There Appears To Be A Mass Attack On Instagram In Progress

Posted in Commentary with tags on August 14, 2018 by itnerd

A number of people have reported having their Instagram accounts hacked this month, Mashable reports, and many of these hacks appear to have taken the same approach:

Users suddenly find themselves logged out of their accounts and when they try to log back in, they discover that their handle, profile image, contact info and bios have all been changed. Often the profile image has been changed to a Disney or Pixar character and the email address connected to the account is changed to one with a .ru Russian domain, according to Mashable. Some even had their two-factor authentication turned off by hackers. A handful of Instagram users reported the same details to Mashable as have hundreds of others who have taken to Twitter and Reddit to report hacks of their accounts.

It clearly sounds like Instagram has a serious problem on their hands if the hackers can get in and do things like turn of two factor authentication. So far, Instagram has only said the usual “we take our users security seriously” sorts of things, but so far there’s nothing from them as to how this is happening and what they are doing to stop it. Thus I would suggest that Instagram needs to step up its game right now. In the meantime, with no details on how this is happening, there’s nothing that I can suggest to help you to protect yourself.


Apparently I Am Not Alone When It Comes To Receiving Poor Customer Service From Oakley, Lens Crafters Or Luxottica

Posted in Commentary on August 14, 2018 by itnerd

In the decade or so that I’ve been doing this blog, I have never seen a reaction like I have in regards to this story or this story on my wife’s now failed attempt to get her Oakley eyeglasses by Oakley or Lens Crafters, both of which are owned by Luxottica. I say failed, because if you recall from the latter story, my wife used a online page to try and get help based on the instructions in this Tweet:

Well, they didn’t intervene. They simply closed the case and sent an email to my wife telling her so. I guess that means that they don’t care about fixing her issue with a pair of glasses that is under warranty.

But back to the reaction that my stories on this topic are getting. Thirty one emails from frustrated customers of the above companies hit my inbox over the last few days (and as an aside, I’m still trying to work my way through these emails so If I haven’t responded to you, I apologize and I will get to you ASAP). That’s a big sign that these companies have a serious customer service issue. So are Tweets like these from people who illustrate that the experience that my wife and I have had isn’t a unique one. Starting with Oakley:

And for Lens Crafters:

And finally Luxottica:

Elements of all of the above mesh with what my wife and I have experienced. Which is a customer service experience that is so bad, there are major teclos and cable companies that look good because of how bad these three companies are. When you do worse than a telco or cable company, you’re really in trouble. And you should take action immediately to fix that. But in the case of Oakley, Lens Crafters, and Luxottica, I do not see that happening. Thus you should avoid anything owned by Luxottica, which according to this article on Wikipedia is quite a bit because if you run into trouble, you won’t get help. Ever. Just browse Twitter and see for yourself.

SAP Concur Travel Bot Now On Slack

Posted in Commentary with tags on August 14, 2018 by itnerd

According to IDC, 75 per cent of workers will use digital assistants by 2019. At SAP Concur, we’ve seen an increased desire to have digital assistants in the workplace firsthand, with over 100 teams installing the Concur Expense bot on Slack within the first 10 hours of its release. Building on this Concur Expense bot adoption, they are now introducing the Concur Travel bot on Slack, available in beta to joint Concur Travel and Slack customers.

SAP Concur leveraged the expertise of their Hipmunk team – who built the first and one of the most popular consumer travel chatbots in the industry – and the Concur Travel team, who deeply understand the needs of business travelers. From there, we partnered with Slack, the fastest growing team collaboration hub, with over 8 million daily active users, to deliver a world-class assistant that enables Concur Travel bookings directly in Slack.


Work Collaboration, Travel Integration 

Slack connects you to the right team members and the right information to get work done –in fact, the average team spends 10 hours a week in Slack. SAP Concur also found 40 per cent of flights booked in SAP Concur in 2017 had at least two users from the same company on board. Did those two coworkers know that ahead of time? This is why they found it natural to build a Concur Travel bot on the Slack platform. They wanted to make business travel collaboration simpler and bring the Concur Travel booking process to the space where you’re already working and chatting about your upcoming business trips and meetings together. Now, the Concur Travel bot on Slack can save frequent business travelers time, allowing you to search and book together with coworkers right from Slack.

Here’s what the @Concur_Travel_Beta bot on Slack can do for you:

  • Breezy browsing: Easily search for in-policy flights that take advantage of your company’s negotiated rates without leaving Slack. Simply type a keyword such as “search” or “flights” and the @Concur_Travel_Beta bot will display flight search fields, allowing you to filter by destination, departure and return dates, fare class, preferred airlines, and more, right from your Slack conversation.
  • Group planning: Instead of sending flight options back and forth over email, you can now look up flights within your Slack conversation talking about travel plans. You can share trips or look up flights in real time with colleagues. Co-booking works in public, private, or one-on-one Slack channels, making coordinating your travel plans with colleagues easier than ever.
  • Seamless booking: Once flight selections are made, the bot will use your SAP Concur profile to auto-populate saved payment and reward program information for seamless booking.
  • Auto-expensing: Have your @Concur_Travel_Beta automatically import your itinerary into Concur Expense, creating an expense entry for your flight– simply click “submit” when you touch down at the end of your trip.
  • Itineraries on demand: Type “trips” or “itin” to review and access upcoming flight and hotel reservations in your chat with @Concur_Travel_Beta.


Expanding from Consumer to Business Ready

Tapping into learnings from the Hello Hipmunk chatbot, SAP Concur built the Concur Travel bot on Slack specifically for you: a business traveler who wants to get your travel planning done quickly.

Based on user research, they discovered that business travelers care less about banter with an artificial assistant, preferring assistants who quickly understand what they want over bots that led them down back-and-forth conversations. Business travelers, more than leisure travelers, require chatbots to understand their intent and queries with a high level of accuracy. Because of these findings, @Concur_Travel_Beta app for Slack uses forms, menus, self-updating messages, and other novel messaging UI elements to understand intents quickly so we can accomplish your task fast.

Being accessible and available to group chats is another big lesson the Hipmunk team applied to @Concur_Travel_Beta. They  found through their own research, experiments within Hello Hipmunk, and by watching the evolution of the chatbot industry, that including chatbots in group conversations can help with bot discovery and engagement. With Slack’s slash command (i.e “/concurtravel”), users can now call @Concur_Travel_Beta to provide flight and trip information in any conversation they have with colleagues.


What Else? 

SAP Concur is excited to demo the Concur Travel bot on Slack to customers and partners this week at GBTA Convention in San Diego. The Concur Travel bot is now available to joint U.S. customers in the Slack App Directory and SAP Concur App Center. The Concur Travel bot on Slack is a collaboration between Concur Labs, Concur Travel, and Hipmunk.



Review: 2018 Hyundai Kona 2.0L Luxury – Part 2

Posted in Products with tags on August 14, 2018 by itnerd


This is the engine that powers the 2018 Hyundai Kona 2.0L Luxury. It’s a 2L four cylinder engine that puts out 147 HP and 132 pound feet of torque to all four wheels via a six speed automatic transmission which you can shift yourself if you so choose. You can also push a button to have the AWD system give you continuous 50/50 power split between the front and rear axles as long as you stay below 30 km/h. Otherwise it shunts power where it needs it own its own. The AWD system also uses torque vectoring to allow torque to be redistributed along the rear axle to the wheel that has best traction, and will brake the inside rear wheel to mitigate understeer.

Now the 147 HP and 132 pound feet of torque does not sound like a lot. But don’t be fooled. This engine/transmission combo actually does a pretty good job of getting the Kona off the line, onto a highway, and around slower traffic. Aiding that is a suspension that is firm and controls body roll well without beating you up. That makes this sub-compact SUV very nimble in traffic. It’s also very solid feeling and very good of giving me more than enough road feel to know what the car is doing under me. The only noise that I hear at highway speeds is some tire noise at very muted levels. The accelerator is easy to modulate. Ditto for the brakes. Finally, visibility is excellent in all directions.

Now Hyundai has an optional 1.6L turbocharged engine that puts out 175 HP and 195 pound feet of torque which is mated to a 7 speed dual clutch transmission for those (like me) who want a bit of extra power. If this engine transmission combo sounds familiar, it’s because it’s used in the Hyundai Tucson. I can say from personal experience that it’s a great combo for someone who wants a bit more oomph in their SUV. My advice is to try the base engine first. If you like it, buy it. If you don’t, then go for the upscale engine.

Fuel economy is good. I am currently averaging 9.6L per 100 KM in mixed city and highway driving which is pretty good. I haven’t yet played with the drive mode button which gives you Eco, Normal, and Sport settings. The default being Normal. But by the time I wrap up this review, I will have and I’ll give you my feedback on that.

Next up I’ll take a look at the interior with is functional and good looking. Tune in tomorrow for details on that.



TLS 1.3 Approved…. Here’s Why You Should Care

Posted in Commentary with tags on August 14, 2018 by itnerd

If you’re worried about privacy on the Internet, then the final approval TLS 1.3 should matter to you. TLS 1.3 will make it much harder for eavesdroppers to decrypt intercepted traffic. But at the same time it’s a drop-in replacement for TLS 1.2 as it uses the same keys and certificates and clients and servers can automatically negotiate TLS 1.3 when they both support it. So that means that getting TLS 1.3 into the world should be quick. In fact both Firefox and Chrome already support a draft version of TLS 1.3 if you’re on the latest and greatest from either browser maker. TLS 1.3 is also less resource hungry and more efficient, meaning you should be able to both reduce latency and benefit from lower CPU usage. Or put another way, surfing the net will become a touch faster.

One of the big drivers behind the creation of TLS 1.3 is all the NSA revelations from a few years ago. Thus the big losers in this are spies and those who want to do evil things on the Internet – at least until they figure out a way to crack this new protocol. At which point the IETF will start on TLS 1.4.

Details On The 4th International Cybersecurity Forum, HackIT 4.0 Have Been Announced

Posted in Commentary with tags on August 14, 2018 by itnerd

The annual HackIT Cybersecurity Forum is coming up on October 8 – 11 in Kyiv, Ukraine.  HackIT is all about bringing white hat hackers and the blockchain community together.

The annual Hacken Cup – the onsite bug bounty marathon – happens on October 8, with 20 top white hat hackers finding critical vulnerabilities in your client’s or company’s web and mobile applications.   Developer teams can exchange experience with top security researchers, receive a day of offline bug bounty and cybersecurity consulting and one month of online bug bounty at the HackenProof platform:   Also includes a press conference with media and three tickets to the HackIT forum and VIP afterparty.

HackIT – is an annual, practical information security related forum where all that’s virtual becomes real.  HackIT 2018 is a 2-day forum devoted to Defense and Attack themes; the main topic for 2018 is Blockchain technology.  Professionals present their latest research and discuss trends at the forum, hackers can win challenges and show their skills, amateurs can learn various disciplines at trainings, and the media can gather valuable material from primary sources.

The Venue facility at Parkovy, Park Road, 16 a, has 1,200 seats, includes one main stage, two secondary halls, an exhibition hall, coffee break lounge and an invite–only afterparty in the VIP lounge.

HackIT is not a boring vendors exhibition.  Meet leading industry experts, learn with practical lessons, develop strategic networking and experience effective insights while spending time with an awesome community.


Speaker Submissions Being Accepted Now

Last year’s (2017) speakers included: Philip R. Zimmerman, Ryan Lackey, Alex Brennen, Yasser Ali and Ebrahim Hegazy. Speaker submission applications, topics and background are found here:

HackIT 2018 Schedule

October 8: Hacken Cup – Onsite bug bounty marathon.

October 8: Trainings – Intensive workshop from 10 AM – 6 PM.

October 9: Networking Day – Guided tour to, yes, the Chernobyl nuclear power plant.

October 10 & 11 – Attack Day and Defense Day:

4 Keynotes

32 Speakers in 2018 – no sales pitches or classic horror stories about evil hackers.   Only cutting – edge knowledge.

3 Tracks


Additional activities:

Onsite Capture the Flag,

4 Panel Discussions,

Roundtables and meaningful discussions.


HackIT 2018 provides an exceptional opportunity to meet all of these people in one place, including:

  • White hat hackers – highly skilled security researchers,
  • Leading cybersecurity companies – Industry leaders, including CEO’s, COO’s, CFO’s, CSIO’s and CIO’s,
  • Blockchain pioneers – Engineers, developers and enthusiasts,
  • Top tech bloggers – Prominent influencers,
  • Crypto company executives – CEO’s, CIO’S & CSIO’S,
  • Smart Contract Auditors – Industry leaders from top companies.

Registration and tickets are available here:

HackIT is powered by and supported by Fenbushi Digital.

Paragon Software Group Announces Mojave Preview NTFS for Mac and APFS for Windows

Posted in Commentary with tags on August 14, 2018 by itnerd

Paragon Software Group released two macOS Mojave-optimized drivers — NTFS for Mac and APFS for Windows, for early adopters working on Mac and Windows systems.

  1. NTFS for Mac by Paragon Software Mojave Preview editionis a high-performance tool that enables you to write, copy, edit, move or delete files on Microsoft NTFS-formatted drives from your Mac. The tool is fully compatible with Mojave Preview and is available as a free download:

Key features:

  • Mount, unmount, verify, format or set any of Microsoft NTFS volumes as a startup drive;
  • Mount in Read-Only if you need to access sensitive data without modifying any files;
  • “Do not mount automatically” option for when you want to manually control volumes access;
  • Quickly restart your Mac in Windows from the menu bar;
  • Intuitive and Apple-user friendly utility interface.


  1. APFS for Windows by Paragon SoftwarePreview edition — a driver which enables Windows users to access Apple File System (APFS) volumes on PCs, now with full support on Fusion Drives in macOS Mojave Preview.  The revamped APFS for Windows comes with support for encrypted volumes and APFS Containers composed of multiple partitions. Free download:

Key features:

  • Fail-safe operability across compatible hardware and software;
  • Protection of data integrity and prevention of data loss;
  • Effective flow control, reduced overheads, congestion avoidance;
  • Thrifty usage of processor, memory, and disk resources.

Both tools are available for free download: