Turbotodd

Ruminations on tech, the digital media, and some golf thrown in for good measure.

Archive for the ‘cybersecurity’ Category

Droid Hole

leave a comment »

Breathe easy, it’s Friday.

The U.S. Job numbers are out and the country added 136K jobs last month, and the jobless rate fell to 3.5%…despite evidence of a broader economic slowdown.

The Dow is on the rise as it attempts to recover from the turbulence earlier in the week.

Speaking of turbulence, the WSJ just reported that Disney is banning advertising from Netflix across its entertainment TV networks. The streaming wars are going full bore.

And the cyberwars continue. Ars Technica is reporting a 0-day vulnerability that gives attackers full control of Android phones. Lots of ‘em, including Pixel 4 models.

A member of Google’s Android team indicated the vulnerability would be patched in the October Android security update.

Funding rounds: Scooter firm Bird raised a $275M Series D led by CDPQ and Sequoia. That makes for a $2.5B valuation. I look forward to dodging more Birds while biking around LadyBird Lake here in Austin.

And Indian hyperlocal delivery startup Dunzo raised $45M from Google, Lightbox Ventures, and others, a Series D, valuing the company at $200M.
Dunzo delivers across several categories, including groceries, dinner, and even medicines, and will pick up and deliver anything within a city (within reason).

Flashbacks to NYC’s Kozmo, circa 1999!

Written by turbotodd

October 4, 2019 at 10:41 am

Posted in 2019, cybersecurity, netflix, scooters

Tagged with ,

What’s in a Domain Name Server?

leave a comment »

Happy Monday.

The news you need to know about this fine Monday morning (that doesn’t involve impeachment inquiries): Google and Mozilla are looking to encrypt the Internet domain name system (better known as DNS), which could keep bad actors from snooping on websites and spoofing.

But which could also keep ISPs from gathering user data because the browser session data would become opaque to them.

As a report in The Wall Street Journal observed, Google indicated it is making this move to improve users’ security and privacy and will leave consumers more in charge of who shares their Internet data.

Though ISPs are logically concerned by the move, so are the Three Letter Agencies, for which the move could make it more difficult to monitor Internet traffic.

And with Google operating its own DNS service, the story cites that some “are concerned that the DNS upgrade could ultimately concentrate too much off the Internet’s traffic in the hands of Google.”

Engadget is reporting separately that this move is “raising hackles among American officials” and that the U.S. Department of Justice has received complaints and the House Judiciary Committee is investigating.

Turns out the answer to the question “What’s in a name?” is, quite a bit.

Written by turbotodd

September 30, 2019 at 9:45 am

Out of AC/DC

leave a comment »

Happy Friday. Well, save for the cop in Fremont, CA last Friday night who had to halt a high-speed pursuit ‘cause his Tesla Model S patrol car ran out of battery. Doh!

Some security/privacy exploits on a Friday PM worthy of note.

First, the new Checkm8 jailbreak that apparently impacts all iOS devices running on A5 to A11 chipsets (Spoiler: That’s a lot of chips, ranging from the iPhone models ranging from the 4S to the 8 to the X…so, 100s of millions of devices).

The jailbreak exploits vulnerabilities in Apple’s Bootrom that grants phone owners full control over their device, according to a report from ZDNet. Be careful out there, boys and girls.

They’re also reporting some new malware called “Nodersok” that installs Node.js to turn systems into proxies so they can perform click fraud. That’s one way to drive up CPMs!

And, DoorDash has confirmed a data breach on May 4 that affected 4.9M customers, workers, and merchants…included last four digits of payment cards, driver’s license info, etc etc ad nauseum ad infinitum.

Yes, ladies and germs, you can’t even get a meal delivered anymore without getting hacked. Lost your appetite yet?

Bon Appétit!

Written by turbotodd

September 27, 2019 at 4:59 pm

Yankee Clinch

leave a comment »

Happy Friday.

Apple iOS 13 is now available for download.  I’ve been using an earlier beta for a few weeks, and while some have said it was buggy, I’ve certainly been digging the dark mode.

Apple’s also including some new (but some may say, annoying) privacy friendly features, like periodic pop-ups to remind you how many times an app has tracked your location (that could get interesting). 

You can also now give an app location access just once, and Bluetooth access now requires consent.  This is starting to sound like verbiage from the Fair Credit Reporting Act (but kudos on the privacy-friendly moves).

On a related front, ZDNet is reporting that 47% of organizations now have cyber insurance (up from 34% in 2017). And 57% of large firms with revenues over $1B have it compared with 35% of those with under $100M. The more they stand to lose, the more insurance they have@

Okay, I can’t let Friday PM slide home without a shout-out to the New York Yankees for clinching the AL East for the first time since 2012. Both they and the Houston Astros have 100 win seasons to date (and it’s the second time in a year that that’s happened for the Yankees). 

Remember, every game is game 7!

