go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: March 2017

Go to Homepage [0], contents or to navigation menu

IOS 10.3 has been out

Hi all,

In the better late than never department, IOS 10.3 is out. I’ve neglected to post about the other IOS releases since 10.1, but Apple Vis has a blog post of their own dealing with changes and regresions we must be aware of. Please feel free to read it and update when you get a chance. Security Now has covered 10.3’s release but I’m not sure if I remember on what episode. Here is Security Now’s RSS feed which is hosted on twit.

Comments (0)

FBI: Attackers Targeting Anonymous FTP Servers in Healthcare

Hello folks, this article came across my desk through a newsletter I’m subscribed to. The article is entitled: FBI: Attackers Targeting Anonymous FTP Servers in Healthcare and I do not believe that our FTP allows anonymous access even if we turn it on now a days. I really think we need to be aware of this, and pass it along to our dentist and health care people that we know. This couldn’t get worse, can it?

Comments (1)

march’s updates

Well I have been busy this month but thought I’d put out all the updates since no more have come.
Amd drivers, and others.
Windows 7 monthly and preview monthly.
adobe flash, and adobe acrobat update services.
Dropbox, skype all have new versions.
codecguide 13 is out.
Windows10 cumulative for march is out.
Well technically 3 versions came out one you had to manually download from the catalog.
The first version was the big update including february’s update.
The second versions fixed issues with the first.
The third fixed issues with the second ie it broke windows store.
Office recieved 2 updates one minor today.
Itunes has an update.
Garmin devices had one of their updaters depricated and another released, tomtom has a new update for its home suite.
Thats that for this month.
Next month is windows 10 creaters.
Interestingly if we use old termonaligy we have win10 then win10 a.
Now we get win 10 c where is win10 b?
And where did windows 9 go by the way.
Intel also has a driver updater update to 2.72.
More next month.

Comments (0)

Dishwashers, washing machines, connecting to the net and having issues?

This goes in to the oh boy category. Do we have one?

In the same newsletter, one article calls it a dishwasher, the other a washing machine, but this can’t be any worse can it? Hackable IoT washing machine provides channel for breaching hospital IT and Dishwasher has directory traversal bug g
Thanks a Miele-on for making everything dangerous, Internet of Things firmware slackers
are two articles out of several here in this list. We definitely have something going on here, and it can’t get better when you see this. The reason why I went after the second, was because I heard parts of Security Now which taped on Tuesday afternoon, and it is discussed there. Steve couldn’t believe it, I forget what he says, but this is definitely bad. I just wonder what else we can see if we’ve practically seen it all. Oh boy.

Comments (2)

US man held for sending flashing tweet to epileptic writer

I saw this article in the Sans security newsletter about this guy who supposedly sent a tweet with an image to cause a seizure. This is fucked up. US man held for sending flashing tweet to epileptic writer is the article. This is absolutely rediculous for someone who is a writer to send someone else a writer something you know can cause irrepairable damage. I don’t understand why you would knowingly do this. 10 years in jail? This can’t be enough to repair any damage this guy dhas to go through to get his life back especially if the seizure left him in a state where he needs more help than normal. Wow.

Comments (1)

ATPC hit with Ransomware, does not pay demand

On February 15, 2017: a company called ATPC (the Alternate Text Production Center) was hit with a ransomware strain. The E-mail that was sent to me indicated multiple things that I would like to highlight in this ever important effort on continuing education on the epidemic.

  • First, they had backups of everything that was currently set to be produced. While clients uploaded files through a protocol called FTP, the company did have a policy in place about this access they needed to change after this epidemic.
  • Next, the notice was very straight forward in what happened, steps they took to mitigate the attack, and what they were doing to make sure that it didn’t impact them like this again.

Here is a baseline of what they said.

  • The FTP server had files up there, and the policy indicated that it was for short term storage. These files are small, even though they were books to be sent in braille or electronically to customers.
  • They made sure all files were backed up in multiple locations so if a file they needed to send either in braille or electronically was infected, they had clean copies. This was the most important step in this process. If you have read Most Companies Still Willing To Pay Ransom To Recover Data, Survey Shows you will know that most companies have no choice. Just look at this LAVC update that I posted after my first post on that which asks Are schools next in the cyber race? I really think this step was important.
  • They sent out a notice to their customers. This is very important as you want them to know that you know about the issue, and what you’re doing about it. They don’t want to find out after the fact. LAVC called and E-mailed us, and even braught in experts which advised they should pay. LAVC is a lot larger than ATPC, but ATPC notified their customers and prevented that whole mess.

The points I’ve made and links to the articles should highlight that ATPC has done the right thing, and they are a small business. I don’t think there is any other way of doing this without having to pay like LAVC did, and that took out their Internet and phone systems. While a few files were lost, they were easily retrieved elsewhere. This is a perfect case of something that went wrong, and the perfect solution to a very complex systematic problem of keeping us safe.

Each ransomware case is different, but hopefully, we can learn from this textbook case. Thoughts? Get in touch.

More information: Alternate Text Production Center

Comments (2)

Americans ignorant on cybersecurity, Pew poll shows

I’ve just gotten a chance to read this article from Sans E-mail that talks about whether or not we understand a lot of whats going on today and how to protect ourselves. While I believe education is the key, constant understanding and reading of articles like the one show here will keep you in tact. Check this one out.

Source: Americans ignorant on cybersecurity, Pew poll shows

Comments (0)

Phishing with Wildcard DNS Attacks and Pharming

On the 3rd of March, this article entitled Phishing with Wildcard DNS Attacks and Pharming was posted. This was interesting because of the fact that we are learning a new term. According to Wikipedia: Pharming is the deceit of a web site where a cyber attack is done to make the site go somewhere else. Here is the paragraphs talking directly about Pharming from Wikipedia. To learn more, please click through.

“Pharming[a] is a cyber attack intended to redirect a website’s traffic to another, fake site. Pharming can be conducted either by changing the hosts file on a victim’s computer or by exploitation of a vulnerability in DNS server software. DNS servers are computers responsible for resolving Internet names into their real IP addresses. Compromised DNS servers are sometimes referred to as “poisoned”. Pharming requires unprotected access to target a computer, such as altering a customer’s home computer, rather than a corporate business server.

The term “pharming” is a neologism based on the words “farming” and “phishing”. Phishing is a type of social-engineering attack to obtain access credentials, such as user names and passwords. In recent years, both pharming and phishing have been used to gain information for online identity theft. Pharming has become of major concern to businesses hosting ecommerce and online banking websites. Sophisticated measures known as anti-pharming are required to protect against this serious threat. Antivirus software and spyware removal software cannot protect against pharming.”

If this is true, what type of things can we as citizens do to be able to protect ourselves from this new threat? We’re going to have to explore this together and see what types of things we can do.

  • While this isn’t fullproof, make sure you’re on the site you want to be on before entering any type of data. If you want to go to PayPal, make sure PayPal is in its URL, and not redirected to somewhere else.
  • If the site is supposed to be secure, make sure the URL says htttps and not http. Especially when logging in to sensitive places.
  • Make sure you know if the web site is to go somewhere else by a redirect. Most sites don’t redirect to offsite URL’s.

On that last point, I have a redirector for a sub domain to point directly to an HTML site on the same site. I also had a sub domain pointing directly to my blog at livejournal, but i show you where it is going, instead of hiding that fact. This way, the user can question me about that, and I can tell them its safe.

What other thoughts do you have? Get in touch.

Comments (0)

comments for today

Hi jared.
Hmm ransomware, yeah anyone can make it, sad but true.
Companies will do anything to get their data back, sad but true.
They should have backups but a lot I know don’t have adiquit backups.
Kids and the net.
You know my feelings on the issues, kids shouldn’t have any access to the net, a mobile phone, etc till they are 13 or maybe older I never got mine till I was 20.
Failing that, kids need to have the net restricted for them before they get on it.
Ie no access to facebook, no way to tweat, no way to do anything bar what is safe.
Soon enough they will figure out how to get through controls you put in place.
The net needs to be portrayed as a emulation of the real world.
Its a good place to find info, buy things etc, but as in the real world there are dangers and these are mirrored on the net a lot more than you think.
Some scientists have found out that the digital data we put out can be used to profile us humans, and without the offline limitations we usually associate with normal laws online, we reveal our true selves.
This in itselves is scary in deed.
I am usually myself online though I know my temper can get a bit hyped at times.
So we need to be ourselves where ever we go.
Kids are smart they will eventually break any blockers you chuck at them.
Its also known that they can change their profiles on social networks so they are above the restricted age.
The net should be discussed as an extention to the real world its just more of the real world with 0 travel time.
Sadly I have seen extremes on each end.
I do not know about the non safe end as such but I do know about the super safe end.
If you are to safe and you don’t risk then you are to protected and this is not good either.
I have family with a religious type of thing going on.
Their children for a while got restricted tv, restricted net in fact no net, no phones, etc because they were full of evil.
They rebelled.
Whenever at a tv they all watched it 24-7.
One of them grew up eventually pirating software and loading cracks and doing things she shouldn’t because she was denyed the risk.
I have seen worse, people that will simply crack things because the net is to dangerous to buy stuff from.
People that will simply not buy anything online or worse will just not do things that are conciddered dangerous.
I worked for a school who had some serious issues with their system.
Holes where while secure, things just didn’t work right.
They restricted some sites sure, but while trying to report an access issue I inadvertantly opened a staff email account I shouldn’t have access to.
I reported it immediately ofcause.
Their responce was to say I hacked their net and a lot of other lies and to fire me.
I assume therefor that this is how they handle all their security.
Gettring rid of the visible issue and not fixing things.

Another thing to notice.
If your kids grow and get more familiar with the net they may eventually outgrow things.
Eventually every one of your kids will need their device and you will loose control at that point.
I have various people I help, those that will respond to a virus installing every program to secure their system only to give it to me unworking and slow.
I have had to basically pull out all the security programs and reinstall everything so its working right.
Then there is the secured person which is uncertain what is or isn’t.
Ie, those boxes on the internet saying you are insecure must be lagit but are the program icons on the system tray lagit?
Should I ask the admin, no he’ll think I am a total dumbass, I better not.
As you realise, the ones he should have looked at are the ones in systray by the clock but if you havn’t used it before it can be a strange place to look at stuff if you expect it to appear in front of you.
While it was a headake for me to clear it, it can be a issue for users that do not use all their desktop all the time or their icons.
Its a lot better to be happy that your users are secure but I do get called about icons, what do they mean, or my system is secure but how do I get this function or this data.
So things do happen a lot.
Most of the time, what does this button do.
Ie, there is a web icon on your brouser saying things are not secure.
There is an icon in the notification ariea but its saying something else and you are not sure what both are.
In this case the icon on the tray was wrongly being reported because of an error in the program the icon in the brouser was fake but a user wouldn’t know what was safe even adults do it.
It maybe therefore a bit hard to secure your child totally.
They will learn as they want.
The only thing I guess is to show them what is safe and what is not.
On that note, safe is one term they may have to find out for themselves.
Generational safety will change from time to time, general safety can be taught but the rest well it will depend on what is needed.

Comments (0)

Most Companies Still Willing To Pay Ransom To Recover Data, Survey Shows

I know I may be posting things that were posted in the past, but I found this article entitled Most Companies Still Willing To Pay Ransom To Recover Data, Survey Shows that was sent in a newsletter that I’m subscribed to. The library should be commended to the fact that they did not pay the demands of the hackers, and were able to get their data back from backups. I believe this is how it should go. I’m curioius on your thoughts on this one, even though its older, its still relivant.

Comments (0)

Kids and Internet Safety: How Parents Should Have ‘The Conversation’

I read this article entitled Kids and Internet Safety: How Parents Should Have ‘The Conversation’ and there are some takeaways here.

“Threats are everywhere
U.S. households are filled with more devices than ever before. Recent research conducted by Trend Micro found that nearly 30 percent have three or more smartphones, around a third have two or more tablets and close to half have two or more computers in their household. These are your gateway to the internet. But they can also be a doorway for malicious attackers to enter your virtual world, and that of your children.

