Category Archives: Cloud

Twitter’s lack of security comes into focus

The extraordinary hacking spree that hit Twitter on Wednesday, leading it to briefly muzzle some of its most widely followed accounts, is drawing questions about the platform’s security and resilience in the run-up to the U.S. presidential election.

Twitter said late Wednesday hackers obtained control of employee credentials to hijack accounts including those of Democratic presidential candidate Joe Biden, former president Barack Obama, reality television star Kim Kardashian, and tech billionaire and Tesla founder Elon Musk.

….

Wednesday’s hack was the worst to date. Several users with two-factor authentication — a security procedure that helps prevent break-in attempts — said they were powerless to stop it.

“If the hackers do have access to the backend of Twitter, or direct database access, there is nothing potentially stopping them from pilfering data in addition to using this tweet-scam as a distraction,” said Michael Borohovski, director of software engineering at security company Synopsys.

In 2010, Twitter reached a settlement with the U.S. Federal Trade Commission after it was found the company had lied about efforts to protect users’ information during an extended hack the year before.

Under the terms of the settlement, Twitter was barred for 20 years from misleading users about how it protects the security and confidentiality of private information.

Source: Twitter hack alarms experts already concerned about platform’s security – National | Globalnews.ca

Bloomberg’s “hacked” Supermicro server boards article comes under fire

We thoroughly evaluate the claims made by Bloomberg in their Supermicro China tampering stories and found them likely impossible or implausible at best. We take stock of sources and discuss the next steps calling for formal SEC and shareholder investigations of Bloomberg.

Source: Investigating Implausible Bloomberg Supermicro Stories

Apple and Amazon, both named as allegedly using the allegedly hacked servers, have denied the Bloomberg accusations. Apple has called for Bloomberg to retract the article. The U.S. Department of Homeland Security issued a statement appearing to agree with Apple.

The Bloomberg article, as noted in the linked story, appears to have numerous technical inaccuracies.

How to block the Chrome Software Reporter Tool (software_reporter_tool.exe) –

I noticed my PC was bogged down and the CPU cooling fan has powered up to a higher speed. What’s up?

Google claims the Software Reporter Tool scans your PC looking for malware that may interfere with the Chrome experience.  I’m not sure I want Google scanning and peaking inside my computer, at all of the files on my computer. I really have no idea what this app is doing or what information it is collecting, who has access to the data, how long it will be stored, and how it will be used. Since I seldom use Chrome on this PC, I went ahead and uninstalled Chrome. However, the following describes a way to prevent the tool from running. (I already run both Windows Defender and a second anti-malware application – the SRT seems superfluous.)

Source: How to block the Chrome Software Reporter Tool (software_reporter_tool.exe) – gHacks Tech News

Consumers said to want more #IoT devices for security, protection and willing to share that data with insurance companies

Specifically, consumers say they’d share more data with their insurance company in exchange for smoke, fire and water alarm systems (and presumably also theft) that send data to their insurance company.

“Consumers appreciate the safety and security value propositions of smart home products”

Source: Report: Nearly half of broadband internet households interested in IoT-based insurance | Insurance Business

Everyone wants to be inside your bedroom now, from your smart phone, to your Amazon Alexa device, to your set-top-box (which logs everything you watch) to your home security systems (which, in some cases, log everyone in and out and share with a network provider).

Loyalty Cards are used to spy on  your purchases, and not just with the vendor

The story of how that Sudafed ad got to me begins at Walgreens. As I bought tissues and Afrin, I keyed in my phone number so I could get loyalty points.

Source: Facebook Really Is Spying on You, Just Not Through Your Phone’s Mic – WSJ

Stores use your loyalty card to identify you and all of your purchases. Your purchase transactions are then sold to other marketing companies. This data, in turn, can and is matched to your Facebook account and other online data using the phone number that you gave to the store and to Facebook or Google.

Think about how Facebook, Twitter and other online services are constantly pestering you to give them your phone number. Once they have your phone number, anything else you do that is linked to your phone number – such as using a loyalty card when buying stuff at Safeway or Walgreen’s is then accessible.

Update: CONFIRMED. Facebook purchases your online retail store purchase data from companies like Axciom, Datalogix, Epsilon and others. FB even says so buried in their anti-privacy policy. Your email address, phone number and possible credit number are used to link your Facebook surveillance logs with your offline purchases.

Everyone is also using the tracking data that Google collects on your Android phone to monitor where you are. Remember, that too is tied to your phone number. As I described on my other blog, the Facebook dossier even tracks what apps you have on  your phone and data mines that to identify potential marketing opportunities.

Google and Facebook are doing highly invasive surveillance and almost no one understands what is being done or what this means.

 

Governments set to regulate and issue their own cryptocurrencies

Why the Bitcoin bubble may explode when it pops:

One reason for regulating blockchain-based cryptocurrencies, also known as digital tokens, is the growing concern that the virtual money they represent could be used for nefarious activities, such as money laundering. Cryptocurrencies could also be a threat to the current financial system because they have at times encouraged unbridled speculation and unsecured borrowing by consumers looking for a piece of the crypot action.

Source: Governments eye their own blockchain cryptocurrencies | Computerworld

Government or central bank issued, blockchained-based cryptocurrencies could be far more useful for legal transactions than the underground currencies like Bitcoin. Bitcoin is great for secret or questionable transactions that do not want to be tracked, of course, but most transactions are not in the camp.

(Note “blockchain” is an important bit of technology that has numerous applications other than cryptocurrencies.)

Google scans your Google Docs?

Apparently so. Users of Google Docs found themselves blocked from accessing their own documents with Google telling them they were blocked for “violating terms of service” with Google.

People had critical documents needed for meetings, university assignments and more – blocked.

By later in the day, Google has fixed the problem but their explanation indicates Google Docs does scan all of our documents. It is unclear what Google does with the scanning of our document content, other than scanning it for unclear violations of terms of service.

Hi everyone,

This issue should now be resolved and you should be able to access your files.

For more details, this morning, we made a code push that incorrectly flagged a small percentage of Google Docs as abusive, which caused those documents to be automatically blocked. A fix is in place and all users should have full access to their docs. Protecting users from viruses, malware, and other abusive content is central to user safety. We apologize for the disruption and will put processes in place to prevent this from happening again.

Best,

Julianne

Google Docs Community

Source is Google support https://support.google.com/docs/forum/AAAABuH1jm0PImCWRuosbY/?hl=en

Workaround: Barnes and Noble Nook e-reader app no longer available for PC, Mac #BarnesAndNoble

I discovered after a Mac OS X update that my very old Nook e-reader app for Mac OS X no longer works – and that Nook discontinued the app for PC and Mac desktops in 2013. Barnes and Noble says we should use their cloud-based/web-based app from a browser (presumably this means we must have an Internet connection in order to read?)

Problem 1 – Barnesandnoble.com Inaccessible

Unfortunately, an attempt to access the Barnes and Noble web site returns

This page is unavailable due to either geographic restrictions or other restrictions in place at this time. NOTE: other restrictions can be a result of our security platform detecting potential malicious activity. Please try again later as the restrictions may be lifted, or contact your service provider if the issue persists.

ID: 8387029820181080074

As best I can tell, this means Barnes and Noble has blocked our IP address for unknown reasons. Their recommended solution is to reboot our Internet access modem and/or attempt to request a new IP address. This is absurd. Our IP address works fine for accessing all other web sites.

Problem 2 – No Nook E-Reader app available – Work Around

If Barnes and Noble e-books can no longer be read on a PC or Mac, what can we do?

One solution is to install an Android emulator, and then install the Android B&N e-reader app in the emulated Android. An emulator is basically a simulator – it simulates and Android device but its really just software running on a PC or a Mac.

I installed the Nox Android emulator app on my Macbook. After dealing with odd user interface issues, I went into the Google folder and opened Google Play, and then downloaded and installed the Nook e-reader app for Android. I ran that and was able to synchronize my library of purchased e-books and can now read them using the Nook app for Android running in an emulator on my Macbook. The emulator seems to be a bit hard on the battery – may want to use this solution when you can plug in the notebook computer to AC.

I had the same IP address when I synchronized the Nook library, pointing to something very weird (and possibly very stupid) in Barnes and Noble’s web site operation.