go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: August 2016

Go to Homepage [0], contents or to navigation menu



Targeted, now what?

Hello folks,

Disclaimer: I thought I’d take this opportunity to talk about something that happened, but yet, users have seen this type of thing before. If this doesn’t interest you, you may skip it. It

may be technical, but yet, people might be interested in this.

You’ve probably gotten warnings from your browser that the site you’re trying to visit may not be safe. This is a true story, and one that happens all the time. Do you really know what the behind

the scenes things go on so if it is something not supposed to be there, you can meraculously come back to the site after some time?

My provider E-mailed with some information that needed immediate attention across the network. I usually make sure the accounts have good passwords that match the password generator scale and I

always try to advise that the passwords on the accounts at the meter’s score of 100. I forwarded the report to someone who can handle what it had to say, because I personally did not maintain

this domain.

At the same time, a company entitled phishlabs contacted the individual with simular reports, and the person had no idea what was happening.

Without going into detail on the report, the average user needs to know that web browsers today, especially chrome and firefox, have mechanisms in place to let the user know if a website is

phished, hacked, or taken over.

>What is Phishing? Webopedia Definition (Accessed August 4, 2016) The page describes the act of sending an E-mail falsly claiming to be

an established entity who’s soul purpose is to scam the user. The user would be directed to a site, usually by E-mail, to get information to be used in identity theft, or other type of criminal

activity the scammer wishes to use it for. For more information, please click through for the full definition word for word.

The Jared Rimer network can’t confirm if any type of E-mail was ever sent to the potential page or pages that the report found, and it was interesting what the report had to say. Both Firefox and

Chrome reported mid week of the particular week in question the site being a problem, even after the webmaster cleaned the server of the offending information.

Look at this as cleaning your computer of unwanted programs or data you no longer need. Webmasters need to follow these reports if gotten, to make sure their site is clean for visitors like you

who come to it to get information, purchase things, or seek information that you may want that the site offers.

What was interesting about this whole thing, the control panel was also flagged, and to this day, I am baffled why a control panel, which a website operator has access to, would be flagged. The

control panel is similar to the Windows control panel where you have various options to set up various items such as accessibility controls, displays, and other aspects of the operating system.

The web site panel has options to set up and maintain various aspects of the site such as blogs, E-mail, and maybe a shopping cart platform. Each site is going to be set up differently, and that

makes it unique.

From what I am able to understand, the control panel was flagged based on the IP address, but once things got cleaned, that warning was removed.

According to the ticket created with us: along with giving us effected URL’s, talked about safe browsing. The safe browsing

initiative is Google’s project and I think it is a good one today. The URL talks more about the project and how things have grown. I do like the idea of what they are doing, even if it is

intrusive, it is helpful in the end.

That portion of the E-mail as part of the ticket says: “Safe Browsing is a service provided by Google that enables applications to check URLs against Google’s constantly updated lists of suspected

phishing and malware pages.

Google uses automatic algorithms and user feedback to compile lists of sites that may be dangerous. The two major types of dangerous pages on their lists are phishing pages and malware pages.

You are required to respond to this ticket, however your great source of assistance at this point would be Google themselves. We encourage you to obtain a Google Webmaster Tools so you can manage

your sites there. You may obtain this account at the following URL by clicking the red “SIGN UP”
link at the top right. ”

The account holder in question saw the same thing, but how did they get there? The site in question did not have any type of PHP file, and so, just like cleaning your computer by removing files,

we removed the offending files.

Sometimes, at least in the old days, files would not be deleted unless the machine was rebooted. Viruses were left in memory on the PC, so cleaning them with antivirus needed a reboot. Just like

the home computer, a web server has for its user, an antivirus program. I am personally not familiar with the web server version, but it was not giving us much help in identifying any issue,

although I bet if we ran it, it may have.

There have been dodgy hosts who would leave sites up, even after getting complaints of such content on them. Several recent aarticles I’ve read indicate that Phishing is on the rise, and it does

not matter if you’re large or small. One such article is entitled: The Reincarnation of a Bulletproof Hoster

(aug 3, 2016) which talks about how a hosting provider practically did nothing about any reports it got and their eventual shut down. The provider in question than changed names, and even they

went so far as to have different names under their identity, thinking they couldn’t be tracked.

One of the things I usually do is to ask my users what they’re going to have on their sites before I sign them up and give them an account. Its always a good idea to clean your computer once in

awhile, and for us webmasters, a good idea to check on sites and make sure they’re behaving themselves.

One thing we did on the effected account was to change the password on it. My question would be, how did the files come back online if the password was changed? Could they have gotten in another

way? I don’t think we’ll know, although someone is still looking for things that are well long gone.

The reason why I had asked was because after we changed the password, I was alerted to the files being back on our server. A virus could do the same thing, put things back for it to run after it

was cleaned. It does this by knowing what was deleted and it went to get what was missing again. After some further discussion, we think we were doing it the wrong way. There should be a

specific way to do this type of clean up.

This is what I sent my client. I removed the site name as it doesn’t matter. “We have a security alert in regards to (site removed) that needs immediate attention.  The 4th through 6th links in

the report, followed by the 9th through 12th.  You may need google webmaster tools to help you.  Please let me know when this is resolved. ”

I took the time to be specific on what URL’s where the issue was. They were strange files, not ones that I’ve ever seen on any site, and on top of it, the report came in that a brand new site

along the network was also targeted with the same material. I’m quite confused.

What should we do?

First, as an internet user, be careful when you see these warnings. You definitely don’t want to get infected with whatever the browser may be telling you. If you know the person who runs the

site, I would contact them by phone if possible to let them know of the issue. There may be an address they can give you to send an E-mnail of the page in question you’re seeing. If you proceed

with caution, look for things that are familiar such as a contact form to send an E-mail. Chances are, the provider has contacted them and they may have delbt with it, and if so, they’ll tell you

to tell the browser its safe. That sends a report off to Google or Mozilla who will reinvestigate the page and make the correction accordingly.

If you’re visiting the site for the first time, and you see it, there are a couple of things. First, you could have mistyped the URL, doublecheck that and try again. If you still see the message,

you can proceed with causion, or you may chose to leave it alone and possibly come back later. The who is directory can have information on who to contact if the registrant allows that to be

public.

Webmasters, I would take these reports seriously. According to the initiative’s page, Google will mark pages in search results that it is not safe, which could hurt you. Be vigilant in your site

by making sure you go up to the computer hosting it and looking from time to time to see if something doesn’t belong. That is usually your first clue. I would also get a Google Webmaster tools account and put all the sites you run on it. Then, if you are attacked, they’ll be E-mailing you and you’ll know whats up.

The Google Webmaster tools will have you put up a file which is pretty much harmless, but they need it for verification only. You upload this file to the root of your directory and forget about

it.

The various tabs of the google webmasters panel will show you errors, security alerts, and other things that might be of interest to fix.

Questions? Please feel free to reach out via E-mail or comment. I hope that this has been of use to you, and maybe you’ll find it of interest.

Comments (2)

The event you have been waiting for its windows 10 aniversary

Hi all.
Ok guys, here it is windows 10 aniversery 2016.07.10.
Yes 10, there was a small update released about 50mb in size and its included in the huge image file.
Notes.
For those that have the following programs should update before installing the update.
dropbox, adobe reader dc java, ccleaner, cd burner xp, will do automatically, klite mega, winten app essentials 16.08.
Most of these updates came last week.
At least for us on 7 an amd audio driver was also released, but it will be installed automatically.
Note, if you use an asmedia extended e class and intel usb3 controler of the same class, the asmedia card will continue to function, your intel driver will not, you have to click the notification to install it and its not compatible so a ms one will substitute both, all devices I tested worked, however, the mouse I had connected jammed up a little but seems ok now.
YOu can get the windows upgrade assistant from the windows blog and install manually or get it as it roles out.
Inorder of appearence the program will download, varify, extract then install.
The entire process took 2 hours to do all that.
Then 90 minutes to install that.
Finaly sign in to windows with narator to finnish.
Things to do off the cuff.
1. fast startup, go to control panel power options, choose buttons, change unavailable settings and kill the box.
in windows settings turn off background apps.
Following settings should be active, smart screen, diagnostic info basic, feadback off, location off unless you want cortana.
Camera on for skype, radios off, language list on, everything esle should work as expected.
Note if your language is not selected you may have to install it, I had to install optional and other features as well as install extra programs for developer support.
To install bash, install the windows developer tools from programs and features turn windows features on and off then set developer mode to developer then run cmd.
next type bash.
hit y, wait 20 minutes.
enter a username
enter a password.
passwd will update.
you’re done.
To exit type exit then exit again.
turn dev mode off again.
The thing mostly works.
I have noticed that a lot of people are having display issues, you may want to remove your intercepter screen readers.
Nvda users, you will get your fully accessible stuff in 3 weeks or so.
winten apps 16.09 is being developed right now.

Comments (0)

Social Security Administration Now Requires Two-Factor Authentication

I think the social security administration really are not up to date on their security in my opinion. I read today Brian’s blog which is titled above and linked now entitled: Social Security Administration Now Requires Two-Factor Authentication and I am not sure that they really get it. This agency is not appealing to the masses in relation to security and the demographics they deal with.

Most people, especially older ones, do not have the means for two-factor with cell phones. Those of us who are young, we do, but what about the older generation who does not know how to use such technology?

My grandfather, bless his soul, I don’t think ever texted in his life. While he’s dead now, and has been since 2010, it would not surprise me if criminals used his information to get benefits, and other odds and ends they would want to use. My grandmother only started using a cell phone recently, and has had trouble with it. I highly doubt she is using it to set up two factor on any site, let alone having an account on the IRS web site.

I think the mailing of pins to complete the signup process would be a good idea, because if they got something in the mail with a URL to visit, it would make sure they’re getting to the right place. It would stop right there if the person, say Grandma, never signed up, but got a letter in the mail.

Grandma could call the IRS, say she never signed up, and a tech can delete the account, or help grandma sign up with a valid E-mail address over the phone.

The letter should have very clear instructions on what the person needs to do. They could also send an E-mail with E-mail verification. If the criminal got the E-mail as they would put theirs, but the victim got the mailed copy, the mailed copy would take presidence because someone like Granmdma lets say would know if she signed up. If the representative then read the E-mail address on file, and Grandma said no, thats not mine, the account could be flagged.

I could think of ways for this to work, and more things needing to be done in this regard.

Grandma, if you read this, your name isn’t mentioned, and only used as an illustration for my opinion on this article. No hard feelings.

Any thoughts? Please sound off in the comments.

Comments (0)

Kimpton Hotels Probes Card Breach Claims

On July 26, 2016: I read an article entitled: Kimpton Hotels Probes Card Breach Claims and it is the latest in the breach department according to Krebs on Security. While nothing concrete is confirmed, I think we should be making sure every transaction that is made is ours and nobody elses. Any interesting withdrawls or transactions should be reported, even if it is small. Thats how i knew i was hacked, just because there were charges that were not mine and I knew it. No your spending patterns, and you should know where you are.

The comment boards await you.

Comments (0)

INTERPOL Arrests Business Email Compromise Scam Mastermind

I just read today an article entitled: INTERPOL Arrests Business Email Compromise Scam Mastermind and I always like seeing articles like this. This just goes to show that borders mean nothing in crime anymore like they once did. Go Trend Micro, and we can really make that difference. Thoughts are welcome.

Comments (0)

Trump, DNC, RNC Flunk Email Security Test

OK, On the 25th of July, I read this article entitled Trump, DNC, RNC Flunk Email Security Test and this doesn’t surprise me one bit. We’re talking about parts of government here, and the government has proved that they are not secure when it comes to personal information. Just look at the Catching Up on the OPM Breach (Krebs June 15, 2015) and you’ll see that when he caught up, there was more to this than we knew. Your comments will await the boards.

Comments (0)

Hacked Again

I’m going to read a book entitled Hacked Again> which is a true story about a cybersecurity man who got owned. Its availble on Amazon. The description of this book is going to be on our books blog and I hope you’ll enjoy it.

Amazon link to the book.

Comments (0)

pokamon go continues to make the rounds

Hi all.
Well, Its been raining all day and thats left me catching up on a lot of podcasts 3 of which are manamon based.
I have completed a bit more of the game to.
After I got done with the podcasts I still felt in a gaming mood.
I started searching for pokamon go articles not for anything special, but just to go through a few pages well a couple and see.
Things like pokamon go, terrorist, or just pokamon go in general taking my fancy.
The following seems to have come from sites and news wires.
1. the game is really popular.
People will kill and steal just to play it its that epic.
There are guides on what to wear, and tips to be safe.
The game had a major privacy hole being able to fix your google so it could potentially spy on you, this aparently was an error and is fixed.
Sadly there are rogue versions with hacking and malware suggested but no one has actually seen this.
On a positive side, one article said that everyone is playing and if that is so then we are getting closer and closer together.
Sadly, that was about the only article on a piecefull nature and this is sad.
2. the shit hitting the fan.
This part of the article sadly is the non nice bit, it could contain swearing maybe.
1. Sadly the security hole prompted people to go and say that google and its internal companies are cia and nsa funded.
And that we are paying to get spyed on and the government is just looking for terrorists in normal people.
Its scare mongering even I know that privacy is as dead as the dinasaws but thats not stopping this junk from coming out.
The next thing on the list is that the black community feel that at least from one guy’s prospective that he could die from police shooting him for just playing.
Sadly, part of this is true.
People as I have said have been shot, robbed, murdered and other such things while playing.
Its not gone the bad guys way though.
Someone tried to rob a group of people in a car that were playing.
One guy stopped midgame to blow the robber away then I assume continued playing.
It seems also that pokamon have been placed to randomly.
Ie I know in a lot of these online animation movies everyone’s house and world is an open world.
I know that while I am ready to let my online privacy go to some extent well prity much I don’t care, I do care if some fucking gamer shows up at my house at 3 am in the morning.
There have also been some accidents of various types and people being not concentrating, playing while driving.
People have been fired while playing the game.
This has included in important government meetings a reporter got caught out playing.
I know people at my aunt’s work having frequent breaks to find pokimon outside.
On the other hand, if you need a smoke or a joint or something its a perfect excuse well maybe not if you do it like 20 times a day.
Shops and some businesses are putting signs to stop people coming in just to find a pokimon.
There are dating sites for pokimon in japan.
The criminals or other questionable governments are doing this to.
In ucrane, especially the east, a site developed to hunt down pokimon has set these to be terrorists or what the government there thinks are terrorists.
Mostly these include journalists.
Sadly, there have been 2 breaches or probably more likely deliberate data dumps of personal information and other stuff out there.
So we now have a witchhunt site going on.
There is a petition to get this game accessible to the blind which I am not signing.
I have played a lot of online and offline animation and other rpg styles.
Sadly, there are a few things that people or at least the makers should realise.
1. there are actually people that either due to ignorance or the fact they want to try to kling on to old values are affraid of privacy.
2. randomly placing everything all over the place while fine in game is not fine in the real world.
You could be shot for going into a place uninvited.
3. You could contribute indirectly to terrorist activity.
4. you could also indirectly contribute to government hate and therefore home grown terrorism.
On the other side you may just bring everyone together in harmony as long as you are not muslam or black that is or a cop because aparently they seem to like shooting blacks lately.
I think myself that it is a blessing the blind can’t play this and we should stay the fuck away from this.

Pushing this entire thing asside, I think we as humans are seeing the limits of vertual reality.
Its been science fiction but now its actually real.
We are making the first step, imagine what will happen if we make a matrix style reality.
I remember being stuck in a game and well just stuck there all day.
I can literally get stuck playing with my headsets that I don’t hear people coming in the house.
The only reason I let myself go mostly is that my dad is retired and mostly at home.
However I see the temptation.
Ages ago, when life was depressing, the game world was something I really liked to be in and not the real one.
I got myself out of that ofcause but I have friends that have to eventually quit all electronics for a while.
Even though I know where I am, I really need to focus on some out time because if I don’t well.
This vertual reality stuff is here to stay, allready we are hitting the reality barrior.
A lot of stuff does not synk.
We are going to have to start thinking.
Right now I don’t think we are ready for real world intergration.
Most of what I read was not peacefull, no matter what it talked about it mostly involved others killing others, need I say more.
We as humans are not ready.
We are building to world war 3, maybe we should concentrate on that, and then if we are still alive maybe we can focus on that.
I doubt we will, but its nice to think so anyway.
What concerns me the most are the uses we as humans have put this thing into, most of which are not helpfull and a lot are round the app and not the app itself.
I have seen some things cross over into the real world.
Read last week’s article, but not many of those.
Now if you could buy with real cash, actual units, but also actual game items, food, drink, etc then maybe I’d go for it.
My biggest concern is that we are going down the road to hell with this one.
At some point there will be trouble, not the small troubles we have been having but something really big.

Comments (1)

« Newer Posts

go to sections menu


navigation menu

go to sections menu