post

Is This a Scam by Symantec?

Can’t help but think that “Norton by Symantec” is trying to scare the beejeesus out of website owners with something that sure smells like a scam to me…or at least a really spammy marketing effort to bolster their contact lists.

One of my businesses, Innov8Press, recently began rebuilding a long-time client’s new website. Before the rebuild started we moved the client to a new webhost as their existing one wasn’t up to handling what the new site will require for technical resources.

This is a site we had built (but were not managing at the time) and is one we cleaned up after a hack two years ago and it has been clean ever since. FOR THE LAST TWO YEARS Google says it is clean. Sucuri says it is clean. The premium Wordfence security suite says it is clean.

So imagine my surprise that, after we’d moved the site, we saw this at the new webhost’s dashboard:

Then I go back to Sucuri — which again, had shown the site to be clean for TWO YEARS until we just moved it last week — and now this appears:

We’ve now invested a couple of hours:

  • Creating an account at Norton Safe Web
  • Interacting on the community forum (basically to ask, “WTF?”)
  • Downloading the verification file
  • Uploading it to the site’s server
  • Requesting a verification as the “site owner”.
SCAM OR JUST SPAMMY MARKETING?

Every fiber in my being tells me this is a spammy attempt to get website “owners”, whether the actual owner or developers like us, to signup for their services. At the very least it’s an attempt to identify website owners so they can email the shit out of us.

If Norton starts spamming us I’ll create a filter in Gmail to instantly set all their emails to “spam.” They’d better not think they can market to us in this fashion like some no-scruples startup, and basically waste the time of website owners like this.

post

Make Your Own Site-Specific Web Browser “App”

Need to tell you about a very cool Mac app (Windows version coming soon) that has transformed how I manage my online work and even social media interactions.

The app is called Coherence, now in version 5, which I hadn’t heard about until I stumbled across it this past week and downloaded the trial version. I liked it so much I purchased the Family License 20 minutes later!

The app allows you to create site-specific web browsers that function as their own self-contained Chrome browser application. Why would I want to have a bunch of separate web browser apps on my Mac instead of just opening up 10, 15 or 20 tabs in my Chrome browser? Besides slowing down Chrome and using up lots of my computer’s memory, I have a need to keep things separate:

  • MANAGING ACCOUNTS: With four GSuite accounts (a personal one and three for our various businesses) I could just log in to all of them in my main Chrome browser, but that would mean choosing accounts before going in to Google Drive, calendar, or other GSuite apps, a huge pain in the butt and often confusing. Having one site-specific browser for each GSuite account is fabulous and makes managing all of those accounts a breeze!
  • DEVELOPMENT: With our Innov8Press business I’m constantly logged in to multiple accounts and like to keep everything contained as I work, especially since I’m often logged in to a client’s web services (e.g., Mailchimp; Salesforce; Dropbox) and using a Coherence-made browser makes it simple to not have to login and logout over-and-over again as I go through my workday.
  • KEEP TRACKING TO A MINIMUM: Rather than use a plugin to keep Facebook (and others) from tracking my activities all across the web, Facebook has its own browser and everything runs within it. I even have a “Media” browser with bookmarks to publications I view in order to again, make it harder for third-party tracking companies to follow me around while I browse and use the web.
  • UNIQUE, DISCRETE APPS: I often play Pandora in a browser on my desktop so it’s really nice to be able to do so in a separate browser app vs. having to have the highly insecure Adobe Flash installed so I could run Pandora’s Adobe Air app. I also have a browser app for YouTube/Netflix/Hulu streaming apps as well as one to use with UberConference. Again, it makes my workflow so much more manageable.
  • EXTENSIONS: One last, highly useful aspect of of Coherence 5 is being able to load extensions. For example, in most of the Coherence browser apps I’ve created I’ve included my LastPass password manager extension. That way I can login to a client’s sites (or my own) as needed. Since sometimes I also need to view a client’s site from the standpoint of a user in the U.K. or countries in the E.U., being able to connect a given site-specific browser via the Private Internet Access (PIA) VPN to one of the PIA servers in one of those countries really helps (especially being able to perform Google searches in those countries in order to tweak SEO).

There are lots of other use-cases I’m sure you can think of, or will soon discover, on your own and, at the very least, it’s definitely worth considering. You will find the pricing here:

  • Coherence 5 for macOS 10.10 and Above – Single License $4.99
  • Coherence 5 for macOS 10.10 and Above – Family License (5 Licenses w/ 10 Activations) $24.99

This slideshow requires JavaScript.

NOTE: I should mention that I have used FluidApp for several years, the site-specific browser creator which makes a Safari-like (i.e., WebKit) browser. There are some features in it I like, but it’s not as flexible as Coherence 5 and I find being able to add extensions and use a Chrome-foundation browser meets my needs better.

post

Unlimited Inflight (and 35 million other places) Wifi for Only $10 Per Month

Is this deal too good to be true? Nope.

US Mobile is offering unlimited inflight internet service through the huge global provider iPass for only $10 per month using either the GoGo or Panasonic inflight networks. Yep…you can use it on several U.S. and international airlines but it gets even better as you’ll see below.

As a point of comparison, here is what GoGo charges for a single airline plan:

GoGo is still much more expensive (2 devices will cost $60 per month) and you’re still limited to a single airline. If you fly more than one airline — or even choose your single, favorite one — this new US Mobile offering will save you $40 per month if you only use a single device like your laptop. If you want to add your phone or tablet it will still be a lot cheaper at $20 per month and also offer you more flexibility with multiple airlines.

Here’s where this deal gets even better though. What happens when you land and want to use Wifi in the airport? Once you’re in the city and want to stop in to a coffee shop or restaurant? Or get online when you get to your hotel?

[Read more…]

post

Bitcoin: Is It Time To Get In?

bitcoin

Is it time to buy in to the cryptocurrency bitcoin? Is now the time when you should expend time, energy and effort to become a “bitcoin miner“, get a bitcoin wallet, or is bitcoin risk still too high?

At one point in late 2010 I read this article in Slashdot about bitcoin and started poking around to learn more about it. As I thought about this new digital currency in downtime during the holidays that year, I strongly considered getting in to bitcoin mining and was even online looking at hardware to buy.

My enthusiasm was muted, however, since all of us were just coming off the global economic crisis of 2007-2008. After having struggled to keep our business afloat, slashing costs and personnel, and getting into lines of business solely to generate cash—my trust level in entering in to the fray surrounding an unregulated, digital currency with a bunch of unknowns was pretty dang low.

It is also likely I probably would have not made much—or had seen my bitcoins stored, and then lost, at Mt. Gox—but even a few dozen bitcoins mined in early 2011 (when each one was worth US$1.00) means selling them at today’s value of $684 each would have yielded a nice little gross of nearly US$25,000.

Sounds like a lot of money, right? Not so fast there cowboys and cowgirls. The bitcoin space is still the wild, wild west and a tenderfoot often got shot or died of thirst crossing the desert. [Read more…]

post

The Internet Revealed in 1993

stewart-cheifet-on-set

Stewart Cheifet and guest on the set of Computer Chronicles

Stewart Cheifet‘s show Computer Chronicles was one that chronicled the evolution of personal computing, digital devices as well as enabling technologies like this networking technology we know as “The Internet.” His Computer Chronicles YouTube channel is an archive of shows that reported on some of the most important developments in all of those areas, especially this particular show which covered this nascent networking technology we now cannot live without.

Fun Factoid
For those of you in Minnesota, at 9:37 you will see a brief demonstration of Gopher, a protocol developed and released in 1991 by a Mark P. McCahill-led team at the University of Minnesota. Since universities were heavy pre-commercial-and-world_wide_web-internet users, they needed something to make it easier to find stuff. Gopher was “...designed for distributing, searching, and retrieving documents over the Internet. The Gopher protocol was strongly oriented towards a menu-document design and presented an alternative to the World Wide Web in its early stages, but ultimately HTTP became the dominant protocol. The Gopher ecosystem is often regarded as the effective predecessor of the World Wide Web.” (my emphasis).

 

post

Is Congress Really Gearing Up for an Encryption Battle?

bitsAfter the attacks in New York on September 11, 2001, Congress passed the poorly thought-out Patriot Act. Friday’s Paris attacks seem to be (once again) providing Congress with another excuse to try and legislate making United States encryption weak and putting another obstacle in the way of U.S. technology companies selling overseas.

That’s right….weak. Virtually every single cryptography expert on the planet knows that a force-mandated “backdoor” in software or devices will not work and will make the systems vulnerable to attack by black-hat hackers or state-run military cyberattacks.

Today’s Wall Street Journal had this front-page article, “Paris Attacks Fuel Debate Over Spying – Growing belief that terrorists behind assaults used encrypted communications prompts re-examination of U.S. policy on surveillance.” A few things from the article leapt out at me:

“A growing belief among intelligence officials that the terrorists behind Friday’s Paris attacks used encrypted communications is prompting a far-ranging re-examination of U.S. policy on data collection and surveillance.”  

No kidding. Anyone on this planet with intermediate technical skills can encrypt their communications.

Senator Richard Burr

Senator Richard Burr

Sen. Richard Burr (R., N.C.), chairman of the Senate Intelligence Committee, said Tuesday his panel will launch a review of encryption use. “It is likely that end-to-end encryption was used to communicate in Belgium and France and Syria,” Mr. Burr said. He said encryption was likely because no direct communication among the terrorists was detected.”

Really Senator? Maybe they met in person?

But this is the part of the article that made me choke on my breakfast muffin:  [Read more…]

post

Olga Wants Me!

Left: The photo that 'Olga' sent me. Right: Likely the 'real' Olga

Left: The photo that ‘Olga’ sent me. Right: Likely the ‘real’ Olga

The increasing sophistication of spammers constantly amazes me. This one, however, was the best yet. Not that I’d get sucked in to this phishing attempt, but the text was good enough that it got through to my ‘real’ email…and not just in to my spam folder.

Helo Steve,

My name is Olga. I am a 22 year old college student living by Moscow. I go to Bauman University (Moscow State University of Technology) and will be cumming to Minesota for a visit next month.

I have seen you on the internet and would very much like to meet you in person. Please email me or click this link: http://link-redacted.ru

Sweetly, Olga

Of course I didn’t click the link (and you NEVER should either*), but even as I write this I’m sort of stunned it arrived intact. Just goes to show you how careful we have to be when this crap is sent our way.

*What should you do? Hover over the link and look in the bottom of your browser window. You will see the REAL address they’re sending you to. The text for a hyperlink can be anything (e.g., Bank of America) but go to any URL. Don’t click on it…just delete the email.

post

NSA: Why are you not focused on protecting the nation?

nsa-logoReading the German publication Der Spiegel’s article called Prying Eyes: Inside the NSA’s War on Internet Security this weekend, like them I was struck by something that has been on my mind for over ten years. Why does the U.S. intelligence services, and specifically the National Security Agency (NSA), do more to protect the nation?

What came out in the Edward Snowden revelations was that the NSA is, without question or doubt, working feverishly to crack all encryption and are also working hard to build a quantum computer that will crack the little unbreakable encryption we still enjoy today.

Any of us in information technology, web or mobile app creation, and any sort of data security at all, know that if something has been cracked—regardless if it’s some kid in Norway or a state-based intelligence service—it is only a matter of time before the blackhat hackers discover it and exploit the crack.

[Read more…]

post

Takei Tours YouTube Space LA

George Takei’s YouTube show, Takei’s Take, tours YouTube Space LA (there are also London, Tokyo and New York locations currently). If you haven’t yet heard about this space, and what they’re trying to accomplish, this is a perfect overview in 4 minutes (and always enjoyable due to George’s take on things and his delightfully positive attitude and outlook)!

post

You’re in Danger on Public Wifi!

wifi-publicIllustration by Kristina Collantes

If you ever connect to a public Wifi hotspot, you owe it to yourself to spend 4-5 minutes and read this article by Maurits Martijn called, “Maybe It’s Better If You Don’t Read This Story on Public WiFiWe took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.”

I want to make thousands of copies of that article and give them to every single person I see in every public Wifi location everywhere!

Let me say it as emphatically as I can if you’ve read this far: You are an idiot if you connect to any public Wifi without running a virtual private network (VPN) connection (like the one I use, Private Internet Access for $39.99/year for 5 devices). If you don’t it’s not “if” you will get hacked, but rather “when” it will happen to you.

To show you how pervasive and simple it is to hack your laptop, smartphone or tablet when you connect willy-nilly to some public Wifi hotspot, let me give you a glimpse at what I can only describes as a…

HACKER’S DREAM MACHINE
The Wifi Pineapple, a $99.99 black box

The Wifi Pineapple, a $99.99 black box
which makes it trivial for a hacker to steal you!

Because I’ve technically known the risks for nearly ten years, I’ve been paranoid about public Wifi locations since 2005 and wrote about being “naked in a coffee shop” here, here and here. But to show you how brain-dead-simple it has become to BE a hacker, wait until you read about a black box called the Wifi Pineapple you can buy, for $99.99, which lets anyone who has one:

  • Run a man-in-the-middle attack, essentially spoofing a public Wifi connection and even impersonating the actual, real network connection (whether open or secured). How many times have you connected to Wifi that said “Coffee Shop Guest” or “Free Public Wifi”? Sometimes they’re real, mostly they are not. You can almost never be certain.
  • The attacker can monitor all network traffic flowing between an Internet gateway and the connected clients (like your laptop, smartphone or tablet!) as well as manipulate this data in transit such as through captive portals, DNS spoofing, IP redirection and even the substitution of executables in transit (so that file you’re downloading might be coming off of the attacker’s laptop!).

There’s alot more you can do with this device and Hak5, the group that makes it, is certainly gleeful about all the rogue crap it can do:

“…the WiFi Pineapple is more than a platform – it’s a community for creativity. Rickrolling clients, powering off WiFi drones mid-flight, tracking commercial airliners and logging WiFi connections are only some of the creative things being done within the WiFi Pineapple community.”

On the Hak5 forums they even have a section entitled, “WiFi Pineapple University” to help users teach users about this ‘fun’ little box.

The good news? If you run a VPN and inadvertently connect to “Coffee Shop Guest” and it’s actually a spoofed connection through one of these black boxes, the hacker would only see encrypted traffic! Everyone else’s internet traffic—Facebook login, bank password, credit card data—would mostly be going in the clear. (Note: I know that an actual SSL connection would encrypt traffic in the browser, and so do most smartphone and tablet apps, but more sophisticated hackers can even spoof SSL connections so that your browser thinks it is securely connecting…but it is not).

I must admit that, even though I’m more appalled by the activities of our government and mass surveillance of U.S. citizens in what I believe is a direct violation of our Constitution, boxes like this one target individuals with a lot to lose. It’s not right and not fair and I hope I never catch someone using one in a public place or…

 

Why Do I (and why you should) Use SiteGround?

READ THIS PAGE to learn how I finally found "the one" web hosting company which
I can now absolutely endorse and use. Or learn more at SiteGround directly and sign up: