go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: October 2019

Go to Homepage [0], contents or to navigation menu

HP launches Spectre x360 13 pre-installed with ExpressVPN

Just like an antivirus/anti-malware solution, having a VPN installed on your PC is very important. Are you ever concerned about the privacy of your online activity? Or worried about advertising trackers? Or maybe you are trying to access content that is prohibited by your government or Internet Service Provider (ISP)? Do you ever want to watch certain movies on Netflix only to find that they are not available in your country? A VPN will help you solve all the above problems. What’s more, a VPN is affordable and easy to use, especially in the case of the recent HP and ExpressVPN partnership where the VPN comes pre-installed on the latest HP performance laptop.


The HP and ExpressVPN partnership

Consumer VPN expert ExpressVPN recently announced its partnership with the giant tech company HP Inc. As part of the agreement, a selected number of PC’s will come pre-installed with ExpressVPN’s Windows app to help protect users’ privacy and security online. 

HP’s recently unveiled Spectre x360 13 laptop model will be the first one to enjoy this arrangement that includes a 30-day trial period to see if the VPN is a good fit for them. The product will, however, get incorporated on more HP models in the coming months.  After the trial period has elapsed, users will get an opportunity to either buy a longer plan or opt-out of the subscription. 


About ExpressVPN

ExpressVPN is the market leader in consumer VPNs. Its popularity stems from its speed, security, reliability, and ease-of-use. ExpressVPN helps users to secure their data traffic and guard their online presence against prying eyes. This VPN gives users peace of mind when they connect to untrusted or unsecured networks, such as public Wi-Fis at the coffee shops, hotels, and airports. You will be able to encrypt your network data and secure your internet browsing experience with one simple click!


ExpressVPN TrustedServer Technology

ExpressVPN’s TrustedServer technology presents a major surge in protecting consumer privacy and security by addressing key risks common with how VPN servers are conventionally run. 

Traditionally, server owners install the software and operating system during the initial set up of the server and then add amendments over time. Take note that every change made gives rise to the possible changes among servers, decreasing the trust that each one of them is using the same exact code. 

ExpressVPN’s TrustedServer technology ensures each of its 3,000+ VPN servers uses the most recent software. Every time the server reboots, it loads the most up-to-date read-only picture containing the whole software stack, OS, and others. This is to say that ExpressVPN is aware of everything that is running on all their servers, which minimizes the possibility of exposure or misconfiguration and greatly enhance VPN security.


HP Spectre x360 13 Features

HP’s newest Spectre x360 13 laptop model combines the cultivation of impressive design and mobility, with heightened security and performance features that allow users to enjoy their passions without limitations.

With 6 out of 10 PC users concerned about their privacy being compromised, the new Spectre model features a dedicated mute mic key, HP Webcam Kill Switch, and an extra HP Sure View display. It also features twice the performance of its predecessors with an extended battery life of up to 22 hours, enough to take you through the day. 


About HP

HP is a global IT corporation specializing in the sale of software, hardware, and other similar services. The company was founded in 1939 by engineers David Packard and William R. Hewlett. HP’s product line includes PCs and other computing devices, software, storage tools, scanners, printers, plotters, and enterprise and industry-standard servers among other imaging devices. In 2014, HP decided to split the company into two– HP, Inc. and Hewlett-Packard Enterprise.

People who use PC’s/laptops are mostly on the go, and this often results in the use of unsecured Wi-Fi networks. With a speedy and trustworthy VPN like ExpressVPN, users of the new Spectre x360 13 will walk with their head high knowing that their privacy and security remain unaffected regardless of whichever Wi-Fi network they are on. 

Comments (0)

Will Apple get hacked more in the future? Business insider says yes

With apples IOS 13, and very successful hacks in to the IOS platform, we’re starting to see Apple being targeted. According to this article from Business Insider entitled A cybersecurity expert explains why we’re likely to see more Apple hacks in the future we’re going to see more hacks toward IOS and Mac devices. Windows is also covered, and rightly so.

While my phone is older, and I’ll be looking to replace it soon, making sure our software is as up to date as possible is now more crucial. This is going to get interesting as we continue to see these types of issues including data breaches in general.

