The Technology blog and podcast
This is for the technology blog and podcast Commentary, articles, and podcasts
The Security box, podcast 24: The breach that is, year end review part 1
Hello folks, welcome to the podcasted version of the Security Box. On this version of the show, we’ll be covering the biggest breach to date. We also have our year end stuff which we look back on the podcast coverage on the year that was. Here are the notes for this show.
Welcome to podcast 24 of the security box. This is a full podcast, as we’re on a two week break. Here is what we have for the podcast.
- The biggest item that we have in the podcast is the biggest breach in the Solar Winds feasco. We’re still learning, check the blog for more. Here is a blog post to get you started with the whole fiasco, but there is definitely more.
- Podcasts 333-340 is covered in different segments throughout the year in regards to what has happened throughout the year. We’ll continue it next podcast.
The podcast is a little over 2 hours including our final track. Thanks so much for listening!
Don’t want to deal with RSS? No problem! Here is the 114.41mb file for you to digest. Thanks so much for listening!
Comments (0)
Technology podcast 357: the last tech podcast of 2020
Welcome to the final technology podcast of 2020 for the tech podcast series. Don’t worry, I’ll be working on more podcasts for this series.
Here are the show notes for today’s program.
On this edition of the podcast, the final podcast of 2020, we’ll demo Weather Underground. I wanted to do two demos, but I think one is enough. I hope you’ll enjoy it.Apple Vis has a post in their directory of apps about Weather Underground – Forecast which was written up. While I do like the app, I believe the person writing this has the same points I do. I do find it accurate, but there are definitely some accessibility issues which you’ll hear about in the demo.The Security Box will have other podcasted content, so the feed will still be going strong in 2020. On podcast 358, I hope to have another demo of something i learned about, an app that’ll assist me with billing credit cards. See you all then!
Don’t want to mess with RSS? Don’t freat! Download the 48.57mb file as this show is under an hour this time. Thanks so much for listening, and continue to watch the blog for more.
Comments (0)
The Security box, podcast 23 is now available
Hello folks, I present you the security box, podcast 23. Below, please find notes and things, the show notes, and a direct download link as usual.
Welcome to podcast 23 of the security box. The full show notes follow, noting that the rss has the first portion. I hope that you enjoy the program.
Note, that this is the last live program until the first Wednesday of January 2021. The JRN will continue to give you Security Box episodes covering the year in review, 2020 from both the tech podcast and Security Box platforms.
Here are the show notes.
Welcome to podcast 23 of the security box. Picking up where we leave off, we continue with Shaken/Stir and its discussion from podcast 21.
Besides that, we’ll go ahead and talk about a company which doesn’t really care about the security of its customers. The name has been mentioned in passing, but now its time to talk about some very serious stuff on a podcast.
We’ll have news, notes, and more.
Topic:
Shaken/Stir was discussed on podcast 21 of the podcast, and podcast 23 will finish it off. Here are the links, taken from podcast 21’s notations.
- Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition
- STIR/SHAKEN Wikipedia
News Notes
Government:
- Oh boy, the government is really in trouble. Multiple articles within the last 24 hours indicate that the Comerce Department are in some serious trouble and maybe more are on the way. Cyberscoop and Krebs on Security are two sources, and there may be more from these sources. The government has had a lot of trouble with their security, now this? The cyberscoop article in question says in part:
Hackers breached the Commerce Department, and reportedly have infiltrated the Treasury Department and other U.S. agencies, in incidents that government
security officials said on Sunday that they were fighting to contain.There were signs that the impact could stretch far and wide in not only the government, but also the private sector. SolarWinds, an IT provider to many
government agencies and Fortune 500 companies, said it was working with law enforcement, the intelligence community and others to investigate a vulnerability
apparently implanted into its supply chain by a nation state.“We can confirm there has been a breach in one of our bureaus,” a Commerce Department spokesperson said. The spokesperson added that Commerce has asked
the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency “and the FBI to investigate, and we cannot comment further at this
time.”This blog post from Monday goes in to a little bit more, including showing who this company Solar Wind has as customers. We’re definitely going to learn more about this one.
- The UScert now has something on the solar wind issue which I’m going to put in the show notes. It was released well after I broke the story Monday morning on the blog. Active Exploitation of SolarWinds Software may end up getting updated, and the USCert is an arm of the government.
You get caught, get time, and don’t try to get an appeal: some good news!
- Looks like we have a couple of stories about getting caught and losing their appeal. First though, California man gets 3 years in prison for hacking Nintendo, collecting child pornography talks about someone who is getting some time because he was accused of hacking Nentendo among other activity. He also has 7 years of supervised release, for a total of 10 years. The scheme this 21-year-old is quite interesting, and the story is linked here.
- The other story is in regards to Reality Winner. While the article does state some people who were in prison were released because of concerns they raised doesn’t mean that everyone will get that same treatment. Former NSA contractor Reality Winner loses appeal, will remain imprisoned is the article, and definitely worth the read.
- While we’re on good news, I think this one should go here, even though its a bit different than the title of this section. I still think its good news so I’ll put it here. Suspect in case of Mirai botnet, which knocked major sites offline in 2016, pleads guilty is the article. This botnet has been around awhile and the code is out there. The story is still turning.
Open forum:
- Why do we have to hand out our social security numbers as identifiers for everything we do? I understand places like Social Security, the Department of Motor Vehicles, and places that require that. Job applications require it, its known as a bad identifier as it can be taken and that is it for you. What do you think about that? Sound off.
Want to download today’s program? Don’t worry! Use this link to download the 193.60mb file and enjoy!
