I would love to hear how this hack was accomplished. I'm wondering if all it took was for one employee's laptop - who had VPN access set up - to get compromised. Since executives DEMAND full, unrestricted remote access to their entire networks, VPN access has to be shovelled out to everyone + sink in the company. And since you can't control idiot users from having their laptop's password on a sticky note stuck to their laptops, on top of having any of those rotating-number SecureID things in the laptop bag with it, well..
51 publicly visible posts • joined 9 Dec 2011
Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online
Want to roll like one of the biggest minds in physics? Prof Stephen Hawking's wheelchair is up for auction
The general population is not equipped to make big decisions like Brexit. They have neither the experience, nor relevant education for it. There is a reason why you have governments elected in charge of making these tough decisions on your behalf.
This should NOT have been a referendum, left up to the common ignorant rabble to decide.
Keep pedo hands off kids
If a child sex doll will keep a pedo's hands off a real kid, then have at it. Canada it seems doesn't get this concept. If you take away all outlets a pedo has, you are left with actual kids. And that's better how?
@trolls and the unintelligent: No I am not a pedo or supporting them. I am however in support of real kids being left alone. Let em have their dolls if that's what it takes.
Re: @Pascal Monett
And this is why I HATE using pre-canned appliances that I cannot control the back-ends to - such as your NAS box. My box LOVES boxed kit like NAS boxes, rather than me building a Samba server which I can 100% control the back-end of. In his mind, they're more cost-effective because it saves time and money by not having me do as much. But then his beloved out-of-box kit suddenly decides they are either going to "end of life" support for that model (no more patches), or drag their heals on patches - leaving us vulnerable. Now he has to spend a ton of money buying a newer NAS box, and a ton more of money having me do the painful data migration between old and new. So much for that cost savings huh?
Re: This will happen again.
The computer-illiterates (which, in 2017, I'm STUNNED still exist same as they did in the 90's!), only know Windows or Apple. They've been indoctrinated starting as children right from their own schools. When have you ever heard of a Linux-based computer lab at any school? There's no encouragement to write actual good software for Linux when so many people are on Windows, because people were all raised on Windows that's what the market uses.
Don't ask me how to change that - I think we're stuck. I'm also not entirely convinced that these security and malware problems won't hit Linux just as hard if they held 98% of the market share.
System is broken
This is going to sound like some whack-job statement, however if you stop to think about it for a minute, you may see my point. Here we go: Our system of government does not work. It's broken.
The problem is that we have too many decades of huge corporations being far too closely tied to government officials that it could even be called an infiltration, whereas corporations have so much influence over our elected officials that said officials are putting THEIR interests ahead of the public's.
Most if not all people in high government positions are business people, with business interests - and investments - of their own. They have friends in business they may be inclined to help out. The bribes, er, donations they received on their campaigns to get them elected can't have possibly influenced any of their decisions could it?
So that said, at least in my opinion, the government actually enacting laws which will impact these huge corporations by forcing them to act responsibly - even if in the public's common interest - will NEVER happen. Ever. Not as long as our systems of government allow non-elected corporations and school-buddies of elected lawmakers to so greatly influence said lawmakers.
And given the extremely expensive circus at least US elections are, so-called unaffiliated "average joes" have no chance of running. Therefore the cycle of elite, rich, well-connected and well-bribed (I mean, donated to) business people will continue to get elected.
Don't use manufacturer's install
I never deploy a laptop with the factory OS, because I don't want all the crap, advertising, and possible spyware that they all ship with.
Windows 10 is registered to the hardware. Download from MS and keep around a raw, clean Win10 USB key, blow away factory install and install that.
No surprise here!
LOL, I saw this coming from a mile away. OF COURSE Google is going to spew ads through this.
You basically put a piece of hardware in your house that is dirctly connected to a giant company who makes their money, wait for it, selling ads!
Do you also not think that they're listening to what TV shows you're watching, keywords in coversations, etc? It IS always listening btw - it has to in order to pick up on keywords such has OK Google to activate it.
I don't condone what the judge did - but having been through a marriage where my wife was cheating on me behind my back, I understand. You aren't exactly in your normal, reasonable mental state when your wife is being a total slut with (at least in my case) more than one guy over the phone.
It's not like he was bribing an officer for his own profit, or influencing a trial case.
Just saying. Maybe a little slack considering you do go a little crazy when you find out the person you love is a whore.
Standards Bodies need notice
In North America, you can't sell your electronic wares unless you have either a Canadian Standards Association (CSA), United Laboratories (UL), and possibly Federal Communications Commission (FCC) certifications to make sure they meet certain quality, safety, and in the case of FCC, RF emission standards.
Perhaps it's time those bodies also include network safety standards being met? Companies need to be held to a high standard on these things, and they're clearly not.
At the minimum, when things like this happen, there needs to be an investigation, and laws in place where corporations who cheap out on proper locking down of their devices are held to account.
Cheapskate Alarm should have been sounding
If this happened recently, "Earl"'s cheapskate alarm should have been going off in his head, and should have seen the writing on the wall that he would likely get stiffed one way or another.
The fact that they have invested so little in their critical IT systems shows how much they value those systems, and how little they care to spend. The fact that they agreed to pay his expensive rate seemingly without question, then walking in and seeing how little they spend on IT - I would have asked for half my estimate up front. And when those hours get used, the remaining half up front.
"Security Researcher" eh?
One day, I woke up and the term "Ethical Hacker" because "Security Researcher".
Basically anyone who attempts to connect into someone else's systems without their authorization is a hacker. Nothing against ethical hackers of course, someone needs to keep people on their toes. Just pointing out the fancy, not-as-offensive name they're since given themselves. :)
How to not get pwned on Windows: Don't run any virtual machines, open any web pages, Office docs, hyperlinks ...
As usual, it's OK for governments to surreptitiously install spyware on our computers, under the usual excuses of either "protecting children" or "stopping terrorism". Since when is the FBI above the law? I don't care what their reasoning is, they should be expected to obey the law which means not bypassing security and installing malware.
Re-sold ad spots usually the culprit
In my direct experience in having several times dealt with malware in ads on a website I ran, the problems have always occurred due to an industry-wide practice of webmasters allowing their ad zones to be re-sold to 3rd-parties. The Sales/Marketing boneheads don't give two craps wether or not the site gets blacklisted on "safe site" lists that browsers check before loading the page. So long as their monthly quota is reached, it's then a sysadmin problem to solve. Warning after warning got ignored.
What happens is this: Web sites have ad zones - place holders where banner ads go. The aforementioned Sales Boneheads sell those ad zones to companies who they know are wholesalers for website ad space. And they in turn sell them to (ALWAYS Chinese in my experience) malware people.
Perhaps if the industry collectively agreed that they will only sell their ad zones to FIRST PARTY customers - who they can vet, contact, etc, this won't happen nearly as much if at all, and the web would be a much safer place.
But that would chew into their quota, and their BMW payment.
Stop hiring computer-illeterate people!
Since using a computer is an essential part of any business, why are businesses not including even some basic computer skills and security training when they hire people? Businesses today still think they can just show any old employee what to click on and how to use their specific app, and not care if they understand basic computing.
The result is what you see in every office: People who click on any browser popup, install any tool bar, open any email attachment, etc etc. The fault here are the business owners - 99% of the time aren't computer knowledgeable themselves - not making computer skills a required qualification.
I think the author may be talking about hosted VM solutions like Azure or Amazon Web Services (AWS).
To make all that fancy "click and magic" work there's a lot going on that still requires bare-metal servers, infrastructure, and us pesky IT people he wants to get rid of.
There is also a downside to virtualization he's not touching on, of course, as he's clearly biased against IT people. My experience as follows:
1) Lack of control over your environment at the low-level means sudden, unexpected downtime from the VM provider for one reason or another. Be it a failure, or "Hey I need to move you to another Hypervisor for the 3rd time this month".
2) At the bottom of all this virtualization there still lies bare-metal servers and equipment that we need to maintain. And the underlying software that makes a VM a VM. As much as he's love to eliminate as many IT jobs as possible, and replace them with apparent cheap, underskilled basic operators, there is still a need for the expensive, highly-skilled highly-experienced old-time sysadmin on the backend who understands everything from hardware to IP networks.
3) Single point of failure. One server for 30 VM's goes poof, you lose 30 VM's. That is of course unless you've spent twice the money for a duplicate rig and failovers.
I can see their point, sort of
Allowing 3rd-party apps to take over the core function of the watch would take the design experience away from Apple, and I can see how they wouldn't want that.
More importantly however, I wouldn't WANT a 3rd-party app as the core function of my device. Most apps on the App Store are very scammy, to put it lightly. I don't think Apple wants it's product tarnished by reports of apps popping up on your watch for the latest candy crush or medieval raid game. Or to be tracked.
Until the government outlaws the practice of swiping credit cards into the POS system - which retailers do on purpose so they can track your purchase habits - these problems will continue.
The only place you should be sticking your card into is a bank-supplied, independant payment pin pad terminal.