The fact that the article talks about whats app as an entry point, whats app developers need to fix that hole too. Its not all the operating systems fault, whether its windows, mac, ios, android, lynux, or any other operating system out there.


Comments (0)

British Airways data breach: class action lawsuit approved – IT Governance Blog

Here is British Airways news. I think I covered this back when it broke, so I found something and thought I’d post this update here to the blog.

We need to remember things are changing, and this is only the beginning of the problems if we can’t figure out how to protect ourselves the best we can.

A portion of the article and the link follow.

The High Court has granted a group litigation order, effectively giving the go-ahead to mass legal action from 500,000 victims of the 2018 BA data breach.

Source: British Airways data breach: class action lawsuit approved – IT Governance Blog

Comments (0)

Presidential campaigners are not secure … this can’t be good

According to an article I’ve thought about and saw today, 16 out of 23 potential candidates are not security concious and have some things to fix before next year and running for president.

I’m not going to rehash the articles I wrote on Donald Trump, you can go to my article listings page AND SEARCH them out on your own under the vocal heading. If this is in any indication, we’re going to have another long 4 years if someone new wins and their cybersecurity is not to par.

Article: U.S. Presidential Campaigns Struggle With Cybersecurity

Comments (0)

Alabama got hit with Ransomware, pays ransome

Hello all,

Well, the news this week deals with Alabama getting hit with Ransomware. According to this article entitled Ransomware attacks are insidious. Experts urged healthcare CIOs to invest in proactive security measures to combat the growing threat. Alabama was the target. Unfortunately, Ransomware is not going to be going away, and thats because its a great moneymaker.

I wonder how this type of thing is created to begin with? I’m not saying that I’d send it out and demand money, since my goal of the blog and podcast is to alert you all on whats out there so we can protect myself. We all need money, but we need to do it the right way.

For example, on one of the pages on the blog is a donations button I believe. But if not, thats OK. Money isn’t the object of this podcast, but if you’re interested in donation options, get in touch.

I’m confident when I reminisce about the story one of my buddies told me about one of our own in the blindness field getting targeted with Ransomware. Remember this article entitled ATPC Hit with Ransomware, Does Not Pay where I talked about a textbook case of doing it correctly? We should bring it out and show companies that a company serving the blind community did it correctly, and we should all learn.

Getting back to the article at hand, Security Now covered quite a bit of ransomware this week in their episode for this week. If that show goes in to ransomware mode, whereby they’re covering nothing but ransomware in the news, its going to be the whole entire show. This can’t be a good sign.

Here are the notations from that episode.

  • Ransomware hits schools, hospitals, and hearing aid manufacturers
  • Sodinokibi: the latest advances in Ransomware-as-a-Service
  • Win7 Extended Security Updates are extended
  • A new Nasty 0-Day RCE in vBulletin
  • There’s a new WannaCry in town

As you can see, there are lots of things going on here, and its not going to go away any time soon. The fact that the main topic of this blog is ta;lking about the Alabama case, there is a lot more happening that we should be learning about too, and thats why I find the story of value. This is going to get very interesting.

Comments (0)

Trend Micro’s next webinar

The title of the next webinar is going to be “What’s Up with Web Threats?” It’ll be held on October 29th at 1 ET 10 PT and I am going to try and make it. If not, a recording will be provided afterword.

Today’s threats are now hitting us hard. Web threats, email threats, telephone calls, and more. Please sign up and learn how you can protect yourself and teach others what they can do afterword. We can do this together.

With the popularity of the web, and everything that is connected to it, there is no surprise it is the second most detected threat within our customer

In this month’s threat webinar, I will review the numerous types of web-based threats affecting your employees, such as embedded URLs within emails, malvertisements,
drive-by downloads, and command and control (C&C) servers.

As well, I will be reviewing some best practices you can use to better protect your organization, employees, and web servers from these attacks. Because
when you can prepare for, withstand, and rapidly recover from threats, you’re free to go further and do more.

That’s The Art of Cybersecurity.

I’ll see you there!

Comments (0)

Its time for another patch Tuesday: time to reboot and update your systems

Its time for another patch Tuesday, and Krebs On Security and Trend Micro are offering the articles in regards to whats out there. I’ve already taken the computer offline and did the reboot necessary. The computer seemed to be a little slow anyway, so the reboot helped clear that up.

Below, please find the articles from my sources. Stay safe!

Please feel free to check these articles out for more information. Trend Micro is the longer of the two, where they detail whats patched, while Krebs is good in its own right, some detail, but enough to cover everything since Adobe is covered in that post as well. Both are good for their own right, and I want people to choose what article they want to take from. Thanks so much for reading, and make it a great day!

Comments (0)

Magecart is at it again, this thing doesn’t die

According to FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops from the TREND MICRO intelligence blog, this thing isn’t going away any time soon. According to the beginning of the article, another 3126 sites are effected, and this is now on the web, not just your brick and morter shop now. Once this thing is installed, it scrapes credit card data through scripts through the SSL connection and out to the bad guys. There are links to various items on this article, so paraphraising is going to be difficult. I’m passing this along so that we all can be aware, and do the best we can to protect our cards from this attack.

The bad thing is that the site may even look normal, and we may never know it. It seems thats the risk we take now. Let me know your thoughts on this one. It can’t be good.

Comments (0)

The New Features, Changes, Improvements, and Bugs in macOS Catalina for Blind and Low Vision Users

A little bit of Mac news coming across our desk while perusing Apple vis. This blog post with the same article title has all of the details.

What I really like are the functions that remind me of Dragon during voice dictation. That is awesome! I tried Dragon with Jaws many years ago, but its been a long time.

There are some bugs in regards to playing podcasts, and another bug, but a lot of enhancements with this update.

Give it time, update at your convenience, and feel free to report any bugs to the AppleVis community so they’re aware of it and to Apple so they can fix it.

Do let me know if you find this info of value.

Comments (0)

NCSAM: Part 2: Scott Schober’s latest book is a must read

If you read nothing else this month, I’ve been referencing Scott Schober’s second book Cybersecurity’s Everyone’s Business and I read part 2. Part 2 of the book covered several breaches including the biggest in health care, Anthom Blue Cross, Equifax, and more.

Equifax still has a bunch to say for itself, and I have two articles myself I wrote through the Vocal platform. They are: Equifax Breach: Why You Should Be Worried After the Latest Breach September 15, 2017 and <a href=”More On the Equifax Breach: Why It’s Time to Keep that Software Up to Date which was posted to 01.media on September 26th of that same year. I’m sure you can find other articles and Krebs was also cited in this part in numerous breaches.

What I found amazing ws the details or lack there of when it came to DynDNS, which took half the net down, or so it seemed.

Some of these breaches we have no control of, especially the equifax breach. Some people even went so far as to call them equifish, (equiphish) and this is no joke. Steve Gibson, the guy behind Security Now on the twit network was at a loss. Nobody can really explain the hack, and the fact they paid millions of dollars doesn’t explain the piss poor job there.

Uber I was not a customer of when that breach happened. The fact they went through several CEO’s and the future of the company is still uncertain because it blows through money should probably not surprise me. I know I’ve blown through money when I was younger, and I bet you we all do it. I’ve had some great experiences with Uber, even at my new location, so I have nothing bad to say. A couple of times were interesting, but I was never stranded, thats paratransit for you.

The goal of this post is not to cover paratransit, but to cover the portion of the book I’ve read to date. These chapters are short, but delve out the information you need to know. I still feel the book is a must read for everyone. Have you gotten your copy?

Some articles this brings me back to include but not limited to:

Podcast 288 talks about Equifax one year later, in articles i’ve read and a whole lot more about the cybersecurity incident.

This also brings me back to the article I posted recently: Cybersecurity: 99% of email attacks rely on victims clicking links where one of the hacks was the cause of phishing or social engineering. This I feel is only going to get worse, and I don’t know what the solution is besides training. NCSAM: Is training to stay safe not sinking in? that is the big question here. I feel we all can use training. Every single one of us. It has to start somewhere.

Comments (0)

Technology podcast 325: Door dash, Commentary, NCSAM, Scotts New Book, and A Braille Transcription update

Welcome to the technology blog and podcast.

  • Doordash is the latest major breach, lots of coverage on it. It happened between the release of 324 and now. Is this the beginning of the end? Here is the blog post on it.
  • There is some commentary left by Joseph. We’d love to hear more on what you have to say, so please leave thoughts on segments.
  • Password managers and phone calls is the third segment as we start NCSAM. Here is the blog post on phone numbers which should be really discussed. JHere is the blog post on password managers as well.
  • Scott Schober wrote a new book. Here is the blog post on this book. I talk about chapter 3 specifically, and my thoughts on it, as it did hit home for me.
  • Finally, I’ve got a braille transcription update as I continue to struggle with assignment 15. I think I’m almost there! Thoughts?

My contact information is available at the end of the program, and thanks for listening.

Comments (0)

The court allowed the FCC to kill net neutrality because washing machines can’t make phone calls

I read a good portion of this, and I know the person who wrote this, I believe he was on This Week in Law on Twit. That podcast I quit listening to for some reason, I really should pck that podcast up. Check this article out, its lengthy, but yet goes in to the Net Neutrality debate, again. Oh Boy.

There is also a quote from Macbeth? Let’s experience this together.

Source: The court allowed the FCC to kill net neutrality because washing machines can’t make phone calls

Comments (0)

NCSAM: Get Serious with owning your data

A very well written article Get Serious About Cybersecurity: Take Ownership of Your Personal Data is being spotted through my twitter. The author of the article did a great job in talking about what we, as citizens, can do to help minimize the risk. Nothing is fullproof, but it must start somewhere.

Headings within this article include:

  • Too Much Information
  • Protecting Data
  • Check Privacy Settings
  • Own IT on Social Media

This can be broken down to a few points:

  • Don’t share what you wouldn’t share publically
  • Don’t make your profile public unlessyou have a good reason
  • Don’t post pictures of your vacation until you get back
  • and

  • always use caution when using a new app whether PC or mobile

I know about the oversharing way too much. There are people I have followed who tell us what they have had for breakfast, lunch, dinner and or snack. While I did check out the sharing of my whereabouts, I’ve since stopped that habit. I’ve never checked in at my own home, but I have checked in to a business to see what the game was, and I ended up being duke. After I saw that, I quit. I see someone travel across the country and they check in everywhere they can. Why? I have no idea.

We should know how our data is used. While we all hate reading privacy policies, mainly because they’re written in legal language and hundreds of pages, I’m proud to say that The Jared Rimer Network and MENVI, Bridging the Gap Between the Blind and Music do not write our policies in legaleese. I’ve made sure to mention what we collect, why, and what we’ll do if we can’t contact you for any reason.

Thats really all a privacy policy should have, unless the business collects payment info. If so, state this, what type of info you collect, how customers can update it if something changes, and what the policy is when the customer chooses to leave.

We’ve talked about one company quite a lot in their blunders. Without mentioning names, this company holds on to every piece of data on you, and can and has acertained other info without the customer’s concent. The company has called people based on caller ID data they have. Would nost companies do this?

There are other links to other aspects of this story, so I’ll stop here. What tips would you add to the conversation that I have not covered here?

Find me on social media through my web site hit me up by Email, or other methods should you have them.

Comments (0)

NCSAM Passwords and innocent conversation

I’ve been thinking about something that resonates with me in the latest book by Scott Schober Cybersecurity Is Everybody’s Business and I thought I’d put this up for discussion on the blog.

Innocent conversation, asking about your family, or pets may seem to be regular day to day OK. In this book, Scott talks about a skit that was later played on TV.

Someone asked someone else about their password. They mentioned that it was the dog’s name, and the year they graduated high school. While these types of passwords are not recommended, I’m not about to tell people how to use their passwords at all.

The person then asked two innocent questions and they were answered. Boomb! There is the password.

Would I use this password today? Probably not. I’m surely thinking that they felt comfortable and they had no idea they were about to reveal their password. Today, I still use a combination of a couple of passwords on a few sites, mainly because I never changed them, and on one, I’ve got two factor. On one email account, I have a very strong password, even though its for list communications only.

One account, I really need to change that password, but I don’t feel its necessary. The point is here that we should observe what we should do or not do. There are always things we should do, but it is our choice.

What do you think of innocent conversation that could reveal ones passwords or password habits without even asking for it?

Comments (0)

15 minutes of farting … dealing with bullying?

In this very interesting video, Steve Dotto talks about bullying in his youtube videos where he talks about tech stuff in short videos. Some of the videos I’ve caught. While this video is dated, I saw it in my twitter feed on the 4th of October. Here is the page on his web site which has a video player to play the video. I found it interesting, please feel free to comment.

Comments (0)

How Uzbekistan’s security service (allegedly) began developing its own malware

I am going to use the same article as found on Cyberscoop as this article title was interesting enough and the article is quite facinating.

I’ve never heard of this place, where the hell is it?

Wherever this place is, they develop malware. which means that it can’t be good. You are telling me that this is supposed to be a company in this country or territory and it doesn’t do security? It does malware and ships it out?

There are a lot of links within this article, but I just found the whole thing interesting and thought I’d share it. You can comment on this one at any time.

Comments (0)

We’ve got another breach, this time a tech support platform?

Hello everyone,

I’ve been pondering how to write this article for a few days. This article I’m talking about was posted to Cyberscoop on the 2nd of October. This article talks about a platform that has been used by many different companies. Zendesk announces data breach impacting years-old accounts is the name of the article and its unfortunate too. Mistakes happen, but making sure your software like this one should be updated whenever a patch is out. Have you seen this, and what have you thought about it?

Comments (0)

NCSAM: your own phone number calling

I want to put my own NCSAM post up, and maybe others have seen this. Since last Friday, I’ve seen my own telephone number call me. Yesterday, I decided to answer it, just to see what it was about.

“Hello, this is Anna from Microsoft,” it said. “We’ve been trying to reach you. Your IP will be shut down due to violations,” it continues and it says that I should press 1 to speak to a representitive.

I’m saying it, because it was a TTS engine, not a real girl. I knew this. I also knew that Microsoft, along with most major businesses, don’t call you for things of this nature. If they were going to shut off your IP, I’m sure an investigation would be involved, and maybe an investigator at your place of residents or business. They wouldn’t actually shut off your IP, they’d actually discontinue your internet service, or even seize your computer.

To clarify, Microsoft can’t shut down your IP or your Internet service, that would be with the provider you’re with such as AT&T, Comcast, Verizon, or any others across the country I’ve not mentioned. Microsoft, as most know, is a company developing software. They’ve help investigate suspicious activity, but they themselves can’t shut you down. I’m sure you can find on your own, articles where Microsoft may have had a hand in investigations where their networks were used, or other things of that nature.

Other things to read:

The first call, came in Friday afternoon as I was going from the underground portion of the train station to the street to catch a bus to continue my journey home. The second call came in some time later. I believe I’ve had a couple of others before yesterday, all displaying my own cellular telephone number.

I figured since no voice mail was left, then I wasn’t dealing with it. When you call your own cell number, you’re actually connected to the voice mail platform to check voice mail.

I’m confident it was one of these things to try and get personal information out of me, but I wasn’t biting. Now that I heard what it had to say, I’m hoping I don’t see that again.

  • Phishing and social engeneering happen through voice and text.
  • Text even SMS can contain links to places that may be questionable.
  • Telephone calls may say they’re from a prominent company, and tell you a story about something like the above, and get you to connect with someone.

I’ve never seen this, and I thought, why not write my own NCSAM post? The phone is just as valuable now as the Internet, as the phone also connects to the Internet, whether its yours or the network of your provider that you pay for your phone.

Your thoughts are welcome. Let me know what you think.

Comments (0)

Fileless malware, is this the wave of the future?

There is an old/new game in town. According to this article New Fileless Botnet Novter Distributed by KovCoreG Malvertising Campaign which I read today, this is making me a little bit concerned. I just wonder what type of thing this would do to our computers? Some of us who read or write on this blog use assistive technology, and from this article, it doesn’t drop anything, but yet it can do havoc.

This brings me back to the question of programs like Microsoft Security Essentials. MSE, or windows defender can’t protect us from this type of threat. Programs like Trend Micro can, because it looks for suspicious behavior. I’m wondering how Windows Defender or MSE for those on older operating systems can protect us from this?

This botnet was dismantled in 2018 according to the article, but yet its back more pervasive than ever. I’m curious on how we can protect ourselves, because fileless stuff would probably not get caught by these products which are it for us with access technologies.

Headings in this article include:

  • KovCoreG’s attack chain
  • Analysis of the Novter malware
  • Analysis of Novter’s module “Nodster”
  • Correlating Nodster’s traffic
  • and

  • Defending against Novter

Under Defending against Novter it says:

Advertisements are an innocuous online staple, but KovCoreG’s campaign demonstrates how they can be intrusive, not to mention how Novter can expose the
user’s system to other and actual threats. Given how KovCoreG engages in click fraud, it can significantly affect businesses. A single
mobile ad fraud incident in 2018, for instance, cost Google and its partners around
US$10 million in losses.

Novter also exemplifies fraudsters’ maturing techniques with its use of fileless infection methods and obfuscating its C&C connections and fraud-related
traffic. Users, for their part, should adopt best practices, especially against socially engineered threats like

There are lots of terms and links within this entire article to different things, but this honestly concerns me. I’m beyond words on how we as disabled people can protect ourselves from this if the program, which is accessible, can’t probably do the job?

This leads me back to my article Antivirus and the disabled computer user from blog The Technology blog and podcast (June 4, 2017) because in it, I’m wondering what people are using and accessible that could now protect us from this type of thing.

This article I base this post on, talks about watering hole web sites. I’m not even sure what these things are or if I’ve ever encountered it.

Has anyone encountered this, and if so, what did you do?

Comments (2)

NCSAM: Is training to stay safe not sinking in?

The second post I found of interest deals with Phishing and the training behind it. In the question that Phishlabs posts for their first post in their series Training Not Sinking In? Try a Programmatic Approach Phishlabs dives in to several different topics they’ll be covering during the week. Headings in this blog post include:

  • Choosing a Training Program
  • Designing a Captivating Awareness Campaign
  • Implementing a Reward & Remediation Strategy

Each section is quite ointeresting in this endeavor to train each and every one of us on how to stay safe as well as getting training that would benefit everyone in a company setting.

One tip is to take it slow, and not give a bunch of stuff in one setting.

Choosing the best training program isn’t enough, though. It’s critical that you understand how the organizational climate impacts training success. In
a later blog post, we’ll discuss this in detail.

I think this is very important. You may have older people involved in your company, and they may not understand this. I think that shorter lessons will be the key.

Just like my struggles in my braille course, training to spot problems before they are a problem for your small business, yourself as an individual, or even if you work for another business of any size, you need to understand what you’re looking for. In the braille course, its understanding the certain parts, and trying to put it all together. My mistake in this was to put it together based on my understanding of the thing, they wanted the typeforms. The same type of thing is crucial on protecting your business and even your personal finances. You don’t want to figure out how to pay bitcoin to someone just because you clicked on a link that said you did something, or you’re accused of something and it locks up your files.

There are different types of phishing, and I’m really not familiar with the different kinds too well. But this is why we’re learning together, and I’m happy to share what I can understand and of course what I think we should do.

Under the heading of designing a campaign: some of the bulleted points include:

• Choose a cohesive brand
• Include a mix of mediums
• Start marketing your program early

There are two things. First, I am not a marketer. Second, I don’t really have mediums, except for the blog (text) and audio (the podcast) which are both good. But I’d like to develop something and either sell it or offer it for free, but I just don’t know how.

Phishlabs has been doing this a long time, and I give them props. They’ve called me to let me know of issues, and I reached out to them for something. I love the work they do, so I want to pass their knowledge of this to my readers.

Under the rewards program, they write:

What drives your workforce to participate in security training or to practice good security hygiene? What keeps them accountable if they slip up? An effective
reward and remediation strategy that fits within your organizational culture is critical to achieving your learning objectives. As every organization is
different, there is no one-size-fits-all approach. Later this month, we’ll cover this topic in detail.

I’m definitely looking forward to see what they have to say on this. There is no one size fits all approach to teaching, so lets go!

Your thoughts are welcome, and I will await comments and suggestions. Thanks for reading!

Comments (2)

« Newer PostsOlder Posts »

go to sections menu

navigation menu

go to sections menu