Since the 1990s I have been very involved with fighting the military "don't ask don't tell" policy for gays in the military, and with First Amendment issues. Best contact is 571-334-6107 (legitimate calls; messages can be left; if not picked up retry; I don't answer when driving) Three other url's: doaskdotell.com, billboushka.com johnwboushka.com Links to my URLs are provided for legitimate content and user navigation purposes only.
My legal name is "John William Boushka" or "John W. Boushka"; my parents gave me the nickname of "Bill" based on my middle name, and this is how I am generally greeted. This is also the name for my book authorship. On the Web, you can find me as both "Bill Boushka" and "John W. Boushka"; this has been the case since the late 1990s. Sometimes I can be located as "John Boushka" without the "W." That's the identity my parents dealt me in 1943!
My own iPhone updated to IOS 11.4 a little while ago.
Apple has announced a security fix to prevent hackers from
getting into a locked phone, but that would also preclude law enforcement from
getting into one. The New York Times story by Jack Nicas is here.
Tim Cook has always said that allowing anyone but a phone
owner to open it post-mortem would be a kind of “cancer”.
There has been some controversy (since mid 2017) over how security companies
like SiteLock mark websites as “high risk” with apparently no transparency as
to what the risk factors are.
This is also an issue because security companies usually
work with hosting providers who do the billing and who might have some concerns
over their own downstream liability for customers (as this climate has been changing
rapidly, as with FOSTA, for example).
Forbes had apiece in August 2017 by Kalev Leetaru, and
Whitefirdesign has several articles from 2017, for example this one.
There are reports of hosting providers threatening to cut
off customers who experience one malware hacking attack. There are also reports of telemarketing calls
selling site security services, which would dilute the credibility of the
services if the calls weren’t legitimate.
It is not clear whether site risk is based on the technical
components (use of specific Wordpress plugins, for example) or its content (whether
it is controversial according to the “skin in the game” theory, which has
percolated for years while getting very little media attention).
One concern is that with network neutrality gone, telecoms
could (with public pre-notice first) block sites rated as risky, either bu anti-virus companies that they
acquire through mergers, or even through content delivery security services
like SiteLock, Cloudflare, and the like.We already know that Cloudflare has blocked or closed accounts of some
objectionable publishers (so far limited to white supremacy).
This is an evolving issue that may change with time and
generate new incidents and controversies.
Facebook is the worst offender, but even Microsoft and Apple
have their sins.
For most of us, this sounds like paranoia.But it really depends on how exposed you are
to meddling by others, in your personal living situation and employment.
It also depends on whether you are in a circumstance where
people connected to you can be affected – especially if your online reputation
matters in the workplace because you sell somebody else’s ideas.
On one Windows 10 computer, which I did not use for 11 days
while on the road, Trend Micro update keeps looping.
I find that if I restart the computer, it says it is active
and will let me run a scan.But the icon
that says an update is being installed persists. Of course, until the problem
is resolved it cannot keep up with updates.
The computer that I took with me and used every day (also Windows
10 with the same latest features update) does not now have this problem.
There are various links available on Trend Micro Community, dating back to early 2017, but I believe this could also have something to do with a period of non-use or
recent Microsoft updates.
I’ll contact Trend Micro if I can’t get this resolved soon.
Update: June 12
A 90 minute support session where Trend applied several hotfixes fixed the problem. Going not logged on for 11 days was only part of the problem. tmqa.jp and login.me were used to that the technician could work remotely.
A hacking group called XENOTIME has attracted attention for
the capacity to hack and shut down industrial plants, after it did so in the Middle
East last year. The threat was written
up by Shannon Varga in Axios here.
DRAGOS expanded with more details in a blog post here.
There could be dangers to water treatment plants, pipeline
controls, and maybe some power plants.
But it is not clear how they would get into a system off the
public Internet.
The name of the group seems to be related to the Pokemon
game.
US Cert has issued a two-part report regarding the Hidden
Cobra Rat worm, as well as the Joanap Backdoor Trojan and Branbul Server
Message Block Worm,summary here.
These appear to originate from North Korea and are primarily
directed at industrial companies. The description of the Rat worm is exceptionally
detailed. Part of the worm includes a powerful password cracker.
I am also aware of instances where a domain, perhaps one
with political significance, has been hacked and the domain actually removed
from registration by hacking, after replacement with malware botss.This is likely to be foreign and might be
related to North Korea. I’ll report more details when they are available. Trend
Micro and Windows Defender have reported detecting this problem.
Rebooting the router (from the power button, or by disconnecting
and reconnecting, which causes most routers to go through the reboot) usually causes
installs of any firmware from the cable vendor.But for this malware, the reboot install may not be sufficient.
The FBI is encouraging home router users to learn how to sign
on and update their routers manually, which normally requires shell scripting
skills and operating system knowledge.
Comcast, Cox, etc. will soon have comments on this issue.
