go to sections menu

The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: Home [0]

Go to contents or to navigation menu



Tech podcast 329

Tech podcast 329 has been out, and I believe I’ve neglected the blog. I believe I released it last week, and I apologize for not posting!

I’vll have some big news to share after I do some more development on one of my web sites I may have talked about. Enough of that for now, the RSS and mixcloud should have the podcast.

Below, please find the show notes for this podcast. Truly sorry for the fact I didn’t post it when it was published!

More later.


Released November 5, 2019

Welcome to podcast 329.

  • How can we keep ourselves as safe as possible when databases that companies hold them online? I completeluy understand the aspect of why they need to do so. It isn’t possible for them to store it like I do, and its just becoming a problem. A telecom company breached, mongo DB to blame is the blog post referencing this segment.
  • National Cyber Security month is now complete. Why? In this ever changing landscape where everything is online must we have only one month to teach how to be as secure as possible? Please check out my blog post penning this topic: NCSAM is over, shall we stop teaching for my written thoughts on this important topic. Its something we should be discussing, and we should be discussing it all the time.
  • I found an article through dark reading, and instead of covering that, I think we should try to discuss it in a different light whereby we ask how consumers can be safe in this time of major security problems. It isn’t just the entity that we shop at that should be the main problem, it is in both things. Merchants need to fix their security, but shoppers need to be careful and some tips are discussed on what we can all good.
  • Dice world has some interesting updates and I tie that in to other games and the accessibility landscape. There is always something to learn and I’m happy to see what happens as we continue to grow.
  • Michelle Dyer was a dear friend of mine. I let the domain go because I was under the assumption that the domain was not needed. Family contacted her closest friend, contacted me, and I’ve relaunched the domain on October 31st. Due to some other technical issues I could not fix, the domain is now relaunched and I only made some changes to clean some outdated info. Please click on this link to go to the Michelle Dyer Memorial page where you’ll find tech podcasts to download that she was a part of. We thank each and everyone for your continued support of my work.

The track I selected for this podcast comes from the artist Ehren Starks from the depths of a Year. Contact information is also available at the end of the program. Thanks so much for listening!


Thanks for your understanding while I try and catch up!

Comments (0)

Braille 2000 can’t do greek … fix is in the works

I recently got off the phone with Bob and a very alpha version of assignment 16. I was pointing out some questions I had, and what the braille simulated print of the lesson was showing me. In this context, one of the items he was asking what it was. I looked in the braille, and sure enough, the simulated braille shows in assignment 16 Greek! There are several portions where Greek is used, and Braille 2000 and its Greek is greek to it.

The only fix is to write it in braille, I.E. 6-key entry.

Now, I realize that my grumblings of 6-key and what a waste of time it is, proves to be very valuable.

Here is what I plan to do to fix the horid importation from the PDF to RTF file.

  • Go in to Speech, engine settings, and turn on keyboard feedback.
  • Fix the file up by deleting the old material that doesn’t need to be there and typing by hand the greek that it didn’t understand.
  • Putting in some script signs which were not properly put in place.
  • Fixing item 23 in spots where it was completely and utterly wrong.

I’ve been griping about the lesson material and the teaching of such material before, but I think that this has to be the worst piece of material that ever crossed my desk. I can’t fathom what the powers that be who developed this did a piss-poor job on the material and how correcting some aspects in RTF fixed some of it, but yet, we still have to correct quite a number of things that are completely wrong!

I know, I know, those of you who are reading this will say “This is the job of the transcriber. The software is not going to be perfect.” I get it. If the print is done correctly, and the software is trained how to back translate it, it should not have any problems.

In two of the numbers, it didn’t put a closing mark, it put a dot pattern that I’m not familiar with. The dot pattern is (dot 5 2) as a sequence at the end of the sentence. The elipses it put in place came from the print and was spaced, but braille doesn’t have that spacing so I can correct that and I do not fault the software for that.

My issues with assignment 13 are miniscule because I minipulated the RTF and got it wrong based on what I understood. Once I understood the correct method, I corrected it, and even learned how to correct it for the next RTF copy. Its all a learning process, and I do not blame software for something I did. All of the symbols except for the special symbol (shape indicator emoticon) aspect was done correctly. Once I corrected the emoticon special symbol shape, it was fine although it might not have backtranslated that correctly in to ledgable print.

I definitely know that I need to do some serious work at some point, and I know its going to have to be soon.

Have any of you done foreign language, especially with tools like Duxbury or any other piece of software and what did you think? Did it do an adequate job or did you have to correct it with the knowledge that you have on the subject?

Please contact me by leaving your comments here, by email/imessage/text and info can be found on the About the Blog page which has contact info there. If you can’t find it on the blog, go on over to my Web Site and leave your throughts through the contact/bug reporting form or any available contact info found there.

Thanks for reading, and make it a great day!

Comments Off on Braille 2000 can’t do greek … fix is in the works

A telecom company breached, mongo DB to blame

When is it going to be time for people to learn especially those who set this stuff up that databases that hold information that is crutial to the business to configure it properly? According to this dark reading article CenturyLink Customer Data Exposed this can’t be good. The fact that the database is connected to the Internet is bad enough, but according to a conversation I had with some folks online when told about this is that there is no other solution. Companies that are large or have multiple call centers need to have a way to have access to all of the customer data to make changes, verify information, and the like. Its not like MENVI where we store it, its amongst a few people who are on staff, and thats it. Hundreds of people need access to this information at these companies when you call in, so I understand the challenge.

Who at these companies are responsible for this type of thing? We need to have them answer these questions, and I’m sure that they;’re answering now. This should never happen, and if it does, let it be a mistake that is quickly remedied. Don’t leave it open for months on end for someone to find, especially a hacker. Luckily, it was a researcher, and it can’t be all bad, but what if it wasn’t? What if the database was to be found to include all customer data? The phone company covers multiple states. How does that look? Lets hear your thoughts.

Comments Off on A telecom company breached, mongo DB to blame

‘Camgirl’ sites exposed millions of users after security lapse – TechCrunch

Exposed data linked user profiles to their their viewing history, exposing kinks and private sexual preferences.

Source: ‘Camgirl’ sites exposed millions of users after security lapse – TechCrunch

Oh boy. Now this here is something to post. I am seeing this on twitter, and I thought, really? Could this get any more worse?

Comments Off on ‘Camgirl’ sites exposed millions of users after security lapse – TechCrunch

Assignment 16, why does it look so bad?

Hello folks,

I’ve looked at my first braille out of assignment 16 of the braille transcription course. It looks aweful, and I’m nowhere near submitting this assignment.

Here is what I notice:

  • There are dots of an unknown type at the end of several items where quote marks are shown in the braille edition of the lesson.
  • I’m very unfamiliar with foreign language material, but understand why the symbols have changed in conformance with UEB standards, and Braille 2000 can deal with these when written correctly.
  • Bob tells me that in number 23, the PDF to RTF extraction for a base file was absolutely horid. With Braille 2000s tools, I can correct these and get another brailleout.

Bob appreciates the fact that I’ve been sharing my assignments with him. It has opened his eyes on how bad UEB really is, and how BANA has forced the United States in believing this is the best thing we can do. This is not the best thing we can do. Lots of baggage has been reported, and even with my conversation with someone yesterday, the book is aweful in explaining the concepts of how this should be done.

I’m hopeful that I can pass on the first try on this assignment. With the tools we’ve built in to b2k, I’m confident I can correct these mistakes, and get it to a form I’m happy to submit.

As a side note, it took three tries on assignment 15, as there was still confusion, and that confusion was coming from the book. I understood what it was saying, but the instructor wanted it a certain way. The third time was the ticket!

Have you done foreign language material and how has it faired with b2k? What about other software?

I look forward in hearing from you. Please get in touch!

Comments Off on Assignment 16, why does it look so bad?

NCSAM is over, shall we stop teaching

Well, NCSAM is over, and that doesn’t mean we have to stop learning. There’s always something to learn, especially with cyber security. Lastpass, the last password you’ll ever need, has a blog post entitled NCSAM Wrap-Up & Planning for Next Year but why stop there?

Here are some questions Lastpass asks.

  • Did your organization have goals for NCSAM this year?  
  • What new things did you try, or what programs did you continue from previous years?  
  • What type of feedback did you receive?  
  • What would you like to try next year? 
  • What results are you looking to accomplish with your cybersecurity initiatives? 

These are great questions. I think in regards to item 4’s question, I’m trying to teach year around by talking about experiences and things that I’ve read or experienced in life that have happened to me. By talking about what I’ve done after the fact, I can show how proactive I’ve been to the situation at hand. My initiatives for next year is to do the same all year long. This I think should not be a once a month thing. By spreading it all year round, we can always learn, so we can try to prevent the next castrophy.

I’ve received mixed feedback when talking about things. Some have indicated that we’re pretty much screwed anyway, things get on the OS, and it’ll either burn the OS, or the OS will be slow. No matter what we do, we can’t stop the worst of them, they’ll get in regardless. Others like the ideas of what I’m doing, and it can turn in to a discussion on the chat line. Still others, don’t quite comprehend the aspect of how bad it is, and skip it because it can get technical. It just depends, although I try not to be technical about it.

I don’t have goals for the year and I o not have money for programs to implement. I’d love to be involved in phishing simulations because we can always learn so we don’t make a mistake to criple our devices. Its too bad that these types of programs are expensive so people who use a computer but don’t make a lot of money can’t participate in such a program.

I run MENVI and I’m always asked questions by one of my coleagues about something he’s seen. I tell him whats up, and I also send him some of the major articles I find through my RSS feeds. He sends them off to people who need to know.

I believe this is very important year around, not just once a month. By sharing information, we can all participate in reading and understanding what other businesses are going through and can do our best not to fall victim within the net of problems.

Lastpass has ideas for next year including webinars, educating your customers and clients, employee training, share material, and attending a cybersecurity event. I talked about two webinars I’ve attended from Trend Micro and I really need to listen to the last one fully because I’ve missed sone parts of it.

There is more including how they mention inspiring the next generation to get involved by talking about the girl scouts teaming up with a company. Theres plenty of more to read, so take a look around, and lets start making that difference!

Comments Off on NCSAM is over, shall we stop teaching

Time change

Its that time of year, the time changes and we have adjusted the blog to minus 8 from GMT to compensate for the change of time. Its too bad that the blog can’t do this itself.

We’ll continue to post and do our regular activity here, and hopefully you all are enjoying what you’re reading and hearing along this network.

Comments Off on Time change

The biggest names in domain registrations have been breached

Hello all,

I’m unfamiliar with register.com, but I am familiar with Network Solutions. I’m also unfamiliar with web.com as well. Apparently they’re under the same umbrella and it got hacked. According to Breaches at NetworkSolutions, Register.com, and Web.com one is letting their customers know on their web page and reaching out by email, one has info but its buried, and the other has nothing. This is just not the way to do things. You need to be as transparent with your customers as you possibly can. Let them know what you know, so they understand what is happening. Its the best medicine you can have.

Have you seen coverage or is this the first time you’re seeing this? If its the first time, be notified of it now, and see if anything is compromised I.E. domains you control and the like. It doesn’t look like in the article that nothing was touched, but you just never know. Stay safe.

Comments Off on The biggest names in domain registrations have been breached

Tech podcast 328

Hello all,

Our RSS feed has the podcast of this last podcast which I put together on October 31st but only uploaded it yesterday. I believe Mixcloud might need it, but I don’t remember I’ll have to check.

Here’s a link to the mixcloud and you can let me know if its there or not. If not, I’ll get it up asquick as I can.

Here are the show notes.


Hi folks, welcome to podcast 328.

I hope you enjoy the program.

Comments Off on Tech podcast 328

NCSAM: protecting our kids online

We can’t forget the blog posts that are around the Internet dealing with protecting children online.

We all in our lives at one time or another have made mistakes. We must learn from them too. That also goes for children online. There is a bigger risk with children, and data minors know this and try to get kids to click on things just as much as us adults. This article Home and Away, All Year Round: How Can I Keep My Kids Safe Online? has 8 different points which I’m mentioning in an upcoming podcast that we can all take from, not just teaching the kids.

If we all on’t learn from these tips, the internet could become a very interesting place if it hasn’t already. I know there are other articles I may want to cover as NCSAM closes, so I’ll try to get them read within the next several days. This is going to get rather interesting don’t you think?

Comments Off on NCSAM: protecting our kids online

IOS 13.2 now out, lots fixed, a few new bugs

IOS 13.2 is now out. Apple vis has the details of lots of fixes, but 4 potential bugs that could have you holding off if you use braille. Spome may be device specific, so your milage will vary. Here is the Apple vis post on IOS 13.2 for you to peruse. Happy updating!

Comments Off on IOS 13.2 now out, lots fixed, a few new bugs

Jaws 2020 now or soon to be released

Hi all, I was going through and updating podcasts, and the freedom scientific podcast was released and I will be sure to check it out. It said that Jaws 2020 would be released ssoon. According to this Freedom Scientific news page it looks like its released today but I’m unclear. There are a lot in the show notes, so I’m not going to bore you with every little detail of the update. Lots of fixes though and some that might apply to you.

I can’t wait to see what might apply to me and to those that utalize it. I hope that this post is of value, and please email me or post a comment to tell me if this is an official release date, or release notes prior to the release which should be any day since the notes on the podcast say the end of the month.

Thanks for reading!

Comments Off on Jaws 2020 now or soon to be released

Whats going on with web threats? The October webinar by Trend Micro

This month, Trend Micro’s webinar was in regards to what is going on with web threats? This is the link to the on demand webinar. One of the things that I was quite interested in was the fact that web threats are now including sextortion. This is a term I’ve never heard of, and a brief lookup through wikipedia was quite interesting.

In an upcoming podcast, I discuss a little bit of this, what I’ve seen in my email for contact forms, and I look forward in relistening to this cast as I missed some parts.

Did you know that the majority of web threats start by email? The email is phishing in nature, but that may not always be the case. According to this, the actor may now be moving to social media platforms such as twitter, facebook, linked in, and others. The adds we see now may be melicious, and this is called Malvertising.

There’s plenty more, please feel free to check out the webinar, I am going to try and relisten to this within the coming days.

Thanks for reading, and look forward to a podcast topic on this real soon. Lets discuss what you’ve gotten and whether you’ve been bit.

Comments Off on Whats going on with web threats? The October webinar by Trend Micro

Chinese companies being eliminated in the tech industry? Two of them may be

I was just giving praise to China on trying to do something good, but we can’t forget two companies who apparently are using tech for bad. In a more recent article entitled FCC chair pitches rules to block Huawei, ZTE written by Cyber Scoop, I’m not even sure what to think.

I believe this is a slippery slope. The two companies mentioned are apparently spying and doing other things which they probably shouldn’t, however, wha t about the meriad of companies that do that just by collecting all this data to either use against you, or just to have it? It can’t work both ways.

While a company like apple collects this data from our phones for services, what makes you think that someone else isn’t in their systems and platforms right now gathering the data to do something more deadly with it? We don’t know if that is even going on.

I bet if these companies are banned by the government, than some others that may eventually be caught and doing the same thing would be forced out, even if they are here in the states. Its going to get interesting.

Comments Off on Chinese companies being eliminated in the tech industry? Two of them may be

China’s Congress Passes Cryptography Law, Effective Jan. 1, 2020

I’m perusing Twitter, and several days ago, an article entitled China’s Congress Passes Cryptography Law, Effective Jan. 1, 2020 was tweeted by a follower and it puzzles me. While I admire China to do good with the idea of this law, we do have a lot of bad coming out of there too. I’m not going to talk about the bad here, because if this new law works and something comes out of it, thats a good thing, correct? On this post, lets concentrate on just this … they’re trying to do something ith the technology to try and do good. This should be commended within their bad press.

Comments Off on China’s Congress Passes Cryptography Law, Effective Jan. 1, 2020

Making The Smart Bet On Cybersecurity

This was quite interesting. Relaying the cybersecurity threats to a casino. This article is awesome, and I think its a good read so passing it along.

Cybersecurity strategy doesn’t have to be a gamble, but trying to beat the odds of a breach is not an easy task. Educating your entire organization, and automating the most data-heavy tasks provide the best defence.

Source: Making The Smart Bet On Cybersecurity

Comments Off on Making The Smart Bet On Cybersecurity

Tech podcast 327 for October 27, 2019

Hello folks,

Welcome to podcast 3247of the tech podcast. I have quite a bit for you.

Let me start by saying that on Segment 3, I am not looking for a replacement solution on the braille transcription course, I’m only looking for feedback. You’ll understand why when you hear the segment.

If anything is to be done, it will be a long term project, not a short term solution to something I feel that needs to be done.

With that, I want to give you the podcast, and it’ll be soon on Mixcloud as it is on audio RSS already.

Thanks so much for listening and here’s the show notes.


Welcome to podcast 327 for October 27, 2019.

  • What do you think about giving out or phone numbers? I’m not talking about business, I’m talking about phone numbers for personal use. I heard this on a telephone line on a bulletin board, and got to thinking.
  • VPN services is the next topic. I’m looking at express vpn as they were talked about on a prior post on the blog through tech warm. My thoughts are on this one.
  • I’m putting a feeler out there. On this third segment, I’m curious on your thoughts on the braille transcription course as a whole. I know I have had some struggles, but i’m curious on other people who have taken the course or are still taking it with me. Contact me by email for a phone call, as I’d like to discuss it with you.
  • Cachet Financial Reeling from MyPayrollHR Fraud is the next segment and the article is linked here. What an interesting story here.
  • Best Practices for Defanging Social Media Phishing Attacks is the final segment and lots of terms given here and info. This could be put under the NCSAM category as the cyber security awareness month is coming to an end.

Please feel free to contact me on the podcast contact info given, and I look forward in hearing from you!

Comments Off on Tech podcast 327 for October 27, 2019

NCSAM: Have you read Kevin Mitnick’s books?

I’ve read Kevin Mitnick’s books, three out of the 4 are on BARD. Nice to see him writing again!

Recently I got really board and wanted to see what Kevin Mitnick was up to. I then Started this book entitled The Art of Invisibility: The World’s Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data and I read the first chapter as a free sample. This book is not available on BARD, however, it is available on Bookshare. I decided to buy the book here at Amazon, and when I did, it updated itself with some 2019 notes in regards to the various breaches that have been notable since the beginning of the year.

About the Book

Kevin Mitnick, the world’s most famous hacker, teaches you easy cloaking and countermeasures for citizens and consumers in the age of Big Brother and Big
Data.

Like it or not, your every move is being watched and analyzed. Consumers’ identities are being stolen, and a person’s every step is being tracked and stored.
What once might have been dismissed as paranoia is now a hard truth, and privacy is a luxury few can afford or understand.

In this explosive yet practical book, Kevin Mitnick illustrates what is happening without your knowledge – and he teaches you “the art of invisibility”.
Mitnick is the world’s most famous – and formerly the most wanted – computer hacker. He has hacked in to some of the country’s most powerful and seemingly
impenetrable agencies and companies, and at one point he was on a three-year run from the FBI. Now, though, Mitnick is reformed and is widely regarded
as the expert on the subject of computer security. He knows exactly how vulnerabilities can be exploited and just what to do to prevent that from happening.

In The Art of Invisibility Mitnick provides both online and real-life tactics and inexpensive methods to protect you and your family, in easy step-by-step
instructions. He even talks about more advanced “elite” techniques, which, if used properly, can maximize your privacy. Invisibility isn’t just for superheroes
– privacy is a power you deserve and need in this modern age.

If you’ve never read anything by this hacker turned security professional, then I highly recommend that you start with Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker which is on BARD and is also available on Bookshare. I actually started this book through Learning Ally, formerly Recording for the Blind and Dyslexic.

Abpout the book

Kevin Mitnick was the most elusive computer break-in artist in history. He accessed computers and networks at the world’s biggest companies-and however
fast the authorities were, Mitnick was faster, sprinting through phone switches, computer systems, and cellular networks. He spent years skipping through
cyberspace, always three steps ahead and labeled unstoppable. But for Kevin, hacking wasn’t just about technological feats-it was an old fashioned confidence
game that required guile and deception to trick the unwitting out of valuable information.

Driven by a powerful urge to accomplish the impossible, Mitnick bypassed security systems and blazed into major organizations including Motorola, Sun Microsystems,
and Pacific Bell. But as the FBI’s net began to tighten, Kevin went on the run, engaging in an increasingly sophisticated cat-and-mouse game that led through
false identities, a host of cities, plenty of close shaves, and to an ultimate showdown with the feds, who would stop at nothing to bring him down.

Ghost in the Wires is a thrilling true story of intrigue, suspense, and unbelievable escape and a portrait of a visionary whose creativity, skills, and
persistence forced the authorities to rethink the way they pursued him, inspiring ripples that brought permanent changes in the way people and companies
protect their most sensitive information.

I thoroughly enjoyed this book, and thought I would see if there was anything else. The first book in this article I’m writing now, was not known to me, although it may have been recommended to me through my reading of Scotts book Cybersecurity Is Everybody’s Business: Solve the Security Puzzle for Your Small Business and Home Kindle Edition which I only found here and on Amazon. BARD does not have any of Scott’s books, and with the advancement of hacking, the blind and disabled reader must learn how to protect themselves. These books are not difficult, technical, and with Scotts book, was very short chapters.

In my recommendations after downloading Scotts book, I found something that really caught my eye and I’m also reading as well. How I can read two books at the same time, I don’t know. The book is by Paul R. Wilson. The Art of the Con: How to Think Like a Real Hustler and Avoid Being Scammed 1st Edition, Kindle Edition is the name of the book. This guy, in short chapters, talks about cons and scams that have gone on for many years. Some of these are still successful today!

About the Book

A sucker is still born every minute. In this modern and interconnected world, con-men are lurking everywhere – it’s never been easier for them to dupe
us, take from us, and infiltrate our lives.  

One of the world’s leading and celebrated experts on con-games takes the reader through the history of cons, how they’ve been updated to the modern age,
how they work, how to spot them, and how to protect yourself from being the victim of one.

R. Paul Wilson is a con-man who works for the other side – our side. He has spent a lifetime learning, performing, studying, and teaching about the ins
and outs of the con world in order to open up our eyes to the dangers lurking about us – and to show us how not to get taken. Paul has never made a living
as a con-man, profiting off of marks – he has used his expertise throughout his life to help people avoid cons.

In this fascinating book, Paul takes the reader through the history and developments of the con game, what elements from the past are based on basic human
psychology and have stood the test of time, what has been updated for the modern era and how it’s getting used in the computer age, the structure of how
these cons work, and – most importantly – how to recognize one, protect yourself and your loved ones, and avoid becoming just another sucker.

I’m not sure if this book is available on BARD or Bookshare, but you can look.

About BARD and Bookshare

BARD is the Braille and Audio Reading Download service by the National Library Service in the United States. This service is available to international patrons, but only if they initially live in the United States and are traveling internationally for some reason.

Bookshare is a paid service, although with the NLS partnership, they’re offering free accounts for those of us who have NLS memberships. You can get books in multiple formats including daisy, aduio mp3 (TTS) and braille files.

In this NCSAM month, I’m hoping that these books are a symbol of something that people should read, and get interested in. As I’ve discussed, we can’t do it alone, and the email scams and cons will only trick you if you don’t know what to look for.

Other Books you can find on Bard

I’ve read all of these books, and forgot about the other two. The following are books that BARD has on Kevin Mitnick, that are authored by him. There is one about Kevin’s takedown written by another author, but I’m not going to put that book here.

Note, that for this blog, I’m putting the DB number for reference and nothing else.

  • Ghost in the wires: my adventures as the world’s most wanted hacker DB74947
  • The art of deception: controlling the human element of security DB56450
  • The art of intrusion: the real stories behind the exploits of hackers, intruders, & deceivers DB60593

Have you read the linked books? What about the others not linked but are listed? What have you thought? Please discuss it in the comments! I look forward in reading what you’ve got to say.

Comments Off on NCSAM: Have you read Kevin Mitnick’s books?

NCSAM: scam or not? You Decide

NCSAM: looks like a scam or Phish, can you tell?

Hello folks,

In the following exercise, I’m going to give you the beginning of two forms. One of which came through the IP Unblock form for my customers, and the other that came from MENVI. In both instances, they filled out the bug reporting yes, and the comments section.

Out of curious instincts, I went to the link separately and there is a picture, I didn’t go any further to identify it or anything.

Can you tell if this is a scam?

Below is the result of your feedback form. It was submitted by
(
lisadontate@gmail.com)
on Saturday, October 19, 2019 at 17:15:48
—————————————————————————
Name: Hellen[BqdeqwhVinejonuQ,2,5]
phone: 82919675993
contact_method: both E-mail and phone
bug: no
additional_bug_info: Hello, I apologize for this letter, but I have no other choice!

This is a 4-year-old girl Lisa Filameshina!
https://sun9-7.userapi.com/c848620/v848620572/b2c87/xpLF8Ynpc_0.jpg

Lisa has retinoblastoma (retinal cancer). Her eye needs urgent treatment! In the Swiss clinic «Hospital Ophtalmique Jules-Gonin» (Lausanne) they guarantee
the preservation of the organ so important for the future life of the child.

It is necessary to collect $9000 before October 31.

We will be grateful for any amount of money!

I beg you help!

That is wallet address for payment bitcoin :157CfZ3qhHpRWKbzqoroUAxTMgDhhmPfPt

I give the payment details in bitcoins, since another transfer is problematic in our country.

Sorry again.

The next one was sent overnight.

Below is the result of your feedback form. It was submitted by
(
lisadontate@gmail.com)
on Sunday, October 20, 2019 at 03:32:03
—————————————————————————
name: HellenInjex
City_State_Province: Avarua
country: Cook Islands
Phone: 81797884724
contactmethod: Please use both E-mail and telephone to contact me
contact: Please have Jared Rimer: (MENVI webmaster) to contact me
reporting_bug: No, I’m not reporting a bug with the web site at this time
reporting_bug_Yes: Hello, I apologize for this letter, but I have no other choice!

This is a 4-year-old girl Lisa Filameshina!
https://sun9-7.userapi.com/c848620/v848620572/b2c87/xpLF8Ynpc_0.jpg

Lisa has retinoblastoma (retinal cancer). Her eye needs urgent treatment! In the Swiss clinic «Hospital Ophtalmique Jules-Gonin» (Lausanne) they guarantee
the preservation of the organ so important for the future life of the child.

It is necessary to collect $9000 before October 31.

We will be grateful for any amount of money!

I beg you help!

That is wallet address for payment bitcoin :157CfZ3qhHpRWKbzqoroUAxTMgDhhmPfPt

I give the payment details in bitcoins, since another transfer is problematic in our country.

Sorry again.

Both messages look exactly the same. Both are pleading for money, and I believe there are two different bitcoin wallet addresses.

REMOTE_ADDR: 92.63.100.62 is on MENVI’s and REMOTE_ADDR: 188.120.249.122 is on the IP unblock request form.

My hunch is that this is part of the Nigerian 419 scam, begging for money but with a different purpose. The purpose is to help a little girl but now I got curious. As I write this, I ran Jaws picture smart on the photo on the URL. It says:

Caption is a little boy wearing a hat.

I’m unaware of NVDA having a picture smart option, but Jaws now tells me through this technology that it is a boy, not a girl. Very clever they are. The fact they say they want money by a certain time frame before its too late is also a telltale sign of a problem.

This network has a donations page found both on the blog pages and our main web site. In no way are we begging for money on any page, and in no way are we saying to donate by a certain time point.

While we would like people to donate to the network to offset costs of running it, and to help offset the independent artist project of playing independent music from around the world, there is no urgency. I have mentioned it on my shows, and on my show notes, but I don’t make it a habit either. Its just the way it is, and the way it must be so that we do not get flagged as a potential target.

This network also does not solicit any type of donations by email like this even though we’d love to get some money as described above.

I believe the goal of the email is entitled Phishing but it is targeted phishing for money. Its a bate to part with your money, the term of which you could look up and correct me if I’m wrong.

I don’t claim to know the exact terms correctly, because I get confused of what they are, but I know two things.

  • I do not have a bit coin wallet.
  • I do not know how to buy bitcoin, and if I did, I’d be using the money for my own purposes, I.E. buying things, or sending it to paypal for spending later.

I think we can utalize this as a point of learning to show people what types of things are being sent today.

Have you seen these and determined that it was no good? If you’ve been bitten, what did you think of this one that could have made you pause to think … “This can’t be right.”

Lets discuss this!

Comments Off on NCSAM: scam or not? You Decide

NCSAM: Do you think Android is as secure as they claim? This Android app says not so much!

Today is October 18, 2019. I admire Android for making great strides in securing their operating system. On this day, I read an article that really made me think. Even while I napped this afternoon, I was wondering how I could cover this news about the app entitled Yellow Camera.

According to Trend Micro’s Intellegance Security Blog, this app isn’t a photo editing app at all.
Here are some details from Trend Micro’s analysis of this.

• [MCC+MNC].log, which contains the WAP billing site address and JS payloads, is downloaded from hxxp://new-bucket-3ee91e7f[-]yellowcamera[.]s3[-]ap[-]southeast[-]1[.]amazonaws[.]com.
MCC is the SIM provider’s mobile country code; MNC is the mobile network code.
• The WAP billing site runs in the background; the site accessed/displayed is telco-specific, based on the [MCC+MNC].log.
• The JS payloads auto-clicks Type Allocation Code (TAC) requests — codes used to uniquely identify wireless devices.

This article links to other articles and information that Trend Micro has found and published blog posts on, and luckily, this app hasn’t hit the United States yet from what I’ve tread.

What can you do?

  • Only get apps you’re searching for
  • Down the app from the official store, and read carefully on what you’re getting so you understand what permissions it wants
  • Don’t get anything from unofficial channels or linked you’re not expecting

I know looking may be of interest, but like I’ve said, it may be time to knock that off. It may be time to just say “I didn’t ask for it, I’m not looking, and I’m not wanting to get bitten.”

This is going to get rather interesting.

Have you seen this app, and what did you do when you saw it?

Comments Off on NCSAM: Do you think Android is as secure as they claim? This Android app says not so much!

« Newer PostsOlder Posts »

go to sections menu


navigation menu

go to sections menu