Archive for March, 2022

« Older Entries
Newer Entries »

My Thoughts On The Mac Studio Two Weeks After It Was Announced

Posted in Commentary on March 29, 2022 by itnerd

It’s been a couple of weeks or so since Apple announced the Mac Studio. And there’s three recurring themes that seem to be popping up in my inbox and Twitter that I’d like to comment on.

  • If you’re not a professional, you probably shouldn’t buy the Mac Studio: First let’s define professional. I define that as someone who makes a living doing things like editing video or photos. Or perhaps its someone who does 3D modelling or rendering. Or someone who runs large mathematical models every day. In other words, it’s someone who living revolves around the saying “time is money”. If that’s you, then the Mac Studio is for you. At least until the new Mac Pro with Apple Silicon appears. For everybody else, the fact is that if you need an Apple desktop, the M1 iMac or the M1 Mac Mini are both very good computers with a lot of power. So if you’re in that camp, save a few bucks and skip the Mac Mini.
  • Why does Apple have removable drives if they don’t plan on letting you upgrade your Mac Studio: This became a issue of sorts when the first Mac Studio units started appearing, and YouTube channel MaxTech did a teardown and discovered that the Mac Studio had removable storage in the form of two slots. One unused in his case. Then YouTuber Luke Miani did two videos attempting and failing to upgrade the storage on the Mac Studio, which turned into a rant about “right to repair.” The fact is that Apple says that the Mac Studio isn’t upgradable. And unless some above genius level IQ type comes up with an upgrade kit that works. Or Apple actually offers one the way they do with the Mac Pro, I would take them at the word and assume that upgradability is a bonus if it ever happens and not an expectation. To go further, if you need upgradability, my advice is to wait until the upcoming Apple Silicon Mac Pro and see what that brings to the table. Finally, my thinking is that the non-existent upgradability is not because of some evil Apple plot. I suspect that it’s because of the following reasons:
    • Apple has removable slots for the storage because it likely costs them way less to have one or two motherboard part numbers as opposed to say 10 of them with every storage configuration and processor configuration. Less cost means more profit for Apple.
    • Apple likely needs both slots to facilitate 8TB (or perhaps even 4TB) of storage by using two storage modules and using RAID 0 to stripe them so that they show up as 1 volume. If they don’t need the second slot, it stays empty.
    • Various YouTubers call these storage modules SSD’s. I’ve been told by Apple Genius Bar employees that I know that they are not SSDs. They are NAND storage modules which are controlled by the storage controller that is built into the M1 Max or M1 Ultra processor. Without going way into the weeds, these storage modules have no intelligence on them. They’re simply storage. But the use of these specific modules give the Mac Studio the insanely fast disk read and write speeds that they are capable of. It also means that without a whole lot of gymnastics, upgrades are likely a non-starter. Or at the very least they will require the same sort of gymnastics that the Mac Pro upgrade kit requires. Because unlike SSDs, these storage modules are likely tied to the logic board in some way. If I had to make a guess, I suspect that Apple did this for security reasons and not to screw their customer base over.
    • Finally, unlike say a 16″ MacBook Pro, the Mac Studio is sitting on a desk and typically not moving. In a portable use case, soldering the storage modules to the logic board eliminates issues due to vibration. Since the Mac Studio isn’t moving, this likely didn’t make sense. Thus it has slots.
  • Apple says that the Mac Studio and the M1 Ultra Chip should beat an Nvidia RTX 3090, but it doesn’t: Various websites and YouTubers have run benchmarks on the M1 Ultra equipped Mac Studio and can’t figure out how Apple was able to make the claims that it did in the event where the Mac Studio was announced. I can see two reasons for that. The first is that Apple is lying. And I have to throw this out there as a possibility even though I can’t see that as being factual because that’s a great way for Apple to get a class action lawsuit served up to them that they won’t win. Which brings me to my second reason. The benchmark tests simply don’t push the machine hard enough for you to see the true power of the computer. And that’s the thing about benchmark tests. They’re synthetic and only are great tools for figuring out how fast a computer is or isn’t, until they aren’t good at doing that. Ditto for applications which may require updates to fully use the power of the M1 Ultra. And this article supports that based on looking at this whole issue and going deep into the weeds to explain why people are seeing the benchmark results that they are. So the take home message is that you should use benchmark results as a guide, but not as an absolute.

So those are my thoughts on the Mac Studio a couple of weeks after it was announced. What are your thoughts. Please post them in the comments and let me know what you think.

Leave a comment »

Exclusive Networks Announces Partnership With F5

Posted in Commentary with tags on March 29, 2022 by itnerd

Exclusive Networks, a global trusted cybersecurity specialist for digital infrastructure, announced its new partnership with F5, one of the world’s leading multi-cloud application security and delivery companies. The new partnership will extend Exclusive Networks’ reach, through the expertise of Nuaware subsidiary, into the North American market and give regional customers access to F5’s complete portfolio, including BIG-IP, NGINX and the recently announced F5 Distributed Cloud Services.

Together, Exclusive Networks with Nuaware’s cloud native software expertise, F5 will infuse the current technical landscape with innovative solutions needed to advance their customers’ enterprise security. These bundled product offerings not only help keep organizations safe and secure against today’s cyberthreats, but also enable customers to focus more on their core business and goals.

One major factor bringing F5 to Exclusive Networks was the latter company’s late 2020 acquisition of Nuaware, a specialized leading distributor in Containerization, DevOps / DevSecOps, Cloud and Cloud Native Software technologies that, like its parent company, provides customers with the right products, training, and a specialized partner ecosystem. In the end, it’s Nuaware’s expertise and role as Exclusive Networks’ cloud native software center of excellence that creates the perfect alignment for F5 and its portfolio of products.

With an already existing foothold in the EMEA and APAC regions, adding F5’s enterprise solutions and services and respected reputation to its long list of existing partnerships, Exclusive Networks, with Nuaware, will continue to fortify its position as a global cybersecurity leader. Partnerships, like F5’s, enable Exclusive Networks to build best-of-breed solutions for customers from its extensive catalog of vendor products and services.

Exclusive Networks will offer:

  • BIG-IP: A portfolio of cloud, virtualized and physical appliances and services providing enterprises with availability, performance and security. BIG-IP solutions include DNS hyperscale and security (BIG-IP DNS), threat prevention and management (BIG-IP Advanced Firewall Manager), and user access management and security (BIG-IP Access Policy Manager). 
  • F5 Distributed Cloud Services: F5 Distributed Cloud Services provide security, multi-cloud networking, and edge-based computing solutions on a unified software-as-a-service (SaaS) platform. These services are centrally managed but can be deployed anywhere the app needs to be to maximize business impact and deliver a superior customer experience. 
  • NGINX: NGINX provides a lightweight and flexible platform for high-performance app delivery and security services spanning from monoliths to microservices. NGINX products include application delivery and API management (NGINX Controller), load balancing and API gateway (NGINX Plus), DevOps security solutions (NGINX App Protect) and secure service-to-service traffic management (NGINX Service Mesh).

Exclusive Networks’ commitment to F5 will not only benefit customers facing the challenges of multi-cloud deployments and adaptive applications, but will also energize the onboarding of existing and net new Exclusive Networks’ partners, presenting them with new and extended opportunities within the competitive cybersecurity market.

Before its partnership with F5, Exclusive Networks was already a leading cybersecurity distributor and solution provider in an ever-growing global market. Now, with the F5 partnership and its expansion into North America, Exclusive Networks increases its lead as a forward-moving driving force, passing its competitors by providing customers with its best-of-breed bundle solutions.

Leave a comment »

Spotify Rolls Out A COVID19 Disclosure Tab…. What Took Them So Long

Posted in Commentary with tags on March 28, 2022 by itnerd

I haven’t written about Spotify for a while now. At least not since the whole Joe Rogan thing blew up. But I’m writing about it today because according to CNBC Spotify is rolling out a COVID19 disclosure tab in content that mentions COVID19.

Spotify is rolling out a Covid content advisory tab on podcasts and other content that mentions the coronavirus.

Spotify promised the feature, a small blue tab that directs to its Covid-19 information hub, nearly two months ago. It comes after a handful of musicians and creators boycotted the platform for its airing of “The Joe Rogan Experience,” which they say spread Covid-19 vaccine misinformation.

So why did it take them two months to roll this out? The fact that it took them this long would be laughable if it weren’t so serious. You have to wonder if they really take this seriously. My guess is no.

Leave a comment »

Researchers Discover New MS Exchange Hijacking Campaign

Posted in Commentary with tags on March 28, 2022 by itnerd

Researchers at Intezer has reported a new hijacking campaign that targets Microsoft Exchange with the IcedID modular banking trojan:

One of these banking trojans that have been used to deploy ransomware is IcedID (BokBot). IcedID was first reported on by IBM X-Force in November 2017 and the malware shared some code with Pony. While initially designed to steal banking credentials, like many other banking trojans, the malware has been repurposed for deploying other malware on the infected machines.

One way IcedID infects machines is via phishing emails. The infection chain that commonly has been used is an email with an attached password protected “zip” archive. Inside the archive is a macro enabled office document that executes the IcedID installer. Some phishing emails reuse previously stolen emails to make the lure more convincing. 

In the new IcedID campaign we have discovered a further evolution of the threat actors’ technique. The threat actor now uses compromised Microsoft Exchange servers to send the phishing emails from the account that they stole from. The payload has also moved away from using office documents to the use of ISO files with a Windows LNK file and a DLL file. The use of ISO files allows the threat actor to bypass the Mark-of-the-Web controls, resulting in execution of the malware without warning to the user. With regards to targeting, we have seen organizations within energy, healthcare, law, and pharmaceutical sectors.

The way this has evolved has clearly made this dangerous as someone went through a lot of time and effort to ensure that their attack isn’t detected until it’s too late. Saumitra Das, CTO and Cofounder of Blue Hexagon agrees:

“This attack shows how much effort attackers put in all the time to evade detection and why defense in depth is necessary. 

1. Reputation: Many email security systems use reputation of senders to block malicious email without being able to assess the email itself. Here they used compromised Exchange servers to make it through

2. Obfuscation: They used obfuscated file formats to deliver malware, encrypted archive – ISO – LNK – DLL to evade signature and sandboxes

3. Mutation: The DLL file was recently created so no signatures and hash lookups would help

4. Multi-Stage: The final payload is delivered over the network and not visible to email sandboxes. This shows why defense has to be done not just over email but also to go beyond and inspect the final download.”

Clearly it’s time for Exchange admins to up their game. Because these threat actors clearly have upped their game.

Leave a comment »

Update Google Chrome ASAP To Avoid A Zero Day That Has Been In Exploited By North Koreans Hackers For Weeks

Posted in Commentary with tags , , on March 28, 2022 by itnerd

Now would be a very good time to update Google Chrome to version 98.0.4758.102 for Windows, Mac, and Linux because North Korean Hackers have been using this exploit for weeks to do semi-targeted attacks:

The flaw, tracked as CVE-2022-0609, was exploited by two separate North Korean hacking groups. Both groups deployed the same exploit kit on websites that either belonged to legitimate organizations and were hacked or were set up for the express purpose of serving attack code on unsuspecting visitors. One group was dubbed Operation Dream Job, and it targeted more than 250 people working for 10 different companies. The other group, known as AppleJeus, targeted 85 users.

This is bad. And fortunately it’s patched. Marcus Fowler, SVP Strategic Engagements and Threats at Darktrace had this comment:  


“Hackers backed by North Korea’s government exploited a critical zero-day, attempting to infect hundreds of computers. We should be very cautious about assuming this is tied to rising geopolitical tensions. While North Korea may be trying to take advantage of the US turning its attention to mainly focus on Russia, the two separate North Korean hacking groups who exploited the flaw seem to go back much further. Both Operation Dream Job and AppleJeus have focused on monetary gain — frequently the top priority with North Korean cyber operations. 

Previously, Operation Dream Job used spearphishing emails to target specific employees with fake job offers from high-profile organizations. This timing is fascinating given the “Great Resignation” context and employees seeking more flexible jobs and leaving the workforce in droves. The other group, AppleJeus, targeted a cryptocurrency exchange. We have observed an increase in crypto mining attacks over the last few years, so this is also in line with broader hacking trends, not geopolitical happenings.” 

I would run and update your copy of Chrome ASAP to make sure that other threat actors don’t exploit this now that it is public.

Leave a comment »

Atlas VPN introduces MultiHop+

Posted in Commentary with tags on March 28, 2022 by itnerd

Virtual private network service provider Atlas VPN has launched the first of its kind VPN technology — MultiHop+ — which offers a new, more private, and secure way to route internet traffic. 

The recently released feature allows users to connect to the internet through several rotating VPN locations simultaneously,  carefully selected for optimal latency and speed for improved protection online.

Traditionally, a VPN works by creating a secure tunnel between a user’s device and a chosen private VPN server and encrypting the data that travels through that tunnel. It is through the VPN server the user then connects to the internet, as a result masking their real IP address.

Unlike standard VPN setup, however, the MultiHop+ routes internet traffic via several VPN servers simultaneously instead of one. This way, the user’s connection is protected with an additional layer of encryption and hidden behind multiple IP addresses from different geographical locations.

Similar to the anonymous Tor network, the servers within the Atlas VPN MultiHop+ chain are selected randomly. However, what’s unique to the MultiHop+ is the fact that the exit server rotates throughout the browsing. It means that each time a user accesses a different domain, their traffic takes a new and random route through the network, making it near impossible to predict and therefore track, and hence resulting in significantly higher levels of privacy and security. 

MultiHop+ is the second exclusive VPN technology developed by Atlas VPN engineers. In July, the team also introduced the SafeSwap privacy feature, which allows users to have many changing IP addresses without having to switch between different VPN servers.

Leave a comment »

My Thoughts On The Reaction To Apple’s Studio Display

Posted in Commentary with tags on March 28, 2022 by itnerd

Until two weeks or so ago, the only option for a display from Apple was the $5000 USD Apple Pro Display XDR that shipped with the Mac Pro in 2019. Of course to use it, you needed a $1000 USD stand, but the fact was that the display existed and was an option for people who wanted a first party option from Apple. But here’s the problem with that display. It was $6000 to get your hands on it. And it was total overkill for 99% of the public. Not to mention that the price put it out of the reach of the average person. Which is why many people wanted a lower cost option from Apple.

Two weeks ago or so ago they got that option in the form of the Studio Display at $1599 USD. And the reviews shall we say have been less than glowing. And I’ve been thinking about why this is the case as I rarely see this level of backlash against Apple, and come to the conclusion that some of this backlash is unwarranted, and some of it is due to how Apple brought this to market.

Let’s start with what Apple did wrong here by going through the specs of the Studio Display:

  • 27″
  • 5K resolution
  • 60Hz
  • P3 Wide Color
  • IPS panel
  • 600 nits brightness
  • 12MP Webcam with Center Stage powered by an A13 Bionic processor
  • Six speakers
  • Three microphones
  • One Thunderbolt 3 connector that delivers 96W of power
  • Three USB-C connectors
  • Option for Nano-Texture anti-glare coating at $300 USD
  • Option for height adjustable stand installed at time of purchase or later at an Apple Store for $400 USD
  • Option for VESA mount installed at time of purchase or later at an Apple Store at no additional charge.

Those are decent specs. More than decent in fact. But at $1599 USD to start? That’s a bit of a problem. The price relative to what you get seems seriously out of step with a lot of sub $1000 displays. I say that because it has no HDR support. Even cheap gaming monitors have some sort of HDR support. More on that in a moment. And reviews of the camera all basically say that it sucks. Though one assumes that this will be fixed through a software update. In fact Apple said so. But we’ll see if they deliver on that front. When it comes to the panel, it’s an IPS panel being used instead of mini-LED. If it were the latter, the $1599 price point would be easier to accept. But at least they included a stand this time. Though having to pay $400 to make it height adjustable seems obscene to me given that every other monitor on Earth has this functionality right out of the box.

Here’s where I won’t ding Apple. This monitor is 60Hz. And a lot of people on the Internet are upset about that as Apple has released iPads, iPhones, and MacBook Pros with ProMotion displays. That’s their variable refresh rate technology which allows a monitor to go from 120Hz down to as low as 24 Hz depending on the device. Thus it seems logical to expect a ProMotion display on a brand new monitor. Right? But here’s some facts. Thunderbolt doesn’t support 120Hz above a resolution of 4K. So there’s no technical way for Apple to bring ProMotion to a 5K monitor. Which meant ProMotion was never going to happen unless Apple went with a 4K panel. Which I am guessing was never going to happen either.

On top of that, the people who are the targets for this monitor are not the average person. It’s someone who wants:

  • A monitor that has the same calibration as their other Apple products (MacBook Pros, iPad Pros, etc.) so that they can work on content in a consistent manner as it supports many reference modes including Apple Display, HDTV Video, NTSC, PAL, SECAM, Digital Cinema, Design and Print, Photography, and Internet and Web sRGB.
  • Video professionals typically work with monitors locked to 60Hz, 30Hz, or 24Hz depending on the project. Thus the lack of ProMotion is a non-factor for them. Ditto for HDR support as anyone who needed HDR in their workflow would have brought a Pro Display XDR by now because it supports Dolby Vision HDR. There aren’t many monitors in the sub $1000 price range, or sub $5000 price range for that matter that support Dolby Vision HDR. In fact, any monitor in that price range with HDR support would be laughed at by a video or photography pro due to whatever HDR support it had if it wasn’t Dolby Vision HDR.

The above likely explains why if you wanted to buy a Studio Display, you currently have to wait at least 8 weeks to get one.

So in short, Apple likely hit the mark with the target audience of this monitor. But that’s not helping them in the PR space where people who were never, ever going to buy this monitor are saying that this monitor is a #Fail. Which means that the monitor is perceived as a #Fail. And perception is reality. The key word is perception. Because the reality is that this monitor is not a #Fail. It’s a good first party solution for the people who can utilize it.

Here’s my last point on this, while there are other monitors that do HDR, or do 120Hz, or have built in webcams finding one that checks the boxes of the Studio Display is going to be a huge challenge as almost nothing does 5K resolution. Nothing out there has the integration with macOS that the Studio Display has. And even if you downscale your ambitions to 4K or even HD like I did when I got this monitor, nothing is going to support the reference modes that the Studio Display has. Thus if you get a third party monitor, you’ll pay less money, but you’ll get less monitor. And you’ll likely be looking at a gaming monitor to get 120Hz and not ProMotion, passable HDR support, and either HD or QHD resolution due to the fact that 4K gaming monitors are currently few and far between. And it won’t have the sound quality that the Studio Display has. And I would question if you would get a usable webcam with it. On the flipside, if Apple came out with this monitor two years ago, or even a year ago, we would not be talking about this monitor as being a #Fail because it would be at worst in line with the competition. And further to that, if Apple came out with this monitor today with HDR, or ProMotion (not that it’s possible, but let’s pretend that it was possible for the sake of this argument), or a camera that worked out of the box, or some combination of those, we would not be talking about this monitor as being a #Fail because it would justify the price.

Apple didn’t exactly help their own cause here by how they brought this monitor to market. But I also think that there’s been an overreaction to this monitor’s perceived shortcomings. So I would say that people who hate this monitor need to take a breath here and relax. But at the same time, Apple needs to think about how to bring a monitor to market that has features that the people who are flipping out about this monitor want, but at the same time meets the $1599 price point, if not lower. Because this clearly is being perceived as a swing and miss by Apple. Even if it isn’t.

Leave a comment »

GIMMICK Malware Goes After macOS Computers

Posted in Commentary with tags , on March 28, 2022 by itnerd

macOS users need to worry about a new piece of malware called GIMMICK. The malware was discovered by researchers at Volexity, who retrieved it from the RAM of a MacBook Pro running macOS 11.6 (Big Sur), which was compromised in a late 2021 cyberespionage campaign:

GIMMICK is used in targeted attacks by Storm Cloud, a Chinese espionage threat actor known to attack organizations across Asia. It is a feature-rich, multi-platform malware family that uses public cloud hosting services (such as Google Drive) for command-and-control (C2) channels. The newly identified macOS variant is written primarily in Objective C, with Windows versions written in both .NET and Delphi. Despite core differences in programming languages used and operating systems targeted, Volexity tracks the malware under the same name due to shared C2 architecture, file paths, and behavioral patterns used by all variants.

The post from Volexity goes into detail about how this malware works. But here’s the high level explanation. After initializing the malware loads additional components that can remotely manage a Google Drive session. By using Google Drive as a command-and-control platform, the malware can go undetected by network monitoring solutions. Once on a machine, attackers can carry out a variety of other tasks using the malware, including uploading files from the machine to command-and-control infrastructure, downloading additional malicious files to the machine, and gaining a shell that allows it to execute commands.

Here’s the good news. If you’re on macOS Monterey, you’re protected from this malware. So your best defence is to get macOS Monterey onto your computer. Also, the usual advice of not clicking on attachments that you don’t recognize applies, along look considering the use a security product to protect yourself. Because as this illustrates, Macs are not immune to malware.

Leave a comment »

Kaspersky Is Under Pressure On Multiple Fronts

Posted in Commentary with tags on March 27, 2022 by itnerd

Russian security company Kaspersky is not having a good time of it since Russia invaded Ukraine. Currently Germany has suggested that German companies dump Kaspersky products. And when that happened, I said this:

These accusations are not new as Kaspersky has been in the crosshairs of various countries because they are a Russian company. But given the current political climate, and the likelihood that this warning will be echoed by the US and other countries, it is safe to say that Kaspersky is in trouble. And I would go further to say that they will not survive this.

Guess what? The US has waded into this as Kaspersky has been added to the Covered List. That means that they are seen to be an unacceptable risk to U.S. national security. Kaspersky services covered by this decision include information security products, solutions, and services supplied by Kaspersky or any linked companies, including subsidiaries or affiliates.

That’s not good. But this is just as bad. HackerOne has announced that it has kicked Kaspersky’s bug bounty program off its platform. HackerOne has posted this in a FAQ regarding sanctions against Russia published last week. And this was confirmed via a Tweet from Kaspersky:

Kaspersky now asks researchers who find vulnerabilities in its products to report them using its self-hosted bug bounty program. I am not sure that I would want to participate in that seeing as they are Russian. But if you do want to participate, you do you.

1 Comment »

Review: Vivo Single Desk Mount

Posted in Products with tags on March 26, 2022 by itnerd

Ever since I got my FlexiSpot Electric Height Adjustable Standing Desk last year, I’ve been looking for a better way to have my Acer Nitro Gaming Monitor on it for a couple of reasons. For starters, when I did My Desk Setup article I had it on an old monitor stand which took up a lot of space and didn’t really look that great. Plus I wanted the option of having some extra adjustability should I need it. It’s taken a fair amount of effort, but I think I have finally found the solution in the form of the Vivo Single Monitor Desk Mount.

What I like about this solution is that it bolts right to the desk so that it looks like it part of the desk.

You do have another clamp option where you drill a hole into the desk and put a bolt through it to clamp it to the desk. But I decided not to go that route as I didn’t want to drill holes in the desk. One plus to this mount is that it’s pretty flush to the edge of the desk.

The stand comes with a VESA mount that supports 75mm x 75mm and 100mm x 100mm mounting, and you have to use their screws and washers to attach the mount to your monitor. I point that out because my monitor came with screws and they weren’t long enough to work. The knob that you see allow you to move the monitor up and down. From what I tell, unless you’re 7 feet tall, you should be able to put the monitor in a position that works for you.

The monitor is removable and secured with a single screw on the left hand side. I should note that their VESA mount allows 10 degrees of adjustment up and down, as well as the ability to rotate the monitor. However there’s no left or right movement. Which I’m fine with.

There’s very basic cable management included as well as I was able to get the power cable and HDMI cable out of the way. If they included a second one of these in the box, it would have been better to make things look neater.

Assembly was relatively straightforward and took about 25 minutes. Everything you need to assemble this stand is in the box with the exception of a Phillips screwdriver. Though reading the manual first will help you to plan out how you should mount this to your desk. Once assembled, it’s extremely solid. Which means when I do move the desk up and down, it’s not going to shake. And the net result is that I have a workspace that now has a bit more room for me to work, and is a bit more ergonomically correct as well. Not to mention looking much more modern.

I should note that the stand supports up to a 27″ monitor, and a maximum weight of 17 pounds. So that fits most use cases that most people should have. I found Vivo Single Desk Mount on Amazon for $54.99 CDN which as far as I am concerned as is money well spent as the result is top shelf. And the eagle eyed among you will note that I have some other stuff on my desk that you might not have seen before. I’ve been evolving my desk setup and I’ll have a new desk setup article posted in the coming weeks as I continue to tweak this setup to work for me.

2 Comments »

« Older Entries
Newer Entries »