Archive for February 3, 2017

AURO Expands Support for SaaS Providers With New “Tools for Applications”

Posted in Commentary with tags on February 3, 2017 by itnerd

AURO, the first Canadian enterprise public cloud, announced an expansion of their cloud computing Software as a Service (SaaS) marketplace with their new “Tools for Applications” program created specifically for SaaS and cloud-based application customers.

AURO Cloud Computing, a complete public cloud designed to meet the requirements of next-generation cloud-based, scale-out applications such as social apps, mobile apps, SaaS/PaaS deployments and Big Data analytics.

As AURO is Canadian-based, every customer benefits from their 100% Canadian cloud environment. AURO provides SaaS customers with variable services and compliance programs to help meet strict uptime, governance and support requirements for mission critical workloads. The Tools for Applications program includes compliance standards based on AT101 SOC 2 Type 2, PHIPA and ISO 27002 certifications. 

Every SaaS customer on AURO’s public cloud benefits from the ability to test their ideas at a low cost with the ability to scale up as needed. With AURO, users also have the ability to leverage multiple cloud availability zones in Canada, including Toronto, ON and Vancouver, BC.  Customers get instant access to industry-leading tools like cloud load balancers, cloud databases, object and block storage.

AURO was built on the premise that many SaaS and cloud-based customers are concerned about vendor lock-in that could potentially limit them to one cloud provider unless they are willing to spend time and money to recode an application. With AURO, everything is powered by OpenStack and will remain compatible through the use of open standards – there is no vendor lock-in.  AURO is highly redundant and offers cloud computing, networking and storage with full API compatibility.

Starting February 1st, all new SaaS customers can receive at least one month of cloud credits and may qualify for even more with AURO’s SaaS initiative to get Canadian applications and services in the cloud.    To learn more, contact AURO via email at sales@auro.io or by phone at 1-855-226-4678.

Advertisements

Hacker Dumps Tools Linked To Cellebrite

Posted in Commentary with tags on February 3, 2017 by itnerd

A while ago I reported that Israel-based mobile phone forensics company Cellebrite was hacked by unknown actors. At the time, it was said that only customer data was stolen. It now appears that this is no longer the case. In the last couple of days, a data dump has appeared online containing tools for extracting data from older iPhones, Android phones, and BlackBerry phones. Motherboard has the details:

Cellebrite is an Israeli firm which specializes in extracting data from mobile phones for law enforcement agencies. The company’s flagship product, the Universal Forensic Extraction Device (UFED), typically comes as a small, laptop-sized device, and can pull SMS messages, emails, and more from thousands of different mobile phone models. The investigator needs to have physical access to the phone to analyze it.

A Motherboard investigation found that US state police and highway patrol agencies have collectively spent millions of dollars on Cellebrite technology.

The hacker claimed to have taken the newly released data from a remote Cellebrite server, and said they had extracted them from UFED images. They told Motherboard that the files were encrypted, likely in an attempt to protect Cellebrite’s intellectual property, but that they managed to bypass the protections.

“The ripped, decrypted and fully functioning Python script set to utilize the exploits is also included within,” the hacker wrote in a README file accompanying the data dump. The hacker posted links to the data on Pastebin.

It’s not clear when any of this code was used in the UFED. Many of the directory names start with “ufed” followed by a different type of phone, such as BlackBerry or Samsung.

In their README, the hacker notes much of the iOS-related code is very similar to that used in the jailbreaking scene—a community of iPhone hackers that typically breaks into iOS devices and release its code publicly for free.

Well, that’s going to make Apple, not to mention Google and BlackBerry really happy as those tools will allow them to make countermeasures against this sort of thing. Researchers are likely happy as they get to troll this info for anything interesting. You can copy and past that statement for hackers as well as they will want to use the info to make exploits. But it’s safe to say that Cellebrite is likely not happy as they’re clearly using techniques that are already in the public domain, which takes away their “street cred.”

Oh, to quote the late Steve Jobs, there’s one more thing:

“@FBI Be careful in what you wish for,” the hacker’s message reads, before signing off with a piece of ASCII art, which says “Backdoorz.”

If you recall, Apple made the point when fighting the FBI’s attempts to get them to unlock the San Bernardino Shooter’s iPhone last year was that anything that it did had the risk of becoming public which would put iPhone users everywhere at risk. It now seems that this has come true. One wonders what the blow back will be from this.

Hey IT Nerd! What Do I Do About Poor Online Reviews?

Posted in Tips on February 3, 2017 by itnerd

I got a question from a medium sized business owner yesterday:

Hello IT Nerd. I am getting really negative reviews from ex-employees on a site called Glassdoor. I was wondering if there was any way to lessen the impact of these reviews as they are now affecting my ability to recruit and retain employees? Would it be wise to use a service that specializes in removing these sorts of reviews to solve this problem? 

Thank you. 

Thanks for the question. If you don’t mind, I’m going to first answer this question from a general perspective as I think that would be of value to the majority of readers who will see this.

Sites like Glassdoor and Indeed which let employees review employers, or Yelp or Google reviews which review everything from shops to restaurants can really have a negative effect on a business when the business in question gets a negative review. Now if you get the odd negative review on one of these sites, you can chalk that up to the law of averages as not everyone is going to like your product or service. But if bad reviews are consistently being put online, chances are you have deeper issues within your organization that you need to address. Or perhaps you have some sort of online troll that is out to get you. Though from my experience, while that does happen, it is not a common occurrence.

Now, how do you deal with a bad review? In my opinion, your best strategy is to deal with it head on. Reply to the review and ask for details. Show empathy and offer to engage in a conversation via the phone or by e-mail. If the person does reach out, work with them robustly and earnestly to resolve whatever issue that they have. This approach will do two things for you. One is that it will win you fans if you follow though 100% of the time. The other thing it will do is that it will bring to light the trolls that are out there as they tend to not to respond to this approach, or they respond negatively which will out them as being a troll. One other thing that may also work for you is to have those people who’s concerns you’ve addressed post a follow up review to illustrate that you’re open to feedback and willing to address concerns that are brought to you. As for using a service to “erase” these reviews. I am not a fan of that personally. Reviews can only be deleted if they cross a certain threshold of being inaccurate or hostile. Plus it’s up to the review site in question to make that happen. On top of that, even if you do pay someone to delete those reviews and they can actually do that, you’ll often get a boomerang effect where negative reviews will either come back in spades, or you’ll get accused of covering up your problems, or both. Thus I don’t think that paying for one of these services is money well spent.

Now to your specific question about ex-employees posting negative reviews about your company. I will say up front that I know nothing about your company. Nor am I a HR expert. But I believe that much of what I said applies to your situation. My thinking is that there’s some issue inside your company that is making these people default to leaving negative feedback. Most likely it is starting while they are working for you. Thus on top of employing the strategies that I mentioned above, it may be wise for you to engage those who are currently working for you to understand if there is anything that is going on inside your company that is making this happen. Maybe by doing that, you can avoid this situation entirely.

Fix For LG’s UltraFine 5K Display WiFi Router Issues Is Coming Says LG

Posted in Commentary with tags on February 3, 2017 by itnerd

Earlier this week, I posted a story about the issues that the Apple recommended LG UltraFine 5K Display has when it is within 2m of a WiFi router. It now looks like LG is going to do something about it. According to Recode, LG is going to fix the problem by inserting additional shielding into newly manufactured models, which should protect against the electromagnetic radiation from routers that is likely causing the issues. For the ones that are already in customers hands, they will have to reach out to LG to get those retrofitted.

That begs the question. Why wasn’t this caught prior to them being shipped to customers? I ask that because it really seems that LG seriously dropped the ball here. And Apple can’t escape taking some of the blame here as they recommend this monitor, thus you think they would have tried a couple of these out to see if they play nice when they are close to a WiFi router. After all that is a common scenario for users that you’d think that someone would have tested.