Posted by David on September 9, 2017 in Uncategorized with Comments closed |

With Equifax falling vic­tim to hack­ers, the bad guys are now clos­ing in on the cen­ter of our eco­nom­ic mod­el, cred­it.
With the infor­ma­tion of 143 MILLION peo­ple, the hack­ers now have the abil­i­ty to cre­ate bogus accounts for every­thing from library cards to cred­it cards. This is poten­tial­ly the worst hack out there, and com­bined with infor­ma­tion gleaned from oth­er hacks, espe­cial­ly the OPM hacks where the Chi­nese grabbed infor­ma­tion on peo­ple with secu­ri­ty clear­ances, this could be dev­as­tat­ing for many indi­vid­u­als.
So instead of gnash­ing teeth and wring­ing hands, defend your­self. Place blocks on your cred­it list­ings with all three sites. Doing so at one is /supposed/ to put a block on all three. These blocks typ­i­cal­ly last 90 days, so be pre­pared to keep it up for a while. Equifax is offer­ing cred­it mon­i­tor­ing, sign up for it. This may be a good time for ser­vices such as Life­Lock. I’m not endors­ing any spe­cif­ic one of them, for there are sev­er­al, and I don’t use one myself. And final­ly, keep an eye on your accounts by review­ing charges, and dis­pute any­thing which you don’t rec­og­nize.

Wakeup Call

Posted by admin on October 30, 2016 in true-breasted with Comments closed | (347) 894-3185

No mat­ter who the next pres­i­dent of the Unit­ed States is, one thing is for sure: cyber secu­ri­ty needs to be a focus of the admin­is­tra­tion.
The dis­as­ter of Hillary’s email serv­er, the wik­ileaks expo­sures, the accu­sa­tions fly­ing across the globe towards and from Rus­sia, all have high­light­ed we must become experts at cyber secu­ri­ty, or we will fall to it.
For a decade or more now, the Chi­nese and their satel­lites have been attack­ing our sys­tems, and pil­fer­ing tech­nol­o­gy which enables them to approach our tech­no­log­i­cal supe­ri­or­i­ty. They may have sur­passed us at this point, only time will tell. My dad’s 1938 pre­dic­tion the west’s great­est dan­ger would come from Chi­na is com­ing true. A recent warn­ing from the DoD warn­ing against Chi­nese made lap­tops, echos what we already knew 10 years ago. I was shocked it was treat­ed as news.
Not only are we vul­ner­a­ble to nation states, but equal­ly to indi­vid­u­als and crime orga­ni­za­tions. Indeed, it is in all nations inter­est to com­bat this new form of war­fare or else suc­cumb to it.
Wake up Amer­i­ca, real­ize who the ene­my is.


Posted by admin on March 26, 2016 in 825-700-8131 with Comments closed |

Good­bye Win­dows phone, though I liked your fea­tures and the poten­tial in your O/S, you nev­er lived up to the hopes and hype. After fix­ing the screen on my Win­dows 8 phone, and grad­u­at­ing to my wife’s Win­dows phone, and upgrad­ing it to the RC’s of Win­dows 10, I have moved on to an LG G3, main­ly because of price. It is near­ly two gen­er­a­tions of LG G# old, but it still looks good, per­forms bet­ter than my Win 8/10 phone, and does have a greater selec­tion of apps. By greater, I mean the 1 or 2 I real­ly want­ed but could not get on the Win­dows plat­form.

Compliance versus Due Diligence

Posted by admin on June 14, 2015 in Uncategorized with Comments closed |

Head­lines are burst­ing with emerg­ing sto­ries of how hack­ers have pen­e­trat­ed US Gov­ern­ment sites which one would think have the best pro­tec­tion of all. How­ev­er, as we have learned, our own gov­ern­ment falls prey to the same mind­set many com­pa­nies have, that of com­pli­ance ver­sus due dili­gence. We can be com­pli­ant with the law, but no adher­ing to due dili­gence. We in the IT secu­ri­ty busi­ness are charged with pro­tect­ing data. Yet we have been brow­beat into accept­ing com­pli­ance stan­dards as the top lim­it, when we should be look­ing down the road at what the threats will be tomor­row. Reg­u­la­tions were writ­ten yes­ter­day, and we as for­ward thinkers, need to be look­ing to tomor­row. Exec­u­tive teams charged with watch­ing every dime tend to short-change IT and secu­ri­ty because we don’t bring in the cash, we only spend it. This is flawed log­ic since we empow­er those who bring in the cash to do it bet­ter, faster, and more secure­ly. Short-change IT and secu­ri­ty, and you ulti­mate­ly ham­per those who bring in the cash, and enable hack­ers to steal your data.

Passed my CISSP the first time around!

Posted by admin on April 23, 2015 in Uncategorized with Comments closed | 9038815620

The CISSP is con­sid­ered a stan­dard in the IT secu­ri­ty arse­nal, and has a fear­some rep­u­ta­tion when the day comes to sit and take it. 250 ques­tions and 6 hours paints an omi­nous pic­ture. Undaunt­ed by the blogs and even the books pur­port­ed to assist you in pass­ing it, I took the test and passed it the first time around. This despite lis­ten­ing to one of my fel­low testers who announced it was his third time around, which solicit­ed the response of anoth­er tester that he need­ed to be slapped con­sid­er­ing the test is $599 a pop. So how did I pass this test? First, after let­ting it lapse, I went and passed the Comp­Tia Secu­ri­ty + exam. I stud­ied for about 3 months for this test, and was reward­ed with an 858. This study­ing and my pre­vi­ous col­lege work gave me a very good basis for pass­ing the 5 domains cov­ered by the Secu­ri­ty +. I then set my sights on the CISSP. I start­ed study­ing in Decem­ber of 2015, and took the test April 14th, one day pri­or to the test for­mat change. I’m not sure what the dif­fer­ences are, but the domains changed from 10 to 8, and I wasn’t will­ing to delay any fur­ther and find out. I used three ref­er­ences, Shon Har­ris’ 6th Edi­tion, Shon’s Prac­tice Exam, and final­ly David Miller’s CISSP book. I must say, the for­mat and con­tent of these two authors made these book choic­es excel­lent, as both cov­ered slight­ly dif­fer­ent mate­r­i­al and their pre­sen­ta­tion was also a con­trast, which kept the study­ing inter­est­ing. I firm­ly believe my back­ground, which mir­rored the inch deep and mile wide para­ble of the test, pre­pared me where the third time around fel­low admit­ted to being in net­work secu­ri­ty for the last 10 years, and I feel that is where his focus was. He was too deep in the weeds to see the big pic­ture. No, I’m not going to pass along any of the answers or ques­tions. First, the code of ethics espoused by ISC2 for­bid it, sec­ond, I signed a NDA stat­ing I wouldn’t, and third, I don’t remem­ber any of them. It is my usu­al prac­tice to go through a test, answer­ing the ques­tions, or mark­ing those I want to come back to, then check­ing the entire test one more time. I marked one to come back too, yeah, out of 250, and about halfway through decid­ed I was not going back through any ques­tions once I was done. The ques­tions seemed pret­ty straight for­ward for the most part, though there were I few I did sit and con­tem­plate for a few min­utes. About 180 or so ques­tions into it, I began to lose focus a lit­tle, but bat­tled through it and cruised to the fin­ish line. I com­plet­ed the test in 3 hours, and was glad it was done. Of course, the “Con­grat­u­la­tions!” on the form I was hand­ed after the test was the best part. My sug­ges­tion to can­di­dates want­i­ng to take this test. Start way out, I stud­ied some­where along the lines of 7 months before tak­ing the test. Study dif­fer­ent books from dif­fer­ent authors/publishers. Each one will hit dif­fer­ent sub­jects with vary­ing degrees of detail. Remem­ber the book answer rules, not your per­son­al expe­ri­ence. Take prac­tice exams from dif­fer­ent ven­dors, and take a full 250 ques­tion exam a few times before your test to get a feel for the endurance aspect. Good Luck!


Update: I was offi­cial­ly award­ed my CISSP on 1 June 2015!


Posted by admin on November 16, 2014 in Uncategorized with Comments closed | 2706175945

“I’m an hon­est per­son,” still rever­ber­ates through my head. This state­ment was made by a young Air Force offi­cer after hear­ing my expla­na­tion as to why he could not take his per­son­al cam­era into a SCIF (Sen­si­tive Com­part­ment­ed Infor­ma­tion Facil­i­ty) to down­load some per­son­al pic­tures. For the unini­ti­at­ed, a SCIF is where super-sen­si­tive infor­ma­tion is received, processed and stored. Even those indi­vid­u­als with Top Secret clear­ances are  denied access unless they have been read-on to the spe­cial pro­grams with­in.

I recent­ly heard com­ments from IT pro­fes­sion­als about how med­ical providers were tak­ing pic­tures of test results with their per­son­al cell phones, then email­ing them to anoth­er provider for their opin­ion. Depend­ing upon the infor­ma­tion includ­ed in the pic­ture, this could be a seri­ous vio­la­tion of Pro­tect­ed Health Infor­ma­tion (PHI), which pro­hibits the trans­mis­sion of patient iden­ti­fi­able infor­ma­tion over unse­cure means. Accord­ing to these  IT pro­fes­sion­als, the providers have been repeat­ed­ly warned, yet con­tin­ue the prac­tice.

We’ve all seen the movies where a spy takes pic­tures of doc­u­ments which are then uploaded to the bad guys servers, giv­ing them an edge on what­ev­er the infor­ma­tion was about. Hence the rea­son cam­eras, tape recorders, and oth­er unap­proved record­ing devices are pro­hib­it­ed from SCIFs. The pun­ish­ment when caught is severe, and could result in loss of the offender’s clear­ance, rank, mon­ey, and pos­si­ble jail time. PHI is that med­ical or pay­ment infor­ma­tion which can be traced back to an indi­vid­ual. While it is true 2G/3G/4G phones encrypt data, this encryp­tion only occurs over-the-air between the phone and the tow­er. The trans­mis­sion between your tow­er and the recipient’s tow­er or land-line phone is not encrypt­ed. The old­er 2G stan­dard, which many of the recent­ly dis­cov­ered rogue cell phone tow­ers force phones to, was cracked back in 1999, and thus is eas­i­ly snooped. There are also known weak­ness­es in the way 3G encryp­tion is imple­ment­ed, mak­ing the pos­si­bil­i­ty of decryp­tion greater. Plus, unless the providers are dili­gent and delete the pho­tos, a trove of infor­ma­tion awaits the per­son who steals or finds the phone.

The best way to mit­i­gate secu­ri­ty breach­es such as these are:

  1. Train­ing: annu­al or more fre­quent train­ing regard­ing the restric­tions may help the user under­stand why the rules are in place and how it helps them and their orga­ni­za­tion. At the very least, this train­ing helps sup­port let­ting the indi­vid­ual go if they con­tin­ue to break the rules.
  2. Alter­na­tives: give the users an alter­na­tive, approved method of trans­mit­ting the infor­ma­tion. The alter­na­tive must be as user-friend­ly as pos­si­ble, else the user will not use it. Most of the time, this will include secure email on a com­pa­ny issued phone, or fax­es. Yes I know, fax­es are an archa­ic, slow, and poten­tial­ly unre­li­able method of trans­mit­ting data, yet they are still preva­lent in health care.
  3. Mon­i­tor: once the train­ing and alter­na­tives have gone out, fol­low up and ensure com­pli­ance. This step helps rein­force num­bers 1 and 2, and shows the users the com­pa­ny is seri­ous about pro­tect­ing infor­ma­tion.

The aver­age user is not nec­es­sar­i­ly as attuned to the threats to infor­ma­tion as a secu­ri­ty pro­fes­sion­al is. Providers have received years of spe­cial­ized train­ing regard­ing how the body works, how med­ica­tions affect it, and estab­lished pro­to­cols for deal­ing with ill­ness­es. It is the IT Professional’s job to pro­vide ser­vices the users can and want to use, while mask­ing or alto­geth­er hid­ing the com­plex­i­ties of keep­ing infor­ma­tion secure.



Synology DS 211J Disk Failure

Posted by admin on August 31, 2014 in Uncategorized with Comments closed | 3144932764

It final­ly hap­pened. One of the two disks in my Syn­ol­o­gy DS 211J bit the dust. This fail­ure was announced by a sub­tle yet insis­tent beep — beep — beep, at which time I accessed the web con­sole and dis­cov­ered disk two had failed. What to do next. I had three 1TB disks, West­ern Dig­i­tal Blues in my desk­top, which were not being uti­lized, so after shut­ting every­thing down, I took the Syn­ol­o­gy and one of the disks up to my counter. I pulled up the man­u­al on the web, removed the two screws hold­ing the pan­el on, and voila, the cov­er was off. I iden­ti­fied disk two, it was clear­ly marked on the brack­ets hold­ing the disks, and removed the four screws, swapped the bad for the good, then replaced the screws and the pan­el. I plugged in all in, and beep — beep — beep. Hmmm. I read the man­u­al a lit­tle more, ok, duh, got­ta rebuild the vol­ume. Stor­age > Vol­ume, turn the beep off! Vol­ume Man­ag­er > Repair Next Ensure the dri­ve you replaced is select­ed Acknowl­edge the warn­ing Fin­ish And off it goes. I have 1TB dri­ves, so now it is a wait­ing game to see how long it takes. Some reviews with users hav­ing 3TB dri­ves spoke of 20 hours and count­ing. We will see! I also added my email as a noti­fi­ca­tion address that bar­ring a full fail­ure, will alert me when­ev­er there are issues. Check the advanced tab for all the pos­si­ble noti­fi­ca­tions.


Posted by admin on July 9, 2014 in Uncategorized with Comments closed |

My work recent­ly pur­chased sev­er­al Microsoft Sur­face Pro 3 tablets with key­boards. We got the mid­dle of the road, i5 and 128Mb, the oth­ers are not avail­able yet. Ini­tial impres­sions: pack­ag­ing is inter­est­ing, befit­ting the high­ly refined tablet and key­board which it enclos­es and pro­tects. The tablet itself feels rock sol­id, and the kick-stand is amaz­ing, eas­i­ly adjustable from near­ly ver­ti­cal to almost flat. The key­board and pow­er adapter snap into place, a fea­ture I demon­strat­ed to the CEO with much glee! The key­board feels high qual­i­ty, the keys giv­ing a response when depressed. The key­board also has a lift capa­bil­i­ty, in the form of a joint near where it attach­es to tablet. Also mag­net­ic, it keeps the key­board at a slight tilt, more com­fort­able for typ­ing, or can be laid flat when watch­ing a movie. The pen has a pur­ple but­ton on the end oppo­site the sty­lus tip, where the click­er would nor­mal­ly be, which brings up OneNote when depressed. Cool! This is a mod­i­fi­able fea­ture, but I haven’t changed it yet. The AAAA bat­ter­ies, yes, 4-A bat­tery which came with my pen was dead. We scram­bled and pur­chased some for stock. The only real yuk came with the sim­plis­tic pen sleeve, which Microsoft sug­gest­ed you attach to the cov­er. If attached, the pen could get ripped off by con­stant removal and inser­tion of the tablet into a bag. I think a clever, elas­tic pock­et on the bot­tom of the key­board, in the joint area where it attach­es to the tablet, would have been bet­ter? Per­for­mance was in-line with an i5. Snap­py screens, pro­grams opened rapid­ly, the sys­tem was a joy to use. I walked the CEO through a Microsoft slideshow I found on the web, and cov­ered each of the details in depth. The only com­plaint I heard was a com­ment regard­ing bat­tery life, but I feel that is prob­a­bly a train­ing issue more than any­thing else. This was the only thing I didn’t cov­er, due to the short notice, her stand­ing at my door want­i­ng the tablet, and will be cov­ered more when time per­mits. I’ll update this post­ing when I get mine (please please please), and have more info on how it oper­ates. Sent from Win­dows Mail

Surface RT Prices

Posted by admin on July 18, 2013 in Uncategorized with Comments closed |

Two days ago, Microsoft dropped the price of the Sur­face RT by $150. That makes this move about nine or ten months late in com­ing. Per­haps this sig­nals a shift in Microsoft’s think­ing, along with all the new man­age­ment? Maybe when my Sam­sung ATIV 500, full-blown Win­dows 8, which is sec­ond in the tablet mar­ket behind Apple, tablet dies I will get a Sur­face. That shouldn’t be for anoth­er 3 or so years, plen­ty of time for Microsoft to become com­pet­i­tive.

Uh oh!

Posted by admin on July 18, 2013 in 443-730-5688 with Comments closed | regionalist

You know when you get that feel­ing, that some­thing very bad just hap­pened? That is the feel­ing I had when I pulled my Lumia 822 out of my pock­et on Sat­ur­day. Or at least, the feel­ing I had when it slipped, I near­ly had it, then crash, face first on the side­walk. I had got­ten lucky before, but not this time: the screen looked like a spider’s web, cracked in jagged cir­cles which radi­at­ed out to every side. I fran­ti­cal­ly pressed the On but­ton, hop­ing to see my famil­iar back­ground. Suc­cess, the phone was not dead, which despite the frac­tured screen, worked per­fect­ly. Now, what to do?

I did not pur­chase the insur­ance, which I think is a bit pricey. $6.99 per month, plus a $99 fee when­ev­er there is a claim. For that cash, I’d rather reac­ti­vate my HTC Win­dows 7 phone and suf­fer anoth­er two years. So I did what any one would do, I googled replac­ing the screen. I was greet­ed with numer­ous ads from Ebay, which after a brief search, I bought one of the screens. I then perused youtube, and found a video for replac­ing the Lumia 820 screen. Seemed pret­ty sim­ple, the biggest note was the T5 screw dri­ver. And since it was the 820, the 822 couldn’t be much dif­fer­ent, right?

My screen came in on Thurs­day, and I swung by Lowe’s and found a cheap set with the pre­req­ui­site torx screw­drivers. Armed with my new tools, a knife, a flash­light, and a cleared off table, I set to work.

The cov­er and bat­tery came out eas­i­ly, as did the mem­o­ry card and SIM. Next came the screws, 10 of them, all T5’s. Once all the screws were out, I attempt­ed to fol­low the 820 instruc­tions. Nope, the chas­sis doesn’t come off like the 820, great! I went back to youtube, and unable to find an 822 dis­as­sem­bly, checked sev­er­al of the oth­er mod­els for ideas. The most intrigu­ing was the 900, where the glass comes out of the front. So with the ideas, I kept push­ing and pok­ing, until final­ly I dis­cov­ered pulling the top of the screen out was the trick.

With the screen out, I was able to remove the moth­er board, dis­con­nect the rib­bon cables, and final­ly see what I was up against. Unlike the 820, the 822 screen is secured in very close prox­im­i­ty to the inner screen. Sor­ry, don’t remem­ber what they are real­ly called. Secured with a sticky, tape like sub­stance. The next hour was spent care­ful­ly cut­ting away at the tape with my knife until I was able to sep­a­rate the out­er screen from the inner. For­tu­nate­ly, the inner screen is reced­ed a lit­tle, so I was able to cut and pry the dam­aged screen with­out harm­ing the oth­er.

After observ­ing the rib­bon cable, I was able to sep­a­rate the screen and inner plate. The reverse process was rel­a­tive­ly sim­ple. There was still enough stick­i­ness from the pre­vi­ous tape for the new screen to adhere secure­ly to the plate. I was not able to remove and reat­tach a very thin cush­ion­ing strip, which appeared to sep­a­rate the two screens. I have to hope it will do! After revers­ing the dis­as­sem­bly order, I was able to snap and screw every­thing into place. After insert­ing the bat­tery, I pressed the pow­er but­ton and received the red Ver­i­zon box, but then a black screen with a white light­ing bolt and gear wheel appeared. A quick google said to press the pow­er but­ton and down vol­ume, which after I did that, the phone boot­ed nor­mal­ly. It was then I noticed a prob­lem with the sound. The up and down vol­ume but­tons appeared lop­sided, and did not work. A quick dis­as­sem­bly, and reassem­bly after ver­i­fy­ing the but­tons were in the right posi­tion fixed the issue.

I now have my phone back, with a pris­tine screen. Well, almost. There are some anom­alies on the inside of the screen, swirls I didn’t cause. Even with these defects, which are hard­ly notice­able, my phone is func­tion­ing nor­mal­ly. For $34 dol­lars, $24 for the screen and $10 for the tools, and a cou­ple of hours of care­ful work, I was able to repair my phone. I guess I will break down for an otter­box since my Lumia 822 likes to part ways at the most inop­por­tune times.

Is this a task for the reg­u­lar Jane or Joe? No, while it is rel­a­tive­ly sim­ple in hind­sight, unless you are handy with screw­ing and cut­ting tools, take it to a local repair shop. It requires just enough nerve and steady hands to pre­clude the aver­age users from doing it!

Copyright © 2012-2019 3362279046 All rights reserved.
This site is using the Desk Mess Mirrored theme, v2.5, from BuyNowShop.com.