Podcasts about notes why

2021-05-16-1030 Pastor Loran Livingston is the speaker this morning, May 16, 2021 in the 10:30 AM service. Scripture: Hebrews 11:32-40; 1st King 8; Psalm 34:18 Notes: -Why does one get a blessing and the others do not? -God is light but dwells in the darkness. -David said, “Why God are you hiding from me when I need you the most.” -God is watching your every step. -God says He is not hiding. -God is protecting us from danger. -Remember God is close to the brokenhearted and saves those who are crushed in spirit.

2021-05-16-0830 Pastor Loran Livingston is the speaker this morning, May 16, 2021 in the 8:30 AM service. Scripture: Hebrews 11:32-40; 1st King 8; Psalm 34:18 Notes: -Why does one get a blessing and the others do not? -God is light but dwells in the darkness. -David said, “Why God are you hiding from me when I need you the most.” -God is watching your every step. -God says He is not hiding. -God is protecting us from danger. -Remember God is close to the brokenhearted and saves those who are crushed in spirit.

Notes:Why did we sell?How did we sell the business?MicroAcquireManaging leads and sharing information with potential buyersHow long did it take?What were the terms?What went well and what would we do differently?Why focus is important

Preacher: Jeremy Herbert Text: Ephesians 6:10-20 Theme: Satan, the real enemy Notes: Why would God tell us that we need power if He was not going to supply it? We often do not see our need for God’s power until we fail. Perseverance is a guaranteed part of salvation, because predestination includes glorification.

"Fellowship" is a term commonly used by Christians but often misunderstood. In truth, the whole Christian life should be shaped and affected by fellowship and the life of the church. Preaching from Acts 2, Pastor Robert Fonseca reminds us what fellowship is and how God uses Christian fellowship to bring Himself glory. NotesWhy is being in fellowship a key part of the Christian Life?It is a testimony of our sanctificationIt helps mature our faithIt keeps us accountableIt keeps us encouragedIt allows us to encourage othersLet’s commit to the following.Make church attendance a priorityBe an active listener during the sermonBe accountable to othersEncourage others“It is both foolish and wicked to suppose that we will make much progress in sanctification if we isolate ourselves from the visible church.” —R. C. Sproul---Sermon from 7 February, 2021.To learn more about Renaissance Christian Church and our service times, visit https://ren.church/.Support the show (https://ren.church/give)

Do you have strong morning routines? In today's episode we will dive into how to create them and what they are so important to set yourself up for success The cliff Notes: Why morning routines are important Why I avoid connecting to the world first thing in the morning When did I start implementing morning routines What are some of morning routines you could start implementing for yourself How to get started Books I read in 2020 that could be added in your reading list Daily Planning like a boss and how not to overwhelm yourself with list Our Chronic Dieting Detox Group Coaching program launches February 8th, 2021 and we are looking for BETA TESTERS to join the first round. You can apply here https://planosnutrition.com/dieting-detox   TO CONNECT WITH ME    On Instagram: www.instagram.com/andresayesta On TikTok: https://vm.tiktok.com/tLLoyS/ On Youtube www.youtube.com/c/andresayesta Podcast IG page: www.instagram.com/planos_nutrition On Facebook: https://www.facebook.com/planosnutrition   Our Facebook Community: https://www.facebook.com/groups/1934943366627043/?ref=bookmarks   FREE RESOURCES To download my Macro Counting Guide tap here  To download my Macro friendly meal planning guide tap here   TO JOIN OUR PRIVATE FACEBOOK COMMUNITY  Planos Nutrition Club - tap here   FOR NUTRITION COACHING Apply here at https://planosnutrition.com/application

Where can Christians get their inspiration, direction, and encouragement to live out their spiritual lives? Pastor Robert Fonseca says that we can find everything we need to know about God and ourselves in the Scriptures. From Psalm 19:7-11, he guides us through the importance of Bible study in every Christian's life. NotesWhy should we read God’s word?To learn about GodTo learn about ourselvesWhat are the benefits of reading God’s word?It restores our soulIt gives us wisdomIt rejoices our heartsIt gives us understandingIt warns us against ungodly livingHow do we read God’s word?Read prayerfullyRead dailyRead to learn Ask questions and record your findings (2 Tim 3:16-17)Apply what you learned ---Sermon from 10 January, 2021.To learn more about Renaissance Christian Church and our service times, visit https://ren.church/.Support the show (https://tithe.ly/give_new/www/#/tithely/give-one-time/1701382)

While we might think of the Christmas star as a great sign to behold, the shepherds to whom the angel appeared at the very first Christmas were given an incredible sign: the infant Jesus Himself. In this message, Jared Saavedra teaches from Luke 2 on what the shepherds saw when they looked upon the newborn King. NotesWhy did God choose to tell shepherds?Psalm 78:70-71Isaiah 40:111. This Child Was a Sign of God’s Promises Fulfilled (Luke 2:11)Micah 5:21 Timothy 3:16Colossians 1:192. The Child Was a Sign of God’s Peace (Luke 2:13)Ephesians 2:14“Christ is our peace from his incarnation to his death, from thence to his resurrection, and ascension, and intercession.” --Richard Sibbes3. This Child Was Their Occasion for Worship (Luke 2:15-20)How Do We Respond to this Good News?Seek the Lord in FaithPsalm 17:15Show God’s PeaceShare the Wonder1 Peter 2:25---Sermon from 20 December, 2020.To learn more about Renaissance Christian Church and our service times, visit https://ren.church/.Support the show (https://tithe.ly/give_new/www/#/tithely/give-one-time/1701382)

Notes: Why she moved cross country and got her dream job as a trash consultant. Transitioning from full-time work to contract role and why that was a better match for her life today. Inherited money values from both parents who worked multiple jobs. The financial and emotional struggle with not having enough in her emergency fund when she needed it most. How she has started digging herself out of debt. Buying her first home, the mortgage process, VA loans, and selecting a home they can afford and still save money every month. Ideas she has for starting her own side business and how she might go back to waste. How her and her fiance have different money philosophies and how tough financial times have strengthened their relationship. Why you need to give yourself more grace as you grow up in life and develop your financial plan.

Notes: Why we go to conferencesHow Andre got to where he is todayWork/Life HarmonyThe challenge from people getting promoted for being good at one thingWhen you chase something and catch it and it’s not what you thought it would beBeing proactive in helping people before they need helpHow to help people with work/life harmonyBook: Seven Ways to LoveThe importance of learning every person’s languageThe Leader SevenEveryone likes these but everyone has a top 1-2 they preferGoodies time – some people are driven by good thingsQuality minutes – People inspired by manager spending time talking to themRecognition and affirmation – getting creditKnowledge and career advancementIncentives – BonusFlexibility – can my ideas be flexibly implemented here?Respect – time and space respectedThe Leader’s question: “why are you here? How can I help you?”The get great question: “ I want to be great, can you help me?”Links: Book: Seven Ways to Love by Andre YoungYou Evolving Now websiteYou Evolving Now, LLCEmail Address: young.andre32@gmail.comContact information: 610-406-1852For questions, comments and guest suggestions, contact the host, Andy Storch, at storch@advantageperformance.com

Notes: Why we go to conferencesHow Andre got to where he is todayWork/Life HarmonyThe challenge from people getting promoted for being good at one thingWhen you chase something and catch it and it’s not what you thought it would beBeing proactive in helping people before they need helpHow to help people with work/life harmonyBook: Seven Ways to LoveThe importance of learning every person’s languageThe Leader SevenEveryone likes these but everyone has a top 1-2 they preferGoodies time – some people are driven by good thingsQuality minutes – People inspired by manager spending time talking to themRecognition and affirmation – getting creditKnowledge and career advancementIncentives – BonusFlexibility – can my ideas be flexibly implemented here?Respect – time and space respectedThe Leader’s question: “why are you here? How can I help you?”The get great question: “ I want to be great, can you help me?”Links: Book: Seven Ways to Love by Andre YoungYou Evolving Now websiteYou Evolving Now, LLCEmail Address: young.andre32@gmail.comContact information: 610-406-1852For questions, comments and guest suggestions, contact the host, Andy Storch, at storch@advantageperformance.com

Notes: Why we go to conferencesHow Andre got to where he is todayWork/Life HarmonyThe challenge from people getting promoted for being good at one thingWhen you chase something and catch it and it’s not what you thought it would beBeing proactive in helping people before they need helpHow to help people with work/life harmonyBook: Seven […]

The Learning Leader Show With Ryan Hawk Ep #329: Kindra Hall Full show notes can be found at www.LearningLeader.com  Kindra Hall is President and Chief Storytelling Officer at Steller Collective, a consulting firm focused on the strategic application of storytelling to today’s communication challenges. Kindra is one of the most sought after keynote speakers trusted by global brands to deliver presentations that inspire teams and individuals to better communicate the value of their company, their products and their individuality through strategic storytelling.  Kindra is a former Director of Marketing and VP of Sales. Her much anticipated book, Stories That Stick, will be published on September 24, 2019. Notes: Why is storytelling so important? It's how we learn, how we connect Your team needs to know you, and like you (stories do that when you tell them well) You can learn breadth/depth of a person through a story A story is NOT: A bullet point resume A list of information Stating the mission statement The objective A story = The small moments when mission is in a specific place and time... When something happens. The four components of a story: Place and time: "a moment" Identifiable characters - must see people Authentic emotion - Relatable to audience Specific details - Draw audience in to the co-creative process Opening story of her book: In Slovenia at Thanksgiving: The power of the sales clerk's ability to tell a story compelled Kindra and her husband to buy Why did the story work? It drew you in with powerful moments and emotion It had suspense - "I want to know what's going to happen..." People will give you their attention when you're telling a compelling story It brought them to places through vivid descriptions How to better start a meet at work: First, realize it's a skill you can develop Take a step back, think of the higher level message -- "What's the overall theme?" "When have I seen this in action?"  Why was it compelling? Make a list of nouns: People in life you've had to communicate with (bosses, friends, colleagues) Find moments and stories from those people... Understand the characters of the story Think: "What do I want my audience to think, feel, know, and do at the end of this story?" Use the "bystander story" - Stories of others that you make yours Remember the goal is to create connection This becomes your story... Through your eyes How to handle price conversations? Move from dollars and cents to value -- "They need to feel the pain of if they didn't have this thing I'm selling." Our decisions are not always based on logic, they are based on ideas Use the "Get To Know You Document" Why joining The Learning Leader Circle is a good idea

Notes: Why he wrote a book The science behind talent management The importance of starting with the science when dealing with people’s lives What gets in the way of setting and achieving big goals What is a goal and how to achieve it? The mistakes companies make when making decisions without scinece Dunne and Kruger effect Using data to support performance management process Nine lies about work and incorrect claims about feedback The truth behind the 70/20/10 model The state of talent management today What makes great talent management? HRBP’s are the foundation for the rest of talent management How talent development can support HRBPs Trend: AI to help us make smarter decisions What AI can do and where it might fail Book: What got you here won’t get you there by Marshall Goldsmith Advice: Be planful in getting experiences Links: Book: One Page Talent Management: Eliminating Complexity, Adding Value by Marc Effron Book: 8 Steps to High Performance by Marc Effron Book: What Got You Here Won’t Get You There by Marshall Goldsmith Talent Strategy Group Email Address: marc@talentstrategygroup.com For questions, comments and guest suggestions, contact the host, Andy Storch, at storch@advantageperformance.com

Notes: Why he wrote a book The science behind talent management The importance of starting with the science when dealing with people’s lives What gets in the way of setting and achieving big goals What is a goal and how to achieve it? The mistakes companies make when making decisions without scinece Dunne and Kruger effect Using data to support performance management process Nine lies about work and incorrect claims about feedback The truth behind the 70/20/10 model The state of talent management today What makes great talent management? HRBP’s are the foundation for the rest of talent management How talent development can support HRBPs Trend: AI to help us make smarter decisions What AI can do and where it might fail Book: What got you here won’t get you there by Marshall Goldsmith Advice: Be planful in getting experiences Links: Book: One Page Talent Management: Eliminating Complexity, Adding Value by Marc Effron Book: 8 Steps to High Performance by Marc Effron Book: What Got You Here Won’t Get You There by Marshall Goldsmith Talent Strategy Group Email Address: marc@talentstrategygroup.com For questions, comments and guest suggestions, contact the host, Andy Storch, at storch@advantageperformance.com

Notes: Why he wrote a book The science behind talent management The importance of starting with the science when dealing with people’s lives What gets in the way of setting and achieving big goals What is a goal and how to achieve it? The mistakes companies make when making decisions without scinece Dunne and Kruger […]

Show notes for Security Endeavors Headlines for Week 5 of 2019Check out our subreddit to discuss this week's headlines!​InfoSec Week 6, 2019 (link to original Malgregator.com posting)The Zurich American Insurance Company says to Mondelez, a maker of consumer packaged goods, that the NotPetya ransomware attack was considered an act of cyber war and therefore not covered by their policy.According to Mondelez, its cyber insurance policy with Zurich specifically covered “all risks of physical loss or damage” and “all risk of physical loss or damage to electronic data, programs or software” due to “the malicious introduction of a machine code or instruction.” One would think that the language in the cyber insurance policy was specifically designed to be broad enough to protect Mondelez in the event of any kind of cyber attack or hack. And NotPetya would seem to fit the definition included in the cyber insurance policy – it was a bit of malicious code that effectively prevented Mondelez from getting its systems back up and running unless it paid out a hefty Bitcoin ransom to hackers.Originally, Zurich indicated that it might pay $10 million, or about 10 percent of the overall claim. But then Zurich stated that it wouldn't pay any of the claim by invoking a special “cyber war” clause. According to Zurich, it is not responsible for any payment of the claim if NotPetya was actually “a hostile or warlike action in time of peace or war.” According to Zurich, the NotPetya cyber attack originated with Russian hackers working directly with the Russian government to destabilize the Ukraine. This is what Zurich believes constitutes "cyber war."https://ridethelightning.senseient.com/2019/01/insurance-company-says-notpetya-is-an-act-of-war-refuses-to-pay.html Reuters reports that hackers working on behalf of Chinese intelligence breached the network of Norwegian software firm Visma to steal secrets from its clients. According to investigators at cyber security firm Recorded Future, the attack was part of what Western countries said in December is a global hacking campaign by China’s Ministry of State Security to steal intellectual property and corporate secrets. Visma took the decision to talk publicly about the breach to raise industry awareness about the hacking campaign, which is known as Cloudhopper and targets technology service and software providers in order reach their clients.https://www.reuters.com/article/us-china-cyber-norway-visma/china-hacked-norways-visma-to-steal-client-secrets-investigators-idUSKCN1PV141 A new vulnerability has been discovered in the upcoming 5G cellular mobile communications protocol. Researchers have described this new flaw as more severe than any of the previous vulnerabilities that affected the 3G and 4G standards.Further, besides 5G, this new vulnerability also impacts the older 3G and 4G protocols, providing surveillance tech vendors with a new flaw they can abuse to create next-gen IMSI-catchers that work across all modern telephony protocols.This new vulnerability has been detailed in a research paper named "New Privacy Threat on 3G, 4G, and Upcoming5G AKA Protocols," published last year.According to researchers, the vulnerability impacts AKA, which stands for Authentication and Key Agreement, a protocol that provides authentication between a user's phone and the cellular networks.The AKA protocol works by negotiating and establishing keys for encrypting the communications between a phone and the cellular network.Current IMSI-catcher devices target vulnerabilities in this protocol to downgrade AKA to a weaker state that allows the device to intercept mobile phone traffic metadata and track the location of mobile phones. The AKA version designed for the 5G protocol --also known as 5G-AKA-- was specifically designed to thwart IMSI-catchers, featuring a stronger authentication negotiation systemBut the vulnerability discovered last year allows surveillance tech vendors to create new models of IMSI-catchers hardware that, instead of intercepting mobile traffic metadata, will use this new vulnerability to reveal details about a user's mobile activity. This could include the number of sent and received texts and calls, allowing IMSI-catcher operators to create distinct profiles for each smartphone holder. https://www.zdnet.com/article/new-security-flaw-impacts-5g-4g-and-3g-telephony-protocols/ The Debian Project is recommending the upgrade of golang-1.8 packages after a vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes two vulnerabilities in the “go get” command, which could result in the execution of arbitrary shell commands.https://www.debian.org/security/2019/dsa-4380 It is possible to trick user’s of the Evolution email application into trusting a phished mail via adding a forged UID to a OpenPGP key that has a previously trusted UID. It's because Evolution extrapolates the trust of one of OpenPGP key UIDs into the key itself. The attack is based on using the deficiency of Evolution UI when handling new identifiers on previously trusted keys to convince the user to trust a phishing attempt. More details about how the flaw works, along with examples are included in the article, which is linked in the show notes. Let’s take a minute to cover a bit of background on Trust Models and how validating identities work in OpenPGP and GnuPG:The commonly used OpenPGP trust models are UID-oriented. That is, they are based on establishing validity of individual UIDs associated with a particular key rather than the key as a whole. For example, in the Web-of-Trust model individuals certify the validity of UIDs they explicitly verified.Any new UID added to the key is appropriately initially untrusted. This is understandable since the key holder is capable of adding arbitrary UIDs to the key, and there is no guarantee that new UID will not actually be an attempt at forging somebody else's identity.OpenPGP signatures do not provide any connection between the signature and the UID of the sender. While technically the signature packet permits specifying UID, it is used only to facilitate finding the key, and is not guaranteed to be meaningful. Instead, only the signing key can be derived from the signature in cryptographically proven way.GnuPG (as of version 2.2.12) does not provide any method of associating the apparent UID against the signature. In other words, from e-mail's From header. Instead, only the signature itself is passed to GnuPG and its apparent trust is extrapolated from validity of different UIDs on the key. Another way to say this is that the signature is considered to be made with a trusted key if at least one of the UIDs has been verified.https://dev.gentoo.org/~mgorny/articles/evolution-uid-trust-extrapolation.html If you’re up for some heavy reading about manipulation and deceit being perpetrated by cyber criminals, it may be worth checking out a piece from buzzfeednews. It tells a woeful and dark tale that does not have a happy ending. A small excerpt reads: “As the tools of online identity curation proliferate and grow more sophisticated, so do the avenues for deception. Everyone’s familiar with the little lies — a touch-up on Instagram or a stolen idea on Twitter. But what about the big ones? Whom could you defraud, trick, ruin, by presenting false information, or information falsely gained? An infinite number of individual claims to truth presents itself. How can you ever know, really know, that any piece of information you see on a screen is true? Some will find this disorienting, terrifying, paralyzing. Others will feel at home in it. Islam and Woody existed purely in this new world of lies and manufactured reality, where nothing is as it seems.”https://www.buzzfeednews.com/article/josephbernstein/tomi-masters-down-the-rabbit-hole-i-go Security researchers were assaulted by a casino technology vendor Atrient after responsibly disclosed critical vulnerabilities to them. Following a serious vulnerability disclosure affecting casinos globally, an executive of one casino technology vendor Atrient has allegedly assaulted the security researcher who disclosed the vulnerability at the ICE conference in London. The article covers the story of a vulnerability disclosure gone bad, one involving the FBI, a vendor with a global customer base of casinos and a severe security vulnerability which has gone unresolved for four months without being properly addressed.https://www.secjuice.com/security-researcher-assaulted-ice-atrient/ Article 13, the new European Union copyright law is back and it got worse, not better. In the Franco-German deal, Article 13 would apply to all for-profit platforms. Upload filters must be installed by everyone except those services which fit all three of the following extremely narrow criteria:Available to the public for less than 3 yearsAnnual turnover below €10 millionFewer than 5 million unique monthly visitorsCountless apps and sites that do not meet all these criteria would need to install upload filters, burdening their users and operators, even when copyright infringement is not at all currently a problem for them.https://juliareda.eu/2019/02/article-13-worse/ Researchers from Google Project Zero evaluated Apple's implementation of Pointer Authentication on the A12 SoC used in the iPhone XS. There are bypasses possible, but the conclusion says it is still a worthwhile exploitation mitigation technique.Among the most exciting security features introduced with ARMv8.3-A is Pointer Authentication, a feature where the upper bits of a pointer are used to store a Pointer Authentication Code (PAC), which is essentially a cryptographic signature on the pointer value and some additional context. Special instructions have been introduced to add an authentication code to a pointer and to verify an authenticated pointer's PAC and restore the original pointer value. This gives the system a way to make cryptographically strong guarantees about the likelihood that certain pointers have been tampered with by attackers, which offers the possibility of greatly improving application security.There’s a Qualcomm white paper which explains how ARMv8.3 Pointer Authentication was designed to provide some protection even against attackers with arbitrary memory read or arbitrary memory write capabilities. It's important to understand the limitations of the design under the attack model the author describes: a kernel attacker who already has read/write and is looking to execute arbitrary code by forging PACs on kernel pointers.Looking at the specification, the author identifies three potential weaknesses in the design when protecting against kernel attackers with read/write access: reading the PAC keys from memory, signing kernel pointers in userspace, and signing A-key pointers using the B-key (or vice versa). The full article discusses each in turn.https://googleprojectzero.blogspot.com/2019/02/examining-pointer-authentication-on.html There is a dangerous, remote code execution flaw in the LibreOffice and OpenOffice software. While in the past there have been well documented instances where opening a document would result in the executing of malicious code in paid office suites. This time LibreOffice and Apache’s OpenOffice are the susceptible suites. The attack relies on exploiting a directory traversal flaw, identified as CVE-2018-16858, to automatically execute a specific python library bundled within the software using a hidden onmouseover event.To exploit this vulnerability, the researcher created an ODT file with a white-colored hyperlink (so it can't be seen) that has an "onmouseover" event to trick victims into executing a locally available python file on their system when placing their mouse anywhere on the invisible hyperlink.According to the researcher, the python file, named "pydoc.py," that comes included with the LibreOffice's own Python interpreter accepts arbitrary commands in one of its parameters and execute them through the system's command line or console.https://thehackernews.com/2019/02/hacking-libreoffice-openoffice.html Nadim Kobeissi is discontinuing his secure online chat Cryptocat. The service began in 2011 as an experiment in making secure messaging more accessible. In the eight ensuing years, Cryptocat served hundreds of thousands of users and developed a great story to tell. The former maintainer explains on the project’s website that other life events have come up and there’s no longer available time to maintain things. The coder says that Cryptocat users deserve a maintained secure messenger, recommends Wire.The Cryptocat source code is still published on GitHub under the GPL version 3 license and has put the crypto.cat domain name up for sale, and thanks the users for the support during Cryptocat's lifetime.https://twitter.com/i/web/status/1092712064634753024 Malware For Humans is a conversation-led, independent documentary about fake news, big data, electoral interference, and hybrid warfare. Presented by James Patrick, a retired police officer, intelligence analyst, and writer, Malware For Humans covers the Brexit and Trump votes, the Cambridge Analytica scandal, Russian hybrid warfare, and disinformation or fake news campaigns.Malware For Humans explains a complex assault on democracies in plain language, from hacking computers to hacking the human mind, and highlights the hypocrisy of the structure of intelligence agencies, warfare contractors, and the media in doing so. Based on two years of extensive research on and offline, Malware For Humans brings the world of electoral interference into the light and shows that we are going to be vulnerable for the long term in a borderless, online frontier. A complete audio companion is available as a separate podcast, which can be found on iTunes and Spotify as part of The Fall series and is available for free, without advertisements.https://www.byline.com/column/67/article/2412 Security Endeavors Headlines is produced by SciaticNerd & Security Endeavors with the hope that it provides value to the wider security community. Some sources adapted for on-air readability.Special thanks to our friends at malgregator dot com, who allow us to use their compiled headlines to contribute to show’s content. Visit them at Malgregator.com. Additional supporting sources are also be included in our show notesWhy not start a conversation about the stories from this week on our Subreddit at reddit.com/r/SEHLMore information about the podcast is available at SecurityEndeavors.com/SEHL Thanks for listening and we'll see you next week!

Show notes for Security Endeavors Headlines for Week 4 of 2019Check out our subreddit to discuss this week's headlines!Now also available on SoundCloudInfoSec Week 5, 2019 (link to original Malgregator.com posting)According to a Reuters investigation, United Arab Emirates used former U.S. intelligence operatives to hack into the iPhones of activists, diplomats and foreign politicians using so-called Karma spyware. It’s described as a tool that could remotely grant access to iPhones simply by uploading phone numbers or email accounts into an automated targeting system. The tool has limits — it doesn’t work on Android devices and doesn’t intercept phone calls. But it was unusually potent because, unlike many exploits, Karma did not require a target to click on a link sent to an iPhone, they said. In 2016 and 2017, Karma was used to obtain photos, emails, text messages and location information from targets’ iPhones. The technique also helped the attackers harvest saved passwords, which could be used for other intrusions. According to the report, Karma relies, at least in part, on a flaw in Apple’s iMessage messaging system. The flaw allowed for the implantation of malware on the phone through iMessage which establishes a connection with the device even if the phone’s owner didn’t use the app. To initiate the compromise, Karma needed only to send the target a text message — no action was required on the part of the recipient. It isn’t clear whether the Karma spyware is still in use. The story says that by the end of 2017, security updates to the iPhone software had made Karma far less effective. https://www.reuters.com/investigates/special-report/usa-spying-karma/ Russia also has it's own Wikileaks. Called Distributed Denial of Secrets, the website aims to "bring into one place dozens of different archives of hacked material that, at best, have been difficult to locate, and in some cases appear to have disappeared entirely from the web." Distributed Denial of Secrets, or DDoS, is a volunteer effort that launched last month. Its objective is to provide researchers and journalists with a central repository where they can find the terabytes of hacked and leaked documents that are appearing on the internet with growing regularity and is being considered a kind of academic library or a museum for leak scholars. DDoS differs from WikiLeaks in that it doesn’t solicit direct leaks of unpublished data—its focus is on compiling, organizing, and curating leaks that have already appeared somewhere in public. The DDoS project compiled more than 200,000 emails into a spreadsheet for ease of searching. In all, its cache now contains 61 different leaks totaling 175 gigabytes. https://www.thedailybeast.com/this-time-its-russias-emails-getting-leaked The Japanese government will run penetration tests against all the IoT devices in the country in preparation for the Tokyo 2020 Summer Olympics. They want to map vulnerable devices and find out how to harden infrastructure. The survey will be carried out by employees of the National Institute of Information and Communications Technology (NICT) under the supervision of the Ministry of Internal Affairs and Communications. NICT employees will be allowed to use default passwords and password dictionaries to attempt to log into Japanese consumers' IoT devices.The plan is to compile a list of insecure devices that use default and easy-to-guess passwords and pass it on to authorities and the relevant internet service providers, so they can take measures to alert consumers and secure the devices.The survey is scheduled to kick off next month, when authorities plan to test the password security of over 200 million IoT devices, beginning with routers and web cameras. Devices in people's homes and on enterprise networks will be tested alike.https://www.zdnet.com/article/japanese-government-plans-to-hack-into-citizens-iot-devices/ The Cyber Independent Testing Lab, or CITL, is a nonprofit organization that focuses on consumer cybersecurity. They published research back in December of 2018, demonstrating how 28 home wireless routers fail to use even basic security techniques. CITL presented an update to that research during Shmoocon 2019, showing identical or similar weaknesses in 1,000 home and commercial Wi-Fi routers, across 6,000 firmware versions and 18 vendors. This includes highly rated devices from brands such as Asus, Belkin, Buffalo, D-Link, Linksys, and Netgear.It’s no secret that many Wi-Fi routers are highly insecure. Security researchers, pointing at issues such as hard-coded default passwords and irregular security updates, have been issuing warnings for years. What might be alarming about CITL’s latest research is that despite the alarm bells, CITL finds that vendors are generally building Wi-Fi routers with fewer protections than they had in 2003. The organization’s acting director says the research will be published soon on the CITL site.https://the-parallax.com/2019/01/24/wi-fi-router-security-worse-citl-shmoocon/ A bug in the Samsung Galaxy Apps Store allowed an attacker to inject arbitrary code through the interception of periodic update requests made by the vendor’s App Store itself. Due to initiating checks for updates in the Samsung Galaxy Apps Store in the clear, meaning not over a secured connection, an attacker can manipulate network traffic via Man-In-The-Middle style, and can change the URL for load-balancing and modify the requests for the update mirrors with inauthentic, user controlled domains. This would allow an attacker to trick Galaxy Apps into using an arbitrary hostname for which the attacker can provide a valid digital certificate, and simulate the API of the app store to modify existing apps on a given device. An attacker could exploit this vulnerability to achieve Remote Code Execution on Samsung devices.https://www.adyta.pt/en/2019/01/29/writeup-samsung-app-store-rce-via-mitm-2/ Over 9,000 Cisco RV320/RV325 routers are currently being exploited in the wild after the network hardware manufacturer announced updates were available to patch newly published vulnerabilities. The release of the Proof of Concept exploit code triggered the scanning of devices by would-be attackers and professionals alike. Thousands of routers are exposed on the internet with a web-based management interface vulnerability that could allow an unauthenticated, remote attacker to either retrieve sensitive configuration information or perform remote command injections.https://securityaffairs.co/wordpress/80363/hacking/cisco-rv320-rv325-hack.html If you can imagine a mathematical version of the Kumite featured in the the 80s movie BloodSport, then you might be cheering from the stands this week as the US National Institute of Standards and Technology (NIST) announced the second-round candidates for quantum resistant public-key encryption and key-establishment algorithms. After releasing a report on the status of quantum-resistant cryptography in April 2016, NIST followed up in December 2016 with a call to the public to submit post-quantum algorithms that potentially could resist a quantum computer’s onslaught. The agency spent one year collecting the submissions and another working with the larger cryptography community on a first round of review to focus on the most promising algorithms. Of the 69 submissions NIST received, these 26 algorithms made the cut. This second round will focus more heavily on evaluating the submissions’ performance across a wide variety of systems, Moody said, because so many different devices will need effective encryption. https://groups.google.com/a/list.nist.gov/forum/#!topic/pqc-forum/bBxcfFFUsxE https://www.nist.gov/news-events/news/2019/01/nist-reveals-26-algorithms-advancing-post-quantum-crypto-semifinals A vulnerability in Apple’s FaceTime application allows the activation of the microphone of the device being called, allowing audio to be transmitted back to the person who initiated the session, all without ever having accepted a call. It’s also possible to trigger the camera to turn on as well. The issue has been replicated when calling from either from a mobile device or a Macintosh desktop. Apple has disabled the FaceTime conferencing servers before the fix is released. Word of the FaceTime bug has been spreading virally over social media. Apple says the issue will be addressed in a software update “later this week”.https://9to5mac.com/2019/01/28/facetime-bug-hear-audio/ Book Publisher NoStarch Press got an unwelcome surprise this week when it discovered a counterfeit version of one of their books on Amazon’s self-publishing platform, CreateSpace. Bill Pollack, the publisher’s founder, has taken to twitter to help raise awareness of the fraudulent item and is seeking assistance from Amazon to remedy the situation. Unfortunately this isn’t the first time printed fakes have made their way into the online merchant’s listings. The fake books are of noticeably lower quality, especially the screenshots. According to the current tweets, it took months to resolve things last time. Hopefully Bill Pollack and the NoStarch crew don’t have wait as long to see results this time. The best way to know what you’re getting the real deal is by just ordering direct from their website at NoStarch.com. That way you know what you’re getting and get a DRM free copy in eBook format, too.https://twitter.com/billpollock/status/1091840257073471488 If you’re a tenant in the US, it’s very likely that a management-provided smart home system is headed your way in the near future. It will be important to carefully evaluate your family’s personal threat model, and consider the plausible digital ways which these systems could be exploited. A well known infosec professional recently had occasion to dive much more deeply into the topic as their apartment’s property management company announced that all units would be “upgraded” from traditional lock & key to a smart locks. This raised more than a few questions and concerns in the researcher's mind and kicked off a significant amount of research and engagement with all parties involved. Several thought provoking suggestions come out of the article including:Spend some time reading into the vendor. Respectfully and courteously encourage your property management company and their smart system vendor to adopt industry best practices in securing smart hubs both physically and digitally, the networks they are connected to, and resident data at rest and in transit in their infrastructure. Request your property managers clearly and decisively address privacy concerns such as data ownership and resale in writing. If solid answers in writing don’t assuage legitimate concerns, consider politely seeking an option to opt-out – and make your threat model clear to them, if you’re in a sensitive situation. The author ends by saying, “These systems are the future – let’s do them right, for everybody.” Adapted from the article: Security Things to Consider When Your Apartment Goes Smart, posted on tisiphone.net.https://tisiphone.net/2019/01/28/security-things-to-consider-when-your-apartment-goes-smart/ Have you ever been out and about with a Raspberry Pi and wanted to update the configuration on the SD card, but didn’t have the necessary monitor, keyboard or mouse handy? That’s the type of situation that resulted in the creation of PiBakery! The key feature of PiBakery is its ability to create a customised version of Raspbian that you write directly to your Raspberry Pi’s SD card. This works by creating a set of scripts that run when the Raspberry Pi has been powered on, meaning that your Pi can automatically perform setup tasks, and you don't need to configure anything.The scripts are created using a block based interface that is very similar to Scratch. If you've used Scratch before, you already know how to use PiBakery. Simply drag and drop the different tasks that you want your Raspberry Pi to perform, and they'll be turned into scripts and written to your SD card. As soon as the Pi boots up, the scripts will be run. If you've already made an SD card using PiBakery, you can insert that SD card back into your computer, and keep editing the blocks to add additional software, configure new WiFi networks, and alter different settings. All without having to find a monitor, keyboard and mouse. All the different blocks for PiBakery are stored on GitHub, which means that anyone who either has created software that they want to easily distribute to Raspberry Pis, or has a setup script they want to share with others, can turn this into an easy to use block, allowing others to use their software or script with ease. https://www.pibakery.org/index.html If you’re a Windows user maybe you’ve been using the Snipping Tool over the years to make quick screenshots. Since February of 2018, Windows 10 users have had access to Snip & Sketch from the Microsoft app store. It’s a modern version of the solid tool dating back to Windows 7. It’s also available for the XBox One, so maybe someone could explain a few use cases over the built in screenshot options? Happy Documenting.https://www.microsoft.com/en-us/p/snip-sketch/9mz95kl8mr0l?activetab=pivot:overviewtab Security Endeavors Headlines is produced by SciaticNerd & Security Endeavors with the hope that it provides value to the wider security community. Some sources adapted for on-air readability.Special thanks to our friends at malgregator dot com, who allow us to use their compiled headlines to contribute to show’s content. Visit them at Malgregator.com. Additional supporting sources are also be included in our show notesWhy not start a conversation about the stories from this week on our Subreddit at reddit.com/r/SEHLMore information about the podcast is available at SecurityEndeavors.com/SEHL Thanks for listening and we'll see you next week!

Episode 8: Productive, Purposeful, and Practical Tech Toolsfeaturing Jared and Kari Wall SHOW DATE: October 1, 2018SUMMARY: Now that everyone is back in full swing with the school year, we wanted to take a moment to look at tech tools that are beneficial and easily used in the classroom. Tech tools must be convenient and easy to use by teachers and students or they will not get used. SHOW NOTES: News and Notes:Why so long in between podcasts? It has been a packed few months:Getting familiar with a new school year, students, procedures, and contentTechnology Tools & TrendsWe continue to use CanvaMemesPostersPear DeckAdd-on for Google Slides (includes templates for bell ringer/exit ticket/critical thinking questionsAdd any type of question to your pre-made slide.Formative assessmentMultiple choiceDrawingsDrag and dropText (for students to write out a response)MoreUpdates to Google ClassroomClass Work Page makes it easier to organize your activitiesEasily reuse posts or assignments across classrooms.Assign activities to groups within your classes.Flaws:need ability to hide and easier reorganization.Need to be able to have one class with multiple sectionsBitmoji (Extension in Google Chrome)Students created an account (if they didn’t already have one) and their own avatarStudents created a comic strip that was relevant to what we were doing in class and used their own personal bitmoji as their character in their comic stripThey were able to copy and paste their bitmoji using the extension in Google ChromeIt pastes as an image, so students could crop out words or parts of the image they did not want to useStudents love seeing themselves. This gives them the opportunity.This is something that can be used across all content for a multitude of projects or to simply add a little something to an assignment

#150: It’s our 150th episode!!! This week we talk about how sometimes it doesn’t pay to do good. Also, Josué wants a nickname for members of the community. Questions? Comments? Discuss this episode on the GT Forum. Notes: Why people love to hate on do-gooders, especially at work – http://bit.ly/2LVBK2T Positive and Negative podcast – http://bit.ly/2netFrf 00:00:00 – Intro […] The post One Fifty appeared first on Geek Therapy.

2017-07-23-1030 Pastor Loran Livingston is the speaker this morning, July 23rd,  2017 in the 10:30 AM service.   Scripture: Luke 18:9-14; Colossians 1:19-20   Notes: - Why do we feel guilty when we are blessed? - We should rage with gratitude. - God does not bless us because we are good but because He is good. - How good do we have to be to feel worthy of a blessing? - Are we self-righteous? - Do we say we are not like other men? - We must pray to God to be merciful for we are sinners. - We struggle every day. - Rely on the grace of God. - We have failure after failure. - We keep doing the wrong thing; pressing the wrong button. - We must know that God will not depart from us. - It is all taken care of.

2017-07-23-0830 Pastor Loran Livingston is the speaker this morning, July 23rd,  2017 in the 8:30 AM service.   Scripture: Luke 18:9-14; Colossians 1:19-20   Notes: - Why do we feel guilty when we are blessed? - We should rage with gratitude. - God does not bless us because we are good but because He is good. - How good do we have to be to feel worthy of a blessing? - Are we self-righteous? - Do we say we are not like other men? - We must pray to God to be merciful for we are sinners. - We struggle every day. - Rely on the grace of God. - We have failure after failure. - We keep doing the wrong thing; pressing the wrong button. - We must know that God will not depart from us. - It is all taken care of.

Steve Patterson is a rationalist philosopher and intellectual entrepreneur working outside of academia. He is the host of Patterson in Pursuit, a podcast featuring deep conversations with top thinkers in logic, philosophy, mathematics, quantum physics and other areas. He is also the author of What's The Big Deal About Bitcoin and the forthcoming book Square One: The Foundations of Knowledge. Steve has been traveling around the world interviewing experts on everything from quantum physics to Christian theology, searching for answers to the questions most often cited by supporters of mystical, post-modern, and other worldviews that propose truth is ultimately unknowable. We discuss academia, and how math and infinity relate to objective truth. Notes: - Why the pursuit of truth in any area begins with the basics - Why do people contradict the basic laws of logic? - Are most philosophical debates really about language? - The state of academia - The incentives for academics - What the church and academia have in common - Philosophical problems with modern mathematics: Zeno's paradox and infinity - The metaphysics of numbers - Concepts and Platonism - What are the implications of math's infinite set? - How math is used to support irrationalism - Why objective truth exists Check out previous episodes with Steve Patterson: - 4 - Steve Patterson on Credentialism, Cryptocurrency, and Creative Power - 10 - Steve Patterson on Physics, Paradoxes, and Patronage ___________ This episode is brought to you by one of the most innovative accounting startups in the country, Ceterus. Ceterus is looking for accountants or finance-minded professionals who want more something more than a standard job. If you have accountants in your network that are interested in empowering entrepreneurs in a growing startup, visit isaac.ceterus.com. ___________ Show notes and links to all books, articles, and resources mentioned are available at isaacmorehouse.com If you are a fan of the show, make sure to leave a review on iTunes. All episodes of the Isaac Morehouse Podcast are available on SoundCloud, iTunes, Google Play, and Stitcher.

The Irish & Celtic Music Podcast is not your typical Celtic radio program. Most play the same Celtic artists promoted by the top record labels. We focus on indie Celtic bands, the ones who don't get played but are just as good. You'll find them living in your town if you go looking. Great indie Celtic music from Nine-8ths Irish, Harpnotic, David Nigel Lloyd, Aisling, New Shilling, Kailyarders, Adamh, Emerald Dawn, Perkelt, Jim Sharkey, The Elders, Don Gabbert, Barleyjuice, O'Hanleigh. If you enjoy this podcast, then please rate the show on iTunes or your favorite podcatcher. Then subscribe to our Celtic Music Magazine. This is our free newsletter and your guide to the latest Celtic music and podcast news. Subscribe today to download 34 Celtic MP3s for free. Remember to support the artists who support this podcast: buy their CDs, download their MP3s, see their shows, and drop them an email to let them know you heard them on the Irish and Celtic Music Podcast. And remember to Vote in the Celtic Top 20. Vote once for each episode and you can help me create next year's Best Celtic music of 2016 episode.   Today's show is brought to you by Patrons of the Podcast There is a lot that goes into the production of a successful podcast, everything finding bands and picking music, to recording, sharing and promoting episodes. It requires a lot of time, and money. Each week, Celtic music fans pledge $1 or more per episode to help pay for the production of the podcast. Whenever we hit a Milestone, you get an extra long episode of this show. We just hit our next Milestone which means you're gonna get a 2-hour Celtic music special highlighting the indie Celtic music of Canada right after St. Patrick's Day. You can Become a Patrons of the Podcast. Special thanks to our newest Patrons: Robert and Patrick   Notes: * Why yes, we do have t-shirts. The 2016 Irish & Celtic Music Podcast t-shirts are now available in our Celtic Music Store. Follow the link in the shownotes, or better yet, follow the link in the Celtic Music Magazine to save 10%. And if you already have a shirt. Take a picture and send it in. * If you're in a Celtic band, please contact me ASAP to join this year's St Patrick's Day Internet Music Festival. All you need to do is submit a live performance video on YouTube and be willing to promote the event. Visit the website for details. * Braking Down Security Podcast * I WANT YOUR FEEDBACK: Call 678-CELT-POD to leave a voicemail message. That's 678-235-8763. What are you doing today while listening to the podcast? You can email a written comment to music@celticmusicpodcast.com along with a picture of what you're doing while listening to this podcast or from one of your trips to one of the Celtic nations.     This Week in Celtic Music 0:40 "Farewell to Whalley Range" by Nine-8ths Irish from West of Ireland 4:35 "Dark Forest" by Harpnotic from Harpnotic 7:48 "Roll Back Columbia" by David Nigel Lloyd from Rivers, Kings and Curses 10:46 "George Brabazon/The Boys of Ballysodare/Reeping the Rye" by Aisling from Pilgrim's Road 15:40 "Out of the Blue (... We'll Always Have Brugge)" by New Shilling from New Shilling 20:04 CELTIC MUSIC NEWS 20:43 "The Black Well" by Kailyarders from The Black Well 23:56 "Kilmovee Jig/The Sleeping Fat Cat/Eddie Kelly's" by Adamh from Adamh 28:51 "Whiskey for My Mates" by Emerald Dawn 31:57 "Ai List Lo Lop" by Perkelt from Dowry of a Troll Woman 35:47 "Sweet Anne's Road" by Jim Sharkey from Sweet Anne's Road 42:06 CELTIC FEEDBACK 45:36 "Meetings of the Waters" by The Elders from Story Road 50:06 "The Wind That Shakes the Barley" by Don Gabbert from Alone on the Porch 54:08 "Songs For Sinners" by Barleyjuice from Bonny Prince Barley 59:55 "Ain't It Bloody Well Grand to be Irish (and Living in the USA)" by O'Hanleigh from Of Irish Crossings Told The Irish & Celtic Music Podcast was produced by Marc Gunn, The Celtfather. To subscribe, go to iTunes or to our website where you can become a Patron of the Podcast for as little as $1 per episode. You can post feedback in the shownotes at celticmusicpodcast.com.

NotesWhy did Jesus come? Jesus came to say something very specific: the gospel of God. What is the gospel? He came to bring something very specific: the kingdom of God. The kingdom of God is the sovereign reign of God over all the world and over his...

What is Good?, 1 December 2002, Don Montagna, WES Leader. Notes: Why is Good a central concept of EC? How is it defined and applied by philosophers in the face of contradictions? What about our own lives? Don gives a careful examination of these and related questions.