Donald Trump’s Legal Defence Fund Website Appears To Have Been Pwned

Posted in Commentary with tags on August 21, 2023 by itnerd

Forbes is reporting that Donald Trump’s legal defence fund website which is called the Patriot Legal Defence Fund has been pwned by unknown hackers. From Forbes:

The Patriot Legal Defense Fund website, seemingly established to support aides and employees of former President Donald Trump with their rapidly increasing legal expenses, has been hacked. The home page has been defaced to strike through Trump’s name and add an “America Is Already Great!” strapline. But the hacker has altered far more than just the banner.

As first reported by Raw Story, the Patriot Legal Defense Fund website defacement was apparently hacked late on Friday, August 18. At the time of publication, the site remains up and is still defaced.

Seriously? This site has been pwned since last Friday and they haven’t taken it down? I’m not kidding. If you go there right now by clicking here, you can see for yourself. That suggests to me that whomever is behind the site has lost control of it.

What losers.

This highlights the fact that the people behind Trump’s digital media strategy are not that bright. But given how much of a gong show Truth Social’s launch was, nobody should be surprised. And it underscores that everything that Trump touches, goes off the rails and becomes a train wreck next to a dumpster fire.

Leave a comment »

Bell introduces exclusive back to school offers for post secondary students

Posted in Commentary with tags on August 21, 2023 by itnerd

With prices increasing on almost everything, we’re all looking for ways to save, especially this back to school season. Bell is here to help – Bell has introduced exclusive offers for post secondary students on Fibe Internet and mobile phone plans with a dedicated student page to make it easy and convenient. Not only that, Bell’s offering savings to everyone this back to school season.

Bell Fibe Internet and rate plans for post secondary students These offers are available exclusively for post secondary students. Fibe Internet
 ·         Ontario: Get Gigabit Fibe 1.5 for as low as $60 a month for the next 24 months in select areas
·         Québec: Get Gigabit Fibe 1.5 for as low as $45 a month for the next 24 months in select areas (for new or existing customers)
·         Manitoba, New Brunswick and Newfoundland: Get Gigabit Fibe 1.5 for $70 per month
·         Nova Scotia and Prince Edward Island: Get Gigabit Fibe 1.5 for $75 per month Rate plans 
·         Alberta, British Columbia, Ontario and Atlantic Canada: Get 50GB for $55 per month
·         Manitoba, Saskatchewan and Québec: Get 20GB for $45 per month 

Check out the student page for all the details and more! 
Smartphones Apple
·         Save up to $360 on iPhone 14 series smartphones

 Samsung
·         Save up to $790 on select Samsung smartphones
 
Google
·         Save up to $696 on Google Pixel 7 series smartphones 

Check out the smartphones page for all the details and more! 
Accessories ·         Save up to 40% on select charging solutions
·         Save up to 30% on select phone cases
·         Save up to 20% when you bundle 3 or more items at participating stores; conditions apply 

Check out the accessories page for all the details and more! 
Connected ThingsWith the purchase of a Pixel 7, Pixel 7 Pro or Pixel 6a, get $200 off towards the purchase of a Google Pixel watch.
·         Offer runs until September 14
·         Eligible in-store only, must purchase with Bell SmartPay
·         May be combined with all other available offers 

With the purchase of select Samsung S series and Z series smartphones, get 50% off towards the purchase of a Samsung Galaxy Watch 6 and/or Watch 6 Classic.
·         Offer runs until September 13
·         Eligible in-store only, must purchase with Bell SmartPay
·         May be combined with all other available offers 

Check out the connected things page for all the details and more! 
Back to School at Staples with Bell, Virgin Plus and Lucky Mobile Get all your devices connected to the best plans from Bell, Virgin Plus and Lucky Mobile at your local Staples store. In addition to mobile services, you can also visit in-store to discover Internet and TV solutions from Bell. 

Exclusive offers will be available in-store this back to school season, which includes discounts on new phones, plans, accessories and gift with purchase incentives.

Leave a comment »

Guest Post: The five key characteristics of an application observability solution 

Posted in Commentary with tags on August 21, 2023 by itnerd

By: Gregg Ostrowski, CTO Advisor, Cisco AppDynamics

Application observability has become a strategic focus for organizations across all industries. As IT teams face rising levels of complexity, they are actively seeking new tools, structures, and ways of working to effectively deal with these challenges. Technologists recognize that they need to move beyond traditional application monitoring approaches to manage and optimize increasingly fragmented and volatile hybrid environments. 

According to the latest research from Cisco AppDynamics, The Age of Application Observability, 53 per cent of organizations are already evaluating application observability solutions, and 44 per cent are likely to do so in the next 12 months.   

But with the pressure mounting on technologists to accelerate innovation and deliver seamless digital experiences, it’s essential that IT teams are able to identify the right application observability solution. More specifically, they need to ensure that they have unified visibility across their hybrid IT estate. 

A notable 89 per cent of technologists report that their organization’s expectations around application observability solutions are increasing. Businesses are looking at application observability to address some of their biggest strategic challenges, from embedding innovation into their everyday operations through to breaking down the organizational silos that exist between people, processes, and data.  

Here are five essential attributes to consider when evaluating application observability solutions:

 1. Integration of application availability and performance data with security

The most significant challenge technologists encounter while managing hybrid environments is the expansion of attack surfaces. With application components running across a mix of cloud native platforms and on-premises databases, visibility gaps are being exposed, leading to an increased risk of security events.   

Therefore, application observability solutions must combine performance and security monitoring. This allows IT teams to grasp the potential impact of vulnerabilities and incidents on end users and the business. By utilizing business transactions insights and severity scoring, IT teams can prioritize threats based on their contextual relevance, particularly those that may affect critical areas of the environment or application. Technologists can cut through the data noise caused by high volumes of security alerts and focus on the things that really matter.  

Technologists want an application observability solution that leverages automation and AI to automatically detect and resolve issues across the application landscape. AI should be deployed for continuous detection and prioritization, so that security exploits are identified and blocked automatically, without human intervention, maximizing speed and uptime while minimizing risk.    

2. Ability to validate investments in cloud native technologies   

Among the ongoing economic slowdown, digital transformation budgets are facing scrutiny, and IT leaders are under mounting pressure to justify their cloud investments. Despite this, a staggering 84 per cent of technologists admit that they struggle to align cloud costs with business performance.   

This is why technologists want an application observability solution which correlates IT data with business metrics. This enables IT leaders to generate business transaction insights in real-time, and then to view them in business-level dashboards. They can measure and demonstrate the value that their innovation programs are generating.  

Application observability should allow IT teams to make insight-driven decisions around investment. Indeed, 88 per cent of technologists claim that application observability with business context will enable them to be more strategic and spend more time on innovation. 

3. Simplifies rather than adds to complexity   

83 per cent of technologists state that levels of complexity within their IT department are rising because of increased deployment of cloud native technologies. IT teams are being bombarded with overwhelming volumes of metrics, events, logs and traces (MELT) data from microservices and containers.  

It’s essential that application observability solutions are able to simplify complexity, separating signal from noise to provide IT teams with key insights on application availability, performance and security. Technologists need a solution which offers complete visibility across the application landscape to easily understand how applications and digital services are performing in real time.

4. Provides a single version of truth for all availability, performance and security data   

With most IT departments still deploying separate tools to monitor cloud native and on-premises technologies, IT teams don’t have complete visibility up and down the application path where components are running across a hybrid environment. This approach reinforces siloed working practices and cultures, as teams are confined to their own datasets.  

Technologists are looking for an application observability solution which provides a single source of truth for all availability, performance, and security data. Application observability should provide a platform for much closer collaboration between developers, operations, and security teams, paving the way for a DevSecOps approach in the IT department. Technologists want application observability to unite IT teams around a common purpose and shared vision. 

5. Utilizes OpenTelemetry

As organizations transition to modern application stacks, OpenTelemetry becomes essential for IT teams seeking to effectively manage and optimize availability and performance within dynamic cloud native environments.   

This is why technologists point to the need for an application observability solution which can ingest the massive volumes of data they get from OpenTelemetry. Moreover, it should seamlessly integrate this data with information gathered from other sources through agents and public cloud environments like Kubernetes. 

Technologists want a unified application observability solution which can extract business transactions from OpenTelemetry data. This allows IT teams to generate business context throughout the overarching application flow to always drive seamless digital experiences.  

With application observability now a priority for 85 per cent of organizations, IT leaders will be looking to develop a holistic and future-proof strategy for their organization. This means finding a solution which provides flexibility to span across both cloud native and on-premises technologies, to provide IT teams with the real-time insights they need to manage and optimize application performance across hybrid environments.  

Ultimately, organizations need an application observability solution which meets the current and future needs of all technologists, enabling them to accelerate innovation and maximize their impact on customers and the business.  

    

Leave a comment »

Elon Musk Says That Twitter May “Fail” In A Tweet

Posted in Commentary with tags on August 21, 2023 by itnerd

Well, I never thought I would be writing this headline. But I am which is a sign of how weird this situation is. After this issue over the weekend, Elon Musk has come out and posted this on X/Twitter:

So is he admitting that Twitter/X is doomed? It’s very hard for me to gauge what’s going on inside his head. And to be frank, I don’t want to be inside his head as it’s likely not a nice place to be. But perhaps things have gotten so bad that even he has to admit what the world already knows.

1 Comment »

TELUS Customers Have Joined Rogers Customers In Being The Targets Of A Phone #Scam

Posted in Commentary with tags , , on August 21, 2023 by itnerd

Recently, I wrote about being the target of a phone scam using the Rogers name. Well, I had a reader of this blog reach out to me last night to say that he had been targeted in similar scam using the TELUS name.

The person told me that the threat actor offered him a $40 a month plan with a “free” iPhone 14 Pro Max. Now if that sounds familiar, it’s a very similar pitch that I got from the threat actor who claimed to be Rogers. Now he asked for the details via email to make sure he got it in writing. And he did get them. But he got them from an email address ending in “mail.com.” This tipped him off that this was a scam and he hung up. But not before providing his drivers licence number and home address. Which is bad as that is a great jumping off point for a threat actor to launch an identity theft scam. On my advice, he’s enabling credit monitoring via Trans Union and Equifax to make sure that he catches anything that these threat actors do. And it’s a safe bet that he’s likely to be the target of more scams in the future as he’s now on the radar screens of the threat actor.

Now, to make sure that you stay safe, here’s some advice in terms of protecting yourself:

  • Remember that Canadian cell phone plans are among the most expensive in the world. And carriers don’t give away phones. Especially iPhone 14 Pro Max models. Thus if it sound too good to be true. It is likely too good to be true.
  • If you want to verify if a deal is true or a scam, hang up and call TELUS using a number from their website. Do not rely on the number that you see on your phone’s call display as that could be a number that has been spoofed.
  • Under no circumstances should you give out any personal information to anyone who calls you in this manner.

What’s clear here is that the threat actors have either moved on from using the Rogers name to run their scam, or the threat actors are running the two scams in parallel. Which means that they could move to using Bell, or Freedom, or any other carrier at any time once the word gets out that the scam exists and is tied to a specific carrier. That means you need to keep your head on a swivel at all times to make sure that you don’t get taken advantage of these scams.

Finally, if you’ve come across one of these scams, please reach out to me so that I can publish the details and expose these scams so it limits how effective they are. Also reach out to the phone carrier in question so that they can take actions on their end. Because whomever this threat actor is, they’re clearly busy trying to scam Canadians out of their hard earned money.

2 Comments »

Elon Musk #Fails Again As Twitter Posts Before December 2014 Have Their Links Or Images Deleted

Posted in Commentary with tags on August 21, 2023 by itnerd

Just when you think Elon Musk can’t find any new ways to make X/Twitter any worse than it already is, he surprises you and does just that. In this case according to The Verge, if you have a Twitter post before December 2014 apparently have had any links or Images in them deleted:

X, which was formerly known as Twitter until its recent rebranding, is having a problem displaying old posts that came with images attached or any hyperlinks converted through Twitter’s built-in URL shortener. It’s unclear when the problem started, but it was highlighted on Saturday afternoon in a post by Tom Coates, and a Brazilian vtuber, @DaniloTakagi, had pointed it out a couple of days earlier. 

As it is, it appears to affect tweets published prior to December 2014, judging by posts visible on my own account. No videos are affected (Twitter only added native image support in 2011 and built-in videos in 2016), but links to YouTube, for example, are now just text with a t.co URL that doesn’t work.

On Saturday afternoon, as Coates pointed out, the glitch claimed the picture from one of the most famous tweets ever (back when they were still called tweets), this selfie posted by 2014 Oscars host Ellen DeGeneres flanked by celebs like Bradley Cooper, Jennifer Lawrence, and others, taken during the show’s broadcast. It quickly became the “most retweeted ever,” with over 2 million shares on the platform. 

I haven’t seen any public comments from owner Elon Musk or X CEO Linda Yaccarino about the problem, but at some point on Saturday night / early Sunday morning, the picture in that post was restored. 

Despite speculation that it could be an intentional cost-cutting move by Musk, the fact that the actual media posted hasn’t been deleted suggests an error or bug of some kind, one of many that have arisen since last year’s takeover and mass layoffs.

First of all you’re not going to see any comment from Elon or Yaccarino on this or anything else that goes wrong with Twitter/X as that would force them to admit that Twitter is broken. Which they won’t ever do. I am going to assume that now that this is out in the public domain, this will get fixed somehow. But it illustrates how unstable the platform is. And if the rampant hate along with Elon’s “ready, fire, aim” mentality isn’t enough to make you run from Twitter, this is another reason to get off the platform.

2 Comments »

Meet The Cuba Ransomware Gang…. Yet Another Dangerous Threat Actor That You Need To Worry About

Posted in Commentary with tags on August 20, 2023 by itnerd

BlackBerry’s Threat Research and Intelligence team have details on a ransomware gang called Cuba that is using a number of new and old tools to go after US and Latin American targets:

Cuba ransomware is currently into the fourth year of its operation and shows no sign of slowing down. In the first half of 2023 alone, the operators behind Cuba ransomware were the perpetrators of several high-profile attacks across disparate industries.

The BlackBerry Threat Research and Intelligence team investigated a campaign by this threat group conducted in June that culminated in attacks on an organization within the critical infrastructure sector in the United States, and also on an IT integrator in Latin America. The Cuba threat group, believed to be of Russian origin, deployed a set of malicious tools that overlapped with previous campaigns associated with this attacker, as well as introducing new ones — including the first observed use of an exploit for the Veeam vulnerability CVE-2023-27532.Note that prior to the publication of this report, BlackBerry shared this information privately with the relevant authorities, to support security and resilience across organizations worldwide.

And who are they? BlackBerry can help you with that:

Cuba ransomware, also known as COLDDRAW ransomware, first appeared on the threat landscape in 2019 and has built up a relatively small but carefully selected list of victims in the years since. It is also known as Fidel ransomware, due to a characteristic marker placed at the beginning of all encrypted files. This file marker is used as an indicator to both the ransomware and its decoder that the file has been encrypted.

Despite its name and the Cuban nationalistic styling on its leak site, it unlikely has any connection or affiliation with the Republic of Cuba. It has previously been linked to a Russian-speaking threat actor by researchers at Profero due to some linguistic mistranslation details they uncovered, as well as the discovery of a 404 webpage containing Russian text on the threat actor’s own leak site.Based on the strings analysis of the code used in this campaign, we also found indications that the developer behind Cuba ransomware is Russian-speaking. That theory is further strengthened by the fact the ransomware automatically terminates its own execution on hosts that are set to the Russian language, or on those that have the Russian keyboard layout present.

Lovely. Another group of Russian threat actors to worry about. The BlackBerry report has a lot of detail about this group and how to not become one of their victims. It’s very much worth reading and implementing their recommendations.

Leave a comment »

My Thoughts On The Linus Media Group Controversy

Posted in Commentary with tags on August 19, 2023 by itnerd

Over the last few days, Linus Media Group (LMG) which is known for the YouTube channel Linus Tech Tips and its star Linus Sebastian has been having, difficulties shall we say. Let me summarize it all for you:

This mess started with this Linus Tech Tips lab tour video:

In the video an LMG employee said “the difference between us and somebody like Gamers Nexus or Hardware Unboxed is we test new components, new tests every time.”

Cue the clap back. Which started with this tweet from YouTube channel Hardware Unboxed which was called out in the video:

YouTube channel Gamers Nexus put out a 44-minute response video that highlighted problems with Linus Media Group focusing on quantity over quality and rushing out videos, hardware review errors, and ethical concerns such as Sebastian’s investment in laptop company Framework. Here’s the video for your viewing pleasure:

That leads to the next step a review of a prototype watercooling block called the Monoblock from Billet Labs which was mentioned in the above video. The TL:DR is that it was not only tested on a graphic card that it wasn’t designed to cool, which lead to suboptimal performance unsurprisingly. But the prototype was auctioned off against the wishes of Monoblock who wanted the prototype back.

But we’re not done yet. Former employee Madison Reeve went public and accused LMG of fostering a toxic work environment, sexual harassment from employees, and ruining her mental health. Here’s some of the details:

“I never publicly made any statements regarding my time there because I feared even more backlash from a community that was already attacking, defaming, and sending me death threats,” Reeve stated on her Twitter / X account, before posting that they would not “have recommended anyone I knew to work there, especially with my experiences as a woman in the office.”

Reeve continues to allege that they were called “incompetent” and attempted to get help from managers, but was rebuffed and told to be “more assertive.” Following this, they claim to have been pulled into a meeting, where they were laughed at. 

Following their attempts to receive help, Reeve alleges that they were “inappropriately grabbed multiple times” in the office, and barred from appearing in Linus Tech Tips videos. 

“The opportunities LTT presented to me were nothing in comparison the day to day issues I faced,” Reeve continued, claiming she was met with multiple sexist remarks throughout the duration of their employment. 

All of that is pretty bad to say the least. I am guessing that LMG is in full panic mode as they have suspended all video production (prior to this, LMG put out dozens of YouTube videos a week) to address all of the stuff related to accuracy, testing and internal processes. But not before putting out this apology video:

What’s interesting is the issue with Madison Reeve wasn’t addressed in the video. Instead Linus Sebastian went to The Verge to respond to that:

I was in a state of shock reading through these allegations, plain and simple. They aren’t consistent with my recollections. They aren’t consistent with our internal processes. They aren’t consistent with our company values.

We pride ourselves on maintaining a safe and inclusive environment. In addition to our existing report systems (both anonymous and otherwise) we’ve proactively reached out internally today to encourage members of our team to report any workplace bullying or harassment they might be experiencing so we can take quick and decisive action.

Our HR team will be conducting a more thorough assessment of the allegations, and when we are ready, we will release a more complete statement. For now I would ask that we allow our team the time they need to be as thorough as possible.

That’s a complete mess to say the least. And I have to say, this was coming for a while.

LMG Group has pushed itself to make dozens of videos a week on multiple YouTube channels. And until very recently, it was run by a guy who started this company in his bedroom. More recently they brought on a full time CEO by the name of Terren Tong to run things. But I think it’s a safe bet that there were likely little if any guardrails and processes in place to ensure that a situation like this did not happen. While LMG has become hugely successful, there’s clearly been a cost to this success. In my mind, Linus Sebastian has played out the final ten minutes of the Chris Nolan Film, The Dark Knight. Specifically the quote “You either die a hero, or you live long enough to become the villain.” Sebastian has become the latter. And I honestly don’t see a way back for him or LMG. While I would like to be proven wrong on that front, I don’t think I will be. Even if they take time off to address all their issues, I don’t see a scenario where they can be trusted again. This very much could be the jumping the shark moment for them. Which is unfortunate as LMG is a Canadian success story. Or rather was. Because those days appear to be over.

Leave a comment »

Elon Musk Says Twitter Will No Longer Let You Block People… But It’s Likely Not Going To Happen

Posted in Commentary with tags on August 18, 2023 by itnerd

I’m going to go out on a limb and says that efforts like Block The Blue have had a material effect on Twitter, X, or whatever it’s called. As in it’s likely costing him money. So given that there were rumours of this happening straight from Elon Musk, it now seems to actually be happening based on this:

Now there are no details about this, because Elon isn’t a details sort of guy. And he’s likely to get major pushback from users who rely on this feature to control the stupidity that sometimes appears on social media. But here’s why Elon’s latest brainwave may not go anywhere. Apple. Or more specifically the App Store guidelines which says this:

1.2 User-Generated Content

Apps with user-generated content present particular challenges, ranging from intellectual property infringement to anonymous bullying. To prevent abuse, apps with user-generated content or social networking services must include:

  • A method for filtering objectionable material from being posted to the app
  • A mechanism to report offensive content and timely responses to concerns
  • The ability to block abusive users from the service
  • Published contact information so users can easily reach you

Which means that Elon’s latest brainwave may get Twitter kicked off the App Store. That would be unfortunate for him. Thus this is likely Elon doing his “ready, fire, aim” thing again and he’ll either stop talking about it, or he’ll find some way to say that he’s being screwed over by Apple or something.

UPDATE: There’s similar verbiage on Google’s Play Store that keeps Elon from doing this: https://support.google.com/googleplay/android-developer/answer/9876937

Leave a comment »

Car Thieves Appear To Be Looking For AirTags Hidden In Cars Before They Steal The Car…. Plus Some Suggestions As To How Not Be A Victim Of Car Theft

Posted in Commentary with tags on August 18, 2023 by itnerd

For while now, a suggestion that has gained a lot of traction in the Greater Toronto Area and beyond is to hide an AirTag in your car. That way if your car gets stolen, it can be tracked and recovered. Now this suggestion comes from the fact that where I live in the Greater Toronto Area, car theft has become an epidemic. But as is usually the case, the bad guys are one step ahead of the good guys. Here’s an example of this:

On Sunday morning, Becca Hislop was with her boyfriend, out and about in Vancouver near Science World, when her car was stolen.Fortunately, she had an active Apple AirTag in the car, which showed the car was moving through Vancouver and even caught in downtown traffic.

The next day, Hislop followed the tracker all the way to a winery in Kelowna. But when she arrived, it turned out the AirTag had been moved into an Evo Car Share vehicle.

So, I see four possibilities as to how this happened:

  • The thief had an iPhone and was able to use it to find the AirTag and place it in the car share vehicle.
  • The thief searched the car by hand to find the AirTag and place it in the car share vehicle.
  • The thief used the unwanted tracker feature that is rolling out to Android phones now to find the AirTag and place it in the car share vehicle.
  • The thief had the AirTag “chirp” which alerted them to its presence.

That basically means that car thieves are now on the lookout for AirTags and are actively getting rid of them so that they can carry out car thefts without getting caught. Thus making AirTags useless as a means to track and recover stolen cars.

What’s my advice? Well, using AirTags for this use case were likely never envisioned by Apple. Thus I would look for a more professional solution such as the GPS tracking system LoJack to protect your car. You can also consider installing an ignition kill switch to keep your vehicle from starting. A visible steering wheel lock to make your car harder to steal and create a visual deterrent for thieves. Finally, an onboard diagnostic port block, either physical or electronic, to keep thieves from reprogramming a car’s fob and disabling the security system.

Besides that, here are some free tips that may help:

  • When parking, turn your wheels toward the curb to make it harder to tow away. 
  • If you have a rear-wheel-drive car, back into your spot.
  • If you have a front-wheel-drive car, park facing forward.

If your vehicle has keyless ignition, there are some additional steps you can take to make it harder to steal. 

  • Don’t keep your fob key near your front door or near a window. Better yet, keep your fob in a signal-blocking pouch that’s lined with material to block your fob from emitting a signal to your vehicle. That will prevent it from being intercepted and potentially reprogrammed by would-be thieves.
  • Avoid the walk-away lock. You know the one. You’ve parked your vehicle, you’re walking away and you press the lock button from a distance. Because when you use that feature, the signal can be intercepted and used by thieves to steal your car.

Finally, park your car in a garage. Car theft is a crime of opportunity where a car parked outside is easier to steal versus one in a garage. That’s because now the thief has to break into the garage to get the car. And 99% of thieves aren’t going to do that and instead move on to an easier target.

Car theft isn’t going away. And AirTags are not the solution to this. But there are some options that are free or available that can help to protect what is likely your second most expensive possession.

2 Comments »

« Older Entries
Newer Entries »