The Technology blog and podcast

tech 271 has been up

Hi all, tech 271 is up. It has been up for a couple of days now. RSS is here.

Show notes:

NVDA remote and a demo of the Healow app for IOS to communicate, book appointments, and check on your records from your doctors office.

Thats all for the cast, so enjoy!

Comments (0)

First ‘Jackpotting’ Attacks Hit U.S. ATMs

I read this one entitled First ‘Jackpotting’ Attacks Hit U.S. ATMs and I thought this was very clever. I’ve never heard of this being done until I saw this. The next article here talks about an arrest from this, so we’re starting to see that crime does not pay just like the shadow says.

Comments (0)

Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US

In the great news department, we get two things in one. Drugs Tripped Up Suspects In First Known ATM “Jackpotting” Attacks in the US is the name of the article by Brian Krebs. In it, Brian talks about an arrest after someone had ATM’s delivered to his home, as well as when he got picked up, he had drugs too. Nice combination. Brian goes in to detail about this one. Nice going, here’s your sign. Hope you have a good time telling everyone what you did.

Comments (0)

Have you started the process of filing taxes? Do it soon for 2018

Just saw this article from Krebs entitled File Your Taxes Before Scammers Do It For You which was dated today. Have you started to do your taxes and get them ready for filing? If not, do look to see if you’re ready to do so. The criminals are waiting or not waiting for you. Thanks for reading.

Comments (0)

tech podcast 270 is now up

RSS feed is here for you to get the podcast.

---

On this edition of the podcast, we’ve got a mac demo, a bonehead award of the day, and an interesting video on how cybercrime hides in the underbelly of the internet. Hope you enjoy!

Comments (0)

IOS releases 11.2.5 rom apple

I heard about IOS 11.2.5, which is an interesting update number for apple. Anyhow, I found the applevis posting on it and gave it a read. This is definitely something to be aware of when we upgrade, as there looks to be some regressions.

Remember that each device is going to be completely different in the way it handles the updates, and users here may not experience whats reported in the post.

Hope you enjoy the read, and let me know what you find to be a problem.

Comments (0)

Canadian Police Charge Operator of Hacked Password Service Leakedsource.com

I also came across some good news, something we need to pass along in this crazy world. I don’t remember news this good coming at the beginning of the year. In the wake of all of the news on the two major tech issues effecting different computer chips, we come across the great news in Canada. Canadian Police Charge Operator of Hacked Password Service Leakedsource.com which got a comment on a quoted tweet saying “oh boy.”

At the time of posting, this web site, hosted through cloudflare networks, indicate that the DNS can’t be resolved in an error message I’ve never seen: error 1016.

Since the operator has been arrested, we know that this can’t be good as this site, according to the article, had the ability of telling you whether your email address was part of a potential breach. Helpful, definitely, but to get the password associated with any breach, you needed to pay.

This is how someone can get caught, no? The guy involved was using PayPal for his payment gateway, and they have to follow the laws in each country in which they operate to turn over info if requested for investigation.

If I see any other news on this one, I’ll be sure to pass it along.

Comments (0)

Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter

This was posted on the 15th from Krebs oon Security, and I saw it on the 17th. The article is entitled Serial SWATter Tyler “SWAuTistic” Barriss Charged with Involuntary Manslaughter. I just had a hunch that his comments in Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes which was posted on Krebs on the 2nd of January would come and bite him. He said that bombing would be better than the full swat. The book has been thrown at this guy with invluntary manslaughter.

“Involuntary manslaughter usually refers to an unintentional killing that results from recklessness or criminal negligence, or from an unlawful act that
is a misdemeanor or low-level felony (such as a DUI).”

findlaw.com

I blieve but don’t remember correctly at the moment, but the article mentions an 11 year sentence if convicted. Wonder if this guy had any idea he was going to get caught? Technology companies that provide services to spoof your number are compeled to comply with an order for information, especially when someone gets hurt, or in this case, accidentally killed.

This guy will join the ranks of the people who think they can’t get caught. They think they won’t get caught.

I hope you’ve got some time to think about this one, and may you learn a lesson about human life and what it means to be one.

Comments (0)

Tech 269

On the heels of 268, I have enought for 269 and when we have it ready, its ready. Lots of interesting things too.

RSS here

UEB, better late than never. Can Augmented reality and tech help with surgeries? Fake handbags are nothing new, but can this type of fake item really funnel crime rings? An interesting ted talk by someone who investigates such things. Also, comments on an article about Alexa being a blindness specific tool. It can help, but it should not be just a blindness tool. Contact info at the end.

Comments (0)

UK Conviction Arises out of Trend Micro and NCA Partnership

I read this morning an article entitled UK Conviction Arises out of Trend Micro and NCA Partnership and I always love stories like this. It proves that crime does not pay, even if it crosses borders which the Internet does. Krebs also writes articles detailing arrests as well, but I’ll cover that separately after its read. Thanks for checking out the blog, and for participating in the podcast if you chose to download it and write comments.

Comments (0)

Tech podcast 268 is now up

Tech podcast 268 is now up. As promised, all of last year’s program is removed except for the December podcasts, and I hope to get more podcasts out this year. Find below the podcast show notes. Go to our RSS feed for the show notes and download or stay here to read the show notes.

---

Welcome to podcast number 268 for January 15, 2018. On this edition of the program, I talk about a cautionary tale of giving out personal information which I heard on a telephone line where someone gave out the address in which they live. Question: what might happen if you do this? I’ll leave it right there. Next, the Kansas swatting incident. Krebs posted two articles which I posted to the blog, and I’ll repost them here. Kansas Man Killed In ‘SWATting’ Attack is the first article and Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes is the second. Can this get any worse? Next, I talk about my thoughts on what we might see in the new year and beyond in the security landscape. Finally, we listen to a video in regards to spector and meltdown. Please feel free to contact me at any time, and contact info is at the end of the program.

Comments (0)

comments on various things

Hi.
Well firstly the updates for patch tuesday.
Yeah, for home users the thing will not be a problem unless you just happen to be the unhappy owner of an first generation intel i3 530m mobile type chip.
My uncle’s server has an really mangled m530 first gen, it was really slow to begin with, fast first loaded, but fully loaded was slow.
Cleared off and maintained still on the slow side.
With the update almost useless.
For all the 7th gen and 3rd gen units I own including a first gen or second gen i3 standard from 2009 its not that bad.
Transfering files on all systems from flash drives from and to does seem to slow down a lot especially when its small files I have to deal with.
What should have taken me 5 hours now takes me most of a day.
But since I don’t have to transfer 10-100gb per day thats hardly the issue as such.
I had to recover a friends data for him and have a little to go.
Next swatting, I think this could be added to the nusance or at least scam calls.
You don’t like someone, you get a swat team on them.
There is just one floor in this attack.
The police are not dumb!
They are the police, trusted inforcers of the law so they are not dumb!!!
Except they seem to be as dumb as the cucumber I eat on my salad.
Technically this attack is as bad as something trying to scan a port, its not as bad as a traditional spam attack, or ransomware, but if successfull it can deliver as much dammage as a virus with ransomware, malware, fishing hoax and spam/worm trogen elements.
The only semi cool part of this for the geeks here is that till they get smarter, there is actually a way for you to get destroyed by your computer (the machines are coming! run for your lives)
Seriously though this attack shouldn’t even be able to succeed and even if it did like spam emails it should be recognised as such and handled accordingly.
You’d better hope there isn’t a robot uprising tomorrow because the machines are smarter than us
I do think swatting can be added to hoaxes, fishing and scams in general maybe spam.
The attacks are initiated online in a forum, a bit hard to get handled unless certain phrases are blocked I guess.
Once on twitter, as long as person x keeps the same name well who knows.
If they don’t mask their ips then they can probably be traced.
For those that do its almost impossible.
I recieve scam calls, emails, etc every so often.
The emails and calls are not dangerous in themselves but if you follow them, open their attachments or click their links they can be.
I guess we are only human but this attack is easy to avoid and even if something does happen it should be easy to realise that its a hoax.

Comments (0)

Patch Tuesday is here

Patch Tuesday is here, and so are articles in regards to what is in them. This Trend Micro article entitled January’s Patch Tuesday Fixes 56 Security Issues, Including Meltdown and Spectre tells us about some of the issues and describes the two biggest bugs talked about now. Of course, we can’t forget the Krebs coverage of patch tuesday with his article this month entitled Microsoft’s Jan. 2018 Patch Tuesday Lowdown iws just that, a rundown, including links to other coverage on the blog. On the 3rd of January, our contributer, Shaun Everess, sent me this PC World article entitled Meltdown and Spectre FAQ: How the critical CPU flaws affect PCs and Macs and it does go in to some detail on the latest two major issues. I’m still confused about these two flaws, but it doesn’t appear to just be an Intel issue from what I’m hearing. This article from F-Secure which I read did help some. Some Notes On Meltdown And Spectre is the article from these guys. Trend Micro also has an article entitled When Speculation Is Risky: Understanding Meltdown and Spectre – TrendLabs Security Intelligence Blog and thats the first article I read on this issue. We’ll continue to monitor this one, and any other issues that we have been made aware of.

Comments (0)

Why Amazon’s Alexa Is ‘Life Changing’ for the Blind

Why Amazon’s Alexa Is ‘Life Changing’ for the Blind was sent to me by my dad. I could see the benefits of this device and have played with the one at my home a little bit. I do have the app on my phone, but I haven’t really played with it. This was an interesting story, hope you all read it.

Comments (0)

Swatting, is this a big problem?E

Hi all,

I want to go more in depth with the following, but would like to post this for now. There are two articles through Krebs on Security, and even the news has covered this. First article is Kansas Man Killed In ‘SWATting’ Attack and the second is <a href=”Serial Swatter “SWAuTistic” Bragged He Hit 100 Schools, 10 Homes. I’m a little surprised that this type of activity is still going on today, especially with all of what is happening with the big time breaches.

KNX even mentioned this in a news story through a segment during the 1 PM PT hour in a segment called More In Depth. Suspect In Fatal Swatting Hoax Appears In LA Court, Will Not Fight Extradition so this means he’ll go to Kansas to be charged with murder or another crime depending on what they want to do.

Swatting is not normal, and I mixed up my words this evening talking to someone that lives here, and I am not going to mix it up for the article. Here is what Wikipedia says about Swatting. In the KNX report I heard this afternoon during the news segment I told you about above, the gentleman involved had a way to have his number look like he was in the state. Then he called someone and reported the incident. This whole thing started in an online forum, and another gentleman was giving the one who did it the wrong adress. The gentleman who did this feels bad a guy died, and said he’d rather do bomb threats instead of direct swatting.

Krebs on Security did a great job covering this in both stories I’ve linked above.

The KNX segment was also interesting, the news anchor asked what can be done. The guy interviewed did say that this was tricky, because you don’t nbecessarily call 911, they just call the emergency number and use a service to make it look like you’re in the state. Here are my thoughts.

First, get the telephone number of the caller. I’m not sure what number this guy gave, but when getting the number, call the number back if possible. The reason for the number being called back is simple. If someone other than the original caller answers, you know there is nothing up. In a real emergency, you’d be able to hear something going on. With the callback method in a non-emergency situation, you have time to figure out if this is real or fake. Seeing that the caller gave a number in the area, and not his own, you’d either get a disconnected number or you’d get someone else.

If the gentleman called 911 from a state bound number, than you can’t call back, you’d have your tools handy to tell where the call was coming from. You could use that data, and background noise, to determine if something was going on. If there was a hostage situation, you definitely in my opinion not be calm like the reports indicate.

Always make sure that the information you are given is correct. I’m sure emergency services already does this, but it isn’t a bad idea to say so here.

Do you, the reader, have any thoughts on this? Do report your thoughts.

Comments (0)

New years predictions for tech

Hi all,

I’ve been thinking about this and wanted a post done and posted when the new year happened. I ended up changing my mind about that, because I didn’t quite think thi over very well. My thoughts kept changing, and it wasn’t making sense. Here are some things that come to mind we may see this year as it will probably be another mega breach year for us.

• We will see a potential breach somewhere, where personal information of the disabled will be taken.
• The health industry isn’t done yet, I think we’ll see something bigger than the blue cross 80 million this year.
• Government will have a bigger problem keeping their sites updated, and time only tells us how secure they really are.
• As we continue to test self driving cars, my hunch indicates that hackers may get in to the testing frey as well. If successful, these test cars will feel the brunt of a successful hack attack. It may be on the low side, and the attack won’t be big, but it’ll be eye opening.

There may be more major stories that I haven’t thought of as of yet, but this may give us a start to discuss activity for the coming year. Leave those thoughts.

Comments (0)

go to sections menu

---