Tuesday, December 24, 2019

What are the symptoms that a (Windows PC or laptop) has been hacked? (outside of ransomware)?

“12 Signs Your Computer Has Been Hacked”, from Brightside (2017).

The phony Facebook accounts idea has happened.  Most of the others have not.

A few years ago, fake antivirus popups would appear, and you could get browser hacks of Chrome which would go away if you closed Chrome, and restarted the machine.  These have stopped. 

It is a bit scary that files could be deleted from your computer (as well as encrypted by ransomware, which he doesn’t mention). That could mean that your cloud backup could disappear, too.

Other ideas, like the cursor moving have never happened.  (A mouse cursor can stop if the battery fails, suddenly.  On a laptop, it is possible for trackpads to fail because of hardware.)
Computers start to run slower when older-mechanical hard drives get old and start to approach failure.  Rebooting can then take a long time, too.

A possible risk he doesn't mention is illegal content being placed on your computer. 

Update (same day): 

YouTuber TekkitRealm says he learned about a lawsuit against him and his channel for exposing a hacking operation; he found it in his spam folder (which could mean the email is fake and more makware), link

Sunday, December 22, 2019

Cox has a smartphone app for homelife security; firmware update failures can cause false alarms

I had a false alarm from a Cox system in my Condo Thursday, when the console became unresponsive as I tried to disarm.  It wound up calling police.

It turns out a firmware update had stalled and failed to complete.

The console had given a false low battery warning on a back (balcony) door and had gotten slow.
I was encouraged to put the app on my iPhone, which I did;  but that could actually increase risk incase of a street robbery.

Tuesday, December 17, 2019

Amazon gift card schemes and related credit card fraud

I left a credit card in a card reader (apparently) at a Starbucks last week.  Yes, it’s canceled, now. But suddenly before I got around to reporting it, a set of bizarre Amazon purchases showed up as pending.

They have processed (the bank says they will be reversed) and have genuine product numbers, and the best evidence seems to be that this is associated with some kind of gift card fraud scheme.
But it is also common for credit card fraud to involve sudden series of related bogus pending charges out of nowhere, sometimes overseas, sometimes in non-democratic countries.

Saturday, December 14, 2019

New Orleans city systems hit by malware, state of emergency declared.

New Orleans has been hit by a cyberattack and has declared a state of emergency, according to a CNN report on Friday, December 13, 2019.  

Ransomware was detected but no ransom demand has been found. 911 systems were said to be working. 

In July several school systems in Louisiana were infected by malware. 
The attack appears to have arrived by ordinary email phishing.  Employees in an organization are typically much less aware of risks than people at home on their own.  But organizational servers should be much better at detecting spam.

Thursday, December 05, 2019

CISA warns about an old nemesis, Dridex

Here is a significant malware alert from CISA in Pittsburgh, AA19-339A, called Dridex, known since 2012.

Dridex has been followed especially by the Treasury Department with respect to hacking at financial institutions.

The malware arrives by email and it appears to be directed to large financial employers.  The malware payload contains macros which often need to reach an FTP server or cloud server to download the actual malware, so infection may not be apparent to scans at first.
The malware can launch ransomware on work stations and networks, which in a large business would normally be backed up daily in normal processing cycles.

Tuesday, November 12, 2019

Warnings from Trend Micro on tiny url conversion in my Twitter profile

I’ve had a little issue this morning on Twitter.  My “doaskdotell.com” site was marked red with an x on my profile.  When I refreshed the page, it would go to green.  This happened a few times.  While on red, I overrode the block and it went to my site correctly but took a long time. I reported the problem to Trend Micro.

I’ve seen this happen to other sites before.

It seems that the “t.co …” tiny url does not convert right? Is it possible for that to be hacked?
The site is now gray on Google search as Trend has to redo the scan.  The automated scans from Sitelock have come back clean.  There is no Wordpress or other packages on this site, and no place for users to log on and make input.  It is an old legacy site.
I do have plans to make it clearer for people when they land on this site to know what I have done recently on my blogs, without having to thumb through them manually.  I also will remove some old and expired material (a few unnecessary directories) within the next two weeks, and continue modernizing the dynamic links, but this takes time.

Monday, November 04, 2019

Alexa, Siri, Google Assistant may have "bizarre" security flaws (ironically)

Siri, Alexa, and Google Assistant may all have bizarre vulnerabilities to laser attack, where an intruder can project commands by laser, Star Wars style, and open appliances or compromise a home.
Ars Technica has a story by Dan Goodin here
Wired has a story by Andy Greenberg.  

NBC Nightly News covered the vulnerabilities tonight in this video

The irony is that Alexa has its own “guard mode” for a security system.

This isn’t something that I would personally find useful.
John Fish had demonstrated Alexa in a Sept 7 video here

Friday, November 01, 2019

CISA warns on North Korean malware that may target older workplace Windows PC's

CISA (formerly US-Cert), with the Department of Homeland Security and apparently Carnegie Mellon in Pittsburgh, has an advisory about a North Korean malware exploit MAE 10135536-8 called “Hoplight”.
This seems to be a 32-bit Windows executable. That may limit its effect to older machines. The advisory includes a printout of the actual byte code. The printout shows IP’s that the affected machine would attempt to P2P to, some of which appear to be relatively well known US companies and others are obscure and overseas.

Friday, October 25, 2019

Physical and digital worlds mix: tips on preventing car theft (and personal danger)

I thought I would share this video from “Bright Side” here, on seven tricks car thieves use.

One of them involves a coin in your card door handle, and I had never heard of that.
Others involve complicated hacking of systems that enable keyless ignition (too popular with rental cars right now, which are often too high end for the consumer’s good when traveling).
Some can involved kidnapping and personal safety.  And this gets to be testy if some people want to see what they can get away with to make a “political statement” (either from the extreme right of Marxist Left) and feel that revenge against “you” as an “oppressor” is worth anything that can happen to them, as if to make a statement about sacrifice.  I think this kind of idea could grow more dangerous in today’s polarized climate.

Thursday, October 24, 2019

Tik Tok: Could China use it to spy on ordinary Americans?

BuzzFeed News somewhat downplays concerns that China will spy on users of TikTok, in this story by Ryan Broderick, claiming that users are posting only to see if China will try to censor them. 
But Tony Room and Drew Harwell report in the Washington Post that Senators Cotton and Schumer want an investigation.
If you pay attention to Edward Snowden (and I do) you would pay attention to this.  It sounds sensible to restrict apps developed in potential enemy countries, perhaps.  But doesn't this leap back to the tariffs and trade war (which will escalated Dec 15 for electronics as it stands now). 
This is a little closer to the possibility of “steganopraphy” practices from potential foreign enemies.

Wednesday, October 16, 2019

Webhosts offer advice on Wordpress security scans

Bluehost has an advisory article for its customers, dated Oct 1, encouraging website hosts to run WordPress security scans at least monthly, as well as their own backups. 

There are some plugins that do this (if you look), but I prefer to use a third party service, like Sitelock, which does very specialized scans for malware as well as smart scans, and application vulnerabilities (the “1=1” problem which usually gets fixed by reloading a new upgrade of Wordpress).

Saturday, October 05, 2019

Iran attacks US presidential candidates, officials; may spill over to average citizens; watch for email and sms phishing

A group in Iran called Phosphorus has targeted at least one Democratic presidential campaign as well as former US officials, Engadget reports, here. The method of attack was phishing by email and SMS.

I recently got another SMS phish pretending to be Wells Fargo.

I am seeing more phishing attacks, some of which AOL doesn’t catch as spam, claiming I have committed terms of service violations.  Be careful with these.  They are likely foreign. 

Seven years ago Iranian hackers locked some US users out of their bank accounts.

Tuesday, September 24, 2019

Fake Airline boarding pass scam (to go to an Antifa demonstration?) when you didn't order tickets

Today I found a fake boarding pass PDF and fake survey for a trip between Kansas City MO and Portland OR Sept 18-19 which I did not make or order.

These appeared in Gmail and I’m surprised Google didn’t catch this. Obviously these were attempts to send malware.

Mouseovers of the sender showed fake websites as senders.

No unauthorized charges had shown up in my credit cards.

Was I supposed to be an Antifa sympathizer? 

The Daily Scam has a link.

Friday, September 20, 2019

What happens when massive software updates are rolled out when you have to travel with your devices? iOS 13?

I’m getting advice that you should wait until Tuesday to install IOS 13 on your phone – when it will be IOS 13.1. 

I also don’t know why they advised everyone to back up their phones first – I think mine is done automatically, just photos and videos.  No real stuff on the phone. 

But this doesn’t help – if you plan travel and need to depend on your phone to get to the airport, for example

Thursday, September 12, 2019

Controversial article gets blocked when an ad tries to load by Trend Micro

I received a request to consider a paper on the vaccination controversy for publication on one of my Wordpress blogs.'

I found that the article had been published on a few other places, and one of them (“wnd”), marked green (OK) by Trend Micro, the site loaded a driver that Trend Micro blocked. It was called “agensloaddiffs at xyz” with a search argument. 
I don’t know if the article could have been targeted because of its content, but I haven’t seen this before.  Trend’s own reputation checker says it has not reviewed that site.  Maybe it just loads ads.
I still get very transparent phishing by email, such as a complaint that I blocked a date on Whatsapp and I don’t even use it, and claims that my AOL account is deleted, and also claims that my Netflix is deleted.

Sunday, September 08, 2019

iPhone fake virus warnings hit again

Today, in a hotel bar, I was on my iPhone, tried to go to abcnews and I  got a popup warning me that my iPhone was infected with eight viruses.  Several people at the event got the same warning. 
A site called iPhoneLife says these are common.  You should put the iPhone in airplane mode, go to Safari settings, remove the history, turn off airplane mode.  Don’t touch the message. 
If you did get infected, I wonder if a virus could pick up your Google password even if you aren’t signed in to Google but allow YouTube to be synced automatically.

Sunday, September 01, 2019

iPhone security flaws triggered by certain infected websites revealed by Google

Google reported recently that iPhone’s still have security flaws that allow hackers to steal information from users merely by visiting certain websites.
Alfred Ng and Sean Keane report in CNet Aug. 30, link.

This differs from other hacks that are more likely to be threats to Windows systems.
This could be another reason Apple should try to take more manufacturing out of China.

Thursday, August 22, 2019

Over 20 localities in Texas hit by ransomware simultaneously

Kevin Collier of CNN reports that 22 local governments in Texas were hit by a coordinated ransomware attack on Friday Aug. 23 when the business day opened. 
A few of the towns still cannot process utility payments or process vital records (like birth certificates).
Texas is better prepared with law enforcement than many states. Apparently the source is overseas and authorities may arrest in a country where the US can extradite.  

This seems to be the first coordinated attack involving multiple municipalities.

Local governments don’t seem to spend as much money with security.
I remember on a recent trip to Ontario passing an “Iron Mountain” facility on the outskirts of Waterloo, about 60 miles from Toronto.  Local governments don’t seem to be storing offsite backups.

Friday, August 16, 2019

Windows 10 has two new wormable vulnerabilities, fixed with the Aug 14 update

Windows 10 has two major vulnerabilities which the update on Aug. 14 (automatically scheduled) fixes, various sources report.  These vulnerabilities could apparently be unleased with no user action (like clicking on links in emails). Apparently these also apply the the Creators' Update series. 

Microsoft describes them as “wormable vulnerabilities in Remote Desktop Services” (CVE-2019-1181/1182).  The problem does not occur in early Microsoft operating systems (7 and 8). 

Thursday, August 01, 2019

Could hackers cause a highway 9/11 event?

Gannett’s Detroit Free Press reports on vulnerabilities that could lead to sudden mass road casualties from a foreign attack on Internet-connected vehicles, especially Jeep Cherokees, story by Eric D. Lawrence.  

This is backed up by a Consumer Watchdog report which advocates giving motorists a kill switch.  

My own Ford Focus is not Internet connected as far as I know. 

Tuesday, July 16, 2019

Banks are now experience smart phone sms phishing attacks (breaking SSL) looking for phone PII

There seems to be a new phishing attack using SMS messages rather than email, targeting customer bank and investment accounts.
A lot of this is rather recent, but the Better Business Bureau has a typical explanation
Tonight, when I logged on to Wells Fargo, I noticed such a message about fifteen minutes later.  I thought it might be related to a long list of payments or maybe checking a secondary annuity site. 

Later I noticed that the message had come at exactly the same time as my first access. The point of such an attack is obscure;  it would make sense only if I carried a lot of data on my phone and I don’t.

If the hacker already had my cell phone, or already had access to the account “they” could have messaged me exactly as I logged in. This implies they were the man in the middle, which shouldn't happen in a bank's SSL environment.  Fortunately, I have relatively little PII on my phone.  The message would link one to an account not secured, which is another red flag. 
I’ve had only one other security issue with the iPhone, that is, occasional emails claiming gamer purchases in Indonesia or especially Belarus were charged to my Apple account, when they weren’t.
Maybe I do have a doppleganger in the non-western world. I wonder if that could surface if I were to travel abroad in non-western countries.  

Friday, July 05, 2019

Windows and small businesses continue to remain the biggest ransomware targets

Benjamin Roussey of TechGenix has an informative article from April 2019 of the seven top ranswomware threats in the next year or so, link here

He writes that small and medium sized businesses are still the easiest targets.  He notes that many still run on older versions of Windows. Many are not diligent in keeping up patches (individuals tend to do better than small companies).

He also notes that Windows is still much more vulnerable in practice than Linux or the similar Mac OS family.

Health care and doctors or PPO’s have become particularly vulnerable.
He also makes an interesting comment about AI.

Thursday, June 20, 2019

Medical clinic will close because or ransomware; why don't small companies, cities have off-site backups?

A Florida City will pay hackers $60000 in bitcoin to get its computer system back, the Washington Post reports.    We wonder why it didn’t have offsite backups.
The Citizen’s Council for Health Freedom reports that a clinic in Michigan has closed for good after ransomware destroyed its patient records, leaving patients, even recovering from surgery, stranded.  The case is said to be an example of the problems with requiring electronic records, and it sounds like HIPAA security and privacy didn’t work.
One question, why didn’t the doctors have an off-site backup made every day?

Wednesday, June 05, 2019

A brief review of Trend Micro

Here is Trend Micro’s pitch on how it monitors for global cyberthreats, including about 600 million potential ransomware threats a day. 

The service says it now pays particular attention to “cryptomining” or possible threats even to block chain entities.

It also says it can detect laundering and some organized crime.

It says it has 30 years experience (back to 1989 – mainframe companies started installing products like “Top Secret” around 1987).

Right now I have Trend on my Windows 10 computers.  I’ve had Kaspersky (banned in the US???) and Webroot.  Since Webroot bought Sitelock and my hosting provider uses Sitelock, that could be interesting.

I’ve had a problem with two of my Wordpress domains (there are four of them) going back to gray, and I don’t know why.  ThioJoe ought to do a video on website safety ratings. 

Thursday, May 23, 2019

What if we all have a hardware incontinence vulnerability?

Charlie Warzel and Sarah Jeong do a little skit on the New York Times “The Internet Security Apocalypse You Probably Missed”.  It’s a little like Daniel Gruss’s “Microarchitecutral Incontinence” about Intel chips.  This time, it’s Cisco routers.
Suddenly, a possible vulnerability that could target anyone, and that you could fix only with hardware.
Three or four years ago, the fear was some sort of massive shutdown by an enemy like North Korea. Now it seems enemies want our social media up so it can manipulate our weaker souls.

ThioJoe explains this as "microarchitectural data sampling" (incontinence), with examples like "Zombie Load" and "Fallout" and "Meltdown".

CPU vendors will eventually issue "bios updates" which average users won't know how to do. 

Sunday, May 19, 2019

Wanna Cry ransomware could come back to older systems given new Microsoft bog

Dan Goodin has an article on Ars Technica explaining again how many Windows exploits (variations of Wanna Cry) and ransomewares, continue to exploit governments and installations that don’t have the nimbleness of individuals to go to newer releases or apply patches
Some Windows servers are affected, which can affect hosting companies that find managing Windows application pools difficult, resulting in outages or 503 errors.

Saturday, May 11, 2019

Local governments are particularly vulnerable to ransomware

Local governments seem particularly vulnerable to ransomware attacks, largely because of their bureaucracy.

Right now, Baltimore has a serious problem.  A year ago, Atlanta did.  Recently a town near Fairbanks AK was targeted.

It is much easier for individuals to defend themselves than organizations, as their backup is usually a lot simpler. Individuals can also be much more wary of phishing attempts.
There have been cases where payrolls could not be run, putting affected employees in the same situation as a government shutdown without pay.

Tuesday, May 07, 2019

Robocalls may tempt users to spend money on callbacks to international 900 numbers

Security consultants are advising consumers not to return “one ring” calls, which are likely robocalls from 900 numbers that will result in steep charges when calls are returned.

Many calls come from Mauritania, but are spoofed as to appear to come from within the US.  Most recipients are in New York State or Arizona.

Consumers might consider having their providers block international calls if  they don’t normally make them.
CBS News has a typical story, by Sarah Min, 

The objection to robocalls, while very prudent and understandable, undermines legitimate activity, like raising money for political causes or candidates or for charities. 

Monday, May 06, 2019

New phishing scam claims your package was not delivered by UPS

I received a fake UPS delivery message today that claims that a package sent from my UPS store location was returned because of an address mismatch.  It named a UPS store as the source.
The scam is based on the idea that the consumer probably doesn’t remember “their” UPSW store member.  I gave a box at the store in Ballston in Arlington VA.  It turns out that this email address corresponded to a store in Rock Hill, SC.

The most recent site I can find discussing a delivery scam is here.

But this is the first time I have heard of  fake missdelivery email.

I had opened the email but not gone to any links on the computer.  I opened the link on a phone, assuming that iPhone is not as vulnerable. The link named as ups store was actually Microsoft One Drive. It invited me to download a tracking document and download an app to view it.
I did show the email to the local store and asked them to show the scam to UPS corporate security.
I did restart the computer and run a quick scan and will run a Trend Micro full scan later this evening.

Monday, April 29, 2019

How should journalists report info gathered by hacking and sent to them?

Margaret Sullivan has a nuanced piece in the Washington Post style section Monday, “How should journalists report on data hacks?” “Journalists can’t ignore hacked data meant to disrupt elections.  But here’s what they can do.”

The article is rather non-specific, but one standard is on the relevance of the information, as about the stolen emails om 2016.

I always thought it was about context. Since I had a mainframe IT background, I was aware of the controversies surrounding bringing work home or using your own hardware (which comes up with home customer service agent jobs).l 

Saturday, April 20, 2019

Trend Micro website safety ratings can revert back to Gray for no reason; Sitelock scans

I noticed Friday that suddenly the green check from Trend Micro on my two WP style 26 blogs (billsnewscommentary and billsmediacommentary) had gone back to gray, which Trend says means the site has not been reviewed.

But it had been.  I noticed the problem Friday morning when the site expanded in Twitter.

My HP Envy computer (Windows 10) has these notifications turned on. I haven’t done this on the ASUS.

The issue becomes more important in that some day, telecom providers might check safety ratings to even allow sites to be connected (esp, after loss of net neutrality). 

Also, on a coordinated story today on my main “BillBoushka” blog I discussed a tech company organization called GIFCT.  Browsers are likely eventually to refuse to load sites with harmful content (as they do today with “unsafe” sites having malware).

But there are no standards today as to how website safety is evaluated or how content markers would be set.
Sitelock’s scans give some clue as to sites can be evaluated for safety.  There are separate Malware, Smart, and Application scans.  The latter will detect problems  (like the "1=1" problem) that creep into Wordpress themes and facilities and typically can only be fixed by regular Wordpress security updates.

Tuesday, April 09, 2019

Local DC station WJLA advises consumers on avoiding cell phone spoofing

The new newscast today on WJLA talked about the problem of cell number spoofing, and how it was used by scammers calling and demanding people pay them money to avoid arrest, even going to ATM terminals.

A good writeup on the problem by Elliot Volkman appears on phishlabs from 2018.  A user should always call back and use a number published by the company (although make sure you are looking at the real website.)

Ajit Pai of the FCC has warned that carriers need to do more about this problem, Verge story by Chris Welch. 

The FCC has its own page on the problem, dated Feb. 2019.

Tuesday, April 02, 2019

Security recommendations for protesters

Electronic Frontier Foundation has a comprehensive list of security precautions to take when attending a protest, particularly in developing countries.  But the piece also mentions the way US laws work.

The piece goes quite far with its recommended measures, such as purchasing a prepaid, disposable phone, and keeping your data encrypted, and using Signal.

It also recommends not driving to an event, although in many big cities public transportation is obviously the best choice.
I also wonder about the issue of attending a protest to report and blog about it but not participate. Unless you are a journalist known to the protestors, this may sometimes elicit anger or indignation from participants focused on solidarity and the idea of “no spectators” (like Burning Man).

Friday, March 29, 2019

Home routers, for your network and for perimeter security, can be hacked; firmware is supposed to be updated regularly

Can home security systems be hacked?

Kim Zetter had looked in detail at the problem in 2014 in a Wired article.

One danger would be the possibility of generating false alarms, as well as intercepting an inadequately encrypted signal.  Another would simply be hacking the router controlling the system and interfering with the signaling.  Another is simply cutting a cable outside a house; a cellular wireless signal is much safer.  

Similar problems has been reported with routers that control cable television and Internet access, but those are often separate devices, connected to a home computer network.  A security router may be a separate device.
All of these devices have operating systems that can be programmed, usually with some sort of Unix or Linux-like kernel. 
Security experts have advised turning off and restarting routers and modems once a month, to make sure that firmware security updates get done (on restart); however most cable providers send scheduled firmware updates at scheduled times late at night.  There were cases of Russian hacks of home network routers in 2018.  But typically security devices are never supposed to be turned off, and are kept always on by high capacity batteries.

Saturday, March 09, 2019

Why "ji32k7au4a83" is a bad password

Here’s another password tip.  Beware of character strings that appear random in English or European languages but that make sense as a code for Asian languages, like Chinese. 
The Verge has a story about “ji32k7au4a83“ which translates to “my password”.

Note that there are thirteen dialects of Chinese which don’t communicate well with one another (China won’t admit this). 

Thursday, March 07, 2019

Google Chrome zero-day vulnerability patch update recommended now

Users are advised to update Google Chrome today to fix a zero-day vulnerability reported recently.

To update, look to see if the more (three vertical dots) button on the upper right has a rainbow color.

Of your computer is properly configured it should have updated automatically.

The security flaw could allow a hacker to read non-public files (like passwords stored) from your computer memory.

Monday, March 04, 2019

Some severe Wordpress plugin vulnerabilities have been fixed

Fremius has patched a “severe vulnerability” in a library used by developers for many Wordpress plugins, especially related to monetization and analytics.  This issue could have become more significant in a world with so much social and political polarization. I presume that WP 5.1 has the necessary code included.

WPTavern explains the patch here.

There is a further explanation from a Plugin security outfit, that believes hackers have already been placing vulnerabilities on sites using these plugins.  Persumably these would be detected by the Sitelock monthly application scan.

By the way, here is a critique, that seems constructive, of Sitelock. The service will charge extra fees to fix pages on which malware is found.

Picture: Daytrip to Barrett mountain (and Page Valley behind it) in Maryland, maybe the last snow of the year (no relation to article).

Thursday, February 28, 2019

Curious story in the Verge about "thunderclap"

I’m not familiar directly with Thunderbolt computers, but here’s a story on vulnerability to certain external drives and devices to thunderclap. 

I think this vulnerability could be of concern to utilities and infrastructure computers (pipelines, water treatment) to prevent “jumping” across “air-gaps” as a deep cybersecurity threat.

Just a warning note.

Friday, February 08, 2019

Youtube copyright strikes scam reported and fixed

Motherboard Vice, in an article by Jack Hauen, warns about a new scam to extort money (bitcoin) from YouTube channel creators with false copyright strikes, based on a flaw in the way YouTube handles DMCA takedown requests.  

The video above reports a similar scam using Comcast.
YouTube has restored the affected accounts and hopefully has closed the loophole.  

Tuesday, February 05, 2019

Lawsuit in Texas could set a precedent allowing copyright trolls to remove Internet access entirely from "pirating" consumers

Lior Leser (Sept. 2018) described a lawsuit by some media companies against an ISP in Austin, TX for not suspending the Internet access of some people who made illegal downloads by Bit Torrent.

The lawsuit could set a precedent requiring ISP’s to terminate consumers accused of piracy by media companies, requiring all access to the Internet merely based on allegations from a copyright troll.

This case is very disturbing and it needs to be followed in more detail.

In the future, cloud examination could develop more evidence of piracy. 
Defeating SOPA in 2012 didn’t prevent this.

Friday, February 01, 2019

Google wants to eliminate the URL, turn the world into mobile apps?

What?  Google wants to eliminate the URL? 
So Lily Hay Newman writes in Wired. 

Where as a fixed, static web address works well for individual consumers and small companies and bloggers, it seems to complicate things (that is, security and immunity from consumer database hacks and breaches) for enterprises. 

But it’s hard for me to imagine how this would go away.
But the tendency for companies to encourage you to use their apps on smartphones rather than go to a conventional URL is a start.

Then the app stops working and doesn’t work again until you turn off and restart the phone, or get another iOS update.

This story reminds me of the big scare in 2008 on DNS that led to a big security conference held by Microsoft after a Finnish researcher found a vulnerability (ID blog, Aug, 9, 2008). 
Here’s a list of the 12 most dangerous malware outbreaks in history. 

Tuesday, January 29, 2019

"The Young People Will Win", at least in busting Apple for a bug (not the NRA this time)

The Young People Will Win (“TYPWW”).  In Arizona, a 14 year old, Grant Thompson, found a vulnerability in Apple’s Face Time, which would allow it to watch a party called even if “they” didn’t pick up.  In the days of party lines, this was called "listening in." 
Heather Kelly has the story on CNN here

Apple will issue a fix this week to all iPhones with an update, which is likely to come as early as Wednesday.  That could fix problems with some other apps (like AOL mail which was dropping connections).
We have 18 years old’s who bust the NRA. 16 years olds who have to navigate perilous personal encounters that go viral given social context, and 14 year-olds who bust Apple.  But another 14 year old developed a fusion reactor and 15 year old invented a new cancer lab test.  I’ve seen other less public things, like a 16 year old direct a church play. 

Sunday, Cal Newport had written a piece in the NYTimes indicating that Steve Jobs had never intended us to be so addicted to our phones with constant social media, news and email.  I didn't have Internet on mine until 2009 as I remember (on a Blackberry then). 

Monday, January 28, 2019

Two-factor authentication is not foolproof

Josephine Wolff in the New York Times warns today that “two-factor authentication might not keep you safe.” 

The main scenarios are phishing attacks with convincing replicas of real sites.
But now industry is moving toward the idea of a physical stub with a rotating access code to be inserted into a UBS drive.

Monday, January 14, 2019

What does browser incognito mode accomplish? What about TOR?

Do you really need to “worry about” using ingonito mode on your browser (when your spouse uses it)?  

Here’s a good answer from Quora.

Yes, if you look up information on how to commit a crime, on porn, on terrorism, on fetishes – one of the respondents says, “I’m a writer, what can I say?”

Maybe that’s a relevant answer in this area where independent content creation is coming under attack from radicals on both sides.

It’s possible that in the future law enforcement will scan cloud backups even more than it can today.

The other objection is that it will lead to the serving of ads on your “family computer” that you don’t want your spouse or the kids to see.
Thorin Klowowski gives a discussion of what the use of a TOR browser (“the Onion browser”) accomplishes for the average user.  It does provide “anonymity” but not real “security”.  And it is possible for very determined law enforcement (or the NSA) to crack it, so overuse of it could call attention to illegal motivations and weaken a claim of credibility should improper online behavior come to notice in other means (especially in civil cases).  Electronic Frontier Foundation has encouraged ordinary bloggers and vloggers to learn to use it, however, even in democratic, western countries. 

Monday, January 07, 2019

Verizon hotspot and microarchitectural incontinence

On an Amtrak train, my laptop connected to somebody else’s hotspot before connecting to mine.  It even offered an automatic connection, which it should not do if I’ve never supplied a correct pw.  A flaw in Verizon software?  In Windows 10 security? 

Train was at a station, might have been someone’s house near the tracks. Maybe they didn’t set a pw?

No, I do not hack.

Some “microarchitetural incontinence”, as Daniel Gruss would say.

Wednesday, January 02, 2019

HP makes a short "horror" film about printer security

Hewlitt-Packard sent out a tweet this morning about printer security, with the main link here

It’s pretty understandable if you use your printer as a 3-in-1 and send old-fashioned faxes. 
But this seems to be more about enterprise printers on small business networks.

Here is their little short film, “The Fixer: The Wolf’s Next Meal”.

Business film does keep some independent filmmakers employed.  I remember that in the 1990s a friend wrote an article called "printer therapy" in a tech magazine.