go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu

sections menu

fine menu sezioni pagina

This week on the Security box, state legislators not waiting for congress to fix Copa

Hello folks,

This week, we’re going to step through an article I talked about on the blog. Its titled State legislators aren’t waiting for Congress to regulate children’s online privacy.

The show will first air through 98.6 the mix on Wednesday, February 8, 2023 starting at 11 am PT, 1 PM station time.

We’ll catch up on the very busy news week, I’ll of course have a blog post talking about what’s new on EMHS and much more.

Here’s a link to the Independent artist channel where you can find listen links that work for you.

I hope to see you all there!

Comments (0)

An update on NVDA on giving us links

Quenton finally responded to me in response to my inquiry I sent when I had checked in with him some days ago.

He sent me this pull request from gethub which sounds like they are going to assign this to NVDA+K.

Pressing it once speaks, pressing it twice speaks it and displays it.

Please feel free to read the pull request and I hope that it helps people.

Learning together! Onward and upward.

Comments (0)

Potential job scam alert, better pay attention

I got the following email today and want to share some things that people might not be aware of that could be in question.

Note, any spelling mistakes should be left in tact and should not be edited. The link is given, but is not linked.

Blank space is left in, and they even provide a click here to the same site at the unsubscribe portion and a mailing address.

Hey,

If you’d like to get paid to chat with people in real time, we need to talk. We’re currently hiring more live chat assistants to talk to website visitors.

We are currently hiring new live chat assistants. You will work for businesses answering live chat messages on their website or social media accounts. These are remote positions, meaning that you can do the work online from anywhere. You can read full details of the job (and apply) below:

Click here to complete your application if you are interested.

What you will be doing: As a live chat assistant, you will be paid to reply to live chat messages on a business’s website or social media accounts. This includes answering customer questions, providing sales links, and offering discounts. You will chat in real-time, using online software to converse with customers and potential buyers.

Contract length: No fixed term

Rate: $35 per hour

Skills/background needed: You must have a device that can access social media and website chat functions. This can be a phone, tablet, or laptop. You must be able to follow instructions and work independently. You should also have a reliable internet connection.

Hours per week: 5 – 40 hours a week

Location: You can work online from your country.

Live chat assistants are in huge demand worldwide right now. So if you qualify, click here to complete your application now.

Looking out for you,

To stop receving emails from us:
or send post-mail To 8550 Lake Ave. New York, NY 108550

The link starts you out by actually going to a site called http://www.charitycapture.shop which I won’t link to.

After tapping on the apply button, it verifies you’re not a human and then redirects you to a completely different domain.

If this were a legitimate job posting, you’d be redirected to apply through a job site. And, if you read the web page, when it asks you what you want to earn, the highest amount is $1000 and I’m not sure if that’s per week or what.

Most jobs don’t have entries earning $1,000 per week, so I’d be leary about something like this.

It actually comes from the same domain, not necessarily from a job search site.

As disclosed earlier postings show, if you didn’t go searching for it, and if it looks too good to be true like this one, you’ll want to run. Viewing the web page as I did, found some spelling situations.

I didn’t give the full URL in my post here as I don’t want anyone to get hurt.

While the chatting for companies job sounds great, I don’t think they appeared on a job board, and I’d be reading the entire description before I chose to apply or not like I did here.

Be aware, be alert, and learn.

Comments (0)

A more thorough Anker response in this piece … maybe things will change for this company

Hey folks,

While looking at the Verge, I spotted an article Anker finally comes clean about its Eufy security cameras/ which was posted January 31st. I’ve already tweeted the link at Kim Komando and Steve Gibson.

I read this thoroughly and I am not sure what I think. While I’d like to believe that this was an honest mistake, the lack of transparency in what they were doing was lacking for a good month and Security Now as well as other podcasts covered this.

The article will take 6-7 minutes to read, and make sure you’re in printer friendly mode. Let’s hope the site for their customers comes online soon and they do issue that appology as requested by the verge’s staff.

You’re all welcome to weigh in with your thoughts.

Comments (0)

Product recall for sunscreen … Bananna Boat products specificly are recalled

We can identify products through barcode readers, services like Aira, or even people who assist you.

This article titled Toss out this sunscreen! It was recalled for including a cancer-causing ingredient was sent to us today, and I’m passing it along in case people use the product.

The fact that we have ways to see what things we have around us is good, so I feel like I should put this up even though it isn’t fully tech related.

Stay safe!

Comments (0)

Cyberscoop asks, Is Chat GPT the next security threat?

We braught this up as part of the box yesterday. I read an article that asks whether Chat GPT is the next threat.

I think over time, it might, but it is only fed data by those who program it. Therefore, if it is asked to write malware, its not going to think about various things that someone who designs such things might think of when they would develop it.

Think a minute about Stuxnet. It was very sophistocated. It only ran when certain conditions were met. While Chat GPT was not around then, it probably couldn’t think of all of the various conditions that it made to attack.

The article is titled Reality check: Is ChatGPT really the next big cybersecurity threat? and I think it should be read. We’re still a way off for a computer to write malware the way a human can. It can be a starting point, but I think we’re still a way off before programmers won’t be working in any capacity.

The article is linked within it, so I’m not quoting anything from it.

Make it a great day!

Comments (2)

We’ve found an article on Twitter’s potential shutdown of the api

Hello folks,

So I decided to start coming around the different tech sites, of course starting at CNET, but this afternoon I decided to go on to the Verge. Your favorite Twitter bot might die next week/ which was posted today.

Don’t know what this means to the accessible apps like Tweesecake, TW Blue and others, but I was tipped off as I posted earlier today.

This article does indicate some of the accessibility stuff, but didn’t mention any of the potential blindness or other disabled apps that we use.

I guess we’ll see over time, but maybe this means that services like DLVR and IFTTT may not work. I’m not sure on that, but if it doesn’t work, then it doesn’t work. I’m saddened to hear about this just the same, but this is something official.

See everyone later!

Comments (1)

Netflix says the game is over for password sharing starting Mar 1

I know that someone said I aught to connect with them on their Netflix account, or even their amazon account.

Kim Komando also mentions this on her daily minute program which is podcasted. Netflix Lets Priciest Plan Download to Extra Devices, Adds More Spatial Audio is Cnet’s article on the subject which is thorough.

In a way, I’m glad I have my own, but I haven’t been there much in months after I found stuff to watch.

I don’t mind the $10 I’m paying, but I’m figuring if I don’t get back there soon, I’m leaving because I’m just not there. Started to resume something I watched, and only subscribed because I wanted to see the movie Brian Krebs was staring in.

I do like what I’m watching, but I’ve never been in to TV shows and movies much unless it caught my attention.

Maybe after I watch one that I started I’ll consider it and save some money. Not sure yet.

Stay well, stay safe and learn.

Comments (1)

Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers

My Next book is Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin’s Most Dangerous Hackers Kindle Edition which is also linked within our resources page on EMHS.

While I just baught the book, I was reading the sample of the book and its quite interesting to learn that Sandworm was actually developed and used well before we covered it in the tech press.

I say we loosely, because I’m not a full journalist, although I do write about what interests me and what I think about what I read.

From Amazon’s page

“With the nuance of a reporter and the pace of a thriller writer, Andy Greenberg gives us a glimpse of the cyberwars of the future while at the same time
placing his story in the long arc of Russian and Ukrainian history.” —Anne Applebaum, bestselling author of Twilight of Democracy
The true story of the most devastating act of cyberwarfare in history and the desperate hunt to identify and track the elite Russian agents behind it: “[A]
chilling account of a Kremlin-led cyberattack, a new front in global conflict” (Financial Times).
In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern
Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting,
and paralyzing some of the world’s largest businesses—from drug manufacturers to software developers to shipping companies. At the attack’s epicenter in
Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark. NotPetya spread around the world, inflicting an unprecedented ten billion
dollars in damage—the largest, most destructive cyberattack the world had ever seen.
The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in history: a group known as Sandworm. Working
in the service of Russia’s military intelligence agency, they represent a persistent, highly skilled force, one whose talents are matched by their willingness
to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military and
civilians alike.
A chilling, globe-spanning detective story, Sandworm considers the danger this force poses to our national security and stability. As the Kremlin’s role
in foreign government manipulation comes into greater focus, Sandworm exposes the realities not just of Russia’s global digital offensive, but of an era
where warfare ceases to be waged on the battlefield. It reveals how the lines between digital and physical conflict, between wartime and peacetime, have
begun to blur—with world-shaking implications.

