Archive for February 12, 2018

netTALK Appears To Be Refusing To Port Phone Numbers Out Of Their Service

Posted in Commentary with tags on February 12, 2018 by itnerd

Over the last year and a half or so, I’ve been tracking an issue where netTALK seems unable or unwilling to release phone numbers to be ported to another service. Over the weekend, I had someone by the name of Laura Vogel reach out to me on Twitter:

I reached out to her and she sent over some communications between her and netTALK. I have to admit that I’ve seen some bad and brutal customer service, but this is the worst that I have ever seen. Based on the emails that I read, netTALK goes long periods of time without responding to queries. And it seems that she had to complain to the FCC to get any response.

The problem is that she seems not to be alone. A quick perusal of Twitter shows that this problem has existed for at least a year a half. Here are some examples:

Now why would they be basically holding phone numbers hostage? Well, I think that this highlights something that I said here. netTALK has never, ever made money. Thus you could make an argument that they’re trying to lock their customers into their service by holding their numbers hostage. After all, your phone number is often part of your identity. So if you can’t port your number off their service, you keep paying them. If that’s true, that’s pretty cynical. There may be other reasons behind this as well, but when I reached out to netTALK on Twitter to find out what their side of the story is, they chose not to respond. I think that tells you all you need to know about netTALK.

Here’s the bottom line. There’s a reason why netTALK is one of two companies that I pulled my recommendation of their products in the history of this blog. In short, this company doesn’t pass the smell test. The fact that they aren’t letting people port their numbers off their service should be a major red flag for anyone thinking of doing business with them. Now, if you’re one of the people that are in this situation, I would recommend filing an FCC complaint if you’re in the US, or a complaint with the CRTC if you are in Canada. Why go this route? It’s simple. netTALK doesn’t deserve the benefit of the doubt and deserves to have a very uncomfortable light shown on their behavior.

I will continue to follow this story and report on any developments.

Advertisements

Equifax: It’s Worse Than Was Previously Thought

Posted in Commentary with tags on February 12, 2018 by itnerd

It appears that in the shadow of a probe into the pwnage of Equifax being shelved, news is appearing that seems to indicate that the pwnage was worse than first thought:

The credit reporting company announced in September that the personal information of 145.5 million consumers had been compromised in a data breach. It originally said that the information accessed included names, Social Security numbers, birth dates, addresses and — in some cases — driver’s license numbers and credit card numbers. It also said some consumers’ credit card numbers were among the information exposed, as well as the personal information from thousands of dispute documents.

However, Atlanta-based Equifax Inc. recently disclosed in a document submitted to the Senate Banking Committee, that a forensic investigation found criminals accessed other information from company records. According to the document, provided to The Associated Press by Sen. Elizabeth Warren’s office, that included tax identification numbers, email addresses and phone numbers. Finer details, such as the expiration dates for credit cards or issuing states for driver’s licenses, were also included in the list.

The additional insight into the massive breach was first reported by the Wall Street Journal.

Equifax’s disclosure, which it has not made directly to consumers, underscores the depth of detail the company keeps on individuals that it may have put at risk. And it adds to the string of missteps the company has made in recovering from the security debacle.

This is exactly why a deeper investigation needs to be done. It is becoming clear that Equifax really dropped the ball here and consumers are really at risk. Thus understanding why that happened and what can be done to avoid in the future would be a good idea. Not only that, I’m pretty sure that someone needs to be held accountable over at Equifax over this. By that I mean some stiff fines and perhaps some time in the clink. But that will only happen if this issue is thoroughly investigated.

Government Websites Pwned To Mine Cryptocurrency

Posted in Commentary with tags on February 12, 2018 by itnerd

It seems that with Cryptocurrency being the big thing at the moment, there are new exploits and attacks to help some people mine this currency. I’ve written about cryptojacking in the past and this report from the BBC shows a real life example of why this is a threat:

The Information Commissioner’s Office (ICO) took down its website after a warning that hackers were taking control of visitors’ computers to mine cryptocurrency.

Security researcher Scott Helme said more than 4,000 websites, including many government ones, were affected.

He said the affected code had now been disabled and visitors were no longer at risk.

The ICO said: “We are aware of the issue and are working to resolve it.”

Mr Helme said he was alerted by a friend who had received a malware warning when he visited the ICO website.

It’s clear from this that website operators need to take this threat more seriously. Besides doing audits on what should be running on their site, anything that isn’t needed such as Javascript should be pulled from the site. After all, while users should be protecting themselves, website operators need to ensure that they aren’t serving up anything that’s bad to their users.

The Winter Olympics Have Been Pwned By Hackers

Posted in Commentary with tags on February 12, 2018 by itnerd

It seems that pwnage is an unofficial sport at the Pyeongchang Winter Olympics as organizers have confirmed that they were the victim of some sort of cyberattack during Friday’s opening ceremonies. But the weird thing is that they won’t reveal the source which implies that they know who did it:

The Games’ systems, including the internet and television services, were affected by the hack two days ago but organizers said it had not compromised any critical part of their operations.

“Maintaining secure operations is our purpose,” said International Olympic Committee (IOC) spokesman Mark Adams.

“We are not going to comment on the issue. It is one we are dealing with. We are making sure our systems are secure and they are secure.”

Asked if organizers knew who was behind the attack, Adams said: “I certainly don’t know. But best international practice says that you don’t talk about an attack.”

So, who could be behind the pwnage? Was it North Korea, the Chinese, or the Russians? Maybe it was a third party group that was responsible? The fact is we may never find out. Or if we do, it will be well after the games end. But seeing as I have never heard of this happening at any other Olympics, one has to be concerned.