Apple To Planet Earth: Hackers Are Full Of It

Posted in Commentary with tags on March 23, 2017 by itnerd

In response to a hacker group who wanted to get paid or iCloud users would get hit hard by them, Apple has decided to come out and say something about this threat. They told Fortune there have been no breaches of its systems:

There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the spokesperson said. “The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.

The Apple spokesperson went on to say this:

The Apple spokesperson said that Apple is ” actively monitoring to prevent unauthorized access to user accounts and are working with law enforcement to identify the criminals involved. To protect against these type of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication.”

That’s good advice that I suggested yesterday which you should still follow. In the meantime, I hope the so called Turkish Crime Family liked its 15 minutes of fame. Because with this statement by Apple, it’s over.

Advertisements

ITAC Comments On Budget 2017

Posted in Commentary with tags on March 22, 2017 by itnerd

Today’s federal budget addresses many of the information and communications technology (ICT) sector’s core recommendations to make Canada’s Innovation Agenda a success, according to the Information Technology Association of Canada, the voice of Canada’s ICT sector.

“Knowing the federal Government’s plan for this to be an Innovation Agenda budget, it does contain a number of important measures that address our nation’s technology skills gap, bolster our ability to help innovative businesses grow and scale while strengthening Canada’s ability compete digitally on the world stage,”says Robert Watson, President and CEO of ITAC.

“The devil is in the details though, so ITAC will continue to review the budget, discuss implementation with departments, distill down industry’s perspective and continue this dialogue,” Watson says.

“We are happy to see that the Government will create Innovation Canada to reduce confusion and make it easier for innovators to understand and access Government-led innovation support programs. This platform will look at six innovation opportunities and we are very pleased to see digital industries is a part of it,” adds Watson.

ITAC is equally as pleased to see the Government has announced $225 million over four years to establish a new organization to support skills development and measurement in Canada. This new organization will provide the knowledge base needed to address Canada’s ICT skills gap. This was a central recommendation in ITAC’s 2017 pre-budget submission.

ITAC also applauds the additional investments the Government will make: to help innovative companies grow through strategic procurement, providing up to $50 million to launch a new procurement program called Innovation Solutions Canada; encourage the development of Smart Cities, with $300M allocated to the adoption of new and innovative approaches to city building; growing Canada’s advantage in Artificial Intelligence (AI) with a $125 million to launch a Pan-Canadian AI Strategy for research and talent; and $1.26 billion dollars over five years for a Strategic Innovation Fund aimed at consolidating and simplifying existing business innovation programming.

There are some initiatives outlined in the budget that ITAC looks forward to learning more about. In particular, the new Impact Canada Fund that aims to help the President of Treasury Board’s mandate.  A modern digital government is a critical success factor in building our digital nation and funds to help kick-start digital service experimentation across departments is welcomed.

More information from ITAC on their perspective of Budget 2017 can be found here [Warning: PDF].

‘Rivolta’ To Make World Premiere At Hot Docs Film Festival

Posted in Commentary with tags on March 22, 2017 by itnerd

Recently, I wrote about Michael Calce who is also the well known Canadian hacker ‘MafiaBoy’ and his association with HP to make a film called ‘Rivolta’ which directed by Academy Award nominated director Huber Davis. Today I got news that the movie will make it’s world premiere at the Hot Docs Film festival in Toronto. This is North America’s largest documentary film festival, conference and market, which makes it the perfect venue for this movie to make its debut. If you’re in Toronto, I’d make plans to see this movie as the topic is timely given what is going on with the state of computer security these days.

You May Want To Reset Your iCloud Password… Just In Case What I’m About To Tell You Is True

Posted in Commentary with tags on March 22, 2017 by itnerd

Now, I will say up front that I wonder about the veracity of their claims, but I will put this out there just in case there’s something to them. Motherboard is reporting that a group calling itself the Turkish Crime Family is threatening to reset iCloud accounts and remote wipe iPhones if Apple doesn’t pay them by April 7th. What’s got the attention of many is that the group claims to have access to 300 million accounts:

The hackers, who identified themselves as ‘Turkish Crime Family’, demanded $75,000 in Bitcoin or Ethereum, another increasingly popular crypto-currency, or $100,000 worth of iTunes gift cards in exchange for deleting the alleged cache of data.

“I just want my money and thought this would be an interesting report that a lot of Apple customers would be interested in reading and hearing,” one of the hackers told Motherboard.

The hackers provided screenshots of alleged emails between the group and members of Apple’s security team. One also gave Motherboard access to an email account allegedly used to communicate with Apple.

Now, Apple has put it out there that they aren’t going to reward this group. That means that one of two things is going to happen:

A) Nothing. Because this group is bluffing.

B) A lot of Apple users are going to be really upset on April 7th.

My advice? This is a good time to look at your iCloud account in terms of how secure it is. Consider using a strong password that is distinct from other passwords that you have and enabling two factor authentication to ensure that you will not end up being pwned by this group. Assuming that their claims are true of course. We’ll find out if it is true on April 7th.

LastPass Seems To Have A Security Problem

Posted in Commentary with tags on March 22, 2017 by itnerd

The news is out that password manager LastPass has some critical security flaws that allow malicious websites to steal passwords. The first flaw was spotted by Tavis Ormandy of  Google’s Project Zero security team. He found that the LastPass Chrome extension has an exploitable content script that webpages can exploit to extract usernames and passwords. The good news is the LastPass folks quickly fixed this exploit. The bad news is that Firefox users are not immune as a similar exploit was found in an extension for that browser:

There is apparently a fix for this on the way. On top of that, LastPass is recommending that you move to version 4.x of their Firefox extension. However, before you do, you might want to read this from Mr. Ormandy:

It really seems that LastPass has some serious holes in it at present. Hopefully this all gets patched quickly. But you may want to consider moving to another password manager if you feel the least bit insecure.

CaptoGlove: First Wireless Wearable Controller for Gaming, VR, Mobile & Smart Devices

Posted in Commentary with tags on March 21, 2017 by itnerd

After captivating attendees at CES & GDC with its incredibly versatile wireless wearable controller, CaptoGlove today announced the presale of the product through Kickstarter.  Starting today, early backers can purchase the revolutionary CaptoGlove for $160 (35% off $250 MSRP) and receive delivery of the glove this May.

After 5 years of development, CaptoGlove made its public debut at CES 2017 & last month’s Game Developer’s Conference (GDC).  Attendee reactions and live demos can be seen on their YouTube channel.   Using a series of smart sensors, CaptoGlove delivers unparalleled precision for controlling video games, smart phones, virtual reality gear, drones, unmanned systems, smart home products and more.  Check out the video here.

Platform/Device Agnostic

CaptoGlove works with all PC games past and present, iOS & Android devices, as well as VR headsets, and many more smart/Bluetooth devices.  Gaming console and haptic feedback support currently under development.

Plug & Play

Connecting via Bluetooth Low Energy, CaptoGlove does not require a specially prepared area or additional equipment such as trackers or cameras.  By converting natural hand movements into control gestures (up to 20 per glove or 40 with a pair), CaptoGlove has tremendous control capabilities and a very short learning curve.  All gestures are completely customizable through the free iOS/Android/PC app.

Versatile Applications

With its smart design and upcoming SDK release, CaptoGlove offers a wealth of potential uses beyond gaming from health rehabilitation and smart device control, to piloting drones and professional training such as police, first responders, pilots, doctors, etc.

Quality

Textile developed in Italy with world-renowned sports glove maker Reusch, CaptoGlove is a comfortable, breathable glove made from high quality textiles that can be washed by removing a single sensor.  CaptoGlove delivers 10 hours of continuous use on a single battery charge.

About CaptoGlove

Originally designed to help stroke victims recover the use of their hands, CaptoGlove has been in development for nearly five years, and made its public debut in January 2017 at the global technology conference CES.  Using a series of smart sensors, CaptoGlove delivers unparalleled precision for controlling video games, smart phones, virtual reality gear, drones, unmanned systems, smart home products and more.  The glove’s textile was developed in Italy with world-renowned sports glove maker Reusch.

For more about CaptoGlove, visit CaptoGlove.com, or on social media: Instagram (@CaptoGlove), Twitter (@CaptoGlove) and Facebook (Facebook.com/CaptoGlove).

Hack In Paris 2017 Announced

Posted in Commentary with tags on March 21, 2017 by itnerd

Organized by Sysdream, Hack In Paris will be held from 19 to 23 June 2017. It will bring together major professional IT security and technical hacking experts to attend training and talks exclusively in English.

Intrusion attempts are more and more frequent and sophisticated, regardless of their target (state or corporation). In this context, international hacking events are multiplying. A few events have taken place in France but until now, no one had covered hacking practices with a technical approach including both professional training and information aspects.

Hack In Paris aims at filling this gap. After the success of the latest edition with more than 500 attendees, this 5-day corporate event will be held for the seventh time in France at the Newport Bay Hotel – Disneyland Paris. Hack In Paris attendees will discover the realities of hacking, and its consequences for companies. The program includes state of the art IT security, industrial espionage, penetration testing, physical security, forensics, malware analysis techniques and countermeasures.

An event for CISOs, CIOs, consultants, IT security and passionate students

Social Engineering, vulnerability exploits hardware and software, advanced tools such as use BurpPro, IoT exploitation, physical access control are all topics on offer. During a 1, 2 or 3-day training, you will learn and practice in a dedicated and supervised by professionals of hacking and security environment.

Practical information :

– From 19 to 23 June 2017
– Newport Bay Hotel – Disneyland Paris
– 3 days training (06/19/17 – 06/21/17)
– 2 days conference (06/22/17 – 06/23/17)
– Twitter : @hackinparis #HIP17