Archive for October 26, 2017

BREAKING: Rogers Serves Up An Apology & Vague Promises Of Compensation For Multi Day Outage

Posted in Commentary with tags on October 26, 2017 by itnerd

While I will not take credit for this, it seems that Rogers has decided to take some of my advice from the post mortem that I wrote. Earlier tonight, Rogers posted this on the Rogers Helps Twitter account:

Some commentary about all of this. This apology is as the kids say, on point. It sets the right tone and expresses regret and sincerity.  The promise of compensation is vague, but I guess you can’t get into specifics into how you get compensation and what that looks like in 140 characters. I will be interested to see details on that in the coming days. I have  a tip for Rogers on that front in case they are actually taking my advice…. unlikely as that may be as I am sure that they have a crisis management group working behind the scenes. I would not leave details on compensation hanging out there too long. If it were me running the show, I’d have details on the street by Monday. Because if you leave it any longer, you risk burning the bridge that you’re trying to build.

5 Comments »

BREAKING: Rogers Still Recovering From Their Multi-Day Outage

Posted in Commentary with tags on October 26, 2017 by itnerd

While I did post a story that did a post mortem of Rogers multi day outage that affected who knows how many TV, Internet, and home phone customers yesterday, that shouldn’t imply that this crisis is over. I say that because Rogers appears to still be trying to bring people back online based on these Tweets that just popped up from the Rogers Helps Twitter account:

To be frank, I am not sure that customers who have been off line for over a week have any patience left. Take these Tweets for example:

https://twitter.com/QuibJ/status/923389388486213634

Now based on the people that I’ve spoken to, Rogers has made significant progress in terms of resolving this. So hopefully Rogers gets the remaining customers who are still out online in short order. As in today. Because the longer this goes, the worse it gets for Rogers. Both from a PR standpoint and from a financial one as well.

4 Comments »

Kaspersky Says It Obtained NSA Hacking Tool Source Code Via Their AV Software

Posted in Commentary with tags on October 26, 2017 by itnerd

Well, this doesn’t look good.

Kaspersky who is under siege because they are allegedly working with Russian spies, and who have spent months denying that had to admit to something that will make them look like they are working with Russian spies. They have admitted that it obtained the source code of National Security Agency (NSA) hacking tools via anti-virus software running on a PC in the US. They put out a statement that detailed what they found when they looked into the claims that they were responsible for stealing these tools. In short, they found that they did steal these tools because the Kaspersky AV software running on the PC in question thought it was a new and different strain of the Equation malware source code. So it promptly scooped it up and sent it back to Mother Russia for analysis.

The bottom line from the company: We did it but it was accidental.

I’m not sure that’s going to calm the waters here seeing as this plays into part of the narrative that Kaspersky are the bad guys. So I suspect that if they want to get people to trust them again, they are likely going to need to do better than this.

 

 

 

2 Comments »

#Fail: Google Play Protect Can’t Protect You From Malware

Posted in Commentary with tags on October 26, 2017 by itnerd

Google has a new initiative to reduce malware in the Android ecosystem. Called Google Play Protect, it’s supposed to catch the bad stuff before it ends up on your Android  smartphone. Because lots of bad stuff ends up on Android smartphones. And that’s a big problem.

However, it appears that it will not do much for you. Tests by German malware experts AV-Test indicate that Google Play Protect detected just 65.8 percent of recent malware samples, rising to 79.2 percent of malware of around a month old. Meanwhile, third party solutions caught pretty much everything that was thrown at it. The net result was that Google Play Protect finished dead last in this test.

I’m not sure what Google is going to do about it, but I know what you should do. Forget Google Play Protect and invest in a third party anti-virus app that was tested by AV-Test as it seem Google can’t protect you from the bad stuff that’s out there.

 

Leave a comment »

#Fail: Dell Forgets To Renew A Domain And It Gets Hijacked

Posted in Commentary with tags on October 26, 2017 by itnerd

Security expert Brian Krebs has a report which shows that #fails come in all forms. I’ll let him give you the details:

There is a program installed on virtually all Dell computers called “Dell Backup and Recovery Application.” It’s designed to help customers restore their data and computers to their pristine, factory default state should a problem occur with the device. That backup and recovery program periodically checks a rather catchy domain name — DellBackupandRecoveryCloudStorage.com — which until recently was central to PC maker Dell’s customer data backup, recovery and cloud storage solutions.

Sometime this summer, DellBackupandRecoveryCloudStorage.com was suddenly snatched away from a longtime Dell contractor for a month and exposed to some questionable content. More worryingly, there are signs the domain may have been pushing malware before Dell’s contractor regained control over it.

That’s a #Fail. You have to wonder if the person who keeps track of when domains expire still works for Dell as this had the potential of going horribly sideways for them. Here’s why:

This program comes in two versions: Basic and Premium, explains “Jesse L,” a Dell customer liaison and a blogger on the company’s site.

“The Basic version comes pre-installed on all systems and allows the user to create the system recovery media and take a backup of the factory installed applications and drivers,”Jesse L writes. “It also helps the user to restore the computer to the factory image in case of an OS issue.”

In other words: If DellBackupandRecoveryCloudStorage.com were to fall into the wrong hands it could be used to foist malicious software on Dell users seeking solace and refuge from just such nonsense!

While this situation isn’t as bad as say Equifax, it could have been. Hopefully Dell learns its lesson and keeps tighter control of their domains going forward.

 

1 Comment »