go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: October 2020

Go to Homepage [0], contents or to navigation menu



The Security box, podcast 15: Its time to check your privacy at the door

Today’s episode of the security box which should be on the rss feed covers all types of privacy. Armando is on, we have two people named Michael, and its well worth the conversation. The program lasts 4 hours.


Welcome to the Security box, podcast 15. It was mainly an open forum of privacy talk today.

  • Armando, a broadcaster here on the mix, was on talking about his experience with Covid and other privacy concerns he had in regards to that. We also got in to a twitter discussion with names we’ve seen. No mention of exact names are mentioned here but we do talk about this. The Melting Pot, October 9, 2020 and Armando’s Testimony can be listened to. These files will eventually expire, so get them while you can. Within the Internet Radio program, go in 86 minutes to hear the discussion.
  • In hour 2, I start and it continues in to hours 3-4 where we talk about privacy, the Internet, finding information, and other aspects of the discussion as Michael in Tennessee and Indiana both join me for hours 3-4 as part of this discussion.

This week’s show lasts about 4 hours, and I hope you enjoy!


If you want a downloadable copy of the program, download the 216.93mb file right here.

Thanks so much for listening to the program, and feel free to contribute! Again, the program is almost 4 hours in length.

Comments (0)

well its out

Hi all.
The latest windows 10 20h2 is out.
Some of you may get an enablement package but some like me may go and download and install via upgrade assistant or media tool you will certainly want to update your recovery media which which is what I did yesterday.
Biggest thing to notice is that control panel system is gone.
To invoke system, type control sysdm.cpl into the run box and it will run fine.
Everything goes to settings but we all know that there are a lot of settings still in control panel that have always worked for us users.
There are articles about lists of control panel commands.
Most of these have existed since xp days and earlier so most of these will work for us.
Sadly there were a few regressions for those that use media tool or update assistant.
The biggest seems to be the disabling of system restore.
I also managed to get explorer to crash once while processing things.
As usual you will need to reinstall your virtual midi controlers, adjust your recording devices,etc else they just won’t work.
This includes installing screen reader components so they actually run.
Remember to deauth and reauth itunes before you update and deactivate and reactivate your synths as well.
If you have shell things like ribbon disabler you need to reenable that to.

Here are the updated programs to be informed about.
For those on amd, amd drivers 20.10.1 is out.
In this update they actually do a good job on fixing the most critical issues in the current driver packages and while there are issues they are not critical.
Java 8.7.1 is out.
Be aware that java 8.6.1 will not be uninstalled after this and needs to be done manually.
Node js 15.0 is out and also we switch choco to using visual studio build tools 2019.
Remember to remove 2017 after update and be patient, I wasn’t and spent time yesterday finding how to reinstall the tools.
Thunderbird 78.4 is out.
Waterfox 2020.10 is out but if you use nvda please don’t bother with it, 08 works and doesn’t crash on a few sites.
Really which waterfox.net would actually fix their brouser instead of just securing it.
Some store stuff got updates to.
Due to be away for 3 days next week.
On a personal level I have applied for several jobs and while a couple have fallen through the rest look good.
Hopefully this year ends on a high with some more contracts.
For now thats me for a little.
On the subject of the suplamental cast, I have not forgotten you.
Its just because of some medical issues and the fact covid and various things have simply put my head in a different zone.
One of my major issues of late is the fact I go through several phases of sleep.
During winter I sleep and sleep deeply.
The rest of the time I may sleep but not all night, or at least 5 am in the morning.
At times I will sleep to 2 and thats way to early to get up.
At times I will sleep to 4 then get up.
Today is one of these times, I am up at 4.30 because I have things to listen to thank god and feel full of power.
If I sleep I will be sleeping till mid day.
This may actually happen.
Tomorrow I have an appointment to get my issues resolved.
I need to sleep till a good hour.
Training will not happen tomorrow because lets face it, I need to be at this thing at 9am.
Don’t know how long its going to take, so training is knocked out.
Depending on things I may also knock off training for the rest of the week, I have a full saturday session, and sessions on monday and friday.
And saturday.
Not sure what else I will do.
Laters just now I’m done.