It is 370 print pages.

It is written in English.

This is a 2019 book published by Anchor.

It is also available in paper format which is the link on EMHS’s page.

Feel free to check out the book, and make it a great day! This is going to get very interesting. I can’t wait to read more.

Comments (0)

Twitter api sunsetting February 9th

I get the twitter digest at several of my active accounts. According to one developer, the API will be sunsetting next week. The developer says they’ll sunset support for twitter support on the 9th, but I do not have a way to verify whether this is true or not.

Since Twitter has not said anything official, I’m writing this as unconfirmed.

If anyone has anything official like a blog post from Twitter, send it over and I’ll be sure to have it up as soon as I read and digest what it has to say.

This will shut out a good majority of the community who rely on these apps instead of the clunky website or the app which are full of ads and things we don’t care about.

Thanks for reading.

Comments (0)

Sans news bites for January 31, 2023

Hello folks, welcome to the newsletter for January 31, 2023..

We’re posting this a couple of days later because I saw it on Wednesday the 1st, but we also ran backups so we’ve decided to give it an extra day.

There are several items that might be of interest from this newsletter, so let’s get to it.

Here is the link to the January 31, 2023 newsletter for those who want to read more.

Top of the news

  • Microsoft Urges Organizations to Patch On-Premises Exchange Servers
  • Update Available to Fix OpenEMR Vulnerabilities
  • ISC Patches Multiple BIND Vulnerabilities

Bind is the biggest thing I think, I hope that cpanel will patch this as they have a huge install base.

The rest of the news

  • Maryland OIG Report on Baltimore County Public Schools Breach 
  • Hackney Council Still is Feeling the Effects of 2020 Ransomware Attack
  • Firmware Patch is Available for Lexmark Printer Flaw
  • QNAP Releases Firmware Updates to Address Critical Flaw Affecting QTS and QuTS hero
  • Oracle Cerner EHR Systems at VA, DoD, and Coast Guard Hospitals Suffer Connectivity Issues
  • RealTek Jungle SDK Vulnerability 
  • GitHub Revokes Stolen Certificates

There are several items here. The gethub ordeal might be one of the biggest things as well as updates to their fiasco.

Thanks for reading, learning and participating with us.

Comments (0)

Anker admits their camerass were unencrypted all along

We recently blogged about Anker and Ring stuff. But now, Anker who denied that their cameras were recording anything is now admitting it, according to Security camera warning: This brand is missing a key privacy feature which was posted to kim komando’s site on February 1, 2023.

Part of one paragraph which was covered on Security Now and even on TSB says:

Security researchers found that Eufy uploaded footage from cameras to the cloud, even though the owners didn’t have a cloud subscription. To make the situation worse, anybody with a VLC video player could watch streams from these cameras if they knew (or correctly guessed) the URL.

We know this much, their PR didn’t do all that great in its first response.

Under the heading “More reliable home security” they say they’re going to go to web RTC which is more secure.

There are links to things within this article, but this is going to be quite interesting. Someone ping me to make sure we cover this on Saturday and or next Wednesday.

Its about time they come out and explain what is really going on, maybe a little late. The article is short, but its worth the read.

Comments (0)

The Security box, podcast 129: The Government Watchdog says there’s still a lot to do

Hello everyone, welcome to the Security box, podcast 129. There is one spot where some strong language is used, but the podcast overall is fine.

The RSS feed has the program, or it will be rolling out if you don’t have it yet.

Do you not have RSS? No problem! Here is the 144.8mb file you’ll need for today’s program.

The program is played on Bluestreak on Friday and International Friends on Monday.

Here are the show notes including a link to our main story.

Hello folks, welcome to the security box podcast 129. Last week, we talked about the government, but there’s more to the story in which people may not be aware of.

Apparently, there has been a watch dog group out there taking reports on what the government has or has not done.

The article is titled Government watchdog: Feds fail to implement vast majority of cybersecurity recommendations and was covered by Cyberscoop.

This is a very interesting article which we’ll be stepping through.

Besides that, my hunch may indicate that we’ll have a moron of the podcast, people may have questions, and we’ll see what the show has in store.

Thanks so much for listening, participating and learning with us.

Comments (0)

What has been posted to emhs, February 1, 2023

We’ve had quite a bit of activity, publishing articles to EMHS as well as the blog.

We’ve also got two new books, and we link to the hardcopy of the book instead of Kindle, but we can assure you that you can change the format.

Let’s get started!

The Blog

The blog posts are few, but they’re high quality posts.

Books

The books were recently found. And I finished Mikko’s book with only a few pages to go before the index. We talked about Mikko’s book, but in the process, I found two more.

  • Andy Greenberg

companies

We have no new companies to add to the list for this update.

Terms

I believe we’re all caught up with terms, I don’t believe we added any new ones. Check them out to learn.

Podcasts

Remember to check out the podcasts which the latest one is up the same day we get it up on RSS.

Conclusion

Here is the web site to Email Host Security for those who need it. Thanks for reading, learning and participating with us!

Comments (0)

Using a dating app? Here are signs it could be a problem

There is a book recommendation within this article, as well as a term, catfish. It is part of the Phishing term found on EMHS’s web site under resources.

The article is titled 3 ways to screen out killers, stalkers and other threats on dating apps and if you’re using dating sites, take a look at this article. It may save your life.

The three points are:

  1. Verify your match’s identity
  2. Check their criminal records and
  3. Talk before you meet

I know people have come to me through twitter and messenger wanting to date, and I said I wouldn’t do text dating. They refused to call, one of whom made excuses on how it wasn’t their phone, they’d go do as I told them, etc. but never got the call.

One thing they didn’t say is that they’ll pull you off of the site you’re on and wanting to chat through some other means. That is definitely a red flag.

Read the article and be careful. The Internet isn’t what it was once used to be.

Comments (2)

Cybercrime groups offering 6 figure incomes? Wonder how long that lasts?

I was talking with Nick, and i got to thinking as we continue to prepare topics for upcoming shows.

When you read Cybercrime groups offer six-figure salaries, bonuses, paid time off to attract talent on dark web for the first time, what do you think?

My first thought is that this could be the case for a little while. I mean, programming or doing customer support for huge amounts of money sounds great, until your boss eventually gets caught.

They don’t tell you what you’re programming for, or even what the customer service entails unless they tell you that part of it so you’re aware of it. They then would tell you not to open your trap.

They probably don’t pay you like normal companies do, they pay you based on the crypto that they get from their illicit gains, although you don’t know that. You just know you get paid in Crypto and you have to keep your trap shut.

I’d read this article in full, so you can see what is going on. Then you’ll know what to look for on job boards and the like to stay away … unless you want to do it and risk your reputation when the boss gets fired by getting arrested or caught in some way.

Just a thought anyway.

Comments (0)

Here are two articles talking about scams

Hello folks,

Here are two articles which we put in to EMHS’s resources page that I want to highlight today.

Can you spot the giveaway in this scam email?

This one needs a little bit of explaining. Komando staff got an email which on the surface looked pretty legit. That is, until they spotted things that were a tell tale sign of a scam. Luckily, they didn’t act hastily or they wouldn’t be talking about it today.

The article does describe what was found from within the email, but I wish that they do what I do, show the email so people like you and I can see what is actually going on. Images don’t tell us anything, especially when they aren’t alt tagged describing what they’re there for.

The text may be enough to help though, so I’m putting it up here.

Security warning: Watch out for Social Security scammers

This one could hit quite a number of people and various kinds of ways. The fact that social security is received and there’s many forms of it give you a prime target and lots of innocent people to target.

Luckily, I know that I received my letter telling me what I am getting and I already started receiving it. We’ll see what happens, but its still early.

Why scammers would tell you you’re receiving a raise when that happens at the beginning of the year is beyond me. That’s strange to me.

Be alert, be aware and learn. Thanks for reading!

Comments (0)

Health apps that aren’t … Android users must be aware of apps

Some apps are gaming apps, some may be finance apps, but all are definitely not health tracker applications.

Each year, people want to try and lose wait, eat better and the like. But at least on IOS, this is easy with the health app built right in.

As for Android, the article we’re linking to doesn’t say, but there are several apps that you don’t want.

I don’t know if this affects the disabled community so much, but we do have sighted counterparts so I am going to go ahead and post this.

Komando’s article is titled Don’t use these shady health tracker apps with 10 mil downloads and it was written today.

Some apps may include:

  • • Lucky Step-Walking Tracker.
  • • WalkingJoy.
  • • Lucky Habit: health tracker.

Others include:

  • • Golden Hunt.
  • • Reflector.
  • • Seven Golden Wolf blackjack.
  • • Unlimited Score.
  • • Big Decisions.
  • • Jewel Sea.
  • • Lux Fruits Game.
  • • Lucky Clover.
  • • King Blitz.

This is the list directly from the article. The JRN can’t say if IOS is affected, but I’d check to see if these apps are installed on your device anyway. They might have been part of other apps you’re not aware of.

I’ll tell you what, its going to get pretty interesting with all these kinds of nasty apps out there.

If there is something for Android users, please let us know what they should use for a health tracker app. Thanks for reading, make it a great day.

Comments (0)

The Government can’t even do anything right, some of the stuff is interesting

On this week’s edition of the podcast, we’re going to cover an article titled Government watchdog: Feds fail to implement vast majority of cybersecurity recommendations.

Maybe this joke I found which is a couple months old fits this article.

Retweeting Puns AndOneliners (punsandoneliner): When I was at school, I put invisible ink in the printer before printing a maths question. I couldn’t see what the problem was.

If the government doesn’t know what the problem is, why are they telling us through entities like CISA that we need to update, patch, restart our devices or anything else?

I took for this podcast some of the paragraphs I thought could lead to discussion.

The program will air on Wednesday on the Independent channel at 11 am PT, 1 pm station time. It aires on Blue Streak Radio on Friday and on International Friends Radio Network at 3 CT, 1 PT on Monday.

You can tell your device to play International Friends through your device using the Get Me Radio skill. Talk to Get Me Radio on Google or open it using Lady A. By telling it to play international friends, you’ll get their program.

You can also find a link to their listen page here on the blog, as I updated it since it changed. Their web site is located on EMHS under the security box page.

As for this article, its going to be very interesting, and we’ll see what comes up with it whether phone calls or through the room on Clubhouse.

Thanks for reading, off to see about doing more blogging I go!

Comments (0)

What’s going on with breach notifications?

We’ve never been notified in an adequit manner when it comes to data breaches. It doesn’t matter what industry it is, we’ve just not been soooo lucky in getting notified timely.

The problem is, they’re becoming more of a non-issue. We’re notified, just like the Lastpass breach, but we really don’t know much about what really went wrong.

The article is titled Data breach notices become more opaque, leaving consumers in the dark and it comes from our good friends at Cyber Scoop.

Feel free to give it a look and stay informed. Don’t know what the proper solution is going to be, but we need to know what is going on. How are we going to make the right decision?

Comments (0)

Older Posts »

go to sections menu

navigation menu

go to sections menu