Amazon isn’t the only company looking to come into your home, literally, when you aren’t there. Walmart also has announced what they have nicknamed “in-fridge delivery”, a service where their employee, nicknamed a “Deliv driver” (seriously, Walmart, who is coming up with these things?) comes into your home to make deliveries, when you’re not home, even putting your groceries away in the fridge for you. To which we say not only “no”, but “hell no!”
A newly announced exploitable security weakness in the WPA2 protocol is spelling trouble for most Internet wi-fi routers, including home routers, and Internet of Things (IoT) devices. The KRACK (Key Reinstallation Attacks) vulnerability in WPA2 has the potential for such widespread security incidents (because WPA2 is deployed nearly everywhere, and because this is not OS-specific, but attacks the router) that the revealing of it was coordinated among the researchers who have discovered it.
Last week we started hearing about the Equifax data breach, although Equifax had actually known about the data breach at least a month earlier. (The full text of the Equifax statement about the cybersecurity data breach is reprinted below.) The most stunning thing about this breach is the breadth of it: the Personally Identifiable Information (PII), including names, social security numbers, and driver’s license numbers of 143 million U.S. citizens were exposed in this breach. Here is what you need to do, right now, to protect yourself.
‘New collar jobs’ is the new trending buzzterm in employment, because it’s the new darling of the jobs world. ‘New collar jobs’ is essentially a euphemism for jobs which don’t require a college (let alone an advanced) degree. But not just any jobs – specifically tech jobs, and even more specifically, in some circles, cybersecurity jobs. In fact, in new Federal legislation that was introduced just a few weeks ago, it clearly states that the purpose of the bill is to take blue collar workers and re-educate them to become our nation’s industrial cybersecurity force.
iRobot, the company behind the Roomba vacuum, along with other cleaning robots, has sold 15 million of those little suckers worldwide. Part of the Roomba’s brilliance is mapping your house in order to be as effective and efficient as possible. However, many people are not aware of this mapping feature, and even those who are may not realize that the mapping data – i.e. the map of their home – is being sent back to iRobot HQ, and stored in the cloud. Nor have they likely realized that iRobot might like to share the map of their home with others. But that is exactly part of iRobot’s business strategy.
We thought it was weird that Alexa will soon be able to detect your moods, and when we wrote about the hidden dangers of the Amazon Echo, we never dreamed that Amazon would up the ante by adding a hands-free video camera to the Echo! But that’s exactly what they’ve done with the Amazon Echo Look. And they expect you to use it in your bedroom, or bathroom, or wherever you get dressed, so that your Echo can give you wardrobe feedback with Amazon’s new Alexa-based ‘Style Check’ service.
You may have recently heard about a new social network called Mastodon. Mastodon is an open source, completely free social network that is similar to, and on some level competing with, Twitter. However there are some important differences between Twitter and Mastodon. Here’s what Mastodon is, and what it isn’t.
There has been quite a bit in the news this week about “forged cookies” and “forged cookie attacks”, but little to actually explain them. A forged cookie attack is exactly what it sounds like though: a way for hackers to forge the information in your browser cookie, and when that information includes an authentication mechanism, voila! They can log into your account.
A new malware scam is hitting email inboxes. The email sample that we have comes from an email address at thomaskeller.com (ours is specifically from firstname.lastname@example.org), and claims to have received an invoice from your company. They even include your company name in the email, making it seem more legit. But it isn’t.
You know you need to apply the urgent Apple security update on your jailbroken iPhone. While you can’t do it without restoring your iPhone to its unjailbroken state, it’s very easy to get the update installed and then rejailbreak your iPhone. Here’s our step-by-step tutorial for how to install the iOS security update on your jailbroken phone, with screenshots.
Now that the Impact Team hackers put the data of all 37 million Ashley Madison users online, you may be wondering how to check to see whether your email address is exposed in that data dump.
Rob Pegoraro at the Washington Post has a great article which makes tons of sense. It’s all about how to shore up your brand new computer’s protection against Internet nasties before the nasties have a chance to attack. You know, the old “ounce of prevention is worth a pound of cure”.
If you have been searching for cloud-based online backup solutions, and in particular if you are looking for safe, free online backup services or cloud storage, then your best bet may be to create your very own free online backup solution, creating your own backup and storage solution in your own cloud. (This is particularly true given the recent court decision that says that agencies don’t need a warrant to access your personal data if it is stored in a cloud storage service.) You can even create your own DropBox style folders to share your files with others! You will need to make a small investment up front, but we show you how to do it, and you can do it for under $175 total – less than you would pay many online backup services in just the first year.
If you’re wondering “What is blockchain” (also known as “block chain”), you’re not alone. Unless you’ve been following Bitcoin, you may only be hearing the term “blockchain” for the first time now, as it’s been in the news lately.
This morning many large, widely used Internet sites, including Twitter, Spotify, GitHub, Etsy, Vox, Paypal, Starbucks, Airbnb, Netflix, and Reddit, just to name a few, were taken down and offline owing to a massive distributed denial of service (DDoS) against DNS provider Dyn. Below is a list of all of the sites that we know have been affected – and may still be being affected – by the Dyn DDoS outage. Also, until it’s all fixed, here is a workaround. [UPDATE: It has been confirmed that this was the result of hackers taking advantage of unsecured Internet of Things devices, probably using the Mirai malware.]