Podcasts about windows firewall

  • 8PODCASTS
  • 14EPISODES
  • 36mAVG DURATION
  • ?INFREQUENT EPISODES
  • Jun 3, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about windows firewall

Latest podcast episodes about windows firewall

The Dental Marketer
Why Dental Practices are Prime Targets for Cyber Attacks: How to Stay Vigilant | Amy Wood | MME

The Dental Marketer

Play Episode Listen Later Jun 3, 2024


Are you investing enough into cybersecurity? In this eye-opening episode, I'm sitting down with Amy Wood, a renowned cybersecurity and data breach prevention specialist, to uncover the critical importance of spending wisely to protect patient information. Amy reveals why dental practices are prime targets for cybercriminals and lays out essential security measures that can provide robust protection. From business-grade antivirus systems to the significance of encrypted emails, she leaves no stone unturned in exploring the landscape of cybersecurity for dental practices.Amy dives deep into the cost structure of effective cybersecurity, offering a detailed breakdown of what practices should expect to spend. We explore common pitfalls that can compromise a practice's security and provide practical advice on vetting IT providers to ensure they meet HIPAA compliance and other security standards. With insights into managing costs without sacrificing security, Amy's expert guidance is crucial for any dental practice looking to fortify its defenses against cyber threats.What You'll Learn in This Episode:Why dental practices are prime targets for cybercriminalsEssential cybersecurity measures every dental practice should implementCommon shortcuts that compromise your practice's securityThe cost structure of maintaining robust cybersecurityHow to vet IT providers to ensure HIPAA compliancePractical advice for managing cybersecurity costs effectivelyThe real consequences of neglecting cybersecurity in dental practicesTune in to fortify your dental practice against cyber threats and safeguard your patient information with, Amy Wood!‍‍Sponsors:For DSO integrations, startup solutions, and all your dental IT needs, let our sponsors, Darkhorse Tech, help out so you can focus on providing the amazing care that you do. For 1 month of FREE service, visit their link today! https://thedentalmarketer.lpages.co/darkhorse-deal/‍You can reach out to Amy Wood here:Website: http://copperpennyconsulting.comInstagram: https://www.instagram.com/copperpennyconsulting‍Mentions and Links: Businesses/Services:Henry ScheinOrganizations:HIPAAFBIChange HealthcareMGM‍If you want your questions answered on Monday Morning Episodes, ask me on these platforms:My Newsletter: https://thedentalmarketer.lpages.co/newsletter/The Dental Marketer Society Facebook Group: https://www.facebook.com/groups/2031814726927041‍Episode Transcript (Auto-Generated - Please Excuse Errors)‍Michael: Hey, Amy. So talk to us. What's one piece of advice you can give us this Monday morning? Amy: So it's actually a very unpopular opinion and piece of advice. It's that you need to spend an appropriate amount of money in order to protect patient information. Michael: Interesting. So we need to spend or we don't have to.Amy: talk to us about that then. so what I do is cybersecurity and data breach prevention. I used to be an IT provider mostly in the dental space for almost 20 years, so I know what it's like to have to. Be set up in a way to try to prevent things like ransomware, computer downtime, not planning ahead for your failures, things like that.what I've realized is that mainstream medical has a lot more resources, both financially and just time and people to actually address all things for HIPAA or cyber security, things like that. But dental generally doesn't. It's a much smaller market. The bad news is that a lot of cyber criminals are targeting dental practices because they also know that dental offices don't have the resources.Interesting. Okay. So then when it comes to that ransomware, and I guess spending the right amount of money, how do we know what is the right amount of money and what are we spending it on specifically? on average, I would say if you're spending roughly 150 a month per computer in your You're about on trackand that's just for basic security prevention.That's going to overlap with some cybersecurity. It's going to overlap with HIPAA regulations and just basic business best practices. For having computers in a business. So that's the rough price range on that. Some places are more expensive. So if you're in a major metropolitan area, you might be paying more.You might be paying less if you're more rural or if you try to cut some corners. Which I do not recommend. As far as what things you need to have uh, let's start with the big four. You've got business grade antivirus patches and updates. So running your Windows updates, making sure all your apps are up to date, kind of like we do on our phones, where we run all the Mac updates and then the app updates.It's the same thing for computers. Then we have business grade firewall. I'm not talking about what the internet provider gives to you. And, or Windows Firewall, that's not appropriate either, business grade firewall. And then the last one is probably the most important, it's backups. Right now the FBI is recommending a 3 2 1 approach, three kinds of backups in two different formats, with one of them being completely off site and or offline.know that's a lot. No, Michael: no, no. But it's interesting. So you did mention cutting corners. Do you see this a lot? And where specifically are the most common corners that are cut in a dental practice? Amy: So I see people not having a business grade firewall, not having encrypted email. And I'm also seeing a lot of computers right now that people did a whole bunch of upgrades from Windows 7 to Windows 10, but they didn't actually replace the computer.They just put a new operating system on an old computer. And now we're a few years into that, and these practices want to do things like, Add Conebeam or add 3D Invisalign or anything like that. And they can't do it because these computers, while they might have a current operating system on them, they're really, really old and they just can't handle it.So that's a very common corner that I see cut. Michael: Okay. So do we have to. Always upgrade our computers. Like all right, we all have to buy new computers every five years. Kind of thing. Whenever you're gonna do an upgrade like this. Amy: Yeah, I think it really depends on I'm gonna put my former IT provider hat on for a minute.Uh, I think it really depends on how you purchased it. Did you overbuild it when you purchased it or did you buy the cheapest thing you could at the time? So if you bought the cheapest thing you're looking at maybe three years before it really starts giving you problems. And if you overbuilt it to start with, you're still looking at five years.You might be able to stretch it just a little bit longer than that, but three to five years is the current standard of care. Kind of That expectation for end of life. Michael: Now, what are the really big problems it could get? Let's just say the three or one and you're like, Maybe some people are listening like, Amy, it's been five years and mine's just doing pretty well.It's slow, but what are the really big problems we need to look out for? Amy: So it's things that won't work with older computers, let's say your printer fails. hopefully you have more than one printer in your office, but you have a printer fail and you get a new one. It might not work on that older computer.Or if you have an older operating system on it, you might find that if you're doing anything electronically with your bank, they might not work with that. It's not compatible. So there's this whole interoperability engineering process that has to happen with computers. And it's a lot less important than it was.10, 15 years ago, but dental is about 10, 15 years behind technology wise. So It's a little more complicated than the rest of general business and even mainstream medical. So depend on your IT guys to actually know how to engineer a solution, not just a product. Kind of Like dentists do. It's not what kind of implant you use.Yes, everyone has a preference, but it's more about how you the professional are actually implementing this as a solution for your patient. Yeah. Michael: Interesting. And now one 50 a month, roughly to be on track per computer. Amy: I'll be honest. I charged a lot more. I lived in the San Francisco Bay area.we had much higher cost of living. Michael: Interesting. Okay. So then depending on where you live and you're at one 50 a month per computer, this is how much we're looking at to when it comes to just protect our data from like any ransomware attacks. Okay. Disasters or anything like that. That's the basic.Okay. Because I see a lot in specific groups and specific places, Facebook groups, right? Where they're like, I need a lower quote. I need something different. And so if people are finding a lower quote. Amy: Refurbished computers, which basically means they're new to you, but they're not new computers. I have seen where the I.T. provider is not installing all the programs on the computer. They push that back onto you as the practice to do that work. I kind of look at it as, It costs a certain amount to do a certain job for any specialist any, contractor, you contact a plumber and electrician. It costs a certain amount to do the job if they're charging you less.Something isn't happening. And it's the same way with computers and with security. Something isn't being done because there, there are metrics out there. We know what it costs. Michael: Commonly, what's not being done that you've seen by like agencies, like it. Amy: I have seen not the right kinds of backups. I have seen not having a properly encrypted email.I have seen the wrong kind of patches and updates being done where people think it's being done, but it's not. I've also seen a lot of IT providers use the this will make you HIPAA compliant. Um, I've also seen a buzzwords of, uh, this will make you HIPAA compliant.And the reality is HIPAA compliance is thousands and thousands of pages of regulation and recommendations and tech information. And in terms of HIPAA, the technology portion of it really only represents about 20 percent of HIPAA as a whole. So it's the most expensive and the most fast paced and changing aspect of HIPAA.But it's also the smallest portion of that regulation. So if an IT provider is saying, Hey, we're doing your HIPAA for you. They're doing 20 percent of So I'm seeing a lot of things like that. Michael: Yeah. So can they ever do 100 percent of it or no? Or it's just like, no, it's not in their wheelhouse. Interesting. So they're just doing the 20 percent of it. Now, what questions should we ask them when it comes to like, Hey, are you doing a proper backup? And they're like, yeah, you know, how would you even know? thank you. I can tell you're doing it. So what questions should we ask when it comes to these type of scenarios?Amy: Obviously that so one of the cool things about HIPAA and know I'm the weirdo, I like. regulation. I like being a rule follower. I am the weirdo that loves HIPAA. Part of HIPAA actually requires that you as a healthcare provider and professional do something called due diligence review on any of your subcontractors and business associates, which basically means all your vendors that touch practice management data and patient information.And. Part of that is asking really intrusive questions. So things like, how do you log into our, computer systems? Do you yourself do HIPAA training for your team members? Do you have cyber insurance? So if you screw up we don't have to foot the bill as a practice. And I think the most important one is, do you offshore any of your services?So HIPAA is a U. S. law and doesn't always follow companies out of our borders. And so that's when contracts become really important. That's when having, black and white in writing evidence from them that can hold up in court. Companies like Change Healthcare right now is dealing with a massive data breach for a second time in the last month.And they're having some issues because some of it is due to their lack of security internally. so these are a lot of questions that you can ask, not just IT providers, but all vendors. Michael: Yeah, I know. I feel like with those data breaches Like United Healthcare right, and all them, when it happens, you're kind of thinking like, well, if it got them, we're a small practice, right?Or maybe a multiple practice location, but you're kind of wondering how well is our IT company doing? Or, on the flip side, Amy, let me ask you, how often is this overlooked? How often do you see people kind of just say, it's just IT? Amy: They think it's a commodity in general. Those dental practices look at IT as it's interchangeable.And I adore my father in law dearly, but he comes from a generation where he thinks that all things are equal. The only difference is price. And I see a lot of that in the dental industry. And unfortunately, when it comes to this, that's not true at all. Michael: So is there anything we can do to, I guess, I guess, lack of a better word, like negotiate or if we're like really counting our pennies here and we're saying, Hey, I just can't foot that bill.150 per computer. Is there anything we can do or you got to swallow it? Amy: I think it really depends. That, that pricing is really for kind of a full service. Dental is fraught with all kinds of technology problems. Things just don't always work well. It's antiquated software. Even if you're on cloud, there's still problems.It's just, Finicky and persnickety in general, just dental software is fraught with problems. So if you need someone to just take care of all the problems for you, that would be more of that price point. I know there are a lot of it providers. my own former business was the same way we would do just the security suite.So just the security products. And if you needed. Traditional IT support, as in my printer isn't printing, I put an x ray in the wrong patient's chart, my email isn't sending, I don't know what's going on, the sensor won't fire, things like that. That's what we would consider traditional IT support. a lot of IT companies can bill those hours separately.So that's one way without cutting corners on at least the basics of security. I will tell you that from an IT perspective, if you have those basic business best practices in place and there's some situational awareness on part of the IT provider, then when something happens, it's going to generally be a five to 15 minute problem.Instead of hours of billable time. So we did the calculations for years and we found that most people came out ahead financially by going on the all you can eat option, and they would call us more frequently, but we both had the financial incentive of getting them back up and running as quickly as possible.So we were both losing money if they were down. Whereas in that break fix model, if you're down, the it guy makes a lot of money. So every contractor is believed to just be milking it for the hours flip that model on its head. It's entirely different. And then guess what? best part is now you're not low hanging fruit for cyber criminals.Because you've got at least baseline of security in place. And the reality is most of these hackers, you've got two different categories. You've got people that are going after MGM Shine and Change Healthcare. And you're not stopping someone who's a determined threat actor that's going to get into one of those organizations.They'll find a way into those big companies. But for the most part Small dental practices, the ones that are getting hacked, they're easy targets because they don't have even the basics in place. Michael: Okay. Interesting. Awesome. Amy, I appreciate your time. And if anyone has further questions or concerns, where can they find you?Amy: Copperpennyconsulting. com. I'm all over social media too. I do lots of fun videos, even though HIPAA and cybersecurity isn't always known to be fun or happy. Michael: That's awesome, Amy. I appreciate that. We all appreciate it. And that's going to be found in the show notes below too, if you want to reach out to Amy.So thank you, Amy, for being with us on this Monday morning episode. Amy: Thank you.‍‍

Ethical Hacking
Firewalls first step for your perimeter security...

Ethical Hacking

Play Episode Listen Later Jul 23, 2021 20:13


Hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 58 today we're going to discuss Firewalls. Firewalls are primarily used to section off and protect one network from another.Now when we talk about firewalls, there's three main types.There's software-based, hardware-based,and embedded firewalls.Software-based firewalls are run as a piece of software on a host or a server.In fact, if you're running a Windows server,those have a built-in Windows Firewall that you can enable.Hardware firewalls, on the other hand,are a standalone device that's actually an appliance that's installed into your network.It looks like another switch or another router that goes into your network stack.The third type of firewall is known as an embedded firewall.Embedded firewalls work as a single function out of many on a single device.So if you have a small office home office router or a unified threat management device,these are examples of an embedded firewall.It's one piece of the larger device that does many different functions.Firewalls can operate in many different ways.The first one is packet filtering.Packet filtering is going to inspect each packet as it passes through the firewall, and it'll accept it or reject it based on the rules that it's been given.This relies on the firewall's configuration and the access control list that's been installed.If I'm running a web server, for example,I would configure my firewall to allow traffic inbound on port 80 and port 443 but close all of the other ports because port 80 gives web traffic,and port 443 gives secure web traffic,and so, those are expected to be used.There are two types of packet filtering,stateless and stateful.With stateless packet filtering,it's simply going to accept or reject packets based on the IP address and the port number that was requested.So if I'm running a web server and you requested to come in on port 80,I would allow that,but if you requested to come in on port 53,I would deny it because it's not in my access control list.Now a stateful packet filter, on the other hand,is going to keep track of requests that leave through the firewall.So if I make a request from a host through the firewall,it will temporarily open up a port number that I made the request from,some random high port number like 50,000 or 56,000.By using stateful packet inspection,you can almost entirely eliminate IP spoofing as a threat because the firewall is going to inspect the header of each packet being received.It's then going to compare that against what it was expecting based on the request that recently went out,and then, it's going to make its accept or reject decisions based on this addition information.This is a much more in-depth inspection than a stateless one does.Now, NAT filtering is another type of filtering we can do.This is going to filter traffic according to the port,whether it's a TCP or UDP port.This filtering can be done by simply checking the endpoint connections, by matching the incoming traffic to the requesting IP,and by matching the incoming traffic to the requesting IP address and port.Now, the next one we have is an application-layer gateway,or ALG.This is going to apply security mechanisms to specific applications such as FDP or Telnet.Now, instead of blocking traffic based on the Telnet port of port 23, instead, it's going to inspect each packet and determine which application it was meant for,and if it finds out that it was meant for Telnet,it would block it because that was unauthorized.This is a resource-intensive process,but it is a powerful layer of security that can be added on into your network.These are also known as Layer 7 firewalls because they operate at the application layer..Now, once that connection is established,the packets can then be sent or received without any further inspection or checks because all of that was done during the session establishment.

David Bombal
#163: WSL 2 Networking

David Bombal

Play Episode Listen Later Jul 26, 2020 15:07


How do you access WSL 2 Virtual Machines remotely? I'll show you how WSL2 networking works and I'll also show you how to configure the proxy service on your Windows 10 computer to allow connections to your WSL virtual machines. I'll also explain the configuration of the Windows Firewall. WSL 2 changes the way networking is configured compared to WSL 1. You need to enable proxy of traffic and you need to permit the traffic through the Windows firewall. Menu: Overview: 0:00 Network Setup: 0:48 Microsoft Documentation: 1:11 Virtual and Physical Networks: 2:12 Testing from Mac: 6:35 Port Proxy Command: 7:07 Testing from Mac Again: 8:24 Firewall Rules: 9:40 GitHub 4150 Script: 11:09 Pings fail: 13:05 WSL commands: netsh interface portproxy add v4tov4 listenport=3390 listenaddress=0.0.0.0 connectport=3390 connectaddress=192.168.170.227 Firewall rules: - Go to control panel and open advanced firewall rules - allow port 3390 through firewall https://github.com/microsoft/WSL/issu... WSL 2 Playlist: https://www.youtube.com/playlist?list... Good links: WSL 2 Proxy Script: https://github.com/microsoft/WSL/issu... Microsoft GUI announcement: https://devblogs.microsoft.com/comman... Ubuntu WSL2 GUI Install: In Ubuntu WSL: https://dev.to/darksmile92/linux-on-w... WSL 2 install: https://docs.microsoft.com/en-us/wind... Docker for WSL2: https://docs.docker.com/docker-for-wi... What is WSL? https://docs.microsoft.com/en-us/wind... WSL documentation: https://docs.microsoft.com/en-us/wind... WSL 2 Announcement: https://devblogs.microsoft.com/comman... WSL2 WSL 2 WSL 2 Networking WSL 2 Proxy WSL proxy Docker Ubuntu 20.04 Ubuntu GUI WSL 2 Ubuntu GUI WSL Ubuntu GUI WSL 2 WSL 1 Ubuntu 18.04 windows subsystem for linux wsl2 ubuntu gui #wsl2 #ubuntu #windows

Craig Peterson's Tech Talk
Welcome! The Insecurity of DNS over HTTPS, Internet Archive's VHS Vault, Data Minimization and more on Tech Talk with Craig Peterson on WGAN