Comments (0)

My Telespace update, its down and down for a good reason

Yesterday, I reported the news that MyTelespace was down. I also mentioned that I’d reach out to see what the deal was. This morning I got a response from John Hass, an employee at Sipmeeting, the company that maintains MyTelespace.

John indicates that they think the Raid controler is failing or they are having hard drive issues.

Like any company, this is going to happen. It seemed like it was technical, knowing their history of notifying people of planned things, and I’m sure it wasn’t planned this way.

They are taking an image while they can as they’re going to need to get new equipment. A system like this runs on a rade system which contains multiple hard drives. Chances are, if one drive fails, they can move the system to another one of its drives and things can work. But if the controler fails, it can’t copy things, and then if something else happens, it can eventually colapse.

This is all I have for now, and I’ll be catching everyone later on.

Comments (0)

My Telespace is currently down and there is nothing concrete at this time

Hi Folks,

I was called this afternoon in regards to MyTelespace, a telephone line ran through several numbers around the country. While MyTelespace has declined throughout the last couple of years, and while I’ve not been on for over a year, (blog post) all I can confirm is that the web site is not responding and at least one number I know I am able to access successfully can’t be reached when dialed.

I’ve reached out to the company that I knew ran the system, to find out what is happening. While I’m not obligated to know because I’m no longer there, I thought I’d enquire.

As of this moment, I know that the domain seems solid with registration and it is pointing somewhere where hosting may occur.

The company behind MyTelespace has always been up front if there was something happening whether it be maintenance, a temporary takedown like what happened several years ago, (blog post) or whether something else happened.

The second blog post I found out lead to some clean up and other administrative decisions needing to be delbt with, so it wasn’t down for long. I had a detailed chat with someone who explained what was going on and it made sense.

I’m not going to start rumors on what might be going on, but something did definitely happen that I can confirm to be the case.

If I hear something that I can share, I’ll be back with another blog post updating you what I’ve found out.

Here is another blog post which covers some MyTelespace stuff This should have probably been blog post 2, but there were instances where MyTelespace was closed for administrative functions, and I am highlighting them here in this post.

Again, I’ll stress the confirmation as I see it, but beyond that, I have nothing more. More if we have it.

Comments (0)

Legal Scraping, what is it?

I found this post on Internet cases interesting and had been holding on to it as I wanted to talk about it. Problem is, I don’t know exactly how to cover this. After much thought, I think the experteese of Evan Brown should come at play as I’m going to post the article What are the legal issues around web scraping? and let you all read it.

We know that bots look at web sites to gather data for search engines and that is done automatically through those search engine bots. I’ve thought on how to present this, and I’m at a loss on how to do this but it is definitely worth the read.

Comments (0)

IOS 14.1 is now available bringing fixes and potential new bugs

I’ve just been notified that IOS 14.1 is now out and it fixes some things that were mentioned in 14’s release. However, this release also may bring new bugs. I’ll be lookking to upgrade when it is convenient for me, but i want to get the word out that this is now available.

To learn more, please check the apple vis blog: Apple Releases iOS 14.1 and iPadOS 14.1 with VoiceOver Fixes and Support for New iPhone Models and thanks for reading!

Comments (0)

What has been read, blogged, and talked about: News ending October 17, 2020

Welcome to what I’ve read and things of interest in the security Landscape through October 17th, 2020. I’ve started feeling better, and so I think its time to try and catch this thing up and try to get back to some form of blogging. I’ve been fighting something, and you’ll recognize that through last week’s security box. Let’s get started!


Seems as though Researchers who are usually pretty good at reporting bugs for the common good are confused about Apple and their payouts through their bug bounty program. In an article by Cyberscoop, 5 researchers came forward and they eventually got their payout. Researchers’ experience with Apple offers peek at ‘confusing’ vulnerability award process is the article.


Our regular companies whether tech companies or other industries are not the only ones that outsource their work. According to a Krebs on Security piece, Ransomware gangs are just as successful at this just like everyone else.

This article talks about how the ransomware works, who may be responsible depending on what the intention is, and the full infection process. We know nobody by name, but the process of who could be doing what. Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work


Lots of things in this last week in Security News from Trend Micro. Cybercriminals use prizes like stolen data in poker games, Virus Total and Trend Micro’s elf project team up, Emotet uses fake windows update lures, a breach at Barnes and Nobel, and Carnival Corporation and ransomware mix it up.

