Archive for March, 2021

« Older Entries
Newer Entries »

Review: InvisQi

Posted in Products with tags on March 23, 2021 by itnerd

This week I got my hands on something really cool that I’d like to share with you. Meet the InvisQi wireless charger:

Inside this box is a 10W wireless charger that is different than pretty much any other wireless charger that I have tested. I say that because it is designed to be added to a table or desk so that you can charge your phone through said table or desk. So in effect, you can charge your phone without taking up any desk space with a wireless charger sitting on said desk simply by dropping your phone in the right place.

Here’s a close look at the charger:

It looks and feels like a well constructed piece kit. Here’s what comes in the box:

Going from the top left to right:

  • InvisQi wireless charger
  • Bracket to hold the InvisQi
  • Sticker to indicate where to place your phone once the install is complete
  • Green wireless sensor to indicate that everything is installed properly
  • Double sided 3M stickers to mount it to your table
  • Documentation
  • Power adapter
  • Measuring card

Not pictured is a pack of screws. Two to mount the charger to the bracket. Four to screw the bracket into the table or desk.

Now you can find instructions to install this charger here [Warning: PDF]. But let me walk through what I had to do to get it installed. The InvisQi charges through surfaces between 18-30mm (0.7″-1.18″). That’s kind of important because if you have it too close, I would imagine that you will fry your phone. Or if you have it too far away, it won’t charge anything. Thus measuring the thickness of the desk or table is important. To make that easy, there’s a card that allows you to measure the distance:

The purple part is 30mm. And the light wood part of the table which is the top of the table that I installed it on is 18mm. So in my case, this table fits the minimum specifications for this charger. For the record, it works through glass, wood, plastic, marble, quarts, granite. It will not work through metal.

The next thing I had to do is mount the charger in the charger using the two screws. Then I use the double sided 3M tape on the top portion of the bracket so that I could stick it to the underside of my table.

I then mounted the charger underneath the table. I chose the corner to make it an easy location to change my phone. You can see the screw holes in the bracket and the InvisQi comes with four self tapping screws that allow you to screw it into place. I didn’t end up using them as the 3M tape held everything in place securely.

I then plugged everything in and then I used the green wireless sensor to indicate where the charger was and to confirm that it was working properly.

The flashing light in the middle of the green wireless sensor indicates that the sensor is dead center with the charger underneath the table. So clearly I have this installed correctly.

To make it easy to find the the spot that you need to place your phone on the table, the InvisQi comes with this sticker to help you with that. It’s textured which means your phone won’t slip and slide all over the place.

The total install took about 15 minutes. And I was able to charge my iPhone 12 Pro without issue. And that was with my Spigen Tough Armor Case on it. But to make sure that everything worked properly, I tested my wife’s iPhone XR with her Otterbox case on it.

You can see in the top right corner of my wife’s iPhone that it’s charging. I also was able to charge my Jabra Elite 85T earbuds as pictured here (the green light on the front is indicates it is charging):

I have to admit the InvisQi is very cool. It is easy to install and easy get up and running. My only gripe is the power cable. In some use cases it is going to be too short. Thus if I had to change anything, I would make that cable longer. But other than that, the InvisQi was easy to install, and works flawlessly from my testing. It goes for $99 USD and if you want to reduce the clutter on your desk, but give it some extra functionality, the InvisQi is definitely worth a good hard look.

7 Comments »

Why Is There Suddenly A Profile Section In System Preferences On My Mac & Why Is There An iMovie Profile In It?

Posted in Commentary with tags on March 22, 2021 by itnerd

Recently, I got a few calls from clients who run Macs who noted a new system preference option appear in System Preferences.

As you can see here, the system preference in question is called Profiles. Every client that I had talked to had never seen it before. But it gets better, when you look in Profiles, this is what you will see:

What you see above provisioning profile. A provisioning profile is used by Xcode to determine if the app can be installed on a particular device, what services from the operating system the app will have access to (iCloud, Keychain, Push Notifications, etc), and some other information to get the app installed on the device or shipped to the App Store. This is true of iOS apps and true of macOS apps. They also allow developers to test apps that aren’t published on the App Store.

Another use of profiles is to allow Enterprise Mobility Management software, aka EMM software to manage your Mac in an environment where one might have dozens or hundreds of Macs and touching each one by hand is impractical. In this case the profile could be used to deliver anything from software updates, configuration changes, or lock the Mac down to limit what the user could do.

The thing is unless you fit either use case, you as an end user should never actually see a Profile pane in system preferences. So this is clearly weird. I looked at my Mac and my wife’s Mac and sure enough, we had a Profiles pane and this profile in it. It took a bit of detective work, but I think I know what is going on. I think that Apple screwed up when they published iMovie 10.2.3 a couple of weeks back and left the profile in the product when they published it to the App Store. That to me makes sense as these profiles are usually stripped out before the app hits the App Store. But for whatever reason that only Apple can explain, not that we should expect them to explain anything, that didn’t happen in this case. So when end users downloaded this version of iMovie, they also get this profile installed. And here we are talking about it.

The good news is that removing the profile if you choose to do so won’t harm your system, it won’t keep iMovie from starting, and as a bonus, it makes the Profiles system option disappear as long as there are no other profiles present. Conversely, if you leave it there, nothing bad will happen to your system either. So I will leave it to you to choose what course you want to take. But if you want to remove it, here’s what you should do:

  • Open the Profiles Preference
  • Highlight the iMovie_27_Sep profile
  • Click on the minus (-) icon at the bottom left corner of the screen.
  • A dialog box will pop up asking you to confirm that you want to remove this. Do that and then authenticate when prompted to do so.
  • Declare victory and have a beer.

One last thing. A few of the people who reported this to me asked if they had been hacked. While profiles have been known to install malicious software, and in the case of Facebook bypass the app store entirely, that isn’t the case here. There is no security risk here that is present. So you need not worry about that.

2 Comments »

Computer Maker Acer Gets Pwned…. Data Held Ransom

Posted in Commentary with tags , on March 20, 2021 by itnerd

According to Bleeping Computer, a group of hackers known as REvil has gained access to Acer private company network and is holding sensitive data hostage for $50 million USD. REvil announced the attack on the dark web earlier this week that the group had compromised Acer, and even posted a few images for proof. 

Acer is one of the world’s top PC makers so this needless to say is not good to say the least. It is entirely possible that this attack may have been orchestrated by exploiting one of the four Microsoft Exchange vulnerabilities that Microsoft recently publicized the existence of and also released patches for. Acer has until March 28 to pay the ransom before REvil leaks all the data it stole online. So this is in short, extortion. As for what Acer has to say, they only said this:

When asked about the In response to BleepingComputer’s inquiries, Acer did not provide a clear answer regarding whether they suffered a REvil ransomware attack, saying instead that they “reported recent abnormal situations” to relevant LEAs and DPAs., Acer wouldn’t admit that it was a ransomware attack, only telling Bleeping Computer in a statement that it has “reported recent abnormal situations observed to the relevant law enforcement and data protection authorities in multiple countries.”

That my friends pretty much confirms that they were pwned. The question is, will they pay up. They shouldn’t. But companies do all the time. Which is why these attacks work.

1 Comment »

Exclusive Networks Rises To Pandemic Challenge With Strong FY2020 Performance

Posted in Commentary with tags on March 18, 2021 by itnerd

Exclusive Networks, the global trusted infrastructure specialist, today announced its 2020 financial results, showing strong growth achieved amid unprecedented worldwide trading conditions. The company continued its growth momentum with a notable 8% organic uplift in sales, together with the expansion of its global footprint and skills base through three strategic acquisitions. The year also saw Exclusive Networks’ further digitalisation of back-office operations and the launch of X-OD, its on-demand, subscription-based delivery platform for vendor solutions and professional services – both of which have contributed to a record year in revenues and operating income. 

Other 2020 highlights include:

  • Strong organic growth across multiple regions
  • Growth in services as a proportion of total revenue in many theatres with Covid constraints transforming the way many services were delivered
  • Increased market momentum among ‘core’ vendors with above market growth rates
  • New emerging and scale out vendors focus continued with strong performance
  • Portfolio expanded with 17 new vendors and vendor expansion geographically  
  • Launched X-OD (Exclusive Networks on Demand) platform to enable ‘everything-as-a-service’ consumption, contributing to rapid growth in subscription-based business
  • Appointed new CEO, Jesper Trolle, and further strengthened the executive leadership team with VPs of HR (Laurence Galland), Strategy and Business Development (Alexandre Azouaou)
  • Branched out into 10 new central and eastern European countries with the acquisition of Veracomp
  • Expanded Hong Kong presence and established gateway to north-east Asia expansion with acquisition of JJNET Hong Kong
  • Reinforced and intensified skills base in native cloud services, DevSecOps and containerisation with acquisition of Nuaware

Exclusive Networks is the global trusted digital infrastructure specialist driving the transition to a totally trusted digital future for all people and organisations. Our distinctive approach to distribution gives partners more opportunity and more customer relevance. Our specialism is their strength – equipping them to capitalise on rapidly evolving technologies and transformative business models. 

The Exclusive Networks story is a global one with a services-first ideology at its core, harnessing innovation and disruption to outstrip market growth. With 50+ offices across five continents and presence in over 100 countries, Exclusive Networks has a unique ‘local sale, global scale’ model, combining the extreme focus and value of local independents with the scale and service delivery of a single worldwide distribution powerhouse. More info is available at www.exclusive-networks.com

Leave a comment »

Stop Using Text Messages For Authentication RIGHT NOW

Posted in Commentary with tags on March 18, 2021 by itnerd

This week, a stunning story from Vice revealed how easy it is for an attacker to steal your text messages and do evil things with them. Let me illustrate how easy it is:

  • Pay a trivial sum of money.
  • Convince a VoIP wholesaler that they’re a reseller.
  • Sign a form swearing that they’re allowed to route messages to your number to another number.
  • Pwnage

Why is this important? It’s important because a lot of people use text messages as a means to do two-factor or multi-factor authentication for websites and other online accounts. Which means that if someone has access to your text messages, they have access to any account that uses text messages for authentication.

While that sounds scary, and it should sound scary, there are ways to protect yourself from this. You should be using a dedicated two-factor authentication app that requires physical access of your hardware—typically your phone—to finish the login process for an account. An example of this would be Microsoft Authenticator or Google Authenticator which bypass text messages to deliver the codes required for two-factor or multi-factor authentication. It also means that the bad guys need physical access to your phone to try and break into your online accounts. Quite simply, that’s not going to happen.

But there’s one slight problem. What if the service that you need to use only use text messages for authentication? Then I guess you are kind of stuck. Sort of. You can use a service like this one to monitor if, or when, your phone number’s texts are routed elsewhere. And a really, really strong password helps too. Along with not using obvious answers for your security questions.

Do you have any other suggestions that can help all of us keep our online accounts safe? If you do, leave them in the comments and share your thoughts.

3 Comments »

Drip7: Training Improves Cybersecurity Awareness For Employees

Posted in Commentary with tags on March 17, 2021 by itnerd

Cybercrime represents the greatest threat to businesses and organizations in the world today.

The cost of a data breach, in terms of revenue, reputation, legal exposure, and operational disruption, can be devastating. Global cybercrime costs are expected to reach $10.5 trillion by 2025, up from $3 trillion in 2015.

By The Numbers:

A New platform was developed as part of a project to enhance the cybersecurity training within a large hospital system. 

It became apparent that the combination of microlearning, customizability, and gamification leading to high ongoing employee involvement answered a need not simply for one client or industry, but for a worldwide digitized economy.

The Training:

  • The program is called Drip7. It applies game design to cybersecurity awareness training to increase retention. 
  • Works off the basic point that one doesn’t internalize something by hearing it once. There must be repetition, in this case seven times.
  • The training arrives in the form of a question a day that the employee answers. This increases engagement in learning and retention, and at its core keeps cybersecurity in the employee’s mind—not by force but through play.

Drip7 already has over 80,000 users licensed on the platform.

Drip7 is the brainchild of cybersecurity expert Heather Stratford as a result of a client wanting to fix a specific problem: empowering the weakest link—the human—to use better cybersecurity. With its first few clients (a large educational institution, hospital system, and government agency), Drip7 is proving its usefulness in changing the old system of training and information retention in any workforce.

You can find out more at https://drip7.com.

Leave a comment »

Darktrace Appoints Lord David Willetts As A Non-Executive Director

Posted in Commentary with tags on March 17, 2021 by itnerd

Darktrace, a leading autonomous cyber security AI company, today announced that the Rt Hon. David Willetts has agreed to join the Board of Directors as a Non-Executive Director.

Lord Willetts served as a Member of Parliament from 1992 to 2015. He was Minister for Universities and Science within the Department for Business, Innovation and Skills from 2010 to 2014, and previously held roles within HM Treasury and the No. 10 Policy Unit. His current roles include President of the Resolution Foundation and Chair of the Foundation for Science and Technology, together with serving on several company boards.

“I am honoured to join the Board of Darktrace, a true example of great British innovation and leadership in the cyber AI field,” Lord Willetts said. “I look forward to supporting the company as it continues to play a critical role in building the technology and talent needed to counter the rising threat from cyber-attacks on business, government and critical national infrastructure.”

Darktrace is a leading autonomous cyber security AI company and the creator of Autonomous Response technology. It provides comprehensive, enterprise-wide cyber defense to over 4,500 organizations worldwide, protecting the cloudemail, IoT, traditional networks, endpoints and industrial systems.

A self-learning technology, Darktrace AI autonomously detects, investigates and responds to advanced cyber-threats, including insider threat, remote working risks, ransomware, data loss and supply chain vulnerabilities.

The company has 1,500 employees and 44 office locations, with headquarters in Cambridge, UK. Every second, Darktrace AI detects a cyber-threat, preventing it from causing damage.

Leave a comment »

Conservative Party Of Canada Calls For Investigation Into Rogers-Shaw Deal

Posted in Commentary with tags on March 17, 2021 by itnerd

This didn’t take long. And it’s bad news if you’re Rogers.

The Conservative party is calling for a house of commons committee study into the Rogers deal to acquire Shaw. MP Pierre Poilievre says his party will trigger hearings into the deal to ensure that it will benefit all Canadians. Here’s what he had to say:

Poilievre noted that the Conservative party continues to believe that having four competitors is better than three and that the committee will try to determine if there are ways to ensure that four competitors will remain. This is a good move for Canadians as more competition is good for consumers. And this deal if it goes ahead will result in less competition and likely higher prices.

3 Comments »

Guest Post: macOS Malware Development Surged By Over 1,000% In 2020 Says Atlas VPN

Posted in Commentary on March 17, 2021 by itnerd

According to the Atlas VPN investigation, the development of macOS malware surged by 1,092% in 2020. To be exact, 674,273 new malware samples were found in 2020, when there were only 56,556 samples detected in 2019. 

Malware, or malicious software, is a collective term for all kinds of threats. Microsoft lumps malware into thirteen distinct categories: backdoors, downloaders, droppers, exploits, hack tools, macro viruses, obfuscators, password stealers, ransomware, rogue security software, trojans, trojan clickers, and worms.

Coming back to the numbers, the development of malicious software for Apple’s desktop operating system macOS spread like wildfire in 2020, amounting to a historic high of 674,273 samples.

According to Rachel Welch, COO of Atlas VPN“Contributing to this record surge in threats is the fact that new malicious software is now easier to engineer than ever before.

Nowadays, hackers do not even need advanced programming skills since they can purchase a ready-made malware code, tailor it to their needs with a little bit of coding and establish a completely new threat.”

Interestingly, if we add up all the new malware since the beginning of measurement in 2012, we get 219,257 samples, which is still well below last year’s numbers. From 2012 until 2019, new malware’s development reached the maximum high of 92,570 samples per year.

Windows malware in the millions

Even though macOS malware development surged to record-highs, hackers still abuse Windows users much more often. 

Data shows that a record-high of 91.05 million new Windows malware samples were discovered in 2020. In other words, cybercriminals developed an average of 249,452 threats per day. 

To read the full article, head over to: https://atlasvpn.com/blog/macos-malware-development-surged-by-over-1-000-in-2020

6 Comments »

App Privacy Study Looks At Most ‘Invasive’ Apps Collecting User Data… Guess Who Is Number One And Number Two?

Posted in Commentary with tags on March 17, 2021 by itnerd

Yesterday, I came across a company called pCloud who earlier this month took a look at the most “invasive” apps that collect the most data from users and shares it with third parties. You can guess who was the most invasive:

Every time you search for a video on YouTube, 42% of your personal data is sent elsewhere. This data goes on to inform the types of adverts you’ll see before and during videos, as well as being sold to brands who’ll target you on other social media platforms. Instagram shares 79% of your data including browsing history and personal information with others online.

YouTube isn’t the worst when it comes to selling your information on. That award goes to Instagram, which shares a staggering 79% of your data with other companies. Including everything from purchasing information, personal data, and browsing history. No wonder there’s so much promoted content on your feed.

With over 1 billion monthly active users it’s worrying that Instagram is a hub for sharing such a high amount of its unknowing users’ data.

Remember, Instagram is owned by Facebook. And Facebook was number two on this list as noted below. So read into that what you will:

  • Instagram collects 79 percent of personal data
  • Facebook collects 57 percent
  • LinkedIn and Uber Eats both were caught collecting 50 percent of data.
  • YouTube and YouTube Music were found to be collecting 43 percent of personal data to share with third parties.

So if you have any of these apps on your phone, you now know your data is being vacuumed up like a maid using a Hoover. On the other end of the spectrum, apps that don’t collect much data include Signal, Clubhouse, Netflix, Shazam, Etsy, Skype, and Telegram. But this will change for iOS users shortly when iOS 14.5 is released where Apple will begin requiring apps that access a user’s advertising identifier for cross-app and website tracking to get express permission before using it, which may help cut down on some of the third-party data sharing. But this report alone may get some of the companies on this list to alter their behavior. By some, I mean any company not named Facebook who simply doesn’t care about your privacy.

Leave a comment »

« Older Entries
Newer Entries »