Craig Peterson's Tech Talk

Play Episode Listen Later Mar 27, 2020 89:41


This week is a replay of the show aired originally on 7 Mar 2020 Welcome!   We are going to hit a number of topics today from the world of Technology.  I am quite disappointed with Mozilla, they are letting marketers and politicians define their technology. Listen in to find out why I feel that way. Compliance is an issue for many companies and I have some solutions that will help you and it includes a diet but probably not the kind you are thinking.  Do you ever get nostalgic for "the good old days?" Well, I have something that might help, listen in to find out more. I will tell you happened to one of the Sharks from Shark Tank? How you can prevent it from happening to you and more. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Getting Your Fix of Nostalgia Don’t Store Data You Don’t Need Cryptocurrencies and Insurance Increases Ransomware Profitability Are you Secure -- Depends on Many Things You Don’t Have Much Time To Stop An Attack Hackers Target Large Databases Anyone Can Be A Victim - Business Email Compromise Does Not Play Favorites  DNS over HTTPS (DoH) is not the Panacea the Marketers Are Leading you to Believe --- Automated Machine Generated Transcript: Hello everybody, Craig Peterson here on WGAN and, of course, online at Craig Peterson, dot com and heard streaming all over the world on your favorite streaming site. I'm so glad to be here today and be able to talk with you a little bit about what are the top news stories this week? How can you keep safe that's kind of one of my themes because I freaked out when my company got attacked some years ago. You know, just a regular business guy trying to run a small business and man did hurt me bad back in the day. I'm just trying to get all of the information I've put together over the years and learn, and I continue to study this stuff and continue to look at what are the best ways to defend ourselves. I try and get all of that and put it together into neat packages for you. One of them, of course, is the radio show. I also get on with Facebook Lives. YouTube lives, and also do various types of pieces of training and tutorials and things out there. Where in fact, for the next course I have coming up, we're going to have implementation calls, where we are talking specifically about what to do when you do it. So you try and implement something, you have some issues. I'm going to get on the phone with you guys. So I think that's going to be great. And then the upcoming class here in a few weeks. And then, of course, the tutorials leading up to that class where I'll take your questions live, sometimes those little tutorial sessions on, you know what it's webinar technology. On these webinars, sometimes we go a couple of hours so I can answer all of your questions. That's what it's about here. All right, because I understand most people, not I know I'm this way too. I get contacted by somebody, and they're trying to sell me something that happened just over the weekend. Last weekend somebody knocked at the door, trying to sell windows, right. I think it was like Renewal by Andersen or something like that. And they were walking around knocking on doors. I see you know, immediately just knee jerk said, No, No thanks, my windows are fine. It got me to thinking about the whole situation in the security realm. Because that's what we do, right? What we've been doing for years decades, sometimes we have the antivirus software, every once in a while when we hear about a real big vulnerability, we go ahead and apply patches. You know, it's been the same old, same old, but we just can't do that anymore. And because really, we see huge, huge problems and businesses going out of business because of them. So that's what this is all about. So if you're a new listener, welcome. If you've been listening to me for a while, of course, Welcome, Welcome to you too. And I want to get this information out. So one of the best ways to make sure you have all of the latest information you need is to go online go to Craig Peterson dot com slash subscribe, and that'll get you on my email list. Then once you're there, you will be able to keep up on up to date on things I do, try and get those out. I have a newsletter that's every Saturday morning. Then when I'm doing training, I'll send something that's a little out of the band if I'm doing a live or various other things. I thought because of the way it works with the emails I send out, if you want to unsubscribe, you will be guaranteed to never hear from me again. Maybe that's a great thing that is right for some people. But for other people, I came to realize that perhaps they didn't care about the training, they just wanted the newsletter, or perhaps they wanted the pieces of training but didn't want any emails. Some wanted on courses but not other courses, etc., etc. So I'm going to try and do something a little bit different right now, and there's a pretty nasty warning as a footnote. If you unsubscribe, I can't send you anything anymore. I won't send you anything even if you want a course, you'll not hear from me again, because you unsubscribed and marked as somebody that doesn't ever want to hear from me again. That's fine. I know we all have our lives, and maybe you think you're safe enough. Perhaps you're going to reach out to me when everything falls apart around you. At which point, I can't respond to you because I will have your email blocked. That is because I don't want to bother you. I want to comply with the can-spam app act. Although, you know, most people don't seem to care about that as well as the GDPR. Also, The New California regulations, the Massachusetts regulations, and new federal regulations that are going into effect. They all place requirements on when and where I'm not supposed to contact you. If you say No. Then No means no, right. I'm going to change things a little bit with these upcoming training and courses that I'm going to be doing. I'm going to make it so you can just unsubscribe from those, so you're not going to lose contact with me. I've had some people complain, and in the end, it becomes a bit of a pain to try and add them back in. We're going to try and make this a little bit easier for you guys, so keep an eye out for that. You already know right based on what I'm saying, as well as what I've done in the past that I won't spam you guys, I don't sell your name to other people your email address. Most of you I know are kind of the older generations, the younger guys they don't care we've already talked about that. They will sell their email address and name for a donut. But us older folk were a little bit more cautious about it. I think that's probably a good thing. We're less likely to get ripped off the senior population in some ways less likely to get ripped off, and other ways more likely get ripped off. It's interesting. Again, we tend to trust phone calls more. You know what I have, frankly, I don't answer my phone anymore. It just goes to voicemail. And I have somebody else look at it because there are so many scams coming in. But we tend to trust the phones more in the generation, you know, the men and women older than me, other baby boomers, they are a little bit more susceptible to those types of scams. So be careful with those types of scams as well just you know, be careful all the way around, frankly. And that brings us to our first story of the day today. And this is something I found that I thought was cool. So I thought I'd share it with you. It's a tech thing. I was just a few weeks ago talking on the radio. One of the radio shows I appear on as a guest. And we were talking about Betamax versus VHS. And I knew I knew that the radio host I was talking to there's no way he just loves tech. There's no way he did not have Betamax. And he did. He had hundreds, apparently of beta tapes in his closet. But this is all about that Era of the 1990s. I'm sure you guys had VCRs right back in the day. And of course, the winner of that war was VHS, and it wasn't because it was better technology, but we're not going to delve into that right now. And those VHS tapes, at this point, about 20,000 of them have been put into an online vault. Now, if you've never used the Wayback Machine, you have to check it out. You can find it online. At archive.org, that's the name of it. It is an Internet Archive, and it shows web pages going way back, you can look at my web page from back in the very, very, very early days of the Internet. When you know, love the not the Internet, but of when the whole web thing came about, which was 9293 is when it started to go. I didn't have a webpage back in 85. When I first registered my domain that's been around for a while. And then, of course, I was using other domains. Before that, I've used my ham radio call sign is my domain. And before that, but the Wayback Machine is this archive, you can browse the history of any major site, many miners sites that are out there. They have used it in court cases. It's used by me, just for kind of memories of things as the way they were. Now you can use it for something brand new. I didn't know that they had, and that is They've got something out there on the Wayback Machine that's called the VHS vault V-H-S just like the VHS tapes that we had or that ken didn't have because he had Betamax. Right now, I'm looking at says there are almost 21,000 results. So they've taken these VHS tapes that were submitted, and they have effectively ripped them. They've turned them into digital video, right. And some of these are just amazing, like a warm-up to Traci Lords. It's an exercise program. Of course, Traci Lords was involved in some adult films back in the day. Man, I love this mystery science theater. 3000 Timothy Leary is a guest on MTV with John Lennon, Les Miserables from 1935, rush to judgment. There are some many cool things The Lion King in full VHS tapes. Now some of this information is probably still copyrighted, but as a general rule, archive.org doesn't get nailed for copyright violations. SpongeBob SquarePants Oh, this is the Fairy Fairy Godmother I think is what this cartoon was called and trying to remember my kids used to like it. Some bootleg tapes, everything, but you can find it online I think you would have a gas looking through these. I want you to go to archive.org as you're listening to the show, or maybe some other time during the week, you're sitting there watching some TV with your smartphone or your computer. Archive.org and look for the VHS vault. The actual URL is archive.org slash details slash VHS vault. You will see all kinds of fun stuff that's in there. They have many different collections You can search this you can go in by year when They did it. They have Flemish dog collection. There's another one. There are collections I've used in some of the training videos I put together. There are collections of old black and white art, and pencil art, and engineering diagrams that are well, well auto copyright and you'll find all that stuff@archive.org Check it out, I think you will have a gas checking it out. If you're like me, it's certainly brought back a lot of memories.  When we get back, we're going to be talking about something that you should be doing, whether you're a home user or business user. You know, the things that we have to be worried about are the things that can be stolen from us, right, in the online world. Okay, this is what we will be talking about. What can be taken from us, but also what can be used to kind of hold our feet to the fire in ransomware. So we're going to talk about how to reduce your risk with Craig Peterson here on WGAN Stick around. We'll be right back. Hey everybody Craig Peterson back here on WGAN online, and of course, at Craig Peterson dot com. Yeah, you know it by now, right? Well, hopefully, you had a chance to look@archive.org, definitely check it out. It's called the Wayback Machine, at least that was its original name. And they may still have that domain, the Wayback machine.com. But now it's known as archive.org. It is a wonderful, wonderful trip down memory lane, at least for me. If, if you are a little bit older, you might remember the Internet back in the days fun looking at some of the original search pages at AltaVista. Man, I miss AltaVista. I used to like to use the Boolean algebra that you could do in AltaVista. By the way, if you are a geek like me when it comes to searching and you want to be able to dig into it. There's a tool I use, and I think that you'd like it also. It's not cheap, that's for sure, but not that expensive either, but it's called DEVONthink, D-E-V-O-N T-H-I-N-K. It allows you to set up searches using all kinds of Boolean constructs, which is very, very, very handy, at least as far as I'm concerned. You can set it up to do automatic search sets every day looking for different things. It's one of the tools I use to find the information that we talk about here on this show because so much of it just isn't generally speaking, available. It certainly isn't spoken about by the mainstream media, right? You know that right. That's why you listen to the show and why you follow me. I am on LinkedIn. I'm on Facebook. I'm on Twitter, YouTube, and my website as well. I appreciate all you guys who do follow and who comment. Now, if you're a business person, this is for you, but there are some things that you can do as an individual as well that are going to make a big difference for yourself and your safety online. Businesses are concerned about the GDPR, which we've talked about on the show before. That's the European privacy regulation. We're also very concerned right now with CCPA. I just had a company that makes optics. I use their optics here in the studio if you have ever seen me on a webinar or one of these videos or pop up training or anything. I'm in the studio, and my cameras here the lenses use the glass made by this company. I had no idea, but they reached out to us due to their operations in California. They have a sales operation there because, again, they're selling their optical glass for use in lenses, and all kinds of other devices. They reached out because they were concerned about what is happening, what could happen with these new California privacy regulations? Is it going to mess up their business? How is it going to mess up their business? How is it going to make things better or worse? I think they had some outstanding questions. So they called us in, and they paid us to do an audit of the systems they have. How are the systems working? What is it that we need to be worried about? You know, it's something that takes a few weeks and a couple of on-site visits in New York? New York State, which by the way, is going to have their own set of privacy regulations that are going to affect them pretty dramatically. But basically, what it came down to was if they were compliant with the European regulations, they were probably most of the way towards the California regulations. So they think that they're compliant. But when we got in and started having to look at it, it turned out No, no, no. They are not anywhere near compliant with either set of regulations. Even though their IT people told them they are because they have full-time programmers who are programming their systems. They thought, Oh, no, no, we're fine. We're fine. No, they weren't. So what do you do if your regular business? Enough moaning and groaning about the optical manufacturer, who has fantastic optics, which is why I use them. Let's talk about you. Let's talk about your business, your small business, your larger business, this is true, you should be paying attention if you are a medium or large business as well. One of the best things you can do, and it is hard to get through to a lot of CEOs and other business owners. But one of the best things you can do to reduce your risks is to reduce the data that you are maintaining. Right? If you want to reduce the chance of getting shot at, don't go out in the streets where they're shooting, right? If you want to reduce the risk of having your data stolen, then don't have the data out there for them to steal. If you don't want to get nailed by one of these new regulations, that