Why is this important? Because you are ultimately responsible for your child’s safety online, just as you are in the real world. And those cyber threats aren’t going away anytime soon. In fact, we found that two-thirds (65 percent) of American families have had their home PCs infected with a virus or piece of malware. Over a third (36 percent) have lost files or had them damaged, and 13 percent have had passwords stolen. The repercussions are potentially serious, ranging from identity and financial fraud to ransomware which can lock the entire family out of their devices and render all your personal data useless.
What’s more, there are specific online threats to children to be mindful of. Over a third (34 percent) of U.S. respondents claimed their children have viewed inappropriate content online. And 8 percent said they kids had suffered at the hands of cyberbullies. Unfortunately, bullying is as old as mankind, but in the cyber world taunts and threats can be far worse as the offenders feel they are hidden by a blanket of online anonymity. That 8 percent figure is likely to be far higher in reality, as many victims will choose not to report cyberbullying.”

There’s more to this article, but this needs to be talked about. Even the kids I know are starting to have time restrictions placed on the use of devices. Check this article out.

Comments (0)

Ransomware for Dummies: Anyone Can Do It

I read this article entitled Ransomware for Dummies: Anyone Can Do It and this is so true. I’ve never got in to bitcoin at all, and honestly, I don’t know how accessible it would be, but seeing that bitcoin is even hard to buy, I’m surprised how lucritive this actually is. I still remember the story I heard on NPR I believe it was, where someone was forced to travel 200 miles in a storm to get money to pay to get their files back. While they missed their deadline, the people said they paid, and released their files. This definitely should be something to read. Thoughts?

Comments (0)

Freedom Scientific® Introduces ElBraille

Freedom Scientific

Media Contact: Richard Tapping
800-444-4443 or 727-803-8000

Freedom Scientific® Introduces ElBraille

A cutting-edge, extremely portable Braille computer

(St. Petersburg, Florida – March 01, 2017)

Freedom Scientific® today introduced ElBraille, running Microsoft Windows® 10 and JAWS 18, the ElBraille is the newest portable computing solution for the blind and the logical next step in notetaker development. The ElBraille-14 and ElBraille-40 use JAWS® 18 to provide speech and braille output and JAWS’ BrailleIn feature to allow complete control of the ElBraille computer from the Perkins-style, braille keyboard. The Windows ® operating environment is the standard in education and professional settings. Run Windows applications such as the Microsoft Office suite or Adobe Reader for complete access to all mainstream document and file types. Use accessibility applications and accessories such as OpenBook® (printed text to speech and braille software) with the PEARL® Camera to immediately read classroom texts or meeting and lecture handouts.

Running the latest Windows operating system on an Intel Atom quad core processor, with 160 GB of internal memory and 2 GB RAM, and incorporating either the Focus 14 or 40 Blue Braille Display, and JAWS 18, the ElBraille is the logical choice for anyone who wants to raise notetaking and portable, accessible computing to the highest level.

“It makes sense to use a device which completely supports mainstream applications, such as Microsoft Word, Excel, PowerPoint and Outlook,” says Brad Davis, Vice President of Hardware Product Management at Freedom Scientific. “Adding Wi-Fi, Bluetooth, and cellular connectivity with up to 20 hours battery life makes the ElBraille a real productivity powerhouse,” says Brad Davis.

The ElBraille-14 is scheduled to go on sale in the US and Canada in the second quarter of 2017 with the ElBraille-40 following soon after.

About VFO™ and Freedom Scientific®

VFO™ is a leading global assistive technology provider for the visually impaired. The VFO™ brands have a long history of developing and providing innovative solutions for blind and low vision individuals, helping them to reach their full potential.

Freedom Scientific®, one of the VFO™ brands, is the leading worldwide provider of assistive technology products for those with vision impairments. The Company sells its products worldwide and has offices in Florida and Switzerland. The Company’s products have been translated into 24 languages and are available in 55 countries. Freedom Scientific® also has a line of software products for those with learning disabilities.

Freedom Scientific® and JAWS® are registered trademarks in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.

We invite you to like us on Facebook and follow us on Twitter.

VFO™, 11800 31st Court North, St. Petersburg, FL 33716-1805

Comments (0)

go to sections menu

navigation menu

go to sections menu