Archive for April 9, 2018

A New Mac Backdoor Is Out There To Pwn You

Posted in Commentary with tags on April 9, 2018 by itnerd

Here’s another reminder that Macs do get malware and you have to protect yourself accordingly. There’s a new piece of malware that installs a nasty backdoor in your Mac via a phishing email that contains an booby trapped MS Word document. It was discovered by Trend Micro and is linked to a group called OceanLotus which is also known as APT32 which has been fingered with attacks against human rights organizations, media organizations, research institutes, and maritime construction firms with a connection to Vietnam. Oh yeah, they’ve state sponsored too.

This backdoor is kind of nasty. Once installed, malicious files downloaded and installed to enable persistence will ensure the malware loads at startup. It also collects information relating to the operating system, submits data to the malware’s command control (C&C) servers, and also receives instructions from the malware’s operators. Information sent to the C&C server is both scrambled and encrypted and is decoded on the other side.

Antivirus companies are likely updating their definition files to stop infections. But seeing as the only way this malware can get into your system is if you fall victim to the phishing email, I would say that you take the advice of Wired so that you don’t become a victim of this or any other phishing based malware.

Advertisements

Two More Companies Suspended From Facebook…. Which Gives You Two More Reasons To #DeleteFacebook

Posted in Commentary with tags on April 9, 2018 by itnerd

So now it’s not just Cambridge Analytica who’s been caught and suspended for slurping data from Facebook under the covers. Two more companies have been caught doing the same thing and as a result getting the same punishment. Here’s the first one:

Facebook is suspending a data analytics firm called CubeYou from the platform after CNBC notified the company that CubeYou was collecting information about users through quizzes. CubeYou misleadingly labeled its quizzes “for non-profit academic research,” then shared user information with marketers. The scenario is eerily similar to how Cambridge Analytica received unauthorized access to data from as many as 87 million Facebook user accounts to target political marketing. CubeYou, whose CEO denies any deception, sold data that had been collected by researchers working with the Psychometrics Lab at Cambridge University, similar to how Cambridge Analytica used information it obtained from other professors at the school for political marketing.

Lovely. Now the second one has a Canadian connection (and I say that with my head hanging in shame):

Facebook says it has suspended Canadian political consultancy AggregateIQ from its platform, after reports emerged alleging its involvement in a global controversy over misuse of personal social media information for political ends.

Victoria, B.C.-based AggregateIQ has been linked with Cambridge Analytica, the political campaigning firm at the centre of a data scandal, according to documents obtained by The Guardian in the United Kingdom. The Canadian firm has also been targeted by federal and British Columbia investigations into whether the company broke privacy laws or used unauthorized data.

And:

AggregateIQ has also been linked to the campaign in the U.K. to leave the European Union, and the firm was used to sidestep Brexit campaign spending limits, according to CBC News, citing a whistleblower and documents.

Lovely. Both of these is going to really turn up the heat on Mark Zuckerberg and company. In fact, it will likely make his trip to Washington that much more stressful for him. Plus in the case of AggregateIQ, politicians are really going to turn up the heat to make him testify in front of them sooner rather than later.

Meanwhile, you get to find out (if you haven’t already) if your data is caught up in this mess. Read this Time story for more details.

 

 

Review: Jisoncase Slim Leather Case For iPhone 7 Plus & Leather bag for iPhone 6

Posted in Products with tags on April 9, 2018 by itnerd

I have a two for one for you today. I’m reviewing not one, but two iPhone cases from Jisoncase. Let’s start with the Slim Leather Case For iPhone 7/8 Plus:

IMG_3742.jpg

It’s a leather case that is extremely slim and covers the top, back and sides of the phone. The bottom is still exposed leaving the speakers and the lighting port accessible. However the bottom corners are covered.

IMG_3743.jpg

On the left side, there are indents for the volume buttons as well as a cutout for the mute switch.

IMG_3744 2.jpg

On the right there’s an indent for the power button. The screen of the iPhone is just below the edge of the case though which might bother some. Inside the case there’s a sheet of microfibre that will keep the back of your iPhone from getting scratched. The case initially felt slippery when I first put it on, which made me feel that it was going to slip out of my hand. But after using it for a few days, I found that this initial feeling disappeared. The build quality was excellent and I was able smell the leather. It gave my iPhone 7 Plus a very upscale look. The only caveat that I have is that a case this slim will not provide much drop protection. If you’re looking for that, Jinsoncase has other models that will fill that need. The Slim Leather Case For iPhone 7/8 Plus can be found on the Jisoncase online store,  Amazon and Aliexpress in a number of color choices and can be found for about $20 USD or less.

Now over to the Jisoncase Leather Bag For iPhone 6:

IMG_1430

You slide the phone into the case and it closes with a magnetic clasp that is very secure.

IMG_1433

On the bottom there are cutouts for the lightning port and headphone port, as well as holes for the speaker. Again the build quality is excellent and the leather felt very soft. My wife used this for a few days and she did note that it was initially tight when it came to sliding the phone in and out of the case. But it did loosen up after a while. She did note that this is likely a case that is aimed at someone who doesn’t check their phone all that often as it is a bit of an exercise to remove the phone and put it back in frequently. But having said that, if you are one of those people who like the feel of a naked phone, but want a case with a touch of class, this high quality good looking leather case is for you. It’s available at the Jisoncase online store and Aliexpress for $14 USD.

Jisoncase makes a number cases and accessories for a variety of devices. Based on the examples above, I’d encourage you to take a look at what they have to offer as they’ve got some great products on offer.

 

 

Why Bell Has The Upper Hand Against Rogers When It Comes To Internet Access In Canada

Posted in Commentary with tags , on April 9, 2018 by itnerd

Last week I posted a story about Bell rolling out fibre across Toronto and offering up 1 Gbit/s symmetrical speeds today, with faster speeds coming in the future. In that story, I said this:

Having symmetrical speeds is something that in the past was only found in business class Internet. The fact that Bell is bringing it to consumers is a big deal. And the fact that they’re the only ones thus far to do so has Rogers on the back foot as Rogers doesn’t offer fibre to the premises nor do they offer symmetrical speeds. 

That got me a few emails over the weekend asking why Rogers can’t compete with Bell. Thus I decided to write a follow up to explain why Bell has the upper hand against Rogers in this regard.

First of all Bell is delivering fibre optic cable to the home. Meaning that it’s an end to end fiber connection which benefits you the consumer by delivering a low latency connection that’s capable of delivering very fast speeds. Low latency is important when you’re playing Call Of Duty online or having a video chat with relatives overseas for example because in the former case, you’ll be better able to pwn your opponents as there will be no lag for you to contend with, while in the latter case you will get a fluid video stream going in both directions which means that you get a better video chat experience.

Now contrast that with Rogers. They deliver Internet access by using a system they call “Hybrid Fibre” which means that the Rogers network is largely fibre optic cable. But the so-called “last mile” to your home is copper cable. The problem with that scheme is that copper cable can only handle so much bandwidth. Since Rogers is in the process of rolling out DOCSIS 3.1 across their network (at present they have DOCSIS 3.1 enabled on the downstream part of their Internet connections, but not on the upstream part of their Internet connections), that means that they’re capped at 10 Gbit/s downstream and 1 Gbit/s upstream as per this Wikipedia page. Bell is talking about speeds of 40 Gbit/s in both directions. Not only that, having the last mile over copper cable introduces latency to the connection. Sometimes as high as 30ms based on my testing with my own Rogers Gigabit connection. Some of the people in my condo who have the Bell product are getting latency as low as 5ms. Clearly, Bell has the upper hand from a technical standpoint. And that’s ignoring the fact that Bell is able to offer symmetrical speeds which Rogers can’t.

In order for Rogers to compete with Bell on this front, they only really have two choices. The first choice is to hope that a technology called DOCSIS 3.1 Full Duplex comes to market quickly and they can roll that out as that would give them a fighting chance with their current infrastructure. DOCSIS 3.1 Full Duplex would give them the ability to provide the symmetrical speeds that Bell does, which would level the playing field somewhat.  The last time I checked it was still in the R&D stage, so that may not be an option as any rollout would be years away. Plus it likely wouldn’t solve the latency problem as you’re still pushing Internet over copper which introduces latency. Which brings me to choice number 2. Rogers will at some point have throw in the towel in terms of “hybrid fibre” and provide true fiber to the home for that last mile. While that’s not instant, it may be their best chance to compete with Bell. And Rogers has done this in a very limited fashion in some places in Toronto. Thus they know how to get that done. Whatever choice Rogers picks, they have to get it done quickly as Bell is on a full court press to take this advantage that they have from a technical standpoint and turn it into something that makes Rogers an afterthought when it comes to Internet access.

This will be interesting to see how this plays out in the months and years ahead. Because right now Bell has the upper hand when it comes to Internet access and Rogers is clearly on the back foot with no clear path to getting back on the front foot.

Guest Post: Ooma Offers Up 6 Tips To Keep Your Home Safe From Break Ins During Your Travels

Posted in Commentary with tags on April 9, 2018 by itnerd

Consider this: A high percentage of home burglaries happen during the spring break period.

But according to Ooma (www.ooma.com/home-security/)—a leading DIY home phone and security company—there are 6 basic inexpensive steps homeowners can take to deter and react to break-ins.

1. MIND THE FRONT DOOR 
34% of break-ins occur at the front door. Install a smart doorbell that routes to your phone, and use tools like two-way speakers to give visitors the impression someone is home. Also install video cameras and view visitors on your phone, no matter where you are.

2. WHEN A DOOR CLOSES, MAKE SURE A WINDOW DOESN’T OPEN 
23% of break-ins occur through first-floor windows. Use classic sash locks to keep windows locked, and install wireless motion sensors to be alerted if a window is raised.

3. CHECK YOUR A/C 
A popular burglary entry point: pushing in a window A/C unit. Install motion sensors near window A/C units, and consider uninstalling window A/C units if you’re leaving town.

4. CALL 911 REMOTELY
Knowing someone is breaking into your house doesn’t help if you’re on a beach several hours away—unless you have a way to call 911 to your home’s local emergency dispatchers with a feature such as Ooma’s Remote 911.

5. BEWARE OF SLIDING DOORS
Sliding doors are another popular entry point, as the locks are generally easy to pick. Install physical barrier bars in the tracks, and set up motion detectors in the vicinity.

6. KEEP THE LIGHTS ON
Integrate light timers or smart lights that you can control with your phone to make your home look lived-in and deter break-ins.

Ooma Home [http://www.ooma.com/home-security/]—the most affordable DIY smart home security system—integrates remote 911 calling, a home monitoring app, and smart security cameras.

Zuckerberg & Sandberg Need To Be Deleted By Facebook If Facebook Is To Move Past The #DeleteFacebook Scandal

Posted in Commentary with tags on April 9, 2018 by itnerd

With 24 hours to go before Facebook CEO Mark Zuckerberg takes a trip to Capitol Hill where he is sure to get smacked silly by politicians who are out for blood over the Facebook data breach scandal, one wonders if Zuckerberg is the man to lead Facebook past this crisis. I for one say no, he need to go.

By resigning, he would show to the world that Facebook is willing to change fundamentally via a new person at the top. One who doesn’t see people who hand over their data to Facebook as “dumb f—-.” One who will confront this crisis head with everyone and anyone as opposed to hiding for days before coming out with a lame statement and a barely passable TV interview. Not to mention that he rebuffed an invite from the UK to explain this gong show while accepting an invite from the US Congress. Clearly this guy doesn’t have the smarts and the emotional intelligence to guide a company through a crisis like this.

I could go on, but based on that sample size along, it’s clear that Zuckerberg is not the man to lead Facebook. Thus he must go and new leadership needs to lead them out this crisis. While they’re at it, Sheryl Sandberg who is the COO of Facebook needs to go as well as she’s failed miserably to be the adult in the room and should have pushed Zuckerberg to confront this crisis sooner. But instead it looks like she hid in the Furherbunker with him during the early days of the crisis. Not exactly the best showing from someone who as a very successful VP at Google. And what was she VP of? She ran Google’s advertising and grew that business substantially. Thus her fingerprints are likely all over Facebook’s business model that has them in trouble today. Which means she can’t be there if they are to turn this around.

Make no mistake, Facebook is in deep trouble. The only way they have a chance to move past this is if there’s fundamental change at the top. Because to quote ex-White House Communcations Director Anthony Scaramucci “the fish stinks from the head down.” And Facebook really stinks right now. Thus they need to take action that doesn’t include having Zuckerberg and Sandberg remain at the company if they want to stop the #DeleteFacebook scandal.