I’ll post another blog post after podcast 25 with the links to the entire archive to date like I did for the first 13 episodes. Thanks so much for listening to the program and feel free to participate any time!
Comments (0)
The Security box, podcast 22: BEC, what is it?
I know that the blog hasn’t been touched in about a week, and I have blogging to do. The first blog post is going to be the show notes for the just completed security box which is available on the RSS feed. Don’t want to deal with RSS? Download the 167.05mb file and I hope you enjoy the program.
Here is the show notes which are short, compared to other notations.
Welcome to the security box, podcast 22 picking up the podcast with business email compromise.
- Business Email Compromise (BEC) definition
- Billion-Dollar Scams: The Numbers Behind Business Email Compromise
Besides that, we talk about a couple of people who have been a problem in the phone world, tie it in to phone security, and find out if these guys would be capable of using such tech. Comments also came in about scams when looking for a place to live, and of course some tunes come along with it. Enjoy!
Delving into the World of Business Email Compromise (BEC)
Business email compromise
See you next week!
Comments (0)
The Security box, podcast 21: The beginning of Shaken and Stir
Hello folks, the RSS feed had the podcast up yesterday, but its time to get the show notes up here. We’ve got quite a bit in the news notes category, as it was quite interesting what we found. There may be more coming soon that we’ve not blogged about, so feel free to check out the blog for more.
Download the Security box, podcast 21 (164.6mb)
Welcome to podcast 21 of the security box. This week, I thought it would be interesting to take you through the Shaken and Stir protocol. This protocol is supposed to go through and make sure we get adequate caller ID.
Below, please find resources that we found on the Internet for the Shaken and Stir protocol, and I’ll be working on braille material so that I have something in writing. We hope that you enjoy the program today.
Topic:
- Combating Spoofed Robocalls with Caller ID Authentication Federal Communications Commition
- STIR/SHAKEN Wikipedia
News Notes
Home Depot
- Home Depot really has it bad. Not only did they settle for 46 out of 50 states and the District of Columbia, they had another breach in Canada. Why aren’t the rest of the companies paying for their breaches? What about target? Home Depot to pay states $17.5 million over massive 2014 data breach is the article coming from Cyber Scoop.
Tik Tok
- Tik Tok is back in the news, and I believe that this may be a good thing. I blogged about this and it may be a good thing. TikTok making it possible to skip videos that may cause seizures? is my article. I think they need to fix their PR first, and their security problems to boot first.
Ghosts in our machines
- I’ve been beta testing software for many years of all kinds. Cisco, the makers of Webex, the conferencing platform, fixed a bug where someone could pretty much be a ghost in your conference and you’d never know it. Cyberscoop has the details as the article is entitled Ghost in the machine: Researchers find Webex vulnerabilities allow hidden visitors and they’re definitely hidden until recently, anyway.
Breach News
- A networking giant recently got owned with data leaking out on their employees and business partners. Is your data like that insecure?
Belden, a U.S. manufacturer of networking and industrial cable products, said Tuesday that unidentified attackers had accessed and copied data on current
and former employees, and some of its business partners.The company is based in St. Louis, and they made over 2 billion dollars this past year. Wonder how much is going toward cleaning this up and what happened with them? Networking giant Belden says hackers accessed data on employees, business partners is the article for this one.
Ransomware
- An article that finally talks about the fact that these actors aren’t quitting? I’ll have my full thoughts posted on the blog, but boy why does this not surprise me that Phishlabs is finally saying this? I said it back in April. Ransomware Groups Break Promises, Leak Data Anyway is the article, and boy its a good one.
There may be more that I’m not going to post here in the notes, so make sure that you check out the blog and other sources for what may be of interest to you. Thanks for checking out the program as usual!
Comments (0)
The Security Box, episode 20: PCIDSS, OCSP stapling, news notes and more
Hello folks, welcome to the Security Box, podcast 20.
First of all, we’ve delayed this and all other posts a day so people can enjoy the thanksgiving holiday and not be bombarded with postings on that day. Be that as it may, I present you program 20, with a few technical problems that I couldn’t help.
Be that as it may, the show turned out well i hope, and I hope that the topics given here are of interest.
Don’t want to deal with the RSS where the program was uploaded? No problem! Download the 206.75mb file by using this link.
Below, please find the elaborate show notes with links to all kinds of things, and I hope you all enjoy the program!
Welcome to podcast 20 of the security box. On this podcast, we pick up where we left off from podcast 19 and the credit card discussion. We’ll go more in to detail about PCIDSS and I’ll talk about the 12 steps we covered a bit of last week. We’ll also talk about other stuff including news, notes, and more.
These show notes are broken up in to segments, and even the news notes will look a little bit different. Let me know if you like these notes. I think it’ll be quite nice to do it this way.
Credit Card discussion:
We continue by talking about the credit card standard PCIDSS which is supposed to be followed. Last Podcast, I mentioned some items that I thought needed changing, but we’ll go through it all.
- PCI DSS requirements for building and maintaining a secure network and systems This is the document we’ll be reading from which was also linked to from last week’s program as well.
Apple VS Logging your application use:
- In a turn of events,, it looks like Apple is getting targeted for logging every application launch. According to an article which I also talk about on the blog, this isn’t the case. It looks like apple has implemented something that has been talked about in the security field and podcasts like Security Now before called OCSP Stapling. In this podcast, we’ll talk about OCSP Stapling, and what it really means. You can also check out this write up Does Apple really log every app you run? A technical look and form your own opinion on what apple is doing.
Things to ponder:
- Michael in Indiana is along with a very good reason why we need to look at our credit cards and our statements on a regular basis. This file should be listened to as a security 101 lesson to all people.