Of course, some of these I’ve not read and some I’ve skipped, and there may be more I didn’t highlight which you can click through and see if you find them interesting. This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash


Speaking of Breaches, Krebs on Security has a breach notification that might be of interest. I know who this place is, and it is another food joint. Breach at Dickey’s BBQ Smokes 3M Cards


While this week in Security covers the windows update My Blog post links to two blogs that you can get info in regards to the updates. I’ve since rebooted since that article posting.



Found something you want covered I missed? Please write and send it over. See you all later!

Comments (0)

Tech podcast 354 for October 19, 2020

Its been awhile since the blog has been touched, and it is time for a podcast for the main tech podcast. As with the Security Box, we’re also going to supply sendspace links for easy downloads. The RSS feed has the program as usual but due to the way browsers made RSS work now, its beyond impossible to get it.

For a change, this particular podcast does not cover the Security Landscape at all. While I’ve been recovering fighting something, I still have news notes and more for last week to post as well. Its going to work out though.

Here are the show notes for podcast 354 for everyone to munch on.


Welcome to podcast 354 of the technology podcast series. The segments on this podcast are mid-length, but quite interesting I think for a change in pace for this particular podcast. Let’s tell you what we’re going to cover.

  • Time to get your M-braille On is the blog post for written communication, but why gripe when this happens to many pieces of software besides M-Braille? It got fixed, and it now works again. All operating systems has its fallbacks when upgrading, and I talk about this.
  • Shaun Everiss and I talk about Yahoo. Shaun sent me an email which prompted me to create this blog post and segment 2 is all his. Segment 4 is mine.
  • Its always nice to have a discount, but why do we, the disabled, need a discount? Yes I get it, our software is quite expensive, especially if you use Jaws or the discontinued Window-Eyes. Other pieces of software which include Duxbury and even Braille2000 are expensive. There are discounts for specific cases, but why phones? This blog post: A petition on lowering the cost of an iphone for the disabled? Let’s discuss talks about This Apple Vis forum post: A petition asking Apple to consider discounts for people with disabilities. which has quite a number of negitive comments. I see what was tried with this post, but there are already discounts for phones through the carriers and even through Apple itself through care. I’m linking to my blog post and Applevis in this show notes so you can choose which one you want to read.

I hope you enjoy the program as much as I have putting it together, and I’ll see you all on another edition of the program next time.


Want to download the 71.28mb file which lasts 77 minutes in length? Here’s the 77mb file for you and remember to get in contact with us! We’ll be waiting for you.

Comments (0)

The Security box, podcast 14: an update on an interesting story, passwords, and an interesting security topic on privacy and disclosing things

Disclosure of personal information can take many forms. In the undocumented segment of the podcast as I decided not to really write too much, we talk about something that really should make you think. I did put it in the show notes in a different way under topics. Besides that, we’ve got an update on an ongoing saga, passwords or passwordless? Plus you tell me what you have read in the landscape you’d like discussed.


Show notes


The Security Box, podcast 14 must continue with the ongoing saga of John Bernard. We’ve got an article on that. What do you guys think of a passwordless future? Lastpass talks about it. News, notes, comments, and more.

Topics:

  • What do you think of John Bernard? Apparently, the suspect that has been identified as this person walked away with 30 million dollars, and it doesn’t stop there. The end of the article claims from one company that they hope that he comes through with his promise. Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M is the article. Could this be the end?
  • Passwords have long been one of the leading drivers of security risks and employee frustrations for businesses, which has only increased since organizations
    transitioned to working remote. Passwordless authentication, on the other hand, securely connects employees to their work without the need to type a password
    through technologies such as biometric authentication, single sign-on and federated identity. Is passwordless authentication the solution to the password
    problem? 

    This is only the first paragraph of this facinating article on a passwordless future which will get interesting. The article LastPass Research Finds 92% of Businesses Believe Passwordless Authentication Is in Their Organization’s Future is going to be discussed.

  • What is up with privacy? Conversations that could go awry because of an innocent conversation. Listen to the segment and form your own opinion.

News Notes:

I’ve done some reading but what about you? Submit things either by voice or text and lets discuss it.

Other things:

Twit had an event held on October 8, 2020. Here is a sendspace link to that download which I’ll have expire in 8 weeks from today. This is the property of twit, I’m supplying it as a courtesy to you. Visit the twit network to learn more about them.


Want to download the file and not want to mess with the RSS feed? Yes, its getting harder to open RSS feeds in the browser now, and sadly that’s too bad. Starting with this blog post, we’re going to supply a link you can use to download the program. Download the 138.51mb file and I hope you enjoy the 2 and a half hour program! Thanks so much for listening and participating in this program.

Comments (0)

Time to get your windows update on: October 2020 edtion

Well, for the first time in several months, at least six, we have less than 100 patches effecting Windows. I know of at least one person who was receiving updates and needed a reboot.

This patch set fixes some TCPIP and RDP bugs. The TCPIP bugs are internet based packets called TCPIP. The other, RDP, is remote desktop protocol.

Please feel free to check out the articles out and apply what you need or what is given to you. Stay safe!

Comments (0)

A petition on lowering the cost of an iphone for the disabled? Let’s discuss

Hello folks,

I was perusing the applevis web site and while I saw this post some days ago, I never really read it. The post I’m going to link to is a petition asking Apple to lower the price of their devices for people with disabilities.

While the Iphone S.E. 2020 is roughly $400 compared to other models of phones, some of the commenters did talk about buying the phone through a monthly plan.

My family invested in two new phones this year just before Covid-19 hit. Do you know what we did? We put the cost of the phones on the current bill, and the bill is getting paid.

There should be no reason why we as a disabled community should ask for the lowering of the price of the phone, especially when we can already use several methods such as the apple care program or the carrier plan to pay for the use of the device.

I do understand the one commenter who talked about developing countries who struggle with basic necessities. While the point is spot on, and even Blind Access Journal’s Darrell Shandrow even said no to this. He has been promoting petitions that would be fair for accessibility change, and without even reading the petion on the initial post to be linked, this just tells me that the person posting just wants another handout.

The problem with the blind community as a whole is that people want free handouts. If I can’t afford it, I just can’t have it!

I once never went to Fresh Books, and said “I can’t afford it, but I want you to give me free service because I’m blind, and oh BTW, your service isn’t accessible.” No! I didn’t do this. I took the chalenge to see if I could do it, then got a Freshbooks person on the phone to discuss how we can make their product better.

Because of my willingness to report these issues, and a company who now ports at least 5 million and counting customers, this company showed me that they want this to work for everyone and I know that blind people are working with Freshbooks on a daily basis.

This petition sickens me and I don’t have to read it to know that it smells bad. No, I’m not calling it a scam. I don’t want to go that far. I do understand that people can’t afford a product or service you want, but you can’t expect companies to bend backwards for you because you’re disabled.

The only reason why we have NLS Bard is because the government is providing it as a service to us. All we have to do is show proof of reading disability through a doctor or other health professional who is qualified. That is all. That’s why I’m a Learning Ally member, because my family paid the money and I have a life time membership there.

I’m sure that I’ll once again pay for Freshbooks, even though I had paid them before. I’ll need to do that as the free service has come to an end.

If you want to read the apple vis forum topic about this petition, you may. Here is the forum topic: A petition asking Apple to consider discounts for people with disabilities. for you to check out. Feel free to register and comment on this. Registration is free, and if you can’t do it, contact one of the admins and we’ll be happy to give you a hand. Thanks so much for reading.

Comments (0)

The Security box is now on sendspace

For those who did not have a chance to listen to any of the Security box shows, here are sendspace links to the first 13 episodes.

Starting with Episode 14, after the notations, we will have a link to download directly. Thanks so much for checking out the program, and I hope that this is of value!

For this list, the podcast number and the file size is all that’s given. Again, podcast 14 will include its show notes, and a single line for downloading the file. I hope that this is a valuable edition, and we’ll do the same for the technology podcast starting with podcast 354 which we are starting to put together. Thanks so much for reading, participating, and having a voice in how the podcasts are done.

Comments (0)

Time to get your M-braille On

After some time away, M-braille is back and working for those of us who like it. I like it because i can hear what I’ve typed. While I’ve used braille screen input, my hands prefer the ease of m-braille and what it has to offer.

I know a lot of people were wondering what was going on, and nobody knew until now. I saw the update to m-braille yesterday in my update list. I’m now using the iphone 11, and it works great on it with the new update and IOS 14.0.1.

I thought i’d take this opportunity of letting people know that it seems to be working now, so go get it and enjoy!

Comments (0)

Yahoo! Groups to close on December 15, 2020

I can’t believe this news, although some of us have used this and Topica for years. Topica closed their free service with no email to us free users, and now they brand themselves as one of the paid options for mail delivery.

Now, I can dispose of my email lists page, as those lsists I was trying to promote for subscribers to join.

Yahoo! has this post on their help pages and I as well as Shaun will be talking about our experiences with these services on a future edition of the technology podcast.

We’re sad that these services have gone, but the sad fact is, that companys need to make money. Providing a free service is nice, but between the abuse through the years, and the decline as the announcement I read had said, it may not be that effective anymore. Topica didn’t let us list owners know, and they monitored that list.

Now, to go to work on that page, i suppose.

Have you used the service? Want to send me a file with your experiences between either service? You can use dropbox, google drive, sendspace, your own web server, or even my sendspace dropbox and I’ll have it played. You can go in to as much or little detail as you wish.

If you put contact info, make sure its something you want to be given out, and if you want to be identified, put in a name you want to be used if you use a name other than your own. You don’t have to even put any contact info or name if you don’t want, the choice is yours.

The page has a question and answer format which pops out and is accessible.

Thanks for reading, and make it a great day.

Comments (0)

Windows Update is now a problem

In this blog post from early September I talk about Windows Defender being able to download files through a specific command. A little over a month later, Shaun Everiss sends me Windows Update can be used in a bad way to execute malicious programs which later links to a Bleeping Computer article. Now what?

Comments (0)

the best antivirus of 2020

Hi.

This appeared from the local news paper.

https://www.stuff.co.nz/technology/300127221/the-best-antivirus-software-of-2020

The main catigries were security, false positives and performance.

Lacking is accessability and in particular the targeting intentionally
or unintentionally of blindness related products.

Of interesting note are the spots at the top.

1.  norton.

The price tag is quite good.

I have not used it for ages but when I did, norton had a stranglehold
around performance and users.

Certainly had a lot of issues with norton anything.

2.  caspersky.

The only comment is that politics and security shouldn’t mix.

If they do then everything we own including our clothes are a threat
because they are made in china.

3.  on the 3rd spot was mcaffee.

Have we forgotton?

Its been only a year or 2 since the last major stuff up from mcafee
where it killed systems, there are major definition screwups, and yet we
still use it.

F secure and avira were in the 4th and 5th spots and had no comment.

Interestingly, avast, and avg were not even mentioned though some still do.

I do wander if the installing on everything plus the microsoft blocking
avast on some systems as addware itself has discouraged it from being on
this list.

Sadly there were a few things not added to the article.

1.  easy to control and exclude stuff you don’t want.

I have a patchwork of excludes, from data drives to entire directories
of blindness and other software.

If the viruschecker says I have a virus, then I am more likely to
exclude it than actually get rid of it especially if its something I use
myself.

The only good thing out of this is that if your a smart user that
follows all the instructions and does not click links microsoft windows
defender is a good choice.

Sadly it is the only accessible non performance draining thing the blind
can use.

It also allows us to clear out of all the issues with excludes though
its false positive scan especially among accessibility software is
really high.

Sadly an added definition needs to be added to the usual definition of
antimalware and security tools and also to malware, viruses and ransomware.

1.  what is a virus.

A virus is a piece of software that is not generally liked by any big
software company even if its usefull.

What is malware.

<Malware is anything not liked by software companies unless you sue or
something.

What is ransomware.

Ransomware is something software companies do to others to get them to
buy their stuff else they will trash the systems which they may do anyway.

Malware can also be a right.

Accessibility is malware, a screenreader is malware, games for the blind
are malware, certain files for windows can also be malware.

How to solve this.

1.  exclude everything you use and leave just the os folders alone.

Antivirus is not your friend.

Looking at mozilla and their language on accessability was the reason I
pushed out of using firefox.

They toned it down a little, but suggesting that accessibility vectors
could be used as malware is not the issue.

Saying that turning off accessability support will protect people means
that people will get the wrong idea that accessability equals compromise.

If this is the issue its mozilla's implimentation surely.

The latest quantom firefox doesn't use standard accessability controls
and just what mozilla uses.

Now some of this may be fine, but to be honest abandoning old, stable
tech because it may be a problem to include new, so called secure and
issue ridden tech that has accessability issues is going to become a
real big issue soon enough.

The only solution for those that need it is to use older, less secure
software, or modified software, or hacked software.

Have we not tried everything or is the industry not willing to learn.

If they are not, then maybe I should use accessible software and pay the
hackers for my data and not have the issues with the good guys.

Judging from support I have got from various support agencies over the
last little bit they either are really good or they aren't.

If they arn't they can turn a broken system with a broken and possibly
buggy bit of software into a completely broken system fixed only with a
complete reformat.

Maybe I can just pay a hacker to secure my system.

Maybe its time to focus on companies that previde for the users because
they are users to and not for a cash gain.

I feel that in our race to beat the bad guys we have become our worst enemy.

Comments (0)

What has been read, blogged, and talked about the last week, news ending October 9, 2020

Quite a bit has been blogged about and even read this week, so let’s get started.


Let’s get started with the News Notes for the week provided by Trend Micro.

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This
week, learn about how cybercriminals secure their assets and survive in the business in a new Trend Micro report. Also, read about a how cybercriminals
are tapping into Amazon’s Prime Day with phishing and malicious websites that are fraudulently using the Amazon brand.

Some of these items I may not have read as of press time, but they may interest you. I think the biggest thing if you read nothing else, is dealing with French companies being attacked by the infamous BEC or Business Email Compromise attack. Are you surprised that Prime Day on Amazon had more Phishing and fraud attacks?

For the full blog post,This Week in Security News: A Look Inside the Bulletproof Hosting Business and Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks


I’ve been pondering this since I read this on the 5th, and I mize well post about it even though it is near the end of the month. We’ve talked on the technology blog and podcast about this Trick Bot, and boy does it have new tricks and it has had new tricks for quite awhile. In this blog post from Krebs on Security, we learn that it had at least at that time, the luxury of being hobbled.

At the time of the article’s writing, Krebs on Security wrote:

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two
million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware
within compromised organizations.

I wonder how successful this has been? I wonder if we are getting closer to finding out who is responsible for this bot and can bring them to justice? Attacks Aimed at Disrupting the Trickbot Botnet is the article.


Back near the end of September, and on the first podcast of October, I mentioned briefly a new multi-staged attack going on. While it is almost a month since I’ve read this, I know that this really should be braught out.

Royal Ripper’s attack begins with a lure that impersonates either a government agency, telecommunications company, or online payments service via text.
In the example below, the initial SMS lure poses as a tax return notice from HM Revenue and Customs.

There are images with this one, and as with all Phishlabs stuff, they really do a great job. https://info.phishlabs.com/blog/royal-ripper-multi-stage-phishing-attack-adapts-to-victim-input is the article and one I’d recommend you look at.


In a recent post, I blogged about an article where video game hackers were taken down. Its about time we get some good news for a change, and I know we can use it after the long year of nothing but bad news. Video Game Havkers getting picked up is the article although it should say hackers. Its all good.


NCSAM is not even close to being done. I penned an article talking about passwords recently. It also linked to an article from Lastpass where passwordless authentication is talked about. Its hard to implement, but the majority would love to see this come in to practice. Let’s talk a little bit about passwords is the blog post where I talk about passwords, the linked article and my thoughts.


In the ongoing Saga of John Bernard, I pen a blog post asking if he’s done for now. In the next installment, we learn what he’s really like, although a company hopes he’ll come through on his promise even if his web site is closed. Is John Bernard done for? I hope this is the end links to the next article in this series. You be the judge!


There are two articles from the beginning of October that I don’t know were mentioned in news notes, and they’re worth it. Phishing won’t stop, just because of the election talks about the election and mentions an article that talks about phishing in this landscape. This is definitely of interest because voting must be done by mail this year. The second is the title piece What’s going on with the Phishing Landscape? Plenty, and it isn’t looking good where we talk about the Phishlabs article from APWG where they are a member. I highly recomend this article, it could be my best work yet in this space for this blog.



Is there anything else that you have found that I may have missed? Get it over to me by email/imessage/text/whatsapp. All info is available through listening to the podcast or looking about the blog pages for it. Thanks so much for reading, and make it a great day!

Comments (0)

This had to be the best, fascinating talk ever!

Today was the ATTACK AND DEFENSE: EXPERTS TO DEBATE CYBERSECURITY THREATS ON PODCAST and it was quite interesting. Both sides really had things well covered. There were two sides, a red team and a blue team, similar to a boxing match. The discussion talked about what the attackers would do, and how the defenders would protect their network if possible against the attack. The Twit Events page will have a copy of the podcast when it is complete. The program lasted an hour, and I’m opening the comment boards to see if you listened and what you thought. We’re listening.

Comments (0)

Let’s talk a little bit about passwords

For the last few years, I’ve been hearing about the potential of going passwordless. This would mean that people would have to authenticate through another method such as an app, biometrics, or something else that they may have.

In the upcoming podcast for the Security Box, I think it is appropriate to talk about the Lastpass article LastPass Research Finds 92% of Businesses Believe Passwordless Authentication Is in Their Organization’s Future as it is this year’s article dealing with this topic.

In the show notes for the upcoming podcast, I quoted the following paragraph.

Passwords have long been one of the leading drivers of security risks and employee frustrations for businesses, which has only increased since organizations
transitioned to working remote. Passwordless authentication, on the other hand, securely connects employees to their work without the need to type a password
through technologies such as biometric authentication, single sign-on and federated identity. Is passwordless authentication the solution to the password
problem? 

This is a definite beginning to a definite promising article.

Last year, 4 hours a week were spent on passwords, this year, 5 hours, a 25 percent increase according to the article. 85 percent of organizations surveyed say that they need to find a solution to reduce the number of passwords they have.

Here at the Jared Rimer Network, my administration set includes passwords for specific email lists ran by the Mailman software. It also has a control panel log in, and a way to create other accounts and access to the ones I have without those passwords.

Passwordless authentication enables employees to login to devices and applications without the need to type in a password, and can offer benefits for both
employees and IT. The research found the benefits of deploying a passwordless authentication model are twofold – for the employee it largely eradicates
the frustrations of using passwords and for the business it increases security. 65% agree that the biggest benefit of passwordless authentication for employees
is quicker authentication, whereas 69% agree the benefit for IT is increased security.  

Businesses Also See Potential Challenges with Passwordless Authentication  

However, with potential benefits comes potential challenges. The top challenges of deploying a passwordless authentication model include the initial financial
investment (43%), regulations on the storage of data (41%), and the time it would take to deploy such an authentication model (40%). Do the challenges
outweigh the benefits, and is passwordless authentication a realistic solution to address the password problem? 

Since I’m not fully understanding what is involved in deploying passwordless authentication, and I read these numbers, what would be the answer of deploying such a strategy across an organization?

I currently share the necessary passwords to specific mailing lists with their URL through private dropbox. Because the people I work with may not understand a password manager or even whether it is accessible, I think this is the best solution for me. I think the passwords are only shared with a couple of users. If i had more, I might adopt the password manager effect because there would be more to manage.

The meat of the matter?

completely. Are passwords and passwordless authentication mutually exclusive, or does there need to be a combination of password management and passwordless authentication to address the password problem? 

This is only going to get interesting.

Comments (0)

Video Game Havkers getting picked up

I recently read an article about a group of hackers getting picked up for hacking and video game piracy.

This Cyberscoop article is quite interesting in its coverage of this and I think its been awhile since we’ve had some good news.


The alleged leaders of an international video game piracy group apparently didn’t do enough to protect their scheme from the prying eyes of the feds.

The Department of Justice says two men have been arrested on felony charges of helping run Team Xecuter, which sold modification kits and other tools that allowed users of the Nintendo Switch and other gaming
devices to play pirated versions of games.

This is going to get interesting now, as we always need to find some good news to cover.

There are other links within this, so trying to take parts and copy this to make it make sense is going to be tricky. US arrests suspected hackers accused of video game piracy is the article. Thanks for reading!

Comments (0)

Older Posts »

go to sections menu


navigation menu

go to sections menu