibility issues I’ve seen on AppleVis.

Keep in touch!

Comments (0)

Reddit to charge $12k for 50k calls to API?

Reddit is the next thing that will probably lose third party apps. They indicated to developers it won’t be like Twitter, but based on pricing, one developer says it will be about $20m per month.

The API and developer platform should never be so out of range that your small time developers will be out of business. They enjoy what they do, and some apps are free because they do other things with their apps.

Reddit may force Apollo and third-party clients to shut down, asking for $20M per year API fee is the article.

In prior articles, Reddit was talked about where changes could occur, but now we know what it might cost.

Oh boy. How frustrating.

Comments (0)

Book Review: Tracers in the dark, by Andy Greenberg

Welcome to my review of Tracers in the Dark by Andy Greenberg. I’m not going to talk about every part of the book, but I will mention some of what I thought was interesting. I’m not going to cover every single thing, but I will highlight what I thought was interesting.

The first part

Besides the first case of the Dread Pirate Roberts in the Silk Road case of many years back, the book talked at great length about a startup company called Chainalysis. It talked about how it was started and its help in catching the Dread red handed at a library. That part is 14 chapters roughly.

While Chainalysis has a hand in the majority of the book, how it grew in to this huge company where they developed software on the public blockchain of the Bitcoin crypto currency platforms is quite interesting.

It also talked about a paper by a woman named Sarah who thought that Crypto could be used for good, but as you find out, she likes what Chainalysis has done through the cases of this book.

Part 2

Besides the Silk Road, part 2 also talked about the demise of one of the first exchanges of Crypto Currency and bitcoin specificly. I forget the name of the exchange, but as you’ll read later, other exchanges have had their fate too, like FTX as an example.

Part 3

Part 3 covers Alphabay, one of the most covered stories of its day. It was another one of these drug bizars for its time. Unfortunately, one of the sad things you’ll find is that the perpitrator committed suicide, although the book talks about the feds killing him. Yu can make the decision on whether they did or didn’t.

Part 4

Part 4 I had to put down after the first chapter. The rest of the section talks about how they found the server of the video site in someone’s apartment, another suicide, but most importantly a different discovery found. I won’t give that away either.Suffice it to say, its a tictic that can be used in modern browsers to look at source code.

The chapter covers something known as CSAM, otherwise known as Child Pornogrophy.

Part 5

Part 5 was a hodgepodge of cases including the recent ones which include the January 6th case where Crypto was involved in. Its sort of a loose ends of interviews for the book that just made it in.

The book is 50 chapters and an epilogue covering 10 hours of reading on Audible. The Narrator actually did a great job. The book itself is not technical and the things discussed are explained. The chapters aren’t necessarily lengthy either.

About the book

Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency

From the award-winning author of Sandworm comes the propulsive story of a new breed of investigators who have cracked the Bitcoin blockchain, exposing once-anonymous realms of money, drugs, and violence. “I love the book… It reads like a thriller… These stories are amazing.” (Michael Lewis)

Over the last decade, a single innovation has massively fueled digital black markets: cryptocurrency. Crime lords inhabiting lawless corners of the internet have operated more freely—whether in drug dealing, money laundering, or human trafficking—than their analog counterparts could have ever dreamed of. By transacting not in dollars or pounds but in currencies with anonymous ledgers, overseen by no government, beholden to no bankers, these black marketeers have sought to rob law enforcement of their chief method of cracking down on illicit finance: following the money.

But what if the centerpiece of this dark economy held a secret, fatal flaw? What if their currency wasn’t so cryptic after all? An investigator using the right mixture of technical wizardry, financial forensics, and old-fashioned persistence could uncover an entire world of wrongdoing.

Tracers in the Dark is a story of crime and pursuit unlike any other. With unprecedented access to the major players in federal law enforcement and private industry, veteran cybersecurity reporter Andy Greenberg tells an astonishing saga of criminal empires built and destroyed. He introduces an IRS agent with a defiant streak, a Bitcoin-tracing Danish entrepreneur, and a colorful ensemble of hardboiled agents and prosecutors as they delve deep into the crypto-underworld.

The result is a thrilling, globe-spanning story of dirty cops, drug bazaars, trafficking rings, and the biggest takedown of an online narcotics market in the history of the Internet.

Utterly of our time, Tracers in the Dark is a cat-and-mouse story and a tale of a technological one-upmanship. Filled with canny maneuvering and shocking twists, it answers a provocative question: How would some of the world’s most brazen criminals behave if they were sure they could never get caught?

Comments (0)

Microsoft finds bug in Mac OS, Apple fixes it

Microsoft researchers within the past month have identified a second SIP bypass bug tha has been since fixed according to Bleeping Computer which posted this about a week ago.

The article is titled rticle
Microsoft finds macOS bug that lets hackers bypass SIP root restr
which was posted at the end of May.

This might not affect most of the users who use Mac that I might have reading, but the goal is to get the news out there, right?

Better be safe than sorry as we say. This is the second bug in so many years, says the article.

Stay well!

Comments (0)

The Security Box preview, podcast 147: Dealing with Ransomware groups and businesses

Hello folks,

Welcome to the preview post on what is coming up this week on the Security Box.

This week, we’re going to cover Ransomware groups in a different light.

This time, the article is titled Unpacking the Structure of Modern Cybercrime Organizations coming from Trend Micro.

Is this something we should be surprised with? Read the article, come and let us know what you think.

We have contact info on our blog pages, my web site and of course on prior podcasts as well.

You can listen via the independent channel on Wednesday at 11 am PT, 1 PM CT.

For other possible networks, please check the TSB page on EMHS for stations and times that we know of as well as times of when it’ll be on. Times given are in the time zone the station told me to use.

It’ll be up via podcast some time afterword.

Hope you enjoy the show and we’ll see you all later!

Comments (0)

Barracuda had products vulnerable for 7 months

Earlier, we blogged about a zero-day that affected multiple products.

While my intent is to go current at some point, we are learning that this has been an issue for 7 months.

The Ars Technica article is titled Critical Barracuda 0-day was used to backdoor networks for 8 months and should be read if you use the products listed.

Stay safe!

Comments (0)

Looking for VPN apps? IOS has tons!

On Saturday, June 3rd, TSB staff went to work on the IOS app store to determine how many apps could possibly be out there for VPN usage.

Unsurprisingly, there are several Super VPN apps listed.

blog pst

TSB staff also found numerous applications ran by an organization call Free Vpn.

web site

While we as individuals and businesses have the right to privacy, Free VPN was registered in 2012 and is over 10 years of age. Their registration data is private, point of contact is web form only and the copyright notice is 2021.

Also, TSB staff found multiple Chinese VPN apps, one English speaking app that claimed 100 percent privacy and yet another app that said VPPN (virtual double private network?)

Nord and Express VPN software was listed, but not near the top of the initial list where we would expect paid VPN software to be. Question, how the hell is one to make a rational decision with all of these choices and no clarity on what’s potentially a problem and what would be safe to use?

TSB staff didn’t get Android involved as our Android user was not available during room time under the JRN House.

Some of these names make the search quite interesting. Makes you want to go see if a site exists. Some of these have atleast a 4 star rating. I wonder who uses half of these applications and would be willing to talk to the JRN on their use? Accessibility? Ease of use? Potential issues?

I want to have fair reporting here at the JRN, so we want to put this out to see what people are using. No judgement here, just the facts and experiences.

For companies we recommend, visit the resources page and find the table for companies and services as these companies and services we have looked at.

If you download any of these apps, the JRN is not responsible for what happens. The JRN cannot test every app and vouch for its claims. There are way too many apps, one device, and that device must work.

Feel free to contact us with your experiences by email, imessage, the TSB list or any other contact info you have. Looking forward in your responses!

Comments (0)

This week on Throwback Saturday Night, Free VPN

Hello folks,

Throwback Saturday night is a two hour program that airs on server 2 of the mix. It is Saturday at 5 PT, 7 CT.

The first hour will be music and talk, while the second hour is talking security.

Here are the notations of what we’re going to talk about dealing with free VPN services.


Hello folks,m welcome to the Security hour for this week. We’re going to be live with a very interesting article that was recently found as I’m still behind on Mastodon. Sometimes its a good thing.

Today’s article comes to us from Hackread. Its titled Free VPN Service SuperVPN Exposes 360 Million User Records.

Who is Super VPN and why are they supposedly leaking over 360 million customer data? is the blog post from the JRN.

The crew will have other topics if time allows as well. Hope you enjoy the program!


Why not come join us? We hope to see you very soon and thanks for listening!

Comments (0)

The Security box, podcast 146: Putting a face to the faceless proxy service

Hello everyone.

After dealing with some issues and being gone the afternoon and in to the evening, I’m here to announce TSB’s podcast release.

If you didn’t get it off of RSS, its OK. I have the 206.4mb file for those who need it on this post.

Please find the show notes with links to the potential morons, the article for the main discussion and of course ways to support this podcast should you wish to do so.

By listening, you do support the cast as you get to learn about things that may be of interest, and it is not required for you to do anything else unless you wish to do so.

With that said, please feel free to let us know what’s on your mind and we’ll be catching you all later!


Welcome to the security box, podcast 146. On this podcast, we may have multiple morons; one is a definite, news, notes and a very interesting topic about the proxy services and what they’re up to.

Potential Morons

Topic

This time, we’re going to talk about a very interesting KrebsOnSecurity article titled Giving a Face to the Malware Proxy Service ‘Faceless’ which was quite interesting.

The first paragraph says:

For the past seven years, a malware-based proxy service known as “Faceless” has sold anonymity to countless cybercriminals. For less than a dollar per day, Faceless customers can route their malicious traffic through tens of thousands of compromised systems advertised on the service. In this post we’ll examine clues left behind over the past decade by the proprietor of Faceless, including some that may help put a face to the name.

Supporting the podcast

If you’d like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can’t do this alone.

Comments (0)

Barracuda warns of zero-day, issues patches for products

For those who are not aware, Barracuda has advertised on Twit and offers Email gateway products. In a recent article, they warn of a zero day which affects several versions of their products.

Please feel free to check out the article Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances if you have their products and need to know.

Comments (0)

TIKTOK and an AI chatbot?

Hello folks,

Maybe it isn’t so bad to be behind, as you get to possibly see articles as rediculous as this.

While the reporting is good, TikTok is already in a heap of trouble and now they want to give users the opportunity to test a chat bot to ask it questions on a video?

I could see people asking it questions that I don’t even know if I would want to know the answer to. This could include all of the supposed challenges that have made Kim Komando’s site and our discussions.

The article is titled TikTok is testing an in-app AI chatbot called ‘Tako’ and it comes from Tech Crunch.

This is just going to get interesting. I am not saying not to innovate, I’d be more worried about what’s going to happen to me if I violated serious laws. So far, nothing serious has happened to them because they continue to be in business with no consequences.

Happy reading.

Comments (0)

A New Operation out there taking Lock Bit

Symantech has an article out talking about a new group that took Lock Bit and turned it in to their own.

The article Buhti: New Ransomware Operation Relies on Repurposed Payloads should be read to get the entire details.

There are SHA 256 things you can skip and is at the end of the article.

Thanks for reading!

Comments (0)

Game pulled, racist in all kinds of ways, people who downloaded can keep it

I know that slavery is long gone, but this world may show some forms of it in certain ways in day to day activities.

The article targets Brazil, which has more of a problem and that is what the article says.

Its titled ‘A crime of hatred’: disgust over Brazilian mobile phone slavery game and its worth the read.

I’m going to be careful on what I say, so I’ll let people read the article. I understand this is still an ongoing problem and I’m well aware of it.

There was an incident I observed on a Metro bus and it continued in to the elevator. wWhile I won’t go in to details, I was also targeted by this person who was disabled in their own way. They claimed in so many words that since I’m blind, I don’t know what’s happening in the world. I do, and I agree with the article linked that games that portray something that has been an issue in this country and other countries for that matter should not be allowed to be played.

To read more including the game title, please read the article.

The comment boards will await you.

Comments (0)

This week on the security box

Hello folks,

This week, on the last day of May, we’re going to uncover a very interesting proxy service called Faceless.

The article title is Giving a Face to the Malware Proxy Service ‘Faceless’ and it comes from Brian Krebs.

