Archive for December, 2022

2022: Year In Review

Posted in Commentary on December 31, 2022 by itnerd

At this time of year I like to look back over the past 365 days and pick out the stories that really got my attention. This year has been only marginally better than 2021, which is another way of saying that the focus on the entire planet was still understandably elsewhere. Having said that, here’s what happened in tech this year:

  • Twitter And Elon Musk: Elon Musk bought Twitter. Though he did try to weasel his way out of buying Twitter and only bought it when he was forced to. He then promptly fired all the staff and started doing things that drove advertisers running for the exits and users to other social media platforms. Most notably Mastodon. I won’t go over all the rather insane things that he’s done, but it’s exposed him as not being the genius that he and others bill him as. Not to mention that his actions at Twitter have tanked Tesla’s stock value. In 2023, I fully expect Elon to continue on the suicide mission that he and Twitter seem to be on which will eventually lead to the death of Twitter.
  • My Exit From Twitter: Seeing as I refuse to be on a platform that has swung towards hate and intolerance due to Elon’s love affair with his version of “free speech”, this will be my last official post on Twitter. From now on I can be found on Mastodon at @The_IT_Nerd@NOC.Social. If you’re as disgusted at Elon as I am, consider this your invitation to move to someplace more sane.
  • Rogers Shuts Down Canada: Early in July, Rogers had a catastrophic failure of its entire infrastructure that basically created the digital equivalent of a snow day for those who work from home, as well as taking down bank machines, payment terminals, cell phones, 9-1-1 service, and businesses across the country. As you could expect, this really got a lot of people mad including the federal government who not only demanded answers but action to ensure that this couldn’t happen again. It also forced Rogers to go on a major charm offensive to convince Canadians that they could be trusted after such a massive fiasco. I fully expect that Rogers will still have to be on that charm offensive as months later, I still have my clients and other making less than positive comments about Rogers.
  • My Exit From Rogers: Constant issues before the July outage, as well as one more outage drove my wife and I to Bell for our telco services. Now we’re not fans of Bell because of their hyper aggressive sales tactics as well as their craptastic customer service. But until Rogers gets its reliability issues under control, and actually offer a product that is competitive as what Bell has been offering for years, Bell is the better option for us.
  • The Rogers/Shaw Merger Drags On: The Rogers/Shaw merger which was supposed to close early this year has dragged on for months and even took a trip to the Competition Tribunal after the Competition Bureau opposed the deal due to the fact that it removes completion and will likely result in higher prices for Canadian Consumers. As I type this, this decision is being appealed. Thus this story will continue into 2023.
  • Apple’s China Connection Becomes A Huge Problem: Fun Fact, Apple makes a lot of their problems in China. And that became a huge problem this year as COVID lockdowns in the country limited Apple product deliveries to customers. It also didn’t help that videos of workers for Apple contract manufacturer Foxconn surfaced of workers rioting to escape the Foxconn iPhone Plant because of bad working and living conditions. That led to Apple trying to get out of China at the end of the year. We’ll see if that works for them in 2023, and we’ll also see if this creates issues for them on the balance sheet as well as in the public eye.
  • The Pwnage This Year Was Beyond Epic:Last year was a record year of everything getting pwned by threat actors. This year it was even worse. And that’s not good. I fully expect 2023 to be worse yet unless we all wrap our heads ASAP around making the digital world a safer place.

And now for some stats. The top ten countries that visited my blog in 2020 are:

  1. Canada
  2. United States
  3. United Kingdom
  4. India 
  5. Norway
  6. Australia
  7. Philippines
  8. Germany
  9. France
  10. Signapore

In all almost just over 1.3 million page views were served up this year. That’s slightly up from last year and I feel really good with that number.

And in terms of the top ten stories that were viewed this year:

  1. WARNING! A New Text Message #Scam Involving TD Bank Is Making The Rounds [UPDATED x2]
  2. Review: Bell Home Hub 4000
  3. Here’s How The Last 4 Digits Of Your Credit Card Can Be Used To Commit Fraud
  4. How To Configure PPPoE Bypass On The Bell HH4000 Hardware
  5. Revisiting How To Bypass Bell’s HH400 Hardware With Your Own Router… Along With Some Commentary About ASUS And Bell
  6. Don’t Fall For This Interac Scam That Is Delivered By Text Message [UPDATED]
  7. Hey IT Nerd! Can I Get Rid Of The Check Engine Using A Scan Code Tool?
  8. WARNING: A Geek Squad #Scam Is Making The Rounds
  9. How To Move Your E-Mail And Contacts Off The Rogers Yahoo/Oath E-Mail Platform
  10. Review: Bell Fibe 1.5 Gbps FTTH Internet

The first thing that I notice is that four of the top ten items relate to Bell. That includes two stories on how to bypass the Bell hardware to use your own gear as Bell doesn’t have a proper bridge mode in their hardware. Perhaps they need to take the hint and implement that as this is clearly something that their customers care about. Scams make up another four spots in the top ten. And surprisingly, only one story about Rogers is in the top ten. Though it’s about how to get off their email platform. Which might be a hint that their July outage related issues may still be an issue for Rogers in 2023 as you would not be looking for a way to get off their email platform if you were not looking to dump Rogers as your email provider or your telco.

Now if you have something that you think that should be on this list, leave a comment with your thoughts. Happy new year (hopefully)!

Good News! Canada’s Competition Bureau Will Appeal Today’s Rogers – Shaw Decision

Posted in Commentary with tags , on December 30, 2022 by itnerd

This morning I was not hopeful about the chances of Canadians getting a positive outcome in terms of the Rogers – Shaw merger decision from last night. But there’s hope as news is out that the Competition Bureau is appealing the decision:

The Competition Bureau is appealing the Competition Tribunal’s dismissal of its case against Rogers Communications Inc.’s $26-billion takeover of Shaw Communications Inc., the companies said as they expressed their disappointment in the move.

The telecommunications companies said Friday that they were informed of the bureau’s intent to appeal the tribunal’s decision, released late Thursday. They said they were alsot told that the bureau will apply for an injunction to block the deal from closing until an appeal is heard.

“We are deeply disappointed that the Commissioner continues to attempt to deny Canada and Canadians the advantages that will come from these proposed transactions,” the companies said in a joint statement.

The Competition Bureau did not immediately respond to a request for comment. Commissioner of Competition Matthew Boswell said in a statement late Thursday that he was very disappointed by the tribunal’s dismissal and was carefully considering next steps.

It’s bad news for Rogers and Shaw. But it’s good news for Canadians as this is a bad deal for Canada and must be stopped. Thus I am hopeful that this deal will be stopped so that Canadians don’t end up getting shafted as a result.

Apple Has Released Advanced Data Protection…. Here’s Why Most Of Us Don’t Need To Switch It On

Posted in Commentary with tags on December 30, 2022 by itnerd

Long time readers of my blog will know that I have always argued that you should have the right to encrypt everything if you should choose to do so. But the title of this post may make you think that I have flipped to the other side of that argument. In fact, it hasn’t. Let me explain.

With the release of iOS 16.2 and related macOS, iPadOS and watchOS releases, Apple has released Advanced Data Protection. This is meant to do the following:

Advanced Data Protection for iCloud is an optional setting that offers Apple’s highest level of cloud data security. When a user turns on Advanced Data Protection, their trusted devices retain sole access to the encryption keys for the majority of their iCloud data, thereby protecting it with end-to-end encryption. For users who turn on Advanced Data Protection, the total number of data categories protected using end-to-end encryption rises from 14 to 23 and includes iCloud Backup, Photos, Notes and more.

Now your first thought is going to be “my iCloud data wasn’t end to end encrypted?” And the fact is that not all of your iCloud data was end to end encrypted. Without Advanced Data Protection turned on, iCloud end to end encrypts 14 sensitive data types such as passwords in keychain, health data, payment information, messages in iCloud, Apple card transactions, Home data, and much more. But that list goes up to 23 data types if you turn on Advanced Data Protection. You can find a list of what is and isn’t end to end encrypted here. The key thing is to look for the words “end-to-end” in the list.

So at this point, you might be thinking that more of your data is going to be end to end encrypted, this is a feature that you should turn on. Right.

Not so fast.

Here’s the thing about Advanced Data Protection that you need to know before you flip that switch. Apple makes you solely responsible for your encryption. Or put another way, because Apple will not have the keys required to recover your data, you need to set up an alternate recovery method, such as a recovery contact or recovery key in case you ever lose access to your account. And if you lose access to that alternate recovery method, you’re screwed because Apple cannot help you to get your data back. Nor can anyone else.

So with that in mind, should you turn on Advanced Data Protection? My answer would be no for the vast majority of you. And I include myself on that list. Why? Simply put, I am currently not a high value target for hackers or nation states who would see the data on my devices as being of significant value for them to acquire. And on top of the fact that Apple’s default security model works fine for me, encryption can make it harder for you to recover data should you need to as you would have to hop through extra hoops with little assistance from your local Apple Store or Apple’s phone support to help you. Thus I would argue that for the vast majority of you, Advanced Data Protection should remain turned off.

Having said that, you might want to consider Advanced Data Protection if you fall into one of these categories:

  • Politician
  • Journalist
  • Activist (human rights activist for example)
  • High probability of being a target of law enforcement

I am sure there are more categories, but I think you get the point. The fact is that these are the types of people that Advanced Data Protection was intended for because they are at high risk of getting pwned by hackers, nation states and other threat actors among other types who would want access to the data that’s in iCloud or on their iPhones or MacBooks. The other 95% of us should not touch this feature. But if you feel that you need to enable this feature, Apple has this support document that describes how to do it. But honestly, I would think long and hard before you go down that path. Because while I am glad that Advanced Data Protection is there, most of us don’t need to use it. And it may create more problems for you than it solves.

Rogers – Shaw Merger Approved By Competition Tribunal… Which Means That Canadian Consumers Are One Step Closer To Being Screwed

Posted in Commentary with tags , on December 30, 2022 by itnerd

Canadian telco consumers should prepare to have less competition in the telco space because late last night the merger of Rogers and Shaw which has been fought by Canada’s competition watchdog have been approved. CBC has the details:

In a summary of its decision released Thursday, the tribunal says the merger of the two telecommunications companies would not result in materially higher prices.

The decision says the deal, which includes the sale of Shaw-owned Freedom Mobile to Quebecor-owned Videotron, would not likely prevent or lessen competition substantially.

Quebecor agreed to buy Freedom Mobile in a $2.85-billion deal earlier this year.

Concerns that Bell and Telus — the closest competitors to Rogers in Canada’s telecom market — would be unable to compete with the combined company were also dismissed.

“The tribunal has also determined that the strengthening of Rogers’ position in Alberta and British Columbia, combined with the very significant competitive initiatives that Telus and Bell have been pursuing since the merger was announced, will also likely contribute to an increased intensity of competition in those markets,” the decision reads.

It says a more detailed decision will be released in the next two days.

I’m sorry, but this decision is horrible for Canadians because the exact opposite is going to happen as there’s going to be one less player in the marketplace. While this still has to be approved by Innovation, Science and Economic Development Canada, I expect that to be a rubber stamp as the current federal government in Canada pays lip service to having an affordable and competitive telco space. Canadian consumers might want to remember that when the next election comes and vote accordingly.

How Bad Is Elon Musk’s Cost Cutting At Twitter?… The New York Times Has That Answer And It Doesn’t Look Good

Posted in Commentary with tags on December 30, 2022 by itnerd

The New York Times has a mind blowing article about what Elon Musk’s cost cutting at Twitter looks like. And I do mean mind blowing. Let’s start with Elon cutting data centres. Something that I reported on last week:

Early on Christmas Eve, members of the billionaire’s staff flew to Sacramento — the site of one of Twitter’s three main computing storage facilities — to disconnect servers that had kept the social network running smoothly. Some employees were worried that losing those servers could cause problems, but saving money was the priority, according to two people who were familiar with the move but not authorized to talk about it.

The data center shutdown was one of many drastic steps Mr. Musk has undertaken to stabilize Twitter’s finances. Over the past few weeks, Twitter had stopped paying millions of dollars in rent and services, and Mr. Musk had told his subordinates to renegotiate those agreements or simply end them. The company has stopped paying rent at its Seattle office, leading it to face eviction, two people familiar with the matter said. Janitorial and security services have been cut, and in some cases employees have resorted to bringing their own toilet paper to the office.

And:

Those cuts may be yielding consequences. On Wednesday, users around the world reported service interruptions with Twitter. Some were logged out, while others encountered error messages while visiting the website. Twitter has not explained what caused the temporary outage. Three people familiar with the company’s infrastructure said that if the Sacramento facility had still been operating, it could have helped alleviate the problem by providing backup computing capacity when other data centers failed.

But it doesn’t stop there. Here’s where we get to the mind blowing part of this:

Last week, Twitter got rid of the cleaning staff at its New York offices and 10 people from corporate security, signaling that it may close one of its two buildings there, said two people familiar with the move.

At Twitter’s San Francisco headquarters, where the company has missed rent payments, Mr. Musk has done the same, consolidating workers onto two floors and closing four. He also canceled janitorial services this month, after those workers went on strike for better wages.

That has left the office in disarray. With people packed into more confined spaces, the smell of leftover takeout food and body odor has lingered on the floors, according to four current and former employees. Bathrooms have grown dirty, these people said. And because janitorial services have largely been ended, some workers have resorted to bringing their own rolls of toilet paper from home.

That last paragraph blows my mind because it makes working at Twitter akin to working in a sweatshop in a third world country. It also makes Elon look like a Grade A scumbag because nobody in a leadership position should want their employees working in such conditions. But as it’s become clear over that last few weeks, that’s not who Elon is. Elon does whatever he wants and he clearly doesn’t care anything about the people who work for him. Thus why I consider him to be a Grade A scumbag. Though I suspect at some level he does care because….:

He has also asked some leaders to snuff out the sources of leaks to the press and anonymous posts on social media sites, three people said, and is focused on eliminating people inside the company he believes are opposed to him.

Well good luck with that Elon. When you get people upset, screw them over, and act like a dictator, you’re going to have some people lining up to take shots at you by going to the press and telling them things that you don’t want out in public. Which by the way I hope people continue to do because Elon needs to be exposed for everything that he is.

Good thing that I’m off of Twitter in a couple of days. This place sounds like a horrible place to work.

LG Launches ThinQ UP Upgradeable Home Appliances

Posted in Commentary with tags on December 29, 2022 by itnerd

LG Electronics (LG) has announced the global launch of its LG ThinQ™ UP upgradeable home appliances, including refrigerators, washers, dryers, oven ranges, and dishwashers. Able to adapt to the unique needs and changing lifestyles of each customer, LG’s appliances enable users to enjoy new features and functions without having to make any additional purchases. Launched in South Korea in January 2022, LG ThinQ™ UP will begin rolling out internationally starting in March 2023 in the U.S., with availability in other key markets to follow.

Built around the customer-centric concept of Evolving with You, LG ThinQ UP appliances can incorporate new features throughout their life, providing more value to users over time. LG will continuously develop easy-to-install software updates and hardware add-ons, delivering specialized options and new conveniences based on the usage patterns and suggestions of ThinQ UP appliance owners. 

One of the custom features available to download in 2023 is Laundry Saver Mode, which can be applied to dryer models with ThinQ UP. Extremely useful for those times when you can’t unload the dryer right away, Laundry Saver keeps the drum tumbling after the cycle has finished (and until the dryer door is opened) to help prevent wrinkles and odours. Another feature on offer is Improved Nighttime Brightness Control for refrigerators with ThinQ UP, which makes the fridges’ interior lighting softer at nighttime so as not to overwhelm users when they open the door. All new software features are optional, and can be easily downloaded from the LG ThinQ app.

Visitors can experience all of LG’s latest innovations, including the new ThinQ UP appliances, at the company’s booth (#15501, Las Vegas Convention Center) at CES 2023 in Las Vegas from January 5-8. 

Rival Password Manager 1Password And A Security Researcher Call Out LastPass…. As They Should

Posted in Commentary with tags on December 29, 2022 by itnerd

The issues with LastPass and their habit of getting pwned and having customer data in the wild is a big deal as the data in question happen to be customer’s passwords for their online lives. But LastPass has played this down by saying this:

If you use the default settings above, it would take millions of years to guess your master password using generally-available password-cracking technology. Your sensitive vault data, such as usernames and passwords, secure notes, attachments, and form-fill fields, remain safely encrypted based on LastPass’ Zero Knowledge architecture. There are no recommended actions that you need to take at this time. 

Well, this didn’t go over well with Wladimir Palant who picked apart what was said by LastPass and said this:

Their statement is also full of omissions, half-truths and outright lies. As I know that not everyone can see through all of it, I thought that I would pick out a bunch of sentences from this statement and give some context that LastPass didn’t want to mention.

I encourage you to read the full post as Palant really rips into LastPass in a systematic way that makes it crystal clear why he feels the way he does. But he’s not the only one. 1Password has piled on with their own statement. And it’s damming:

That “millions of years” claim appears to rely on the assumption that the LastPass user’s 12-character password was generated through a completely random process. Passwords created by humans come nowhere near meeting that requirement. As I have been saying for more than a decade, humans just can’t create high-entropy passwords. Seemingly clever schemes to create passwords with a mix of letters, digits, and symbols do more harm than good.

Unless your password was created by a good password generator, it is crackable.

Translation, LastPass users may be in deep trouble according to 1Password.

The fact is LastPass really dropped themselves in it. As a result, I am now of the belief that LastPass users should do the following in this order:

  • Turn on two-factor authentication for as many of your accounts as possible, particularly high-value accounts like your email, financial services, and highly used social media accounts.
  • Change all the passwords that are stored in LastPass for every online service that you have to something totally different. Starting with high-value accounts like your email, financial services, and highly used social media accounts.
  • Stop using LastPass and delete all LastPass data.
  • Switch to a password manager that is either local and encrypted, or in the cloud under your control and encrypted. I use eWallet which supports both use cases. But 1Password and BitWarden are other options.

The fact is that LastPass users are in immediate danger as highlighted by 1Password and by Wladimir Palant, and they need to take immediate action to protect themselves. Because clearly LastPass can’t keep them safe.

Elon Musk Trolled After Tweeting That He Made “Significant” Changes To Twitter AFTER Twitter Went Down Last Night

Posted in Commentary with tags on December 29, 2022 by itnerd

Last night’s Twitter outage made Elon Musk a target on Twitter. To recap, Twitter started to have issues around 9PM EST last night, and those issues were logged by third party services like DownDetector. Right around that time Elon Tweeted this:

The timestamp on this Tweet indicates that this Tweet was posted AFTER the outage based on DownDetector’s graph of the outage.

That suggests that he might have been doing something around that time that caused the outage. Clearly I am not the only one who thinks that because the trolling of Elon came in hot and fast:

Clearly Elon isn’t winning any friends here. And he’s likely to have problems doing that as time goes on as his ability to use his “reality distortion field” to make himself look smarter than he actually is can best be described as no longer effective.

BREAKING: Twitter Appears To Be Having Issues…. Thanks Elon

Posted in Commentary with tags on December 28, 2022 by itnerd

Over the last hour I’ve been tracking reports of issues with Twitter. And DownDetector seems to confirm that there are issues at Twitter:

And users on DownDetector are saying stuff like this:

Not to mention people on Twitter who are using the hashtag #TwitterDown are saying the following:

I’ve had some random issues in the last hour with Tweets not posting and being force logged out of Twitter. So this is absolutely happening. I guess that this is result of an ego driven billionaire (though his net worth is falling by the day) who has no clue what he’s doing who is simply trying stuff and hoping that it will work. Twitter might not die tonight (though I would not at all be surprised if it did), but I think you’re starting to witness the beginning of the end of Twitter.

Great job Elon!

Guest Post: YouTube removed a record 5.8 million channels in Q3 2022

Posted in Commentary with tags on December 28, 2022 by itnerd

According to Atlas VPN analysis, Google’s video platform removed a record number of channels last quarter  — 5.8 million. 

Prior to Q3 2022, the highest volume of removed channels was recorded during the third quarter of 2021, at 4.8 million terminations. 

Over 91.2% of all removed channels last quarter were flagged as either misleading, participating in scams, or simply spamming.

The number of channels removed in Q3 2022 increased by 1.8 million compared to Q2, representing a growth of 46%. 

The figures were extracted from the YouTube Community Guidelines enforcement report

Another 194 thousand channels, or 3.3% of the total, were terminated due to breaking YouTube’s community guidelines by showcasing nude or sexual content.

An official statement by YouTube notes that the high volume of terminated channels might be due to the actions they have taken to preserve their workforce and cut in-office staffing in response to COVID-19. 

Most videos deleted in India

When YouTube deletes a channel, all of its videos are removed as well. Together with 5.8 million channels, due to channel-level suspension, more than 5.6 million videos were removed in the third quarter of 2022.

Surprisingly, one country stands above the rest in terms of the volume of recordings terminated. 

Throughout Q3 2022, as many as 1.7 million videos originating from India were deleted. The second country on the list — Indonesia, saw 629 thousand videos removed. 

The United States stands in third place, with 534 thousand removals. Brazil (276 thousand) and Russia (218 thousand) round up the top five countries in terms of deleted Youtube videos as a result of overstepping community guidelines. 

Interestingly, video and channel removal reasons differ completely.

While 91.2% of channels were removed due to spamming, misleading, and scams, only 3.9% of videos were removed based on these grounds. 

In contrast, the largest portion of videos were terminated due to child safety concerns, totaling 2 million videos deleted, comprising 36% of the total.

To see the full article, head over to: https://atlasvpn.com/blog/youtube-removed-a-record-5-8-million-channels-in-q3-2022