says, hey, personally identifiable information has to be maintained in this way and that way. If someone asks you what data do you have on me? Do you realize now you only have one week to respond? You must provide that data to them. If you have any sort of a California Nexus or European Nexus, in other words, doing business in either one of those places. Now, it's down to I think five days it's not a week to respond, saying, Here's all of the data that we have about you. That's what you have to be able to do. We have to be able to do it right now. You also have to be able to tell them, here are all of the people within my organization as well our contractors that saw your data and had access to your data. That is a very, very big deal, frankly. The landscape is constantly changing your obligations for that data, and the data disclosure and the data-keeping keeps getting more strict. What's the right thing for you to do? Ultimately, well, it's to get rid of the damn data, right? It's a very, very solid first step in reducing your risk. Now I'm going to be publishing next week, a little guide that you can use yourself, right, you don't have to have me involved, or anything else is just for you, that you can use to do an inventory of all of the data that you have in your business. What we've done is we've gone through and looked at different parts of the businesses that we've worked with over the years and evaluated the kind of data they often have. You have to do that first, right? You must identify what your risks are. You must determine what data you have. I'll make that available for those people on my email list. It will be part of this ramp-up here, a precursor to the pieces of training that I will be doing. There will be different free pieces of training and tutorials in my ramp-up to my courses. You don't have to be in the course to participate in the free tutorials, okay? You don't have to buy anything from me. It is all free, no hype or anything else. Okay. I'm not trying to hard-sell anybody I want to help you. That is the first step -- doing this inventory the data you have, and it is one of the best things you can do. Put your company on a data diet. Now, you know, last week we had Barry Friedman on the show, talking about a sugar diet. Right. It's a lot like that, and it's getting rid of these addictive pieces of data that we keep on our clients on our prospects, everything else that's out there, right. Let's look at it as a lens. When you're looking at your data when you're doing an inventory of these data assets, ask yourself, do I need this? Will this provide what I need? Think about maybe like a food diet as Barry does with sugar? Do I need sugar? We know is sugar going to provide us the nutrients that we need? The answer to that is no. When it comes to sugar, right. We found that out from Barry last week. But we need to work to minimize sensitive data and ask ourselves, do we need this sensitive data to conduct business right now? And will we need this sensitive data to conduct business in the future? If the answer's no, securely dispose of that data. It is the only way to comply with these regulations that are already in place here in the US and Europe as well. All right, when we get back, we're going to talk about how did we get here? How did we? How did ransomware grow to be a multi-billion dollar industry? What did we do to get here? What should we do to try and get beyond all of this? You're listening to Craig Peterson on WGAN. And of course online at Craig Peterson. dot com, live on youtube, live on Facebook everywhere out there. Stick around. We'll be right back. Hey, welcome back, everybody, Craig Peterson here on WGAN, and of course online at Craig Peterson dot com. In case you missed it. We've been busy today talking about the internet archives VHS vault. Again, that's archive.org. Check it out. It is kind of cool. We just talked about reducing risk using the cheapest mechanism possible. Data minimization will save you money and help you be compliant. Now I'm going to talk about ransomware. We've been warned recently about ransomware's rise. Many people thought it's kind of past. In some ways, it has. 2018 was kind of the banner year for the standard ransomware that out there, but it is back, and it is back with a vengeance. We talked about some of the statistics about a month ago and showed how it had gone up a bit almost doubled just between the third and fourth quarters last year, which is just absolutely dramatic. I had a course before, where we talked a little bit about backups. I've certainly talked about it here on the show before, and how backups help stop ransomware. Let's just spend a couple of minutes on that right now, although it's not 100% accurate anymore. It is essential to do for just a whole plethora of reasons. Backups are kind of the very first stage of what you need. I read an article yesterday from a guy who is in some of the highest circles in the country. He had the phone numbers, the direct cell numbers of presidents and you name it, really just anybody who's anybody was on his phone. It was an Android phone. He had assumed that it was backed up into the cloud or something. His phone broke. He got a new phone and realized at that point that his phone had that never, ever, ever, been backed up. He lost the phone numbers from all of these people. Good luck getting them back, cell phone numbers, other contact information. Think of all the things that are on our phones nowadays. Losing your phone, having a hard disk crash on your laptop, or your desktop computer. Losing those can be devastating, no question about it. If you're a larger business and you think that you're doing backups, double-check them. I'd say three times quarters of the time, and I can't think of an exception to this, your backups will not work correctly for that business. I've never seen a case where all backups are working correctly, ever, ever going into a business. I know you, Craig, you're just crazy. It's silly. You're trying to build a business and scare people. No, I have never walked into a company and found their backups to be working correctly. We see things like, and I don't mean, they're not working in a way that is ideal or optimal for the business. Right? Certainly that on top of it. I mean, they weren't working. We had one company that we went into, and they were dutifully doing backups, and the operations manager had five external hard disks. Every day he brought a hard drive in, he plugged it into the server and took it home at the end of the day. So we had Monday through Friday, hard disks that you brought back home with them. So they were off-site, which is, you know, great idea, by the way. The server itself had a RAID configuration on it and is called a raid five. It had three hard disks so that if a drive failed, they wouldn't lose all of their data. We went in because they wanted to do some upgrades. They hoped to move over to Apple infrastructure, where people could use iPads and iMacs on their desks to have a better working environment for everyone by moving away from windows. By the way, this is an excellent idea. They still had some Windows software that they had to run, so we helped them with that and got that all working running correctly. The backups you know, they were trying to do the right thing. But you know, you know what, there were a couple of problems one, their server had not written to any of those external disks for the last 18 months. They went a year and a half without ever having had a good backup. Think about that. What would happen to that business? What would happen to your company? After 18 months of no good backups and losing all your data? Oh, and their server, an HP server, that cute little HP server had that RAID array, right a raid five where you can lose a disk and not lose data. Well, they had lost a drive. We were estimating based on the logs about a year before. There they were with no backups and no redundancy in their server disks on their server. That's an example right now, and I could go on and on. We had a company division of a Fortune 100 company that had paid for backups, and they had a dedicated data line. We put some next-generation firewalls in place that monitored the data and watched for data exfiltration to make sure that the plans and designs and social security numbers and bank accounts and everything were not being stolen or taken off off-site, right. Guess what we found there? After six weeks of monitoring everything that's been going on because that's the first step right. Let's make sure we understand what the normal operations are. Didn't you tell us that you had an off-site backup of your mini computer going to another backup site? Oh, yeah, yeah, we do. It gets backed up in real-time. We're paying for the backups to go off-site. If something were to happen to our facility here, or to our computer, which is a big server, then they'd take over immediately we'd be off and running during those six weeks that we were in there we hadn't been involved with these operations. Ultimately, we were in there for decades. Guess what we found? Yeah, exactly. None of the backups were occurring. They were paying for all of these things, right? They were paying for them. What we ended up doing is we came in, and we made sure that backups were happening. Unfortunately, they didn't have us do those backups. The company doing it for them was incompetent. And yet they decided to have them continue to do it. It doesn't make sense. We took over the rest of the backups. We had equipment on site, which we do at most of our clients. In case there's a problem, there are failovers that can occur. In this case, we'd have them back online in four hours, a requirement of publicly traded companies and their divisions. Again, they're just not doing anyways. Ramble. Ramble. Wow, we've only got a couple of minutes left here in this segment. When it comes to backups, here's what you have to be careful of, and that is, make sure they are happening. Check the backups. Try and restore from your backups. Now, we're talking about ransomware. It is a seven and a half-billion-dollar industry. They are coming for you, and one of the best things you can do is have a backup. Still, there's another side to ransomware, nowadays, that backup won't help you with, and that is that they have your data, and they hold a ransom saying, if you don't pay us, we're going to release this onto the Internet. Then you're in real trouble. If you have personally identifiable information, or if you have your intellectual property out there, and it gets out to the Internet because you don't pay that ransom, you are in real trouble, plus if they encrypt your data, you'll need that backup.  All right, stick around. We will be right back. And we're going to be talking about our next topic for the day, which is how do you answer a non-technical executive, who asks, how secure are we? Your listening to Craig Peterson on WGAN and online at Craig Peterson dot com. Hey, have you ever been asked that question? Well, we'll tell you about how to answer it, coming right up. Hey, welcome back, everybody, Craig Peterson here on WGAN and online, of course at Craig Peterson dot com. No surprise there. Our next one is an interesting article and poses an interesting question. It is one that I'm sure you ask or have been asked, right? How secure are we? You are the Calvary, is the bottom line. You're the person who your family comes to, or the business owner comes to, the business asks whenever they have a tech question, right? You wouldn't be listening otherwise. It is how you get ahead. It is how you learn. You listen to me and others, read articles. You are the Calvary. How does the Calvary answer that question, when you're asked, How secure are we? You know, there's the obvious answer. Well, you know, we got this, and we got that. We have an Anti-virus, and we have a firewall. Those, frankly, are buzzwords that many of us use just to obfuscate the real answer to that question. I know that many times when we go into a business, and we secure it, we put together a proposal. Most of the time, our recommendations are not accepted. Most of the time, when we go into a business, and we say, here's what you need. Here's what you need to do to stay secure, they say No, thank you, and prefer to run with blinders. Hopefully, they won't stumble in the middle of the night get or tossed by that horse, of just kind of ignoring it, right. Blinders or maybe you might want to call it ostrich-ing and to put their head in the sand or whatever, you want to call it, But most of the time, in reality, the businesses just don't do anything. Sometimes they do, right. That's how I stay in business. I stay in business because of the companies that want to remain secure. I stay in business because of the people that are the Calvary. They're like you who want to buy my courses to understand more to get step by step instructions know, not just the stories behind things, but the strategy in the exact tactics that they have to take. And that's you, I suspect, right? I think you're probably a lot like me in that way. That's how I like to learn, and that's how I teach as well. Well, this article is from our friends over Dark Reading. And the question is, uh, how secure are we? And how should we answer that? There's a great response by Kurtis Minder, the CEO, and Co-Founder of GroupSense. He says it depends. You've got to look at your executive team and qualify their level of understanding. Answering the question with the answer of well, we have antivirus, we have a firewall, and we have mail filters. You know, a lot of people nowadays say, "well, we're in the cloud," and there's nothing to worry about, which we already know, isn't true, right? There's way more to worry about if you're in the cloud than if you have a local server. For those of you who are the kind of computer security people for your organization addressing this requires finding out where they are coming from who they are comparing. For instance, is it to what the Payment Card Industry PCI-DSS says we're supposed to do? Are we supposed to compare ourselves to the HIPAA-HiTech regulations? In other words, we have some medical data, which by the way, every company does, if you have any sort of a Health Insurance Program, right? Are we supposed to compare ourselves to the NIST 171 standard? There's, even more, there is the CMMC. There's, there's a lot of different criteria that are out there. You must understand the HOW before you answer this question. How secure we compared to similar companies in our industry? Or companies that are similar in size to us? No matter how you're going to answer that question, when the boss comes a-knockin or the kids or your wife comes a-knockin saying, How secure are we? No matter who it is you're talking to, I think the one thing you have to make sure of is that they understand that the whole security threat landscape is fluid. It's always changing, and your security programs need to be fluid as well. That's the reason I have consulting clients, right. That's the reason I have a membership program. The people who are the Calvary can follow and understand what it is they need to know. Now I want to hop over to this other guy here. His name is Matt Combs. And he is a global cybersecurity practice leader for an executive recruiter called Russell Reynolds Associates. It is absolutely a phenomenal interview on CIO.com. He's saying many companies were blissfully unaware t, especially those that don't have credit card information. How many times have I said that, right? It takes at least six months for the average company to figure out a breach occurred. Why did Matt say, especially those that don't have credit card information? It's because if they have credit card information, that information is likely to be sold on the open market very quickly. Once sold, the credit card companies are going to notice, right? Many companies have only learned that a breach occurred after the FBI came knocking on the door and told them they had a problem. Look at Home Depot. What happened? The FBI traced the dots. Home Depot, was compromised through their point of sale equipment. Can you believe that? people sitting in the parking lot of Home Depot hacked them? They didn't even know it until the FBI knocked on the door. That's a pretty big deal, on a pretty big company. I think they are the second-largest retailer in the country? When it comes to dollar-to-dollar value? Are you sold? Okay. If you don't have the credit card information, how would you even know that a breach happened? It goes ties back into the fluidity of security. It seems so obvious. Now when you look back at Home Depot and say, What were they thinking? I look at the target the TJX companies, and their hack they had security equipment, and that security equipment was quite good. It was alerting them, "whoa, wait a minute, guys, we've got a breach, okay." Did they take care of it? No, because they didn't know how to read the output, and they didn't have enough people to look at the logs, which is something else we keep telling you all. You have to watch the logs. You have to watch them closely. It's a full-time job. It's a highly skilled job, a highly trained job. It is not cheap, okay. I know a hotel company with 500 hotels in the United States, of course, you can look that up to find out who it is. They have a chief information security officer who is an information security group of one. Think about that 500 hotels, just the business itself, all of the data that they have, the liability that they have, and he doesn't have anyone working for him. Not even a support person. He has to beg, borrow, and steal help from it, and from the CIO, the Chief Information Officer. So when the executive asks you how secure are we, you have to say, Hey, listen, you know we can lock down the doors, we can lock down the windows, but the odds are if someone wants to breach us, they will be able to. However, make sure you are locking down the doors and locking down the windows. You got to close it all up. There was one other thing I think you should do when this non-tech executive asks you about how secure we are. That is, what's your nightmare, Mr. Executive? Which systems? Are you most concerned about being compromised? You should go back to the question I asked a little bit earlier, which is, what data do we have that maybe we shouldn't have? What data do we have that we are most concerned about losing? What are the Family Jewels in our organization? What is the data that if we were to lose it, we'd be in a lot of trouble, either because we could not conduct business anymore, or maybe we would get nailed by the regulators out there? Anyway, a lot of really, really good questions to ask because you're never 100% secure. All it takes is for one employee to click on the wrong link on an email. What I was just talking about will come up a little later on today. I talked about it this week on several radio stations. What happened with Barbara Cochran, an investor from Shark Tank. Stay tuned as we'll talk about it a little bit later on. All it takes and frankly, employee negligence such as accidental loss of data, accidental clicking on things. Employee negligence is still the main cause of data breaches. In a report from ShredIT now, of course, they're in the business of shredding documents of getting rid of these things. Shredding hard disk drives when you take them out of a computer. Remote workers and external vendors are also now a major cause of the increase in data breaches. That's one of the things we're going to be covering here in my course coming up in a couple of weeks, and that is the upstream-downstream risk. And the US military is totally into this now, because they had two or three major breaches last year that came through vendors. So hackers are no match for human error when it comes to sheer numbers. You also have the insider threats of people who are stealing from you. So they can get a better job, take it with them to another job. You have people who are upset with you and are just making an absolute mess of things on the way out the doors. So be very careful about that because it's huge data breaches cost an average of $3.6 million globally average that was in 2017. Some of those prices have gone up. The faster you respond to a breach, the more money that you'll save. They found that if you can respond to a breach within 30 days, on average, you'll save over a million dollars. Think of that. The odds are good that you will get breached. You will save, on average, a million dollars. Yet you're not funding the security people either by going to an external contractor, like me, to take care of it for you. Or you don't provide the resources to the internal people they need to do it. It is a huge, huge job. All right, top of the hour course, on the radio stations, we've got the news, traffic, weather, all that sort of stuff coming up. Then when we get back, we're going to talk about a new metric in security. The next-gen security metrics. Stick around, and you are listening to Craig Peterson on WGAN and online.   Hey everybody, welcome back. Craig Peterson here, on WGAN and, of course, online at Craig Peterson dot com. We have already covered a bunch today. I would refer you over to my website. If you'd like to find out a little bit more, of course, I'm also on the streaming services. You can find it there. We've covered the internet archive. They've got this cool, new VHS vault. We discussed ways to reduce your risk of data loss. It's all about identifying your data. and then minimizing your data, how we enabled ransomware to become a multi-billion dollar industry. And I also gave some good advice on backups and the fact that 100% of the businesses I've ever walked into have had a failed backup strategy and failed in a bunch of different ways. It is big for all of us who are out there who are members of the Calvary, who are trying to help our friends, our family with their computer issues, and the businesses for whom we work. Then we got to how to answer questions that we get that have to do with our level of security? How secure are we? How secure is the business? That's what we have covered so far today. I love our next topic. It's phenomenal. It's from Thread Post.com. But they're talking about different types of security metrics. Now, metrics, of course, our measurements, or the ways we measure things. We always have to measure progress to be able to know have we gotten to where we need to be, right. Progress can be difficult to measure. There are a lot of different types of measurements when it comes to our security. Say for Microsoft Windows, one of the big things is, are you ready every Patch Tuesday. Then a little bit more, as Microsoft sometimes comes with out-of-cycle patches. They got nailed a few years ago, through criticisms about them releasing new patches, like constantly, because they needed to release them. And so instead of fixing their problem, which would be almost impossible to do, and that is rewriting windows and making it much more secure design, they decided they would just go ahead and release patches once a month. And that way, of course, you're not getting them every day. So who's getting noticed that in fact, there are a whole lot of vulnerabilities and Windows. So that was another measurement that we had. Did you get your Patch Tuesday stuff done? That's been around a very long time? Well, we've got a new metric here, and it's called hardening. Now, I don't know about you guys, but my wife thinks that most people don't know what the name hardening is. So I'll explain it a little bit. Hardening is where we close holes in our networks and our Windows computers. That's really what our emphasis is going to be coming up here next week when we start our whole hardening series. By the time you finish this series and the courses, you'll be able to lock down any Windows or Mac computer yourself. You are going to be able to lock down your small business network, and you're going to stop worrying about being the victim of the bad guys. We're also going to train you on how to test everything yourself. That you can make sure that they can't get in, right. If not tested, how will you know it works. It's like I was talking about with backups. How do you know they are working? How do you know it's effective? How effective is it? So we're going to teach all of that, and I think that's just going to be amazing for you guys, man. We're looking to do something you guys are going to love. Hardening in the case of our computers includes our computers, browsers, firewalls, and routers. In other words, there, we're using all of the options, all of the available software to make sure that bad guys are not easily going to get in is our Windows Firewall harden on our computers? Did you even know you had a firewall on a Windows computer? Well, it's almost useless. Because Windows has a firewall, it is turned on by default, but they have all kinds of services turned on and available to be used. All of these things are kind of crazy. When we get down to it, there are things we can do. That's what we're going to be covering starting in about a week with some of these tutorials. And with our great course that we have coming up. Now, let's talk about what's holding us back and what mean time to harden means. We're looking at vulnerabilities, when we're talking about a zero-day-attack, it is one that no one has seen before and where there is not a patch or workaround for it. It's really kind of a nasty thing. When it comes to hardening, you want to make sure that you have as few services as possible on your computer, firewall, and browser. That again makes your attack surface smaller. But when we're talking about those types of zero-day attacks, it typically takes an organization 15 times longer to close a vulnerability than it does for the attackers to weaponize that vulnerability and exploit it. So basically, we're talking about one week for the bad guys to take a vulnerability one of those zero-day things. It takes one week to weaponize it, and it takes us about 102 days to patch it. Let that sink in for just a minute here. Once vulnerabilities get disclosed, It's a time-race here to either secure this hole before the bad guys to exploit it. Now we saw that with the Equifax breach where here's a major, major breach against a major company out there, and only happened because they hadn't applied the patches that they needed to apply. It's just really that simple. Microsoft has a patch let's give an example right now, BlueKeep. BlueKeep is a way to break into Microsoft machines. Microsoft released patches for BlueKeep in the May 2019 Patch Tuesday security fixes. Microsoft released it in May, and as of December 2019, seven months later, there were still over 700,000 machines at risk. Let me see here now May to June July, August, September, October, November, December. That, to me, sounds like seven months. That's huge. Sophos has some security software. In their recent report about WannaCry, which is ransomware. The patch against the exploit WannaCry was using has not been installed on a countless number of machines. Still despite being released more than two years ago. It's crazy, isn't it? Do you guys agree with me? Am I just being kind an alarmist? Now the average time to weaponize this is seven days. Many weaponization comes in less than seven days. Like the infamous ApacheStruts vulnerability. You have effectively 72 hours to harden new systems. Now the numbers are even worse. When we're talking about incident response. There's a new rule out from a company called CrowdStrike. You might have heard of them before, they've been in the news for some political stuff as well. But they are a security company. They do a lot of investigations after the fact and try to figure out what happened and try and clean things up. CrowdStrike has a new rule. It's called the 1-10-60 rule. And it's based on what they call breakout time. So here's what that is. Most nation-state actors, in other words, the more advanced hackers out there, move laterally from an initial attack within two hours on average. In other words, if there is a country that's coming after you say, for instance, China. Most say now it isn't like China is going to go after me. I'm not Military and not a military contractor. China comes after you to steal your intellectual property. Once they have gotten inside of your network, they will move around inside your system. What this means is it gives defenders of a network one minute to detect a breach, 10 minutes to understand what has happened and that it was a breach and one hour to contain that breach from the initial incursion. That is huge. Now, this is part of this meantime to hardening and goal response that we're trying to achieve. If you're a regular business, and it's six months before you even notice that a hack occurred, if you ever even notice, which is par for the course, and one that we see that quite frequently. We will come in and look for signs of hacking. Many times, companies don't want to know. They just want to know if there are any openings that they should be closing right now. Why? If you see a hack occurred, there are specific legal responsibilities that you have. Companies say, Listen, don't tell me, I don't want to know. Without monitoring and watching what our organizations are doing, if we're not at the very least, patching and hardening, we're in real trouble. Now, I know you guys know how to patch it's not that difficult to do. We're not going to spend a lot of time on that in the upcoming tutorials or courses, but we are going to spend a lot of time in the course on Hardening because it is one of your best defenses. It's kind of like having a package on the front porch that was just delivered by Amazon people, right? If there is no package on the porch, the porch pirates are not going to show up and to steal the box. It's the same type of thing here. If you do not have services available on your machines inside your network, there is no way for the bad guys to move laterally. There's no way for them to get in remotely. That is our goal in our hardening courses, how to harden your Windows machine. That's coming up in about a week, week and a half. So make sure you are on my email list. You get all of that free training. You can find out about the courses as well that we are putting together for this. All of that at Craig Peterson dot com slash subscribe. You're listening to me here on WGAN. You can always send questions to me -- me at Craig Peterson dot com. Hey, welcome back, everybody, Craig Peterson online at Craig Peterson dot com and right here on WGAN. I am also putting these up on Facebook and making them available on YouTube. For those that are interested.  I want to talk a little bit right now about Clearview AI. You know, again, I've said so many times that we've got to be careful with our data online. Clearview AI is this company that we talked about a few weeks ago, that has been scraping all of the information it could get online, mainly related to photographs. All of the pictures that you posted on Facebook or that you put up on any photo sharing sites, all of that stuff, Clearview scraped. Now, they have this app that allows you to take a picture, and then it will do facial recognition to find all of the places online that that picture appears. And it has been used by looks like more than 2200 different organizations, many of them police department to track people down. So if you have a picture, even if it's not a great picture, that picture can then be put into the clear view AI app. And it'll show you here you go, here's where we found this guy or gal online. And even if you didn't take the picture, and you are in a photograph, it is going to show up in clear view is going to find it. Now, Clearview AI grabbed all of these photographs online without asking permission of anyone. I don't think they asked your permission, did they? They didn't get my permission. They scraped them from Twitter, who they didn't ask permission. They scraped them from Facebook. They scraped them from all over the internet. They ended up with billions of photographs. They logged it all along with where they found them online. That way, if the police department is looking for this person, they have a photo of them. They can put it into the Clearview AI app and can authenticate where online it was found. And then the police department just goes there and says, Oh, well, that's a Mary Jane's homepage. Here's more about Mary Jane, where she lives and everything else and now off they go to get Mary Jane. Now remember, of course, first off, these things are not 100% accurate. They could be false. There are false positives, although in many cases, they have been very successful at identifying people, and they have helped to solve some crimes, which is I guess a good thing, right. I think that's what you might want to say, okay. In a notification that The Daily Beast reviewed, Clearview AI told them that there had been an intruder that gained unauthorized access to its list of customers, and they got access to many accounts they've set up and the searches they have run. Now, this disclosure also claimed that there was no breach of Clearview AI servers and that there was no compromise of Clearview AI systems or networks. That puzzles me makes me wonder, well, maybe they were using a cloud service, and they had it stored up there, and that's how it got stolen. It's hard to say. Clearview AI went on to say that it patched the unspecified hole that let the intruder in and that whoever was didn't manage to get their hands on their customer's search histories. Now there's a release from a Clearview AI attorney, and his statement said that security is Clearview AI top priority, which is total crap, right? They did everything they could to breach ethics and security of the user agreements from all of these websites from which they scraped our information. Unfortunately, data breaches their attorney says are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security. All of this is in a report on naked security dot com. Now, this, frankly, is very concerning to me from several different standpoints, right. First of all, Clearview AI had this massive database of facial images that they had sold to hundreds of law enforcement agencies. In many cases, it wasn't like the overall agency. It was just a police officer themself that subscribed. It may be a detective, etc. The New York Times ran a front-page article in January, saying that Clearview AI may end privacy as we know it and man, is that ever true. They have been quietly selling access to these facial images and facial recognition software to over 600 law enforcement agencies. Now with this data breach, it looks like it's more than 2200. Although we have not seen the list posted online yet, we may end up seeing the posted online. It depends on who did this and if it was a nation-state, which is entirely possible. They are trying to find out a little bit more about us or whether it was somebody else.  It reminds me of a lot about the founding of Facebook and why I've been against Facebook over the years, right? Facebook had a very unethical at its start. They stole all the photos of women going to Harvard University and then had people be able to go to their little website and rate the women, right? Rate them? Yeah, on their looks using all stolen photos. That's the allegation behind it all. It certainly seems to be true. Microsoft, that's another reason I just, I don't use the word hate very often believe me, but I do hate Microsoft and the way they started. They unethically sued people and play games with trying to buy them by lying about the rights that they had. Bill Gates outright lying to IBM and others, back in the early days. I have a good friend of mine who says Craig if you didn't have any ethics, you would be one of the wealthiest people in the country. Your ethics kept you from doing them, yet you bent over backward to help people. Companies, like these need to go out of business and need to go out of business fast, it's crazy. We've got the Biometric Information Privacy Act that Clearview AI has violated. ClearView AI has also been told by Twitter, Facebook, Google, and YouTube to stop scraping. Those companies have ordered it to stop that. It is against the policies. The Times noted that there's a strong use case for ClearView AI technology finding the victims of child abuse. News. It makes a lot of sense. One, retired Chief of Police said that running images of 21 victims of the same offender returned nine or 14 miners identifications, the youngest of whom was 13. So where do we draw the law watch line, I should say, what should we be doing here? It goes back to the whole fruit of the poisoned tree principle that exists in the law. That you've seen on TV and in movies many times, any evidence illegally obtained can't be used nor anything that comes of that evidence. It is why some Federal investigators play games with where did you get this evidence? Russia? Did it come from Christopher Steele? Should we have something similar In this case, and I think that we should if they stole information from these companies, which they did. It's, frankly, intellectual property theft at the very least. That means it is of no use in any sort of a police case that started an investigation and any legal matters that follow. That's my opinion. I don't know what yours is. I'd love to hear from you email Me at Craig Peterson dot com. Thank God they were able to find some of these victims of child abuse. But at the same time here, we should have some rights to privacy. It may already be too late. I guess we'll know. Soon enough.  Hey, when we get back, we're going to talk about Barbara Cochran. She's the star of Shark Tank, and she just lost 400 grand in a scam will tell you all about it. You are listening to Craig Peterson and WGAN. And make sure you sign up online at Craig Peterson dot com. Hi, everybody. Yeah, that means we're back. Craig Peterson here on WGAN.  We're going to talk right now about a TV show that I have enjoyed watching over the years. There are a few shows that I watch pretty regularly. Of course, there are some sci-fi shows we won't talk about those right now. But a couple of them are The Profit I enjoy that show. I like the guy who is the main character on that show, and his name is Marcus Lemonis. He owns a considerable interest in Camping World, as well as GoodSam Club, and he invests in small businesses. I disagree with him almost 100% on politics, but he does try and help people out which I think is fantastic and, and he goes into these businesses that are struggling, that are trying to figure out how do we move to the next step or how do we even survive? Then he helps him out, and he frequently invests in them. When he invests, he takes a good chunk, usually enough so that he has a controlling interest in other words 51% sort of a thing. Then he's often running, and he helps build them into real successful companies. Now, I guess it goes back to the question of, would you rather have a small slice of a massive pie as an owner, or would you rather have 100% of a tiny pie, that may end up collapsing in on itself at some point in time. That's kind of the decision these people have to face as they are talking with him and trying to figure it out. So I like that show. He had a good episode, recently that I found very, very fascinating. Check that one out, The Profit. Another one that I've enjoyed over the years is Shark Tank. Now Shark Tank is if you haven't seen it, it is a show, and there are a number of them. It's called Dragon's Den overseas. There's one in the UK. There's a shark tank in Canada, and there's a shark tank in Australia, all called slightly different things. The idea behind Shark Tank is you go in there you make a pitch to these investors, and the investors decide if they're going to throw some money at you. They will make a deal saying okay, I'll give you 20% for 20% of your company, I'll give you this much money, or you know, I'll bring in people to help out, but I want controlling interest or whatever it is. Well, one of the business moguls on there that part of this whole judging team on Shark Tank just last week lost nearly $400,000. It was disclosed that the 400 grande loss came through an email scammer. Now, if she had been listening to this show, she would have known about it. She would have known what's happening. She has enough money that she kind of brushed it off. Oh well, she thinks that she'll never get the money back. And you know what? She's probably right. We've seen that happen many times, even with the FBI getting involved most of the time that money never, ever comes back to you. According to media reports, a scammer who was posing as Barbara Cochran's executive assistant forwarded to her bookkeeper an invoice requesting that payment. I'm looking at the email right now. Barbara released it, which is great as that way people can see what happened. It's an email it's from, Jake somebody. Sent on Friday, February 21, and addressed to Emily carbon copy Michelle. The subject was forward Invoice 873, and it's got the name of a German company. It begins, Hello Emily. Please see the attached invoice below for payment. We are ready to proceed, and we are shipping next week. Please ensure the invoice is paid on time, shipping charges are additional. It appears like a little real invoice. It's got the due date on it, which was due on the 27th, and the amount was $388,700 and 11 cents. And it looks as I said kind of like a standard invoice. Dear customer. Please see the attached invoice. Wire transfers should be directed to FFH concept GMbH address in Berlin, Germany. Bank details include the bank name, the account name, bank address As the IBN number, the swift number, thank you for your business, we appreciate it very much.  The truth was, this email did not originate from Barbara Cochran's executive assistant. Instead, what happened here is that the scammers and created an email address that looked the same as her executive assistant. It had one letter different in it. At first glance, it seems legitimate, yeah, this is from the Executive Assistant. You and I look at 400,000 and say, Whoa, wait a minute now. I don't even have that much. In this case, Barbara Cochran, this was pretty normal for her. There's not only this amount because she is involved in so many real estate deals. That's how she made her money was in real estate. She gets these invoices from these companies all over the world. It did not look that strange. All the bad guys, in this case, had to do was a little bit of research. They found out what the executive assistant's name, they found out what the email address was. The bookkeeper did not spot this little spelling error, if you will, in the email address. When she asked questions about the purpose of the payment, all communication went straight to the scammer's and not to the assistant. What did she do? She hit reply, and the response went straight to the scammers, and the scammers gave him what looked to be or gave her what appeared to be a reasonable answer, right. On Tuesday last week, seemingly satisfied by the answers she'd received by the scammers posing as Barbara Cochran's executive assistant. The bookkeeper transferred almost $400,000 into the bank account contract controlled by the scammers. It was only one the bookkeeper manually CC'd Cochran's assistant directly with confirmation that the invoice had was paid. It became clear what happened. So, again, that tells you don't respond to emails, right? Look it up, use a contact list, use your autocomplete to try and reach out to somebody to verify it. I always go one more step further, and that is to get on the phone and confirm the transaction. Now in speaking to people magazine, Barbara Corcoran again apparently was pretty okay about the theft. She says quote, I lost the 400,000 as a result of a fake email sent to my company. It was an invoice supposedly sent by my assistant to my bookkeeper, approving the payment for real estate renovation. There was no reason to be suspicious. I invest in quite a bit of real estate. I disagree with that there was reason to be suspicious. Anyhow, I was upset at first, but then remember, it's only money good for her. Frankly, she posted on Twitter about it. Lesson learned. Be careful when you wire money. She retweeted something from TMZ about her getting hooked in this scam. I'm glad she has a positive attitude about it. It's very unlikely, as I said earlier, that she'll ever recover a dime from these fraudsters because of the way the money was wired. Ninety seconds later is all it takes for the cash to be gone and out of reach. And they probably went ahead and transferred it from German banks to other banks, and it continues to move the money around. It's kind of like what happened in Eastern Europe and Ukraine, with a billion dollars in aid that we sent that ended up bouncing around between multiple companies in multiple countries to hide whose pocket it ended up. It's just kind of crazy. It can happen to anyone, and it can happen to any of us. Every last one of us, business person or otherwise, needs to be on guard. Don't reply to emails. Always make sure you enter in the email address if it's anything that might be of concern. Remember that banks and other places are unlikely, including the IRS tax time, to be sending you emails about some of this stuff. Just double-check and phone them, look them up online, and phone that number. Ask a question from their help people over on their website.  Well, we've got one last segment here, and we're going to be talking about new security features from Firefox that means insecurity to you. This is Craig Peterson on WGAN, and you know, I like Firefox, right? Hey, welcome back, everybody, Craig Peterson, here on WGAN and online Craig Peterson dot com. Well, that's Peterson with an -On dot com.  Hey, thanks for joining us today we've had a great day, we've talked about where you find a little bit of nostalgia online over at the Internet Archive. We talked about reducing the risk through data minimization. I described how ransomware became a multi-billion dollar industry. We talked about the changes that have recently happened with ransomware that will require you to make a change in what you're doing to stop becoming a victim. Then we got into how should you answer a non-technology related executive who asks you, how secure are we? How do you answer that question to your family as well? Because we are all the Calvary, right? We're the people that our friends, family, our people from church, the business people, they all come to us. So I wanted to make sure we covered that the next generation here of security metrics, how long does it take to harden your systems, and we've got a course coming up on that here in a couple of weeks and a bunch of tutorials to help you out. The company that we talked about clear view AI, very, very bad guys, frankly, very unethical. They just lost their entire database of Facebook buying clients to hackers. And then they brushed it off like it's no big thing. Hey, you know, everybody gets hacked nowadays. Man is talking about a company with no ethics at all. We talked about them, and then, of course, most recently, we just talked about business email compromise. We gave you a specific example here of Barbara Corcoran. She is one of the business moguls over on Shark Tank. How she lost almost $400,000 in a scam, and what you can do to help protect yourself. And we gave away some actual clues here precisely what the bad guys are doing to try and get that information or get us to to to do that, right? What kind of information are they gathering about us? Well, I want to talk about Firefox here for a few minutes, all web browser thing. And this has to do with security. And this is an article over on we live security.com that made me think about what is going on with Firefox and Mozilla. Now, if you've been on any of my training courses, you know, the browser you absolutely should never use ever, ever, ever unless there is a gun to your head, and then it's okay. Is Internet Explorer is just one of the worst browsers ever? You know, it's just terrible. It's right up there with the original browser, the NCSA Mosaic, but at least it was changing the industry. Internet Explorer was just a huge security hole. I mean crazy. The things that allowed programmers to do, and it was such an avenue for hacking. You know that right, don't ever use Microsoft's Internet Explorer.

Craig Peterson's Tech Talk
Welcome! The Insecurity of DNS over HTTPS, Internet Archive's VHS Vault, Data Minimization and more on Tech Talk with Craig Peterson on WGAN

Craig Peterson's Tech Talk

Play Episode Listen Later Mar 5, 2020 89:41


Welcome!   We are going to hit a number of topics today from the world of Technology.  I am quite disappointed with Mozilla, they are letting marketers and politicians define their technology. Listen in to find out why I feel that way. Compliance is an issue for many companies and I have some solutions that will help you and it includes a diet but probably not the kind you are thinking.  Do you ever get nostalgic for "the good old days?" Well, I have something that might help, listen in to find out more. I will tell you happened to one of the Sharks from Shark Tank? How you can prevent it from happening to you and more. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Getting Your Fix of Nostalgia Don’t Store Data You Don’t Need Cryptocurrencies and Insurance Increases Ransomware Profitability Are you Secure -- Depends on Many Things You Don’t Have Much Time To Stop An Attack Hackers Target Large Databases Anyone Can Be A Victim - Business Email Compromise Does Not Play Favorites  DNS over HTTPS (DoH) is not the Panacea the Marketers Are Leading you to Believe --- Automated Machine Generated Transcript: Hello everybody, Craig Peterson here on WGAN and, of course, online at Craig Peterson, dot com and heard streaming all over the world on your favorite streaming site. I'm so glad to be here today and be able to talk with you a little bit about what are the top news stories this week? How can you keep safe that's kind of one of my themes because I freaked out when my company got attacked some years ago. You know, just a regular business guy trying to run a small business and man did hurt me bad back in the day. I'm just trying to get all of the information I've put together over the years and learn, and I continue to study this stuff and continue to look at what are the best ways to defend ourselves. I try and get all of that and put it together into neat packages for you. One of them, of course, is the radio show. I also get on with Facebook Lives. YouTube lives, and also do various types of pieces of training and tutorials and things out there. Where in fact, for the next course I have coming up, we're going to have implementation calls, where we are talking specifically about what to do when you do it. So you try and implement something, you have some issues. I'm going to get on the phone with you guys. So I think that's going to be great. And then the upcoming class here in a few weeks. And then, of course, the tutorials leading up to that class where I'll take your questions live, sometimes those little tutorial sessions on, you know what it's webinar technology. On these webinars, sometimes we go a couple of hours so I can answer all of your questions. That's what it's about here. All right, because I understand most people, not I know I'm this way too. I get contacted by somebody, and they're trying to sell me something that happened just over the weekend. Last weekend somebody knocked at the door, trying to sell windows, right. I think it was like Renewal by Andersen or something like that. And they were walking around knocking on doors. I see you know, immediately just knee jerk said, No, No thanks, my windows are fine. It got me to thinking about the whole situation in the security realm. Because that's what we do, right? What we've been doing for years decades, sometimes we have the antivirus software, every once in a while when we hear about a real big vulnerability, we go ahead and apply patches. You know, it's been the same old, same old, but we just can't do that anymore. And because really, we see huge, huge problems and businesses going out of business because of them. So that's what this is all about. So if you're a new listener, welcome. If you've been listening to me for a while, of course, Welcome, Welcome to you too. And I want to get this information out. So one of the best ways to make sure you have all of the latest information you need is to go online go to Craig Peterson dot com slash subscribe, and that'll get you on my email list. Then once you're there, you will be able to keep up on up to date on things I do, try and get those out. I have a newsletter that's every Saturday morning. Then when I'm doing training, I'll send something that's a little out of the band if I'm doing a live or various other things. I thought because of the way it works with the emails I send out, if you want to unsubscribe, you will be guaranteed to never hear from me again. Maybe that's a great thing that is right for some people. But for other people, I came to realize that perhaps they didn't care about the training, they just wanted the newsletter, or perhaps they wanted the pieces of training but didn't want any emails. Some wanted on courses but not other courses, etc., etc. So I'm going to try and do something a little bit different right now, and there's a pretty nasty warning as a footnote. If you unsubscribe, I can't send you anything anymore. I won't send you anything even if you want a course, you'll not hear from me again, because you unsubscribed and marked as somebody that doesn't ever want to hear from me again. That's fine. I know we all have our lives, and maybe you think you're safe enough. Perhaps you're going to reach out to me when everything falls apart around you. At which point, I can't respond to you because I will have your email blocked. That is because I don't want to bother you. I want to comply with the can-spam app act. Although, you know, most people don't seem to care about that as well as the GDPR. Also, The New California regulations, the Massachusetts regulations, and new federal regulations that are going into effect. They all place requirements on when and where I'm not supposed to contact you. If you say No. Then No means no, right. I'm going to change things a little bit with these upcoming training and courses that I'm going to be doing. I'm going to make it so you can just unsubscribe from those, so you're not going to lose contact with me. I've had some people complain, and in the end, it becomes a bit of a pain to try and add them back in. We're going to try and make this a little bit easier for you guys, so keep an eye out for that. You already know right based on what I'm saying, as well as what I've done in the past that I won't spam you guys, I don't sell your name to other people your email address. Most of you I know are kind of the older generations, the younger guys they don't care we've already talked about that. They will sell their email address and name for a donut. But us older folk were a little bit more cautious about it. I think that's probably a good thing. We're less likely to get ripped off the senior population in some ways less likely to get ripped off, and other ways more likely get ripped off. It's interesting. Again, we tend to trust phone calls more. You know what I have, frankly, I don't answer my phone anymore. It just goes to voicemail. And I have somebody else look at it because there are so many scams coming in. But we tend to trust the phones more in the generation, you know, the men and women older than me, other baby boomers, they are a little bit more susceptible to those types of scams. So be careful with those types of scams as well just you know, be careful all the way around, frankly. And that brings us to our first story of the day today. And this is something I found that I thought was cool. So I thought I'd share it with you. It's a tech thing. I was just a few weeks ago talking on the radio. One of the radio shows I appear on as a guest. And we were talking about Betamax versus VHS. And I knew I knew that the radio host I was talking to there's no way he just loves tech. There's no way he did not have Betamax. And he did. He had hundreds, apparently of beta tapes in his closet. But this is all about that Era of the 1990s. I'm sure you guys had VCRs right back in the day. And of course, the winner of that war was VHS, and it wasn't because it was better technology, but we're not going to delve into that right now. And those VHS tapes, at this point, about 20,000 of them have been put into an online vault. Now, if you've never used the Wayback Machine, you have to check it out. You can find it online. At archive.org, that's the name of it. It is an Internet Archive, and it shows web pages going way back, you can look at my web page from back in the very, very, very early days of the Internet. When you know, love the not the Internet, but of when the whole web thing came about, which was 9293 is when it started to go. I didn't have a webpage back in 85. When I first registered my domain that's been around for a while. And then, of course, I was using other domains. Before that, I've used my ham radio call sign is my domain. And before that, but the Wayback Machine is this archive, you can browse the history of any major site, many miners sites that are out there. They have used it in court cases. It's used by me, just for kind of memories of things as the way they were. Now you can use it for something brand new. I didn't know that they had, and that is They've got something out there on the Wayback Machine that's called the VHS vault V-H-S just like the VHS tapes that we had or that ken didn't have because he had Betamax. Right now, I'm looking at says there are almost 21,000 results. So they've taken these VHS tapes that were submitted, and they have effectively ripped them. They've turned them into digital video, right. And some of these are just amazing, like a warm-up to Traci Lords. It's an exercise program. Of course, Traci Lords was involved in some adult films back in the day. Man, I love this mystery science theater. 3000 Timothy Leary is a guest on MTV with John Lennon, Les Miserables from 1935, rush to judgment. There are some many cool things The Lion King in full VHS tapes. Now some of this information is probably still copyrighted, but as a general rule, archive.org doesn't get nailed for copyright violations. SpongeBob SquarePants Oh, this is the Fairy Fairy Godmother I think is what this cartoon was called and trying to remember my kids used to like it. Some bootleg tapes, everything, but you can find it online I think you would have a gas looking through these. I want you to go to archive.org as you're listening to the show, or maybe some other time during the week, you're sitting there watching some TV with your smartphone or your computer. Archive.org and look for the VHS vault. The actual URL is archive.org slash details slash VHS vault. You will see all kinds of fun stuff that's in there. They have many different collections You can search this you can go in by year when They did it. They have Flemish dog collection. There's another one. There are collections I've used in some of the training videos I put together. There are collections of old black and white art, and pencil art, and engineering diagrams that are well, well auto copyright and you'll find all that stuff@archive.org Check it out, I think you will have a gas checking it out. If you're like me, it's certainly brought back a lot of memories.  When we get back, we're going to be talking about something that you should be doing, whether you're a home user or business user. You know, the things that we have to be worried about are the things that can be stolen from us, right, in the online world. Okay, this is what we will be talking about. What can be taken from us, but also what can be used to kind of hold our feet to the fire in ransomware. So we're going to talk about how to reduce your risk with Craig Peterson here on WGAN Stick around. We'll be right back. Hey everybody Craig Peterson back here on WGAN online, and of course, at Craig Peterson dot com. Yeah, you know it by now, right? Well, hopefully, you had a chance to look@archive.org, definitely check it out. It's called the Wayback Machine, at least that was its original name. And they may still have that domain, the Wayback machine.com. But now it's known as archive.org. It is a wonderful, wonderful trip down memory lane, at least for me. If, if you are a little bit older, you might remember the Internet back in the days fun looking at some of the original search pages at AltaVista. Man, I miss AltaVista. I used to like to use the Boolean algebra that you could do in AltaVista. By the way, if you are a geek like me when it comes to searching and you want to be able to dig into it. There's a tool I use, and I think that you'd like it also. It's not cheap, that's for sure, but not that expensive either, but it's called DEVONthink, D-E-V-O-N T-H-I-N-K. It allows you to set up searches using all kinds of Boolean constructs, which is very, very, very handy, at least as far as I'm concerned. You can set it up to do automatic search sets every day looking for different things. It's one of the tools I use to find the information that we talk about here on this show because so much of it just isn't generally speaking, available. It certainly isn't spoken about by the mainstream media, right? You know that right. That's why you listen to the show and why you follow me. I am on LinkedIn. I'm on Facebook. I'm on Twitter, YouTube, and my website as well. I appreciate all you guys who do follow and who comment. Now, if you're a business person, this is for you, but there are some things that you can do as an individual as well that are going to make a big difference for yourself and your safety online. Businesses are concerned about the GDPR, which we've talked about on the show before. That's the European privacy regulation. We're also very concerned right now with CCPA. I just had a company that makes optics. I use their optics here in the studio if you have ever seen me on a webinar or one of these videos or pop up training or anything. I'm in the studio, and my cameras here the lenses use the glass made by this company. I had no idea, but they reached out to us due to their operations in California. They have a sales operation there because, again, they're selling their optical glass for use in lenses, and all kinds of other devices. They reached out because they were concerned about what is happening, what could happen with these new California privacy regulations? Is it going to mess up their business? How is it going to mess up their business? How is it going to make things better or worse? I think they had some outstanding questions. So they called us in, and they paid us to do an audit of the systems they have. How are the systems working? What is it that we need to be worried about? You know, it's something that takes a few weeks and a couple of on-site visits in New York? New York State, which by the way, is going to have their own set of privacy regulations that are going to affect them pretty dramatically. But basically, what it came down to was if they were compliant with the European regulations, they were probably most of the way towards the California regulations. So they think that they're compliant. But when we got in and started having to look at it, it turned out No, no, no. They are not anywhere near compliant with either set of regulations. Even though their IT people told them they are because they have full-time programmers who are programming their systems. They thought, Oh, no, no, we're fine. We're fine. No, they weren't. So what do you do if your regular business? Enough moaning and groaning about the optical manufacturer, who has fantastic optics, which is why I use them. Let's talk about you. Let's talk about your business, your small business, your larger business, this is true, you should be paying attention if you are a medium or large business as well. One of the best things you can do, and it is hard to get through to a lot of CEOs and other business owners. But one of the best things you can do to reduce your risks is to reduce the data that you are maintaining. Right? If you want to reduce the chance of getting shot at, don't go out in the streets where they're shooting, right? If you want to reduce the risk of having your data stolen, then don't have the data out there for them to steal. If you don't want to get nailed by one of these new regulations, that says, hey, personally identifiable information has to be maintained in this way and that way. If someone asks you what data do you have on me? Do you realize now you only have one week to respond? You must provide that data to them. If you have any sort of a California Nexus or European Nexus, in other words, doing business in either one of those places. Now, it's down to I think five days it's not a week to respond, saying, Here's all of the data that we have about you. That's what you have to be able to do. We have to be able to do it right now. You also have to be able to tell them, here are all of the people within my organization as well our contractors that saw your data and had access to your data. That is a very, very big deal, frankly. The landscape is constantly changing your obligations for that data, and the data disclosure and the data-keeping keeps getting more strict. What's the right thing for you to do? Ultimately, well, it's to get rid of the damn data, right? It's a very, very solid first step in reducing your risk. Now I'm going to be publishing next week, a little guide that you can use yourself, right, you don't have to have me involved, or anything else is just for you, that you can use to do an inventory of all of the data that you have in your business. What we've done is we've gone through and looked at different parts of the businesses that we've worked with over the years and evaluated the kind of data they often have. You have to do that first, right? You must identify what your risks are. You must determine what data you have. I'll make that available for those people on my email list. It will be part of this ramp-up here, a precursor to the pieces of training that I will be doing. There will be different free pieces of training and tutorials in my ramp-up to my courses. You don't have to be in the course to participate in the free tutorials, okay? You don't have to buy anything from me. It is all free, no hype or anything else. Okay. I'm not trying to hard-sell anybody I want to help you. That is the first step -- doing this inventory the data you have, and it is one of the best things you can do. Put your company on a data diet. Now, you know, last week we had Barry Friedman on the show, talking about a sugar diet. Right. It's a lot like that, and it's getting rid of these addictive pieces of data that we keep on our clients on our prospects, everything else that's out there, right. Let's look at it as a lens. When you're looking at your data when you're doing an inventory of these data assets, ask yourself, do I need this? Will this provide what I need? Think about maybe like a food diet as Barry does with sugar? Do I need sugar? We know is sugar going to provide us the nutrients that we need? The answer to that is no. When it comes to sugar, right. We found that out from Barry last week. But we need to work to minimize sensitive data and ask ourselves, do we need this sensitive data to conduct business right now? And will we need this sensitive data to conduct business in the future? If the answer's no, securely dispose of that data. It is the only way to comply with these regulations that are already in place here in the US and Europe as well. All right, when we get back, we're going to talk about how did we get here? How did we? How did ransomware grow to be a multi-billion dollar industry? What did we do to get here? What should we do to try and get beyond all of this? You're listening to Craig Peterson on WGAN. And of course online at Craig Peterson. dot com, live on youtube, live on Facebook everywhere out there. Stick around. We'll be right back. Hey, welcome back, everybody, Craig Peterson here on WGAN, and of course online at Craig Peterson dot com. In case you missed it. We've been busy today talking about the internet archives VHS vault. Again, that's archive.org. Check it out. It is kind of cool. We just talked about reducing risk using the cheapest mechanism possible. Data minimization will save you money and help you be compliant. Now I'm going to talk about ransomware. We've been warned recently about ransomware's rise. Many people thought it's kind of past. In some ways, it has. 2018 was kind of the banner year for the standard ransomware that out there, but it is back, and it is back with a vengeance. We talked about some of the statistics about a month ago and showed how it had gone up a bit almost doubled just between the third and fourth quarters last year, which is just absolutely dramatic. I had a course before, where we talked a little bit about backups. I've certainly talked about it here on the show before, and how backups help stop ransomware. Let's just spend a couple of minutes on that right now, although it's not 100% accurate anymore. It is essential to do for just a whole plethora of reasons. Backups are kind of the very first stage of what you need. I read an article yesterday from a guy who is in some of the highest circles in the country. He had the phone numbers, the direct cell numbers of presidents and you name it, really just anybody who's anybody was on his phone. It was an Android phone. He had assumed that it was backed up into the cloud or something. His phone broke. He got a new phone and realized at that point that his phone had that never, ever, ever, been backed up. He lost the phone numbers from all of these people. Good luck getting them back, cell phone numbers, other contact information. Think of all the things that are on our phones nowadays. Losing your phone, having a hard disk crash on your laptop, or your desktop computer. Losing those can be devastating, no question about it. If you're a larger business and you think that you're doing backups, double-check them. I'd say three times quarters of the time, and I can't think of an exception to this, your backups will not work correctly for that business. I've never seen a case where all backups are working correctly, ever, ever going into a business. I know you, Craig, you're just crazy. It's silly. You're trying to build a business and scare people. No, I have never walked into a company and found their backups to be working correctly. We see things like, and I don't mean, they're not working in a way that is ideal or optimal for the business. Right? Certainly that on top of it. I mean, they weren't working. We had one company that we went into, and they were dutifully doing backups, and the operations manager had five external hard disks. Every day he brought a hard drive in, he plugged it into the server and took it home at the end of the day. So we had Monday through Friday, hard disks that you brought back home with them. So they were off-site, which is, you know, great idea, by the way. The server itself had a RAID configuration on it and is called a raid five. It had three hard disks so that if a drive failed, they wouldn't lose all of their data. We went in because they wanted to do some upgrades. They hoped to move over to Apple infrastructure, where people could use iPads and iMacs on their desks to have a better working environment for everyone by moving away from windows. By the way, this is an excellent idea. They still had some Windows software that they had to run, so we helped them with that and got that all working running correctly. The backups you know, they were trying to do the right thing. But you know, you know what, there were a couple of problems one, their server had not written to any of those external disks for the last 18 months. They went a year and a half without ever having had a good backup. Think about that. What would happen to that business? What would happen to your company? After 18 months of no good backups and losing all your data? Oh, and their server, an HP server, that cute little HP server had that RAID array, right a raid five where you can lose a disk and not lose data. Well, they had lost a drive. We were estimating based on the logs about a year before. There they were with no backups and no redundancy in their server disks on their server. That's an example right now, and I could go on and on. We had a company division of a Fortune 100 company that had paid for backups, and they had a dedicated data line. We put some next-generation firewalls in place that monitored the data and watched for data exfiltration to make sure that the plans and designs and social security numbers and bank accounts and everything were not being stolen or taken off off-site, right. Guess what we found there? After six weeks of monitoring everything that's been going on because that's the first step right. Let's make sure we understand what the normal operations are. Didn't you tell us that you had an off-site backup of your mini computer going to another backup site? Oh, yeah, yeah, we do. It gets backed up in real-time. We're paying for the backups to go off-site. If something were to happen to our facility here, or to our computer, which is a big server, then they'd take over immediately we'd be off and running during those six weeks that we were in there we hadn't been involved with these operations. Ultimately, we were in there for decades. Guess what we found? Yeah, exactly. None of the backups were occurring. They were paying for all of these things, right? They were paying for them. What we ended up doing is we came in, and we made sure that backups were happening. Unfortunately, they didn't have us do those backups. The company doing it for them was incompetent. And yet they decided to have them continue to do it. It doesn't make sense. We took over the rest of the backups. We had equipment on site, which we do at most of our clients. In case there's a problem, there are failovers that can occur. In this case, we'd have them back online in four hours, a requirement of publicly traded companies and their divisions. Again, they're just not doing anyways. Ramble. Ramble. Wow, we've only got a couple of minutes left here in this segment. When it comes to backups, here's what you have to be careful of, and that is, make sure they are happening. Check the backups. Try and restore from your backups. Now, we're talking about ransomware. It is a seven and a half-billion-dollar industry. They are coming for you, and one of the best things you can do is have a backup. Still, there's another side to ransomware, nowadays, that backup won't help you with, and that is that they have your data, and they hold a ransom saying, if you don't pay us, we're going to release this onto the Internet. Then you're in real trouble. If you have personally identifiable information, or if you have your intellectual property out there, and it gets out to the Internet because you don't pay that ransom, you are in real trouble, plus if they encrypt your data, you'll need that backup.  All right, stick around. We will be right back. And we're going to be talking about our next topic for the day, which is how do you answer a non-technical executive, who asks, how secure are we? Your listening to Craig Peterson on WGAN and online at Craig Peterson dot com. Hey, have you ever been asked that question? Well, we'll tell you about how to answer it, coming right up. Hey, welcome back, everybody, Craig Peterson here on WGAN and online, of course at Craig Peterson dot com. No surprise there. Our next one is an interesting article and poses an interesting question. It is one that I'm sure you ask or have been asked, right? How secure are we? You are the Calvary, is the bottom line. You're the person who your family comes to, or the business owner comes to, the business asks whenever they have a tech question, right? You wouldn't be listening otherwise. It is how you get ahead. It is how you learn. You listen to me and others, read articles. You are the Calvary. How does the Calvary answer that question, when you're asked, How secure are we? You know, there's the obvious answer. Well, you know, we got this, and we got that. We have an Anti-virus, and we have a firewall. Those, frankly, are buzzwords that many of us use just to obfuscate the real answer to that question. I know that many times when we go into a business, and we secure it, we put together a proposal. Most of the time, our recommendations are not accepted. Most of the time, when we go into a business, and we say, here's what you need. Here's what you need to do to stay secure, they say No, thank you, and prefer to run with blinders. Hopefully, they won't stumble in the middle of the night get or tossed by that horse, of just kind of ignoring it, right. Blinders or maybe you might want to call it ostrich-ing and to put their head in the sand or whatever, you want to call it, But most of the time, in reality, the businesses just don't do anything. Sometimes they do, right. That's how I stay in business. I stay in business because of the companies that want to remain secure. I stay in business because of the people that are the Calvary. They're like you who want to buy my courses to understand more to get step by step instructions know, not just the stories behind things, but the strategy in the exact tactics that they have to take. And that's you, I suspect, right? I think you're probably a lot like me in that way. That's how I like to learn, and that's how I teach as well. Well, this article is from our friends over Dark Reading. And the question is, uh, how secure are we? And how should we answer that? There's a great response by Kurtis Minder, the CEO, and Co-Founder of GroupSense. He says it depends. You've got to look at your executive team and qualify their level of understanding. Answering the question with the answer of well, we have antivirus, we have a firewall, and we have mail filters. You know, a lot of people nowadays say, "well, we're in the cloud," and there's nothing to worry about, which we already know, isn't true, right? There's way more to worry about if you're in the cloud than if you have a local server. For those of you who are the kind of computer security people for your organization addressing this requires finding out where they are coming from who they are comparing. For instance, is it to what the Payment Card Industry PCI-DSS says we're supposed to do? Are we supposed to compare ourselves to the HIPAA-HiTech regulations? In other words, we have some medical data, which by the way, every company does, if you have any sort of a Health Insurance Program, right? Are we supposed to compare ourselves to the NIST 171 standard? There's, even more, there is the CMMC. There's, there's a lot of different criteria that are out there. You must understand the HOW before you answer this question. How secure we compared to similar companies in our industry? Or companies that are similar in size to us? No matter how you're going to answer that question, when the boss comes a-knockin or the kids or your wife comes a-knockin saying, How secure are we? No matter who it is you're talking to, I think the one thing you have to make sure of is that they understand that the whole security threat landscape is fluid. It's always changing, and your security programs need to be fluid as well. That's the reason I have consulting clients, right. That's the reason I have a membership program. The people who are the Calvary can follow and understand what it is they need to know. Now I want to hop over to this other guy here. His name is Matt Combs. And he is a global cybersecurity practice leader for an executive recruiter called Russell Reynolds Associates. It is absolutely a phenomenal interview on CIO.com. He's saying many companies were blissfully unaware t, especially those that don't have credit card information. How many times have I said that, right? It takes at least six months for the average company to figure out a breach occurred. Why did Matt say, especially those that don't have credit card information? It's because if they have credit card information, that information is likely to be sold on the open market very quickly. Once sold, the credit card companies are going to notice, right? Many companies have only learned that a breach occurred after the FBI came knocking on the door and told them they had a problem. Look at Home Depot. What happened? The FBI traced the dots. Home Depot, was compromised through their point of sale equipment. Can you believe that? people sitting in the parking lot of Home Depot hacked them? They didn't even know it until the FBI knocked on the door. That's a pretty big deal, on a pretty big company. I think they are the second-largest retailer in the country? When it comes to dollar-to-dollar value? Are you sold? Okay. If you don't have the credit card information, how would you even know that a breach happened? It goes ties back into the fluidity of security. It seems so obvious. Now when you look back at Home Depot and say, What were they thinking? I look at the target the TJX companies, and their hack they had security equipment, and that security equipment was quite good. It was alerting them, "whoa, wait a minute, guys, we've got a breach, okay." Did they take care of it? No, because they didn't know how to read the output, and they didn't have enough people to look at the logs, which is something else we keep telling you all. You have to watch the logs. You have to watch them closely. It's a full-time job. It's a highly skilled job, a highly trained job. It is not cheap, okay. I know a hotel company with 500 hotels in the United States, of course, you can look that up to find out who it is. They have a chief information security officer who is an information security group of one. Think about that 500 hotels, just the business itself, all of the data that they have, the liability that they have, and he doesn't have anyone working for him. Not even a support person. He has to beg, borrow, and steal help from it, and from the CIO, the Chief Information Officer. So when the executive asks you how secure are we, you have to say, Hey, listen, you know we can lock down the doors, we can lock down the windows, but the odds are if someone wants to breach us, they will be able to. However, make sure you are locking down the doors and locking down the windows. You got to close it all up. There was one other thing I think you should do when this non-tech executive asks you about how secure we are. That is, what's your nightmare, Mr. Executive? Which systems? Are you most concerned about being compromised? You should go back to the question I asked a little bit earlier, which is, what data do we have that maybe we shouldn't have? What data do we have that we are most concerned about losing? What are the Family Jewels in our organization? What is the data that if we were to lose it, we'd be in a lot of trouble, either because we could not conduct business anymore, or maybe we would get nailed by the regulators out there? Anyway, a lot of really, really good questions to ask because you're never 100% secure. All it takes is for one employee to click on the wrong link on an email. What I was just talking about will come up a little later on today. I talked about it this week on several radio stations. What happened with Barbara Cochran, an investor from Shark Tank. Stay tuned as we'll talk about it a little bit later on. All it takes and frankly, employee negligence such as accidental loss of data, accidental clicking on things. Employee negligence is still the main cause of data breaches. In a report from ShredIT now, of course, they're in the business of shredding documents of getting rid of these things. Shredding hard disk drives when you take them out of a computer. Remote workers and external vendors are also now a major cause of the increase in data breaches. That's one of the things we're going to be covering here in my course coming up in a couple of weeks, and that is the upstream-downstream risk. And the US military is totally into this now, because they had two or three major breaches last year that came through vendors. So hackers are no match for human error when it comes to sheer numbers. You also have the insider threats of people who are stealing from you. So they can get a better job, take it with them to another job. You have people who are upset with you and are just making an absolute mess of things on the way out the doors. So be very careful about that because it's huge data breaches cost an average of $3.6 million globally average that was in 2017. Some of those prices have gone up. The faster you respond to a breach, the more money that you'll save. They found that if you can respond to a breach within 30 days, on average, you'll save over a million dollars. Think of that. The odds are good that you will get breached. You will save, on average, a million dollars. Yet you're not funding the security people either by going to an external contractor, like me, to take care of it for you. Or you don't provide the resources to the internal people they need to do it. It is a huge, huge job. All right, top of the hour course, on the radio stations, we've got the news, traffic, weather, all that sort of stuff coming up. Then when we get back, we're going to talk about a new metric in security. The next-gen security metrics. Stick around, and you are listening to Craig Peterson on WGAN and online.   Hey everybody, welcome back. Craig Peterson here, on WGAN and, of course, online at Craig Peterson dot com. We have already covered a bunch today. I would refer you over to my website. If you'd like to find out a little bit more, of course, I'm also on the streaming services. You can find it there. We've covered the internet archive. They've got this cool, new VHS vault. We discussed ways to reduce your risk of data loss. It's all about identifying your data. and then minimizing your data, how we enabled ransomware to become a multi-billion dollar industry. And I also gave some good advice on backups and the fact that 100% of the businesses I've ever walked into have had a failed backup strategy and failed in a bunch of different ways. It is big for all of us who are out there who are members of the Calvary, who are trying to help our friends, our family with their computer issues, and the businesses for whom we work. Then we got to how to answer questions that we get that have to do with our level of security? How secure are we? How secure is the business? That's what we have covered so far today. I love our next topic. It's phenomenal. It's from Thread Post.com. But they're talking about different types of security metrics. Now, metrics, of course, our measurements, or the ways we measure things. We always have to measure progress to be able to know have we gotten to where we need to be, right. Progress can be difficult to measure. There are a lot of different types of measurements when it comes to our security. Say for Microsoft Windows, one of the big things is, are you ready every Patch Tuesday. Then a little bit more, as Microsoft sometimes comes with out-of-cycle patches. They got nailed a few years ago, through criticisms about them releasing new patches, like constantly, because they needed to release them. And so instead of fixing their problem, which would be almost impossible to do, and that is rewriting windows and making it much more secure design, they decided they would just go ahead and release patches once a month. And that way, of course, you're not getting them every day. So who's getting noticed that in fact, there are a whole lot of vulnerabilities and Windows. So that was another measurement that we had. Did you get your Patch Tuesday stuff done? That's been around a very long time? Well, we've got a new metric here, and it's called hardening. Now, I don't know about you guys, but my wife thinks that most people don't know what the name hardening is. So I'll explain it a little bit. Hardening is where we close holes in our networks and our Windows computers. That's really what our emphasis is going to be coming up here next week when we start our whole hardening series. By the time you finish this series and the courses, you'll be able to lock down any Windows or Mac computer yourself. You are going to be able to lock down your small business network, and you're going to stop worrying about being the victim of the bad guys. We're also going to train you on how to test everything yourself. That you can make sure that they can't get in, right. If not tested, how will you know it works. It's like I was talking about with backups. How do you know they are working? How do you know it's effective? How effective is it? So we're going to teach all of that, and I think that's just going to be amazing for you guys, man. We're looking to do something you guys are going to love. Hardening in the case of our computers includes our computers, browsers, firewalls, and routers. In other words, there, we're using all of the options, all of the available software to make sure that bad guys are not easily going to get in is our Windows Firewall harden on our computers? Did you even know you had a firewall on a Windows computer? Well, it's almost useless. Because Windows has a firewall, it is turned on by default, but they have all kinds of services turned on and available to be used. All of these things are kind of crazy. When we get down to it, there are things we can do. That's what we're going to be covering starting in about a week with some of these tutorials. And with our great course that we have coming up. Now, let's talk about what's holding us back and what mean time to harden means. We're looking at vulnerabilities, when we're talking about a zero-day-attack, it is one that no one has seen before and where there is not a patch or workaround for it. It's really kind of a nasty thing. When it comes to hardening, you want to make sure that you have as few services as possible on your computer, firewall, and browser. That again makes your attack surface smaller. But when we're talking about those types of zero-day attacks, it typically takes an organization 15 times longer to close a vulnerability than it does for the attackers to weaponize that vulnerability and exploit it. So basically, we're talking about one week for the bad guys to take a vulnerability one of those zero-day things. It takes one week to weaponize it, and it takes us about 102 days to patch it. Let that sink in for just a minute here. Once vulnerabilities get disclosed, It's a time-race here to either secure this hole before the bad guys to exploit it. Now we saw that with the Equifax breach where here's a major, major breach against a major company out there, and only happened because they hadn't applied the patches that they needed to apply. It's just really that simple. Microsoft has a patch let's give an example right now, BlueKeep. BlueKeep is a way to break into Microsoft machines. Microsoft released patches for BlueKeep in the May 2019 Patch Tuesday security fixes. Microsoft released it in May, and as of December 2019, seven months later, there were still over 700,000 machines at risk. Let me see here now May to June July, August, September, October, November, December. That, to me, sounds like seven months. That's huge. