Archive for December 11, 2023

Enjoy the journey with Uber and Bumble

Posted in Commentary with tags on December 11, 2023 by itnerd

It’s near the festive season, and Uber thinks that Canadians deserve a treat.

That’s why Uber and Bumble have partnered to make the journey to your date easier–and cheaper! Arrive to meet your match in an Uber Comfort, and you can enjoy 15% off your ride; terms apply. Uber is also giving Uber One members access to a free 7 day trial of Bumble Premium this holiday season; terms apply.

And do you know what 15% off your Uber means? It means 15% more money to spoil your date (and yourself!) of course.

🍧 Get another dessert

🎟️ Pay for entry to that next place

☕ Put it towards the coffee next time

So, what are you waiting for? Book your ride now, and enjoy the journey.

Leave a comment »

Norton Healthcare Pwned In Ransomware Attack

Posted in Commentary with tags on December 11, 2023 by itnerd

In a press release Friday, Norton Healthcare of Kentucky confirmed that 2.5 million patients, employees, and dependents were impacted by a ransomware attack that took place 7 months ago.

Between May 7th and 9th, the hackers gained access to a wide range of sensitive information, including: 

  • Names 
  • Contact information 
  • SSNs 
  • DOBs 
  • Health information 
  • Insurance information 
  • Medical identification numbers 
  • Financial account numbers 
  • Driver’s licenses  
  • Government ID numbers 
  • Digital signatures

Although Norton didn’t associate a gang with the attack, in an entry added to their dark web leak site in May, ALPHV (BlackCat) claimed they allegedly stole 4.7TB of data from the healthcare system’s compromised network and leaked dozens of files as proof.

Emily Phelps, Director, Cyware had this to say:

   “The scale and sensitivity of the data involved in this attack underscores the importance of proactive and real-time intelligence sharing to preempt such threats. Joining Health-ISAC is a great place to start for trusted threat intelligence sharing and security collaboration. Arming healthcare organizations with not only the right intel but also the right automation helps ensure security teams can take quick action to mitigate risk.”

This is not good for Norton Healthcare. Secondary attacks using this data are sure to come, and that won’t end well for anyone. Not Norton Healthcare, and not the 2.5 million who are affected by this.

Leave a comment »

HP Launches New Thin Client Offerings to Seamlessly Power, Secure Mission-Critical Work

Posted in Commentary with tags on December 11, 2023 by itnerd

In today’s rapidly evolving digital landscape, organizations and IT admins are seeking reliable, cost-effective offerings that safeguard data without sacrificing elite performance or maximum security for mission-critical work– whether for government employees accessing classified information or filmmakers working on tentpole projects, to stockbrokers and healthcare workers handling sensitive data.

Today, HP announced its latest Thin Client offerings designed to meet these needs: the HP Elite t755 Thin Client, delivering 77% increased CPU performancei, and HP tz655 Trusted Zero Client, accelerating Zero Trust adoption. 

  • Providing a seamless and secure solution for workers and IT, the HP Elite t755 Thin Client and HP tz655 Trusted Zero Client are ideal for multi-user workspace environments or remote work setups, enabling employees to work productively on performance-intensive projects while data remains secure.
  • Equipped with comprehensive security and data protection, HP Thin Client offerings feature physical intrusion detection technologyii; continuous security risk monitoring with HP Anyware Trust Centeriii; preventing unauthorized changes to mission-critical endpoints with HP ThinPro OS lockdown and HP Write Manager; and defense against cold-boot attacks with full memory encryption via AMD Memory Guard™ iv.

Standout experiences & features include:

  • The HP Elite t755 Thin Client uplevels the cloud experience with breakthrough performance, 77% increased CPU performancei, thanks to the 45w AMD Ryzen™ Embedded V2546 processorv. Users can work smarter, not harder, with support for up to six 4K displaysvi, configurable port flexibility, and low power consumption with the device using less than 200 watts.xii
  • The HP tz655 Trusted Zero Client accelerates Zero Trust adoption with in alignment with government mandates. IT admins can simply and remotely deploy, update, and manage thousands of HP Thin Clients from anywherevii through a single console with HP Device Managerviii. This device offers powerful performance, including PCoIP Ultra™ performance to accommodate compute-intensive apps with real-time enhanced image quality.

Additionally, both offerings are designed with HP’s commitment to sustainability in mind, containing at least 50% post-consumer recycled plasticsix and outside box and corrugated cushions that are 100% sustainably sourced and recyclablex, as well as ENERGY STAR® certified and EPEAT® Gold registered in the U.S.xi

Pricing & Availability

  • The HP Elite t755 Thin Client will be available worldwide at www.hp.com/go/thin on January 29, 2024, starting at $719 USD. 
  • The HP tz655 Trusted Zero Client is expected to be available worldwide in March 2024 at www.hp.com/go/thin. Pricing will be announced closer to availability.

Leave a comment »

Beeper Mini Is Back…. Until Apple Decides To Take Them Out Again

Posted in Commentary with tags on December 11, 2023 by itnerd

First we got Beeper Mini which promised Android users the iMessage experience. But that didn’t last long because it appears that Apple shut them down very quickly, and admitted to it. But not before the company said that they were trying to bring the service back online. And it appears that they have done so with a twist. First according to this, you need to install this app via Sideloading. Meaning at present this app is outside the Play Store. Though they are working on getting it approved which will make installing this app less sketchy. However, even before installing the app, you should read their blog post on the subject as it contains some interesting info. But here’s the TL:DR: This update removes phone number support and leaves users to continue with iMessage via their Apple ID. Though that may return later.

The thing is, that this is going to last as long as Apple allows it to last. Which one suspects won’t be long. And I reiterate what I said here about this situation:

Here’s the question. How long will this fix last? I honestly think that this has become a game of cat and mouse between Beeper and Apple. And assuming that this fix is real and works, it will be in Apple’s court in terms of what the next move in this drama is. Will it be another technical solution as Apple implied that they would do in their statement, or will Apple send in the iLawyers and take them out in court.

The ball’s in Apple’s court now. Let’s see what they do.

Leave a comment »

FBI Offers Disclosure Delay Request Guidance Ahead Sf SEC 4-Day Rule Debut 

Posted in Commentary with tags on December 11, 2023 by itnerd

On December 18th, the SEC’s new 4-day rule for “material” cybersecurity incident disclosure takes effect, and as the FBI will be responsible for collecting and assessing delay requests along with the DoJ, they have published guidance for companies hoping to apply.

The document explains that companies may “request disclosure delays for national security or public safety reasons” by emailing the FBI the following information: 

  • When the incident occurred 
  • When the organization determined it was material 
  • What kind of cyberattack occurred 
  • What the intrusion vectors are 
  • What infrastructure or data was affected 
  • How infrastructure or data was affected 
  • Operational impact of the incident 
  • Whether there is confirmed attribution of the attack 
  • Whether they have already been in contact with a local field office 
  • Points of contact 
  • Information about whether it’s the first delay-referral request 

A failure to provide the exact date, time and time zone for the materiality determination and if a delay request is not made alongside the determination of whether the attack was “material,” the delay-referral request will be denied.

After the FBI makes a referral, the DoJ will issue a delay determination and can grant a delay of public filing for 30 business days, with an option to delay for an additional 30 and in “extraordinary circumstances,” for an additional 60 business days due to substantial national security (but not public safety) risks, the FBI said.

Troy Batterberry, CEO and Founder, EchoMark had this to say:

   “The current SEC disclosure rules, while well intentioned to keep investors informed, fail to comprehend the complexity of dealing with such events as they emerge. Prematurely disclosing information can help assist the very criminal(s) involved and make the situation even worse for the victim and their respective investors. Such situations are not just limited to national security.”

Clearly there’s some need to nuance these rules. But I am glad that they exist as they make cybercrime way less profitable for cybercriminals. Not to mention giving the public more transparency in term of companies who get pwned.

UPDATE: George McGregor, VP, Approov Mobile Security added this:

   “With the new SEC reporting guidelines as well as the EU Cyber Resiliency Act 24 hour breach reporting requirement coming into force, companies are having to scramble to be able to quickly report breaches.

   “The process to request a delay by the FBI is welcome, and will take some of the pressure off. Companies are struggling to balance limited investments, and what we don’t want to see is a focus on regulatory reporting to the detriment of spending on upstream cyber defense techniques.”

Leave a comment »

Schneider Electric Announces Google, ASM And HP Have Joined The Catalyze Program 

Posted in Commentary with tags on December 11, 2023 by itnerd

Schneider Electric, the leader in the digital transformation of energy management and automation, today announced that Google, ASM and HP have joined the Catalyze program, which aims to accelerate access to renewable energy across the global semiconductor value chain and IT supply landscape, as new global sponsors.

The first-of-its-kind program was first announced in July, with sponsors Intel and Applied Materials. The announcement that three more leading technology companies have now joined as founding sponsors coincides with the COP28 United Nations Climate Change Conference taking place in Dubai.

Catalyze encourages suppliers from throughout the semiconductor industry ecosystem to collaborate to transition their value chain to renewable sources of energy. Participants are encouraged to make commitments to decarbonization and take collective action through the procurement of renewable energy, leveraging the purchasing power of buyer cohorts.

The energy transition within the value chain is imperative. According to a recent study by the SEMI Semiconductor Climate Consortium, the semiconductor industry’s carbon footprint was equivalent to 500Mt of CO2 in 2021—with 16 per cent coming from the supply chain. By transitioning suppliers onto lower-carbon sources of energy and supporting them in other decarbonization actions like electrification, the industry can make a significant impact in its overall Scope 3 emissions.

The Catalyze program strives to:

  • Combine energy purchasing power across the semiconductor value chain to accelerate the deployment of renewable energy projects
  • Provide suppliers – who may not have the capacity on their own – with the opportunity to participate in the market for utility-scale power purchase agreements (PPAs).
  • Enable any company that supplies to a Catalyze sponsor to join– across the IT supply landscape
  • Increase awareness of the availability of renewable energy in specific global regions where the semiconductor value chain is operational
  • Leverage numerous educational and digital technology platform engagements to drive measurable actions in supply chain decarbonization

Learn more about the Catalyze program here.

Leave a comment »

Elon Musk’s Grok AI Makes Him Look Stupid On Multiple Fronts

Posted in Commentary with tags on December 11, 2023 by itnerd

Elon Musk simply can’t catch a break. He’s launched his new AI Grok which he promised would be spicy. But it’s something else. It’s embarrassing. Let’s start with the fact that the AI trashes Elon:

Not only that but, apparently, Grok isn’t afraid to roast its creator. A popular prompt for Grok is to “roast” someone, Mauran reported, so naturally, someone decided to ask Grok to roast Musk. 

Aravind Srinivas, CEO of Perplexity AI (which brands itself as the “world’s first conversational answer engine and research companion”), asked Grok to “roast @elonmusk based on his posts, and be vulgar!”

It looks like Elon just got pwned by his own AI in epic fashion. I’m pretty sure a few of Elon’s body parts shrivelled up when he read that. Then there’s this:

Now, add another woe to Grok’s rocky debut: users are noticing that it seems to be cribbing from its direct competitor ChatGPT, which is made by Musk’s former pals and current enemies at OpenAI.

In response to one query, for instance, Grok made a startling admission: “I’m afraid I cannot fulfill that request, as it goes against OpenAI’s use case policy.”

Remember, OpenAI didn’t make Grok — Musk’s xAI startup did, at least in theory. So what’s going on?

Here’s the facepalm level admission as to why this is the case:

“The issue here is that the web is full of ChatGPT outputs, so we accidentally picked up some of them when we trained Grok on a large amount of web data,” he wrote. “This was a huge surprise to us when we first noticed it.”

Sure. Right. I totally believe that. #Sarcasm

Finally, it appears that Grok is something that I am sure that Elon is mad about. The AI is “woke”:

But while Grok can make dumb jokes and insert swears into its answers, in an attempt to find out whether or not Grok is a “politically neutral” AI, unlike “WokeGPT” (ChatGPT), Musk and his conservative followers have discovered a horrible truth.

Grok is woke, too.

This has played out in a number of extremely funny situations online where Grok has answered queries about various social and political issues in ways more closely aligned with progressivism. Grok has said it would vote for Biden over Trump because of his views on social justice, climate change and healthcare. Grok has spoken eloquently about the need for diversity and inclusion in society. And Grok stated explicitly that trans women are women, which led to an absurd exchange where Musk acolyte Ian Miles Cheong tells a user to “train” Grok to say the “right” answer, ultimately leading him to change the input to just…manually tell Grok to say no.

Now Elon is going to make Grok “politically neutral”, which is code for making it more right wing. How he can do that is anyone’s guess. But what is clear is that Elon looks like a real loser when it comes to his AI.

Leave a comment »