The program will air first on the independent channel of 986themix.com’s suite of servers and then across the network. It airs on the independent channel Wednesdays at 11 am PT, 1 pm CT.

Other networks and times can be found on the TSB page of email host security.

This is going to be very interesting. See you on Wednesday!

Comments (0)

Who is Super VPN and why are they supposedly leaking over 360 million customer data?

I have never heard of this company before I came across this article from Hack Read which was linked to by one of my followers.

I almost went current last night and stayed there, but sometimes, being behind is a good thing in this case.

This type of thing needs to be talked about and I think we should talk about it.

The article comes from a site called Hack Read. It is titled Free VPN Service SuperVPN Exposes 360 Million User Records.

This article talks about there either being one agency running multiple apps, or multiple agencies running multiple apps, none of which is confirmed to be the case.

Now class, what type of VPN should you be using? According to the article, one that does not log your activity would be best. Two of them are Express VPN and Nord VPN.

I know, I know, you’re going to tell the teacher that both of these applications cost money and you’re absolutely right.

If you read the article, you’re going to learn why it isn’t necessarily a good idea to use a free option, the fact that at least with Super that they claim they don’t log but the research says otherwise, and a multitude of applicatins being in the app store causing some confusion to boot.

If you read nothing else today, please feel free to read this. I know there are new users out there, and if you don’t know what’s going on, you can’t protect yourself from getting hurt.

Again, the article is titled Free VPN Service SuperVPN Exposes 360 Million User Records and I hope you give it a read.

Have a great day class, and we’ll be back with you again very soon.

Comments (0)

A telephone company getting in trouble by 48 states

Hello folks,

Here’s one for you, maybe it could be a potential moron of the podcast? This comes from Slashdot, a very interesting web site I used to look at for tech news.

The article coming from them is titled 48 States Sue Phone Company That Allegedly Catered To Needs of Robocallers and it is going to get interesting.

My question is, “Does this mean that this alleged telephone company been routing these types of calls around the country to people like you and I?” Is that how I’m understanding this article?

Maybe we will finally get a break, at least as this company goes, if I understand this correctly.

I guess we’ll see what this means if we learn more. Good job, guys! Was that worth it?

10:03 5/29/2023 fixed broken link.

Comments (0)

Capita has issue with Amazon bucket, says files don’t have personal data

Capita is not out of the woods yet. Capita’s “standard industry practice” 633gb open cloud storage was originally written on May 5th and was last updated on the 23rd.

Capita still refused to comment on this or any of their other articles where their supposed breach and other issues were discussed.

We covered Capita Here and they denied stuff there too. Is this company trustworthy?

Comments (0)

Rogue employee goes rogue, tries to get company to pay ransom

A U.K. man goes rogue as he was part of the investigation team. 6 years later, he pleads guilty and will await his sentencing. Blackmail holds a 14 year sentence, while the first charge Unauthorized Access to computers holds a 2-year sentence.

The perp also accessed another board member’s private email.

rticle
IT employee impersonates ransomware gang to extort e

Comments (0)

Genesis market having trouble? They’ll definitely be back, others mentioned too

Hello everyone,

Brian Krebs has covered the Underground for quite awhile now, so when I saw this boost, and yes, I’m still behind, I thought it should be blogged.

The boost goes to an article titled Suspicion stalks Genesis Market’s competitors following FBI takedown and I thought it was a good read.

I remember reading about these places, but I don’t remember if it was all krebsonsecurity or not.

Regardless, I want to share the very interesting news with each and every one of you guys. This is definitely going to be interesting, and we’ll see if these types of market places survive.

What do you think might happen?

Sound off in the comments below.

Comments (0)

Twitter now located in a shithole?

I know, I know, I’m still several days behind, but this one has to be the best one yet for this blog.

Elon Musk now says that San Francisco is a “shithole.” He has ordered employees to violate building codes, lease codes and if necessary, the law.

Apparently Elon Doesn’t Think He Needs To Pay Rent Because SF Is A ‘Shithole’; So Why Should We Pay For Twitter? comes to us from Tech Dirt. Its an interesting article and worth the read.

I’m not paying for Twitter, yet Elon is paying for a bunch of people’s Twitter. So, how is space X and Tesla doing with this attitude?

This augh to get interesting.

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu