Now You Can Find Me A Lot Easier

Posted in Commentary on November 21, 2016 by itnerd

Starting Monday the 21st of November, you can now find me a lot easier. I’ve registered a .blog domain as they became available today. So while the https://itnerd.wordpress.com address still works, you’ll note that it forwards to my new domain which is https://www.itnerd.blog. Beyond that, the same news, reviews and insights are still there. I should warn you that for some people, it may take up to 72 hours before you can access me via the new domain, so please fall back to the https://itnerd.wordpress.com address until the new domain goes live.

I look forward to seeing you soon!

iOS Exploit Allows Anyone To Bypass Activation Lock

Posted in Commentary with tags on December 3, 2016 by itnerd

A newly discovered iOS bug can be used to bypass the Activation Lock feature on iPhones and iPads, giving access to the homescreen of locked devices running the latest version of iOS. 

And now to the video that demonstrates the exploit in action:

A report in SecurityWeek details that there are at least two variations of the vulnerability:

  • One of which works on iOS 10.1
  • The other works on iOS 10.1.1

There is currently no mitigation for this exploit, which means that there’s no way for you to protect yourself. Apple is apparently aware of this exploit so one hopes it gets fixed quickly.

Bought Your Apple Charger Online? It’s Could Be Dangerous

Posted in Commentary with tags on December 2, 2016 by itnerd

A study published by UK business watchdog Trading Standards has come up with some rather troubling information. They bought 400 Apple chargers from different retailers around the world over the Internet and 397 of them failed. That is a 99% failure rate:

Lord Toby Harris, chair of National Trading Standards, said: “Many of us quite rightly assume that everything we buy will be safe, but recent work by our teams show how dangerous electrical goods can easily end up in homes up and down the country.

“Criminals across the globe are using online platforms to lure you in with cheap deals for fake items, many of which are dangerous and have been known to overheat and cause house fires.

So, if you want to protect yourself, it’s simple to do so. If you want to buy a real Apple charger, you should buy directly from the company or another reliable retailer. It’s truly that simple and it could prevent something bad from happening to you and yours.

U.S. Election Has Internet Users Worried About Their Privacy: NordVPN

Posted in Commentary on December 2, 2016 by itnerd

Americans seem to worry about their online privacy and mass surveillance, as the new election brings some uncertainty about the policies of the new administration. The new President-elect has said in the past that all freedoms flow from national security and favored closing the Internet for certain foreign regions, but has also expressed contradictory statements about protecting people’s online privacy. 

Facing uncertainty about future Internet security and privacy, many Americans started to turn to encryption services, including VPNs (Virtual Private Networks). For example, ProtonMail, encrypted email provider from Switzerland, has seen its number of users double following the U.S. election aftermath, and downloads of encrypted messaging app, Signal, have spiked since the election.  NordVPN, a Virtual Private Network service provider, which encrypts Internet traffic, has also seen a notable increase of software downloads in the US.

Current online privacy situation in the U.S.

While the future actions of the new administration remain uncertain, the current situation of U.S. surveillance is already worrisome. Congress has passed the Cybersecurity Information Sharing Act (CISA) in 2015. CISA, said to have been created to protect companies from the growing corporate data breaches, has evoked a wave of protests from tech community. Critics claim that the law is a free pass to mass surveillance. The bill allows big tech companies to share their users information with the government without a warrant, violating user privacy and bypassing legal accountability.

For example, Yahoo has been asked by the U.S. government to track people by using a spam filter. This was the first incident when U.S. government was targeting all accounts as opposed to just a few selected ones – and it doesn’t mean it won¹t happen again, and in larger numbers, under the new presidency.

What to expect from the new administration in terms of online security?

With the U.S. election, the control of NSA will fall into the hands of the President-elect Donald Trump and his cabinet.

The U.S. president appoints the director of NSA, who is then confirmed by Senate voting. While activities of NSA are governed by Foreign Intelligence Surveillance Act, the president has the power to change FISA rules or to pass a new law with the help of the Congress. The new law can get challenged in Supreme Court, but it might lean towards national security and mass surveillance if majority of its members are conservative. 

As a result, President Trump will have the power to introduce different surveillance laws or to change the existing ones – for example, or possibly bring back the intrusive Patriot Act.

Protecting Privacy in Surveillance Age

It is inevitable that many American Internet users concerned about their privacy will look for tools to protect their online data. Some turn to secure email companies, others use Tor browser and many are careful about which information they reveal online.

VPNs, Virtual Private Networks, are some of the most secure choices for those looking to stay private while using the Internet. VPNs allow people to stay private online by encrypting all their online activities into a secure tunnel. Connecting to a VPN server makes one¹s browsing data invisible to a third party.  

NordVPN, which is one of the most advanced VPNs on the market, offers double encryption servers for extra security, advanced protocols, and doesn¹t keep any customer logs.

While VPNs are becoming more popular in the U.S., there is still a number of myths about the most important parameters to consider when choosing the most reliable service. There is a division between ³techy² people, and less technologically-oriented Americans, who would like to protect their online browsing, but mistakenly consider the process to be too complex and thus stay unprotected.

In fact, VPNs can be easy to use. NordVPN has launched new apps that starts protecting user privacy with a push of a button and offers an interactive map where a user can select a country they want to connect to. 

Besides security, VPNs are also used for streaming favorite shows while traveling (such as Netflix), staying safe when using public Wi-Fi and so on.

Take advantage of NordVPN’s Cyber Month deal to get a special rate of $3 per month with 2-year subscription. 

AirDroid Users Vulnerable To Man In The Middle Attack

Posted in Commentary with tags on December 2, 2016 by itnerd

AirDroid is a popular Android application that allows users to send and receive text messages and transfer files and see notifications from their computer. But it may not be popular for long as mobile security company Zimperium recently released details of several major security vulnerabilities in the application. These vulnerabilities would allow  attackers on the same network to access user information and execute code on a user’s device. In other words, the app is vulnerable to a man in the middle attack. Since there are between 10 and 50 million installations of the app, this is not a trivial matter. Now Zimperium did reach out to the people behind AirDroid about this back in May, but after seeing two releases that didn’t address this issue, the company decided to go public.

So if you’re a user of AirDroid, how do you protect yourself? Well, the only real mitigation is to stop using AirDroid until a fix is available. Now that this is public, I suspect that an update is coming really soon now to limit the bad press that this is generating.

Chrome 55 Rolling Out… And Flash Is Doomed As A Result

Posted in Commentary with tags on December 2, 2016 by itnerd

If you’re a user of Google Chrome, expect version 55 of the browser to be hitting your computer soon. They key feature that you should be aware of is the fact that it defaults to HTML5 rather than using the ultra insecure Adobe Flash plugin. This shouldn’t come as a shock as Google did say that they had plans to do this earlier this year.

You can expect that Firefox as well as Internet Explorer and Edge will do the same. Which means that while Adobe has no plans on killing Flash, the plug-ins days are most likely numbered. And its death can’t come soon enough for those who like their computers to be secure.

Microsoft Has Great Gift Ideas As Part Of Their 12 Days of Deals

Posted in Commentary with tags on December 2, 2016 by itnerd

Beginning Monday, December 5 at 12 a.m. ET through Friday, December 16 at 11:59 p.m. ET, microsoftstore.ca customers can take advantage of a series of incredible, one-day only savings on the technology at the top of everyone’s with list, with new deals available each day starting at 12 a.m. ET. And, don’t forget – when you shop at microsoftstore.ca you’ll get free shipping and free returns on every item, every day.        

Here’s the 12 Days of Deals that are on offer:

  • Day 1 – Save up to $500 on select Intel PCs, starting at $349
  • Day 2 – Buy a Lenovo Ideapad 110 for only $269, save $130
  • Day 3 – Save 50% on select Xbox One games, starting at $24.99
  • Day 4 – Surface bundle! Save $400 on Surface Book i5. Get a $100 Microsoft Store promo code, free sleeve, and extended warranty
  • Day 5 – Buy select Windows 10 Tablets starting at $74, and save up to 60%
  • Day 6 – Save up to $300 on the Windows Premium Collection, starting at $799
  • Day 7 – Get a $25 Microsoft Store promo code with purchase of select Xbox Wireless Controllers
  • Day 8 – Get two free select games with select Xbox One console, and save big on games and accessories
  • Day 9 – Get a $100 Microsoft Store promo code with purchase of an HTC Vive or Oculus (Oculus is an online offer only)
  • Day 10 – Save up to $330 on select Intel powered gaming PCs, starting at $1099
  • Day 11 – Save up to $500 on select Dell PCs, starting at $319
  • Day 12 – Get a free type cover and select sleeve with Surface Pro 4 i5 128GB, $249 in savings

Get more details on the 12 Days of Deals here.

T9-1-1 Service Goes Live In Canada

Posted in Commentary with tags , on December 1, 2016 by itnerd

The Canadian Wireless Telecommunications Association announced today that in partnerships with public safety agencies across the country and the CRTC, that T9-1-1 service has launched in Canada.

T9-1-1 provides 9-1-1 call centres with the ability to converse via text messaging with a DHHSI person during an emergency. When a DHHSI person requires 9-1-1 services, they dial 9-1-1 on their cell phone. There is no need for a caller to speak or hear, as the 9-1-1 call taker should receive an indicator that advises them to communicate with the caller via text messaging. The 9-1-1 call taker then initiates text messaging with the caller to address the emergency.

The service, which began rolling out in March 2014, is now available to the vast majority of Canadians, including in many parts of Alberta, British Columbia, Manitoba, Ontario and Quebec, and province-wide in New Brunswick, Nova Scotia, Prince Edward Islandand Saskatchewan. Some 9-1-1 call centres are still making the necessary upgrades to their systems and will launch the T9-1-1 service in the coming months.

T9-1-1 is only available to those in the DHHSI community. A DHHSI person must first register for T9-1-1 with their wireless service provider and must have an eligible cell phone before being able to utilize this service. All information about T9-1-1, including registration details and areas of service availability, can be found at www.TextWith911.ca.

One key thing to point out is that voice calling remains the only way to communicate with 9-1-1 services for a person that is not deaf, deafened, hard of hearing or with speech impairment. Text messages sent directly to the digits “9-1-1” do not reach emergency services.