News notes:
We’re segmenting these notes, let me know what you think.
Good News!
We’ve finally got some good news around here, that’s quite awesome!
- We’ve got good news coming out of Krebs on Security and I believe Cyberscoop has this as well. Krebs is reporting that an Irishman was caught as part of a sim swapping person was picked up.
A 21-year-old Irishman who pleaded guilty to charges of helping to steal millions of dollars in cryptocurrencies from victims has been sentenced to just
under three years in prison. The defendant is part of an alleged conspiracy involving at least eight others in the United States who stand accused of theft
via SIM swapping, a crime that involves convincing mobile phone company employees to transfer ownership of the target’s phone number to a device the attackers
control.Its best to read the article in full detail because it’ll talk about what this is, who is involved, and how this is a big ring that has recently been picked up. The article is entitled Convicted SIM Swapper Gets 3 Years in Jail is the article.
Government
- Trump Fires Security Chief Christopher Krebs comes from Krebs on Security. I guess Mr. Trump isn’t too happy with the particulars of the election, and I understand his position. There may have been issues, but is there proof that the election issues this year happened because of foreign interfeerence? I’m not too sure on that, we did cover the article that indicated Christopher Krebs said there wasn’t anything foreign, and I believe what he is saying. There could have been local things that have happened across the country, none of which happened over the Internet as far as I can tell. Another article dealing with the firing of trump is entitled Trump fires CISA chief Chris Krebs, who guarded the 2020 election from interference and domestic misinformation for your perusal.
Bug bounty
- Steve Gibson has always said that one particular Project Zero member has found the ideas for his bug bounties by taking a shower, and now its a woman’s turn to do the same. Facebook Messenger Bug Allows Spying on Android Users is the article and Natalie Silvanovich, the researcher, must be given propts for finding this and Facebook fixing this in over a month. She got $60k in bounty from this work.
Breaches
- I can’t believe we have to go through this again. In the breach department, not only do we have a misconfiguration of an AWS cloud bucket, but even though one was made private, the large amount of data made available through the CDN is absolutely astronomical compared to the people that use said application. I’m glad the app is successful, but the app’s web site is not saying anything when contacted. From Threat post: Good Heavens! 10M Impacted in Pray.com Data Exposure should be read, and this can’t be good. This is the worst I think that can happen to us as a nation, and we don’t know who these people are. Luckily, it was researchers that found it as far as we know, but what if it wasn’t originally?
Catch up:
- OK, so Michael in Tennessee is along with comments on several different things including the forementioned Google ordeal.
- I touch more on the email I got (blog post) when Preston called in as part of the first segment talking about securing data and how the email said they had data. Don’t worry, I’ll still be blogging stuff throughout the weekend, and we’ll see how things go.
While the show had some technical difficulties, I think you’ll enjoy the program anyway. Its going to happen, and we have to go along with it. See you on another edition of the program, next week.
Next week, we’re going to talk about something that I think needs to be talked about even though places like Security Now and others may have talked about it. I mention this at the end of this week’s program, you don’t want to miss it. Its called Shaken and Stir, and its a very interesting protocol. We’ll take a dive in to it next week. Enjoy!
Comments (0)
Tech podcast 356: The Braille Transcription course is a failure, a company getting in to trouble, Mac, IOS and more
Welcome to another edition of the technology podcast. The RSS feed has the podcast already, but I’ve been lackluster on getting things up as of late.
Want to take the downloaded 65.17 file instead of subscribing to the podcast? No problem. Here is the 65.17mb link for you to have.
Here are the show notes.
Welcome to the tech podcast. Assignment 19 was a complete fail, and I know that I had a lot of failure but not all was my fault. You can search out this write up on the blog, but I talk about it here. Next, a company may be getting themselves in some trouble Forget going to a hotel … especially since records go back to 2013 … were you effected is the blog post I wrote, are you effected? Next, JFW 2021 and MAC version 11 are out and I taklk about both. Finally, I found some good news in the security field and I even have one more. Finally, a laugh and contact info at the end. Hope that you enjoy the program and I’ll see you all later!
I hope you enjoy the podcast! Thanks so much for listening.
Comments (0)
The Security box, podcast 19: Credit Cards, part 1
Hello everyone, it has been a busy couple of days. After the box Wednesday, I felt a little on the tired side and got some shut eye. On Thursday, I had other commitments and returning phone calls, so never got the program up.
On this edition of the program, I talk about credit cards, how they work, and a little bit about thePCI DSS program that vendors, merchants and us as people should know about. Because of time, and the fact my documentation had some trouble getting here, I highlight 12 different steps on what an article I found on a blog talked about. We’ll highlight those this time, but go in to more detail this coming podcast. Below, please find the entire show notes which include links to things.
Welcome to podcast 19 of the security box.
This week, let’s talk about credit cards, PCIDSS, and more.
- PCI DSS Compliance Guide: UK Costs & Checklist
- PCI DSS requirements for building and maintaining a secure network and systems
- The PCI SECURITY web site
- Payment Card Industry Data Security Standard
We’re putting the Wikipedia link in for reference. Please do not rely on it alone, as the page talks about a lot of unsourced material. We also posted two of those sources as I liked them, and we’ll use one of them to talk about what PCIDSS is, and what is required. PCIDSS will be discussed as part of the next podcast as we’ll go in to more detail as well.
News Notes
- Thinking about getting an Android phone? Think that its security is better than IOS and what it may have to offer? Thats your choice, and we’re not going to change your mind. According to an article from the Register, maybe you should think about this again. According to the article, Google is being sued because it is taking a couple hundred MB from you on your cellular data even if the phone is sitting there quietly not being touched. Why? Because Google is preparing potential ads that might be of interest to you after it collects data in the background. The article goes on to say that Google people agree to multiple terms of service, none of which talks about the passive collection of data that has nothing to do with your use. New lawsuit: Why do Android phones mysteriously exchange 260MB a month with Google via cellular data when they’re not even in use? is the article, think about this when you decide which operating system you want.
- This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs has a bunch of items in it, and we’ll let you decide what you want to talk about.
Other news
Looks like we’ve finally gotten something that might work. After some time, I am now back on MyTelespace, where they have a call in number for callers who do not have the other technology to use. That number is 720-787-1080 and my box number is 8347 over there. Just another option for people to use. Thanks so much for listening, and make it a great day.
Want a hard copy of the file without going to the RSS to pick it up? No problem! Here is the 173.43mb file for you to directly download. I hope that you enjoy the program as much as I am bringing it together for you.
Comments (0)
The Security box, podcast 18: Election stuff in a different light, news, notes and more
The show notes are packed, and the RSS only got a subset of them. It has been a bit busy as of late, but we need to try and catch up with things and get these notes out.
For those of you who need a direct download to podcast 18, i’ve got you covered. Here is the link to the 191.52mb file!
The blog will have two more articles I talk about which I decided not to include in the show notes. Feel free to read anything here in the show notes that interests you, and remember to feel free to submit those comments. Thanks so much for listening!
This week on the security box, its one week after the election and results may or may not be in, depending on what is happening. Let us recollect on some of the election coverage where security has played a part. We are still having problems with misinformation, misconfigured servers, and more.
The goal is not to talk about the elections per see, but the articles that talk about the problems like misconfigured servers, probes in to what we have, and the election voting machines as a whole and how they are secure or not secure. Articles will be used for reference purposes.
- Iranian hackers probed election-related websites in 10 states, US officials say should really be talked about, because of the fact that we do have misconfigured servers. Why in today’s environment are we still talking about misconfigured servers?
Suspected Iranian hackers have probed the election-related websites of 10 states and, in one case, accessed voter registration data, federal personnel
told election security officials on Friday.
…
The suspected Iranian hackers have been attempting to exploit known software vulnerabilities in their search for voter data, federal officials said. They
did not say which states were targeted. An FBI official on the briefing said attackers had probed websites in 10 states.“We weren’t able to attribute all of this activity to the same threat actor,” but there was overlap in IP addresses, IP ranges, virtual private network
exit nodes, and other technical data, Roebuck said.
…
There is no evidence that any of the activity has affected voting procedures, and U.S. officials stressed that the integrity of the vote is protected.
CISA and the FBI used the briefing to encourage state and local officials to harden their IT systems days before Election Day. “We know that activity is
out there, we know the steps” you can take to address it, said Matt Masterson, a CISA senior adviser.With voting underway across the country, U.S. officials have publicly attributed a series of foreign cyber campaigns related to the elections sector. It’s
a federal effort to be more transparent about foreign threats compared to 2016, and at the same time reassure voters their ballots are being protected.
…
The Iranian Mission to the United Nations did not immediately respond to a request for comment on the allegations.Why was there no comment by the government?
- Here is some more government news was posted at a time I had several other articles I had read that I lumped in to one blog post. We should not be surprised when China is a safe haven for cybercriminals, seeing they were the first to build a firewall and have an Internet that is completely different. Then, in the same post, I link to the article about the Florida debacle I mentioned in a prior podcast. There are others, but they don’t qualify for this discussion.
- Robocalls urging voters to skip Election Day are subject of FBI investigation, DHS official says comes from Cyberscoop. A very well written article about how Robo calls were part of a big problem where if you’re registered to vote, the calls basically said not to even bother. If you did vote, thank you! I know people aren’t registered, and that is a choice. Maybe after all of this is over, I’ll consider registering. I’ve really given it a thought. I would not listen to a call telling me that I shouldn’t go, if I didn’t go and I was registered, that is my own choice.
- Its great when you have great partnerships especially if you can get better from the last election. Election security pros focus on effective partnerships comes from Cyberscoop.
- Courts are busy, and one article entitled Last-minute court rulings on election go against GOP, voting restrictions from Cyberscoop is one of many. I won’t publish them all, but this one is in this list because it was just shy of the election and I thought it would be beneficial on the various types of issues. Its only a matter of time, but the courts must hear each case in turn and make decisions so the election is fair.
- Finally, in a lengthy list, After a quiet election night on the cyber front, officials preach vigilance as results come in was posted on the 4th. This will be the last article in this rundown, as I don’t want to publish every single article that comes through, you can definitely find more through Cyberscoop and other sites. I’m definitely happy there was no major problems in the cyber relm, but there have been other problems not within the scope of this program or discussion.
There may be more, so please check the blog in case there are others that peek my interest. Also, check sites around, you might find something too.
Things to ponder
Disclaimer: The following are going to be things to ponder. Some things could be posted as a blog post, others are just thoughts based on one topic or another and may not be linked to anything. The opinions expressed are those of the presenter, and may not necessarily be those of the JRN, its staff, providers of software and services, or the like.
- I got the best email ever. What was so interesting about it was the domain. Normally, I don’t comment on Spam, but Just saw the best email ever … in my inbox … domain is relatively new is the blog post. You’ll see the domain, as well as my thoughts. I talk about this one.
- Amazon put a little bit of a scare in me by sending me an OTP when I did not even request one. I did some quick investigating and found I was not compromised, but turn on two factor (2sv) on Saturday, the 7th. I checked my transactions, card history, and other log in activity and didn’t find anything suspicious.
- On podcast 6 of the Security Box, it was discussed that Michael in Tennessee had a security concern about his apartment WIFI setup. He isn’t wrong, as on September 7th, he called in to Twit’ The Tech Guy and asked Leo. On this podcast, we’ll play said segment and play Michael’s things to ponder segment as we give an update on the worst security ever. If you want to listen to podcast 6 from August 19, 2020 here’s the link to use (162162.33mb) for your enjoyment. Also read the text from tech guy labs, the tech guy: episode 1743.
News, notes, and more
The news notes section is quite interesting. this blog post from November 9, 2020: What has been read, blogged, and talked about: News ending November 7, 2020 goes in to some, but of course the blog has plenty of more, and a full rundown of some of the articles are mentioned. The linked post here lists 5 other articles I never blogged about because I got involved in other activities. I really need to just blog and quit keeping them around for long term storage. If you find something you want to talk about, please get in touch, and we’ll be happy to bring you on to any podcast.
We hope you enjoy the program as much as we have putting it together, thanks so much for listening and having a voice in a different type of podcast than others. Enjoy!
Comments (0)
The Security Box, podcast 17: catch up, Trend Micro, apps, and more
Welcome to the security box, podcast 17. TheRSS feed is where you can go to subscribe to receive this and the regular tech show, and this link is the link to use to download the 171.56mb mp3 file. While the RSS has the majority of the show notes, due to space limitations, the books section of the show notes was left out as those notes can only be 4000 characters. There, I link to the blog, and people can find it.
Feel free to comment on any of the topics from within the following program, and enjoy!
Welcome to podcast 17 of the technology series known as the security box.
Catch up
- Michael in Tennessee makes an appearance as he was not able to make it last week. We talk about encryption, the lack there of from the government, and companies in general in the security landscape.We are not pointing our fingers at any one company, but mainly an open discussion.
Topics:
- A subset of apps were targeted in an article that indicates that 76 percent of them have at least one vulnerability or bug. The goal is not to write perfect software, but software that can be fixed within a reasonable time frame. Different types of terms are used within this article, none of which I’m too familiar with, but the article I found quite interesting. It came from the folks at help net security. 76% of applications have at least one security flaw is the article, let us discuss.
- Trend Micro has a program for free called House Call which is accessible. This was actually talked about this past Thursday with Andy and Josh. In the article Trend Micro HouseCall for Home Networks Trend Micro talks about what they’ve done with the program and how it can benefit you.
- URL tracking systems like add words and add cents by Google can be abused just like the URL shorteners before it. How URL Tracking Systems are Abused for Phishing comes from Phishlabs, and its well worth the read. This should probably be talked about, because sites use these services including blindness related sites. Do you think it is time to move away from the services in the name of security?
News Notes and more
- In some good news, we’ve definitely got some. Two Charged in SIM Swapping, Vishing Scams is the article penned by Mr. Krebs. Maybe this is a start to something, only time will tell what happens.
There may be more news that I didn’t cover here or on the podcast of the box, let me know what you want covered.
Books as part of segment 1
There are two different books that are available on BARD, one in audio form, one in braille digital form. It may be available elsewhere, but we want you to have these available if you want, talking about privacy in various ways. While I was told to read 1984, the title itself didn’t strike me as exciting as the book Privacy and Technology in the Digital Age. We’ll find full descriptions of both books, and remember to check the blog under NCSAM for other titles I’ve read.
The following books come from The National Library Service as part of the Library of Congress. The books may also be available elsewhere, and you need to search them out.
- 1984: a novel DB73474
Orwell, George; Pynchon, Thomas; Fromm, Erich. Reading time: 13 hours, 56 minutes.
Read by Andy Pyle. A production of the National Library Service for the Blind and Physically Handicapped, Library of Congress.
Literature
Satire about an alternate London under a totalitarian regime overseen by the omnipresent Big Brother. Winston Smith, a Ministry of Truth bureaucrat, attempts
an intellectual rebellion against the Party while he pursues an illicit romance. His actions lead to his imprisonment, torture, and reeducation by the
Thought Police. 1949. - The digital person :: technology and privacy in the information age BR16095
Solove, Daniel J. 3 volumes. A production of the National Library Service for the Blind and Physically Handicapped, Library of Congress.
Science and Technology
Computers
Legal Issues
Law professor examines the proliferation of databases that store information on individuals’ activities, interests, and preferences assembled through computers
and the Internet. Examines privacy and legal concerns including identity theft, the debate over public records, and the use of government access to profile
people for criminal or terrorist activity. 2004.
Thanks for listening, and enjoy the program!
Comments (0)
The Security box, podcast 16: lots of items including catchup, the government and more
Hello folks,
After the show on Wednesday, I got involved with a potential new client, and yesterday I set up a new client along the network. Be that as it may, I want to try and get some stuff out, which include the notations and download link for this show, and other stuff that I’ve been reading.
Be advised that I’ll be also working on the next podcast, even I’ve got some ideas on the next full tech program, so we’ll have more coming soon.
Now, here are the show notes for this past wednesday’s show. The show is already on the the rss fed for those who want to have it. Those who get it via dropbox already have it.
Welcome to broadcast 16 of the Security Box.
Time to catch up:
Jennifer, the staple it seems to this program, comes in with 8 different commentary pieces we’ll step through in regards to last week’s significant program on privacy, personal information online and the like. We’ll see how this segment goes when it comes to whether there needs to be anything else said, or whether it’ll speak for itself.
Topics:
- What do you think when it comes to your web host and what they offer? Some web hosts are Windows based, some are linux based, some may have both, and some … well … may just not care what they host no matter what the platform. In an article entitled Planetary Reef: Cybercriminal Hosting and Phishing-as-a-Service Threat Actor which comes from Phish Labs, we’ll talk about a company that seems to be under multiple names, yet surves up all kinds of things that most web hosts would not tolerate. The group behind Planetary Reef leases IP space from a large reseller. I’m considered a reseller, selling space given to me, but a large reseller may be under a company that they buy their space from each month and they sell it to others. Let’s talk about this as there is a history behind the web space market throughout the years.
- In a related topic I covered and didn’t originally cover under the rundown, we talk about this Krebs on Security article QAnon/8Chan Sites Briefly Knocked Offline and tie this and the first article together.
- Has the Department of Justice not learned anything about why we need security today? I guess they really haven’t because a Cyberscoop article entitled DOJ efforts to weaken encryption place national security at risk, congressman says was written by Shannon Vavra and it is quite well written.
Rep. Ro Khanna has one message for politicians who continue to suggest technology companies should give law enforcement agencies access to encrypted data:
This is a power grab.The U.S. Department of Justice has long called for technology firms to create software that would allow law enforcement agencies to investigate suspects
who use encryption to hide illegal behavior. For Khanna, a California Democrat, the tradeoff is too dangerousMost in government do not understand this, and its time that someone really hit the hammer home with this nonsense and lets put it to bed once and for all.
News, notes, and more
For a complete news notes overview, watch this space on the blog. I may have posted more than what is covered here, and what I do cover is only a few items from the subset of things I thought would be of interest. We’re not going to link to everything, but maybe something else caught your attention that I did not cover. Let us see what you think of the news covered in the program, and of course, the comment boards await you.
Things to ponder
I honestly didn’t see this coming. Now, … for a random breach … a psychotherapy center is something I bring up in news notes, but yet it is a serious thing. In things to ponder, I’ll give my thoughts on this one. Its beyond repair.
Want to get the file and don’t want to mess with the RSS feed? No Problem! Download the 171.38mb file by selecting this link. I hope you enjoy the program as much as I have bringing it together for you, and we’ll have another edition very soon.
Comments (0)
Tech podcast 355: 2020 predictions, what about those predictions today?
In a podcast I wanted to release like March or April, I’m glad I waited till now. I’m going to replay the webinar that I joined way back in January, and you’re to tell me what you think came true or not during this crazy year.
As you listen to this podcast, what came true and didn’t to date in regards to the 2020 report on what might happen in the security landscape? MyTelespace is currently down, blog posts are on the blog about it, and of course contact info as well. Enjoy!
Between the lines are the show notes. Download the 61.92mb file by using this link. I hope you enjoy the program as much as I have putting it together for you. Yes, it wasn’t much as it was attended months ago, but I want to hear what you have to say about this and your thoughts on what you’ve seen in the landscape. Enjoy the program!
Comments (0)
The Security box, podcast 15: Its time to check your privacy at the door
Today’s episode of the security box which should be on the rss feed covers all types of privacy. Armando is on, we have two people named Michael, and its well worth the conversation. The program lasts 4 hours.
Welcome to the Security box, podcast 15. It was mainly an open forum of privacy talk today.
- Armando, a broadcaster here on the mix, was on talking about his experience with Covid and other privacy concerns he had in regards to that. We also got in to a twitter discussion with names we’ve seen. No mention of exact names are mentioned here but we do talk about this. The Melting Pot, October 9, 2020 and Armando’s Testimony can be listened to. These files will eventually expire, so get them while you can. Within the Internet Radio program, go in 86 minutes to hear the discussion.
- In hour 2, I start and it continues in to hours 3-4 where we talk about privacy, the Internet, finding information, and other aspects of the discussion as Michael in Tennessee and Indiana both join me for hours 3-4 as part of this discussion.
This week’s show lasts about 4 hours, and I hope you enjoy!
If you want a downloadable copy of the program, download the 216.93mb file right here.
Thanks so much for listening to the program, and feel free to contribute! Again, the program is almost 4 hours in length.
Comments (0)
Tech podcast 354 for October 19, 2020
Its been awhile since the blog has been touched, and it is time for a podcast for the main tech podcast. As with the Security Box, we’re also going to supply sendspace links for easy downloads. The RSS feed has the program as usual but due to the way browsers made RSS work now, its beyond impossible to get it.
For a change, this particular podcast does not cover the Security Landscape at all. While I’ve been recovering fighting something, I still have news notes and more for last week to post as well. Its going to work out though.
Here are the show notes for podcast 354 for everyone to munch on.
Welcome to podcast 354 of the technology podcast series. The segments on this podcast are mid-length, but quite interesting I think for a change in pace for this particular podcast. Let’s tell you what we’re going to cover.
- Time to get your M-braille On is the blog post for written communication, but why gripe when this happens to many pieces of software besides M-Braille? It got fixed, and it now works again. All operating systems has its fallbacks when upgrading, and I talk about this.
- Shaun Everiss and I talk about Yahoo. Shaun sent me an email which prompted me to create this blog post and segment 2 is all his. Segment 4 is mine.
- Its always nice to have a discount, but why do we, the disabled, need a discount? Yes I get it, our software is quite expensive, especially if you use Jaws or the discontinued Window-Eyes. Other pieces of software which include Duxbury and even Braille2000 are expensive. There are discounts for specific cases, but why phones? This blog post: A petition on lowering the cost of an iphone for the disabled? Let’s discuss talks about This Apple Vis forum post: A petition asking Apple to consider discounts for people with disabilities. which has quite a number of negitive comments. I see what was tried with this post, but there are already discounts for phones through the carriers and even through Apple itself through care. I’m linking to my blog post and Applevis in this show notes so you can choose which one you want to read.
I hope you enjoy the program as much as I have putting it together, and I’ll see you all on another edition of the program next time.
Want to download the 71.28mb file which lasts 77 minutes in length? Here’s the 77mb file for you and remember to get in contact with us! We’ll be waiting for you.
Comments (0)
The Security box, podcast 14: an update on an interesting story, passwords, and an interesting security topic on privacy and disclosing things
Disclosure of personal information can take many forms. In the undocumented segment of the podcast as I decided not to really write too much, we talk about something that really should make you think. I did put it in the show notes in a different way under topics. Besides that, we’ve got an update on an ongoing saga, passwords or passwordless? Plus you tell me what you have read in the landscape you’d like discussed.
Show notes
The Security Box, podcast 14 must continue with the ongoing saga of John Bernard. We’ve got an article on that. What do you guys think of a passwordless future? Lastpass talks about it. News, notes, comments, and more.
Topics:
- What do you think of John Bernard? Apparently, the suspect that has been identified as this person walked away with 30 million dollars, and it doesn’t stop there. The end of the article claims from one company that they hope that he comes through with his promise. Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M is the article. Could this be the end?
-
Passwords have long been one of the leading drivers of security risks and employee frustrations for businesses, which has only increased since organizations
transitioned to working remote. Passwordless authentication, on the other hand, securely connects employees to their work without the need to type a password
through technologies such as biometric authentication, single sign-on and federated identity. Is passwordless authentication the solution to the password
problem?This is only the first paragraph of this facinating article on a passwordless future which will get interesting. The article LastPass Research Finds 92% of Businesses Believe Passwordless Authentication Is in Their Organization’s Future is going to be discussed.
- What is up with privacy? Conversations that could go awry because of an innocent conversation. Listen to the segment and form your own opinion.
News Notes:
I’ve done some reading but what about you? Submit things either by voice or text and lets discuss it.
Other things:
Twit had an event held on October 8, 2020. Here is a sendspace link to that download which I’ll have expire in 8 weeks from today. This is the property of twit, I’m supplying it as a courtesy to you. Visit the twit network to learn more about them.
Want to download the file and not want to mess with the RSS feed? Yes, its getting harder to open RSS feeds in the browser now, and sadly that’s too bad. Starting with this blog post, we’re going to supply a link you can use to download the program. Download the 138.51mb file and I hope you enjoy the 2 and a half hour program! Thanks so much for listening and participating in this program.
Comments (0)
The Security box is now on sendspace
For those who did not have a chance to listen to any of the Security box shows, here are sendspace links to the first 13 episodes.
Starting with Episode 14, after the notations, we will have a link to download directly. Thanks so much for checking out the program, and I hope that this is of value!
- Podcast 1 (166.30mb)
- Podcast 2 (162.52mb)
- Podcast 3 (169.25mb)
- Podcast 4 (179.35mb)
- Podcast 5 (194.14mb)
- Podcast 6 (162.33mb)
- Podcast 7 (134.34mb)
- Podcast 8 (155.28mb)
- Podcast 9 (169.79mb)
- Podcast 10 (199.97mb)
- Podcast 11 (136.19mb)
- Podcast 12 (176.43mb)
- Podcast 13 (179.89mb)
For this list, the podcast number and the file size is all that’s given. Again, podcast 14 will include its show notes, and a single line for downloading the file. I hope that this is a valuable edition, and we’ll do the same for the technology podcast starting with podcast 354 which we are starting to put together. Thanks so much for reading, participating, and having a voice in how the podcasts are done.
Comments (0)
The Security Box, podcast 13: Talking About Identity stuff of all kinds
The show notes are very very short, and the RSS feed is getting the podcast as we speak.
Here are the show notes, and I hope you enjoy the program.
Welcome to podcast 13 of the technology blog and podcast series known as the Security Box/. On this episode, we are going to cover NCSAM, week 1. The big thing now a days are your security and identity protection when it comes to your online safety. The first article Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis is discussed in a taped segment. Speaking of identity, Preston from Pensylvania is going to be on with an interview that I did with him talking about experience, stories, and the like. We’ll also cover some news if time allows. Please make sure that you tune in to the blog web site for all of the news, as NCSAM will be busy and lots of items will be posted. You may want to decide to subscribe so you don’t miss anything. Thanks for listening!
We’re looking in to getting sendspace again, the pro version of it so we can once again provide downloadable links. I had to get rid of it at one time and didn’t really want to do that because people were using it to download stuff. Anyhow, we’ll get it and I’ll supply a full list of downloadable links to the entire set for everyone soon, then include it in future podcast releases as part of the show notations here on the blog. See you all soon.
Comments (0)
Technology podcast 353: Identity Theft and the Corona virus, Google, and more
I know I haven’t done a tech podcast in awhile, and the RSS feed has the program. The show notes have links to a few blog posts that cover some of the topics, and of course, I plan on doing more blog posts in the future relating to all kinds of stuff that might be of interest.
Below, please find the show notes, and of course, thanks for listening!
Welcome to podcast 353 of the technology podcast.
- NCSAM is out now, its the month of October and its definitely going to be an interesting month. Our first segment talks about the fact that identity theft may be more of a problem now more than ever. blog post
- KNFB reader was intigrated in to newsline. People were griping about it on Apple Vis, and may have been in social media as well. I looked at the app one day, and I find it quite interesting but still easy to use. They griped because they had to reverify their info, otherwise known as reauthenticate. KNFB Reader lite works well, and I am glad I have choices. blog post
- Michael in Tennessee taught me about Google and pairing to bluetooth devices. While I told my phone to forget the device, I had to go back in to google and get it repaired as I tried to demo how I got it to work. Be that as it may, this was kind of cool. Thanks Michael for this!
- On a prior podcast, we covered SSL and what is happening with threat actors today. I intend to write a blog post with my thoughts, but the Security Box definitely covered this. Podcast 12 of the box covers this in a talk show format, but I figure it should be covered here for those who don’t want the longer program. Tell me what you think.
The full program lasts an hour, so I hope you’ll enjoy it. Thanks for listening! See you on another edition of the program.
Comments (0)
The Security Box, podcast 12 for September 30, 2020
Welcome to podcast 12 of the security box. We had quite a few topics this time, and even a podcast segment. Want to participate? Contact info is given throughout the program, so feel free! The notations of the program follow.
Welcome to podcast 12 of the tech podcast series known as the Security Box.
Topics:
- On podcast 10 of the box, we link to an article about due dilligence. It was segment 2 of that podcast. Just recently,, its time to update this, as now Krebs has an article asking the question: Who is Tech Investor John Bernard? Seems to me that this guy, whoever he is, is not a good guy, and I think I visited the page in the first story just to see what it was about. In no way was I going to utalize the services, but I was mainly curious what the main page had to say. It is funny to see that the site has a general closed message on it, and people still come forward afterword to people like Brian and tell him what has happened to them. This is quite funny, and I think I’ll have this as my first topic. Did you read the article linked to in podcast 10, and if so, what did you think? What do you think now?
- Apparently, another tech company is hitting the news in regards to a ransomware attack. The company in question put out the same type of info that most companies put out in regards to the breach or lack there of when it comes to personal information that may have been taken. The problem is that the investigation is still ongoing, and even though the article was updated after initial printing, we can’t say who is telling the truth. Govt. Services Firm Tyler Technologies Hit in Apparent Ransomware Attack is the article, and I think this aught to be quite interesting. Only time will tell.
- APWG is the Anti Phishing working group. This group does work to try and advise security experts and us on how to be as safe as possible. Now they’re saying that SSL should not be used in determining if a website is secure. We’ve known through Phishlabs articles on the blog that the rate of SSL certificates by actors was on the rise, but now we shouldn’t rely on it. APWG: SSL Certificates No Longer Indication of Safe Browsing comes from the Phishlabs folks, and I think its worth the read. We also put it in the news notes rundown, and I am sure it’ll garner conversation.
News Notes:
- News Notes has quite a few items even though I have had technical problems as of late. The weather isn’t helping with health concerns as well, so it may not be large, but it is good none the less. If you’re interested in the news I’ve gathered, head on over to this blog post and check out what might interest you. There may be some overlap, but at the same time, you might find something you want discussed that I didn’t read.
Podcast segments
- Michael in Tennessee is on with us for about 37 minutes talking about one particular article that caught his attention. He and I discuss this particular article, and we even bring up other odds and ends tying this up with other revelant but could be off topic stuff as well. The article we reference comes from Cyber Scoop, and its a good one. FBI hopes a more aggressive cyber strategy will disrupt foreign hackers which was posted to that site on the 21st of September. This article was written by Sean Lyngaas.
Want to download a copy of this and don’t want to go to the RSS feed? Please feel free to use this dropbox link which lasts 1 week. Thanks so much for reading, participating, and or checking out what we have to offer. See you on another edition of the podcast!
Comments (0)
Tech podcast 352 for September 24, 2020
The show notes are sweet and short.
Voice mail systems, are they gone? Covid-19 and the email landsscape, a webinar and IOS 14 and other OS’s and whether apps are updated timely if they are broken. Enjoy this 65 minute podcast!
If you want to have a file sent to you, please let me know. I’ll be happy to send it to you.
Comments (0)
navigation menu
- Archives
- April 2021
- March 2021
- February 2021
- January 2021
- December 2020
- November 2020
- October 2020
- September 2020
- August 2020
- July 2020
- June 2020
- May 2020
- April 2020
- March 2020
- February 2020
- January 2020
- December 2019
- November 2019
- October 2019
- September 2019
- August 2019
- July 2019
- June 2019
- May 2019
- April 2019
- March 2019
- February 2019
- January 2019
- December 2018
- November 2018
- October 2018
- September 2018
- August 2018
- July 2018
- June 2018
- May 2018
- April 2018
- March 2018
- February 2018
- January 2018
- December 2017
- November 2017
- October 2017
- September 2017
- August 2017
- July 2017
- June 2017
- May 2017
- April 2017
- March 2017
- February 2017
- January 2017
- December 2016
- November 2016
- October 2016
- September 2016
- August 2016
- July 2016
- June 2016
- May 2016
- April 2016
- March 2016
- January 2016
- December 2015
- November 2015
- October 2015
- September 2015
- August 2015
- July 2015
- June 2015
- April 2015
- March 2015
- February 2015
- January 2015
- December 2014
- November 2014
- October 2014
- September 2014
- August 2014
- July 2014
- June 2014
- May 2014
- April 2014
- March 2014
- February 2014
- January 2014
- December 2013
- November 2013
- October 2013
- September 2013
- August 2013
- July 2013
- June 2013
- May 2013
- April 2013
- March 2013
- February 2013
- January 2013
- December 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- August 2011
- July 2011
- June 2011
- May 2011
- April 2011
- Categories of this blog
- Subscribe to Blog via Email
- The tech blog’s pages
- Blogroll