Written by turbotodd

September 20, 2019 at 12:41 pm

Stuxnet Two?

leave a comment »

The New York Times is reporting that a cyberattack against Iran in June took out a database used by Iran’s paramilitary arm used to plot attacks against oil tankers. The attack also degraded Tehran’s ability to target shipping traffic in the Persian Gulf, and Iran is still trying to recover information destroyed in the June 20 attack and get back online.

This attack came right around the time that Iran shot down a U.S. drone, a retaliatory attack for which the Trump Administration called off at the eleventh hour.

MIT Review reports the attack has had a lingering impact on the Iranian military’s ability to target oil tankers in the Persian Gulf, and noted the database wiped out belong to Iran’s paramilitary forces known as the Islamic Revolutionary Guard.

U.S. officials said there has been no escalation from Iran, but the Times reports there have been doubts about whether the benefits of the operation outweighed the cost — “lost intelligence and lost access to a critical network used by the Guard.”

The entire episode is reminiscent of Stuxnet, a cyber operation thought to be developed by the U.S. and Israel that targeted and destroyed controller systems for centrifuges in Iran’s uranium enrichment program — only this time at a much faster pace. 

Written by turbotodd

August 29, 2019 at 10:29 am

Texas Two Step

leave a comment »

CNBC is reporting that Twitter and Facebook have suspended numerous accounts they say are tied to a Chinese disinformation campaign against pro-democracy protests in Hong Kong.

Twitter indicated it had suspended 936 accounts likely related to the activity, and that the information was designed to sow political discord in Hong Kong. Facebook removed seven pages, three groups and five accounts, one of which had 15,500 followers.

Meanwhile, back on the ranch, the computer systems of 23 small Texas towns have been seized and held for ransom in a widespread, coordinated cyberattack, according to a report from The New York Times.

Texas’ Department of Information Resources was “racing to bring systems back online” after the attack, and it was unclear who was responsible but that the state had described the attacker as “one single threat actor.”

Last year, there were 54 publicly reported attacks on city, county/state governments, court systems, emergency services, and school districts in Texas. So far this year there have been 61 (excluding these most recent attacks).

Now comes that lingering question: Pay the ransom and get your systems back, or lose a lot of data, time, and resources and possibly rebuild from scratch?!

You can learn more about IBM Security solutions here.

Written by turbotodd

August 20, 2019 at 9:41 am

Posted in 2019, cybersecurity, twitter

Tagged with , , ,

A Picture’s Worth…

leave a comment »

If you’re wondering what happened to your images on Facebook’s News Feed, Instagram, WhatsApp, and Messenger….well, you and over a billion other people.

The Verge is reporting that Facebook is working to resolve the outage and “to get things back to normal as quickly as possible.”

This once again proves the complexities and challenges of publishing multiple pieces of content from multiple sources into a single page. Welcome to the cloud-driven Web of 2019.

But let’s talk soccer. We witnessed yet another storied defeat by the U.S. women’s team last evening in the FIFA Women’s World Cup, beating England 2-1, in a game which missed play of wunderwoman Megan Rapinoe due to a hamstring injury.

Those women are awesome (give them a raise!).

On to the dealmaking…talk all over the place about a possible acquisition of cybersecurity firm Symantec by Broadcom, with Bloomberg reporting Broadcom is in advanced talks to buy them in a deal that could be reached “in weeks.”

From Bloomberg Intelligence:

Broadcom’s potential purchase of another asset with $4+ billion in software sales is likely its most ambitious deal yet – leaderless Symantec has been losing share, even in its core segments. Broadcom CEO Hock Tan will likely need to aggressively cut Symantec costs while keeping sales stable.

– Anand Srinivasan, technology analyst

And on to Chimerica…Mixed signals emanating from the Trump Administration on Huawei, with Reuters reporting a senior U.S. official telling the Commerce Department’s enforcement staff this week that China’s Huawei should still be treated as blacklisted only a few days after the President vowed to ease a ban on sales to the firm.

While Commerce tries to get its story straight, Nikkei Asian Review is reporting that there’s an electronics exodus from China underway:

Global consumer electronics makers HP, Dell, Microsoft and Amazon are all looking to shift substantial production capacity out of China, joining a growing exodus that threatens to undermine the country’s position as the world’s powerhouse for tech gadgets.

HP and Dell, the world’s No. 1 and No. 3 personal computer makers who together command around 40% of the global market, are planning to reallocate up to 30% of their notebook production out of China, several sources told the Nikkei Asian Review.

While this is just smart supply chain management and oversight by electronics firms, it’s a blow to China, which is the world’s largest producer of PCs and smartphones.

It could be a very good time to learn to speak Vietnamese!

Okay, over and out. For those of you in the U.S., Happy Independence Day. And if you’re in D.C. for the big celebration, you can be assured the tanks brought in are expected to be stationary.

But watch your feet, just in case.

Written by turbotodd

July 3, 2019 at 2:37 pm

%d bloggers like this: