Archive for May 16, 2018

NovaTel GPS Technology Employs Darktrace’s Defenses

Posted in Commentary with tags on May 16, 2018 by itnerd

Darktrace, the AI company for cyber defense, has today announced that NovAtel, part of global technology group Hexagon AB, has selected the Enterprise Immune System to defend its network. NovAtel’s concerns about state-sponsored cyber criminal activity and insider threat led it to deploy Darktrace AI for proactive cyber defense of its valuable intellectual property.

NovAtel’s high-precision Global Positioning System (GPS) technology is utilized across industries for drone helicopter-steering, autonomous vehicles, and emergency dispatch systems. The organization joins a long list of innovative technology companies, including Inphi, Raspberry Pi, and MACOM, that rely on Darktrace to secure their IP.

Darktrace is the world’s leading AI company for cyber defense. Created by mathematicians, the Enterprise Immune System uses machine learning and AI algorithms to detect and respond to cyber-threats across diverse digital environments, including cloud and virtualized networks, IoT and industrial control systems. The technology is self-learning and requires no set-up, identifying threats in real time, including zero-days, insiders and stealthy, silent attackers.


CRTC Steps In To Fix Emergency Alert System

Posted in Commentary with tags , on May 16, 2018 by itnerd

According to the Financial Post, the CRTC is working with all of its partners to fix the technical errors that caused the test emergency alerts to be inconsistently distributed to Canadians. Which is a good thing as the rollout of this system can best be described as a hot mess as evidenced by everything in this post on the subject. The fact that a real alert earlier this week which was an Amber Alert sparked complaints highlights the fact that action needs to be taken immediately to fix this.

Now I have been very critical of the CRTC over the years. But if they can fix this and give Canadians the alert system they need and deserve, I’ll all for it.

In A Further Snub Of The UK Zuckerberg Goes To Brussels To Explain The Data Leakage Scandal

Posted in Commentary with tags on May 16, 2018 by itnerd

Apparently Facebook CEO Mark Zuckerberg does want to speak to foreign politicians about the data leakage scandal. According to EU President Antonio Tajani, Zuck has accepted an invite to go to Brussels Belgium to meet with the EU Parliment. Which is interesting because he blew off a similar invite from UK politicians only yesterday:

It isn’t clear yet whether Zuckerberg’s meetings at the EU Parliament will be held in public or behind closed doors. But the fact that he’s going at all is a clear middle finger to politicians in the UK who I am sure are trying to come up with some way to compel him to make an appearance in London whether he wants to or not.

Rogers Responses To The Lack Of Apple Watch LTE Support Appear To be Incredibly Tone Deaf

Posted in Commentary with tags on May 16, 2018 by itnerd

Even though I am no longer a Rogers wireless customer so that I could get an Apple Watch (review to come in the next couple of weeks by the way), I still follow this story as I get a lot, and I do mean a lot of comments from frustrated Rogers customers on this. As I watch Rogers try to deal with what must be a public relations nightmare, I note a very disturbing trend in terms of how Rogers is responding to this. Rogers seems to be responding in a way that seems to be incredibly tone deaf. Take this response that Rogers served up to a Twitter user:

Justin Prest has a point here. Rogers from what I could tell didn’t even try to say anything to keep a 25 year customer. I point that out because I have seen the people behind Rogers social media accounts try to jump in to save a customer who is talking about leaving. Instead they stuck with a modified version of the party line which is “We don’t currently support Apple Watch. Keep an eye on our website for updates on our products and services.” Now I guess you can’t get in trouble for repeating that. But it really doesn’t help them to give their customers the warm and fuzzies. And now customers are even trolling them on that:

Now the second tweet was sent two minutes after the first one. Keep that in mind as I post what Rogers replied with:

Well. Mr Patrick called it. Either Rogers didn’t see the second Tweet, or they simply don’t care and are sticking to the party line. Also, by the time customers start calling the responses from Rogers on Twitter like Babe Ruth calls home runs, Rogers has a major problem on its hands. As in, they have lost the plot when it comes to managing this from a PR perspective. That’s not good if you’re Rogers.

Then there’s this:

Now this could be fact, or a salesperson in a Rogers store or authorized dealer going rogue. But in the absence of actual facts, it allows this sort of thing to happen. That’s not good for anyone.

I’ve said it before and I will say it again. Though I will say it again packaged slightly differently. Instead of these incredibly lame and tone deaf responses, Rogers needs to simply come out and say what their plans are. Or, if they’ve not going to support the Apple Watch with LTE, just say so and put an end to this so that customers can make decisions on the telco that best meets their needs. If they are going to support it, say when. Cookie cutter responses are not winning the day for them, thus they really need to demonstrate that their customers matter to them by not giving them tone deaf responses.

Leading Canadian Power Company Entegrus Fortifies Security Posture with Pulse Secure

Posted in Commentary with tags on May 16, 2018 by itnerd

Pulse Secure, the leading provider of Secure Access solutions to both enterprises and service providers, today announced that Entegrus has successfully deployed Pulse Policy Secure advanced network access control (NAC), to strengthen overall visibility and access security across their hybrid IT infrastructure. Entegrus, a Canadian energy company, leveraged their existing Pulse Secure virtual private network (VPN) implementation to expedite NAC deployment and fortify their infrastructure in accordance with National Institute of Standards and Technology (NIST) and North American Electric Reliability Corporation (NERC) guidelines. As a result, their security organization extended visibility for remote and on-premise users and devices, as well as enhanced endpoint compliance and Internet of Things (IoT) risk mitigation.

Entegrus serves over 58,000 customers throughout Ontario. They bring electricity, renewable energy and water across three large regions, with a workforce spread out over 2,300 square miles. Entegrus’ objective is to provide safe, reliable and cost-effective provision of energy and related billing services, while providing high levels of service to its customers, partners and the communities it serves. IT security plays a critical role in protecting their delivery of energy and data services.

Ensuring always active control while maintaining flexible, seamless access to network and application resources is an essential requirement for utility providers. Within such highly regulated industries, best practices dictate a constant cycle of security readiness review and improvement to meet an increasingly potent threat posed by cyber threat actors. NAC provides foundational endpoint intelligence, resource access enforcement and IoT defenses that support industry and regulatory compliance guidelines. These compliance requisites apply to both regional and large national critical infrastructure providers.

For stretched IT departments, Pulse Secure’s Secure Access solutions are designed to streamline deployment and on-going administration using an easy, integrated, policy-driven platform that works with a customer’s existing installed base and network infrastructure. In addition, Pulse Secure’s VPN solution utilizes the same endpoint client, policy engine and appliance management as the NAC solution. Entegrus took advantage of this platform capability to rapidly implement NAC. As a result, they gained dynamic intelligence, unified policy management, automated enforcement and threat response through a single management console. Organizations can read the complete case study at

Numerous benefits exist, including a simplified method of managing complex policies and user access rights, as well as an enforceable method of checking end-point devices to ensure that only properly patched operating systems can connect to the network. Another advantage of Pulse Policy Secure was evident after Entegrus recently merged with London, Ontario-based St. Thomas Energy.

Here’s a video on this deployment:

Zuckerberg To British MPs: Screw You, I Ain’t Talking To You

Posted in Commentary with tags on May 16, 2018 by itnerd

Okay. Maybe he didn’t say that. But he might as well have given that he’s once again rebuffed British MP’s attempts to get him to testify about the data leakage scandal in Parliament. This comes via a letter (Warning: PDF) from Facebook to the Digital, Culture, Media and Sport Committee. Considering that he and his minions are not fully answering questions that the MP’s are putting to them, it sets up a bit of a Mexican standoff. MP’s can’t bring him in from the US to testify. And he can avoid having to testify if he never goes to the UK. Thus it isn’t clear what the next steps are. But I will say that the optics of this suck for Zuck as it looks like he has something to hide and he thinks he’s above the law. After all, a reasonable person or company would want to clear the air when it comes to a matter of this importance. Thus why doesn’t he want to clear the air?

If You Care About Security On Your Home Network, Turn Off UPnP

Posted in Commentary with tags on May 16, 2018 by itnerd

UPnP stands for Universal Plug And Play. The idea behind this technology is that networked devices such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other’s presence on the network and establish functional network services for data sharing. It sounds great because it takes some of the complexity setting up devices on your home network.

It’s also a great vehicle for hackers to enlist your devices to pwn others. And has been for years. And when I say years, I mean that security issues have been found in UPnP going back into the previous decade.

Researchers at cyber security firm Imperva have posted a paper that describes how UPnP can be used to enlist UPnP enabled routers that may be badly secured to execute a pretty crafty distributed denial of service attack. I say crafty because the attack that the researchers describe can evade some defense mechanisms to mitigate at distributed denial of service attack. What’s concerning about this is that the researchers found 1.3 million devices that on the surface could be exploited for such an attack. That’s kind of scary.

My advice? If you have a router which supports UPnP, disable the protocol immediately. I haven’t yet stumbled upon a router which does not permit disabling UPnP, so as far as I am concerned, that should be a no brainer to help you to avoid having your router enlisted for mass pwnage.