Post Blow Things Up Day and Best of Technology and Security This Week

It is the day after Blow Things Up Day (aka the 4th of July), as a close neighbour Canadians get to watch (from a distance, thus less likely to get blown up), and I must say Americans know how to party. Hopefully folks captured photos of all of the explosions, but didn’t lose their drone in the explosive fun.

Found this friendly Meme on the web to help with the post 4th of July celebrations:

View post on imgur.com

Security

Android continues to be the OS of choice for Malware authors with 440K strains identified in Q1 this year. Don’t get too smug IOS users, there is nasty malware out there for you as well. Apple even admitted to patching dozens of security flaws in the latest iOS release (8.4), and just to be pissy (IMHO) they removed Home Sharing from music as well (thanks).  To put this whole iOS vs. Android argument to bed, V3 states that Android Malware Dominates the threat landscape (for now).


The Internet does enjoy when firms are “hoisted by their own petard” and with the Hacking Team being hacked, there does seem to be a degree of smugness out there.

Technology

Microsoft is trying very hard to have your kids love Minecraft and with that in mind, they are trying to get Teachers to Integrate Minecraft into the classroom, and it might be a good thing too. How much is too much storage? No such thing as too much storage, in fact, 28 billion gigabytes shipped last quarter, think of all the porn that is being stored on that. Do you think E-books are overpriced? I do, so I am glad to see Apple get fined $450M for price fixing e-books, but will this bring prices down?

In a more obtuse bit of tech news, Windows 7, has Windows 10 to thank for it (Win7) getting much more traction in the marketplace (due to the alleged free upgrade to Windows 10 from Windows 7), if you followed that.  Tech is trendy for wedding registries? What wife is allowing their husbands to interfere in wedding planning like that?!? Evidently lots of folk want AppleTV?  If last week felt a little longer, it was, by 1 second, hope you enjoyed it.

Would you use a Google Carpooling service? Evidently it is already available in Israel. I guess it is a good thing that Car Tech may Stop Drunk Driving, if your car doesn’t already drive itself.


Medical Concerns and Best of Technology and Security This Week

This week there seems to be more mention of medical technologies and the problems that may arise with some of them, including an interesting expose on how smart phones may shock cardiac device wearers, as their pace maker may “sense” the smart phone’s signals as a cardiac event ? Shocking!  The new de facto standard for health seems to be 10,000 steps a day, thanks to the FitBit, but, Huffington post asks, is that correct ?

Security

More information is coming out about the Office Personal Management in the US security breech, and evidently the information taken is the Motherload for hackers, and some of the information taken was quite saucy. I learned that the average botnet has about 1700 infected PCs as its constituent parts, at least in 2015. More and more technology sites are going towards total encryption and Reddit is no exception, with Yahoo also following suit.

No more backdoors was a concept I first heard about from a friend in the 90’s and it seems it is making a comeback with a Tougher Encryption Guidelines close a Backdoor. Speaking of backdoors Cisco has warned their customers about default ssh keys on their appliances, that is a lot of machines to go fix.  Do you think that AntiVirus software has backdoors? You sure ? Did you know that Chrome has a Voice interface to do “close by” URL transfers? Well evidently on Chromium that capability has been removed, due to a few anomalies.

Technology

Eniac

1 Byte from an Eniac 1946

In a somewhat antitechnology stance evidently Mathematicians are fighting to get this type of chalk (the manufacturer has shut down). In a real technology article Cellular News points out that Wireless Data Consumption is up 25% between 2013 and 2014. The feeling does seem to be that Wireless may be the consumer’s choice for internet access. Speaking of ludicrously old technology, the US Navy is paying Microsoft to keep supporting Windows XP ? #Wow.

Malwarebytes points out that Registry cleaners are Technology Snake Oil, and that they don’t do your system any good.Nice to see that Windows 10 (speaking of registries) is going to be free for everyone. Wouldn’t it be nice to have superfast free wi-fi available where you live, Google thinks so.

Quote

A thought on security to end our little list:

If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked. — White House Cybersecurity Advisor, Richard Clarke



LastPass Hacked and Best of Technology and Security This Week

Anybody who relied on using LastPass as the central archive for your passwords, might be alarmed to find out that the system was hacked this week. Specifically some Master Passwords and E-mail addresses were breached, which means if you used this service, you should at least go and change your Master Password. The official statement from LastPass was:

We want to notify our community that on Friday, our team discovered and blocked suspicious activity on our network. In our investigation, we have found no evidence that encrypted user vault data was taken, nor that LastPass user accounts were accessed. The investigation has shown, however, that LastPass account email addresses, password reminders, server per user salts, and authentication hashes were compromised.

Security

Security Key

Security is Key
Image courtesy of suphakit73 at FreeDigitalPhotos.net

How safe is that app you are using on your “Smart phone”? Evidently, not very, as there are billions of records at risk from mobile app data flow, I think the world of mobile apps really needs to tighten up their security (in general). Do you like to look at pictures on line? I know I do, however Dell Secureworks has uncovered a trojan that hides in image files, guess I shouldn’t look at too many photos. I have never been very fond of the trickery Ask did to get their toolbars installed and evidently neither does Microsoft, as  now the ‘Ask’ Toolbar is Considered ‘high threat’ Malware by the Microsoft Security Package. Can’t be good news for the folks at ‘Ask’.

Have you ever received a call from “Microsoft Tech Support” about how your computer has been infiltrated? Have you ever played along with them? I did once, and it ended quite rudely, but this article is even more interesting.  Speaking of infiltration the Canadian Government seems to have caught the ire of Anonymous and many Government sites were subjected to a Denial of Service attack this past week. Worrisome how easy it is to shut sites down this way.

Everyone seems to think that credit card terminals are safe, well this code hacks nearly every credit card machine in America, seems to imply they are really not that safe after all.

Technology

How have things change in technology over the past 20 years? KPCB has in their 2015 Internet Trends and amazing table (for old folks like me) that highlight who are the biggest “Internet Companies” by market capitalization, in comparison to 1995.

Tech Companies for past while

Tech Companies Have Changed

Do you like using your “smart phone” as a method to pay for things? This past week there were two interesting articles posted about that technology with Google Goes Contactless with Android Pay, allowing your Android phone to pay for things with Android Pay ( a new Google Product). You say you like your iPhone more? If you live in the UK Apple Pay is coming your way (in July), so you will be able to quickly “tap and pay” with your iPhone. I like the convenience of these technologies, but they do worry me somewhat (on the security side of things).

An interesting poll suggest Most Brits Would Sacrifice Chocolate, Alcohol and Sex before Broadband ? My ancestors have changed. If you are waiting for your Free Windows 10 Update it is due 29 July.  Oh and it seems Twitter has now become a messaging app, with the extending of the length of DM’s from 140 characters to 10,000.

 

 


Best of Technology and Security This Week 2

I am taking a page out of my other sites “bag of tricks” and am posting a best of the week post in the technology and security. For those wondering a great deal of this is also found on my Flipboard page.

View my Flipboard Magazine.

Security

Malware Sign Post

So Many Dangerous DIrections to Go
Image Courtesy of Stuart Miles at FreeDigitalPhotos.net

As usual it was a very busy week in the world of hacking, security, viruses, malware and ransomware. You’d think that a Government Security Agency would have great security, however, Hackers stole security clearance background files for US Agents, that’s not a good thing. McAfee published their report on Internet threats and it’s pretty darn scary out there as you can read in Cyber ransom heists and Flash malware dominate McAfee threat report, if this doesn’t make you want to tighten your security, nothing will. Flash never seems to ever be safe to use, is it? Zeus malware continues to be a thorn in most admin’s side, but now Accused Russian hacker claimed authorship of ‘Zeus’ malware: FBI, oh joy! More malware like this stealing banking credentials is not a good thing. Speaking of this kind of garbage I outlined in my Weekly Best of Money report how my Starbucks card got hacked (oh and there is a good mention of the 4 Millions US Federal employees who had their personal info hacked as well).  It is scary to think about how much data is out there about us, but now given medical records are being digitized a new problem arises, Medical data, cybercriminals’ holy grail, now espionage target, so not only are hackers attempting to steal this data, foreign agents want it too?

Technology

On the Technology side of the world, Cisco had Cisco Live this week, and Apple had announcements on Monday and there was a plethora of other wild ideas being discussed, including a possible Blackberry Android device? That could be a game changer, or a company killer, time will tell, will it work with the BES? If it doesn’t, what would be the point?

Apple seems to be trying harder with Operating Systems, and evidently 90% of macs will be able to run OS X El Capitan maybe Windows 10 is making them nervous? I don’t think so, but it is good to know I get a new OS release soon.

The Almighty Woz is making some bold statements about the future of programming with Self-programming machines next phase of computer science: Wozniak. I like AI as much as the next guy, but thinking of machines creating code without supervision makes me think of either a roomful of chimps with typewriters, or worse something out of the Terminator. Self correcting code was always a concept that had me scratching my head when I read about it.

On the health side of technology some interesting and exciting new uses of technology, with Blood Donors in Sweden receiving SMS messages about if their donation saves a life, good idea. Glad to see that technology is also being used towards stroke victims, especially in Brain-computer interface reverses paralysis in stroke victims. Adding “feeling” to prosthetics is another positive thing to hear about as well. The one thing to watch for is with technology, comes folks who want to disrupt it with Hackers can compromise medical pumps and other medical technology.

 

 


The Perfect Traffic Increase Strategy for Your Site

You’re Not Going to Believe the Trick I Learned While Trying to Increase My Site Traffic

Increasing your site traffic is the most important thing you should be doing if you are serious about trying to make money from your website. With this in mind I tripped across two of the greatest tips about how to attract traffic to your web site.

Increase Traffic

Illustration by Javier Jaén

The first major tip came from a great article in the New York Times Magazine written by Virginia Heffernan, A Sucker is Optimized Every Second, which talks about how we shouldn’t be trusting our guts any more, we should be trying in Big Data. In this very good article the following paragraph appeared, which changed my traffic shaping world after I read it.

On the web, “optimizing” has become a fine art — and, if not a dark art, at least a dim one that has become dimmer (and finer) since Siroker did it for Obama in 2007. For years, search-engine optimization, or S.E.O., has turned web pages into Googlebait. These days, optimizers of squeeze pages, drawing lessons as much from the labcoats at Optimizely as from the big daddies at Google, recommend creating a three-to-10 minute video that’s introduced by a “magnetic headline” (“Find the Perfect Lampshade for Any Lamp”) and quickly chase it with an “information gap” like “You’re Not Going to Believe the Trick I Use While Lampshade Shopping.” (Article of faith among optimizers: humans find information gaps intolerable and will move heaven and earth to close them.) Next you get specific: “Click the play button to see me do my lampshade trick!” — after which the video unspools, only to stall at the midpoint with a virtual tollbooth. You can’t go on unless you hand over an email address. Presto.

Is that not the most outstanding piece of information that is perfect to increase the traffic to your site?

Press Play on this video from John Chow on how easy it is to increase traffic to your web site as well:

After writing this post, I must now feel that this entire post is an example of the type of SEO-whoring you need to do, to get your posts noticed, and thus have more folks come along and want to click on your adsense ads, or build traffic for your advertisers. For me, this is an experiment to see whether I can increase traffic to this site, by creating this horrendously over optimized post, we shall see.


WordPress Tip: Admin is NOT your Admin Log in Is It?

So you’ve bitten the bullet and gone with WordPress for your Web Site system, good for you! I like it, and have been using it for many years (although I am not a zealot either, whatever system works just fine, if you are comfortable with it). One of the first security things you really should think about it is to change the Administrator account on your system. Why? Well if I look at Wordfence, to see who is trying to log into my system I see the following:


Vietnam Hanoi, Vietnam attempted a failed login using an invalid username “admin”.

Security

Image courtesy of Stuart Miles, at FreeDigitalPhotos.neta failed login using an invalid username .

IP: 125.212.220.77  [unblock]
43 seconds ago
Japan Japan attempted a failed login using an invalid username “admin”.
IP: 133.242.22.177  [block]
10 minutes ago
Romania Sibiu, Romania attempted a failed login using an invalid username “admin”.
IP: 46.214.107.142  [block]
Hostname: 46-214-107-142.next-gen.ro
20 minutes ago
United Kingdom United Kingdom attempted a failed login using an invalid username “admin”.
IP: 213.229.121.124  [block]
21 minutes ago
Turkey Istanbul, Turkey attempted a failed login using an invalid username “admin”.
IP: 193.255.83.100  [block]
Hostname: www.beykoz.edu.tr
29 minutes ago

Let me assure you that none of these log in attempts are from me (given I am not in any of those countries), but do you see a trend here? They are all attempting to log in with the user name Admin and that is the first (and primary) attack vector for many of the hackers out there. How to remedy this?

  • Go to the Users Menu on your WordPress site
  • Create a NEW userid, and call it what you wish (e.g. ThisIsNotAdmin ) that has Admin privileges, and give this user id a good password (not that crappy one you use for most sites)
  • Log out of your Admin account, and try to log in with your new Admin UserID, make sure you can do all you want, and that it is really an Admin account (be really sure before you do the next step).
  • From your new Admin userID, delete the Admin user id (maybe after you have done a full backup of your site just to be paranoid).



That is it, you have shut down the first attack vector for hackers, so your site is a little more secure (but don’t get cocky, there are many other ways into your site, this is just shutting off one of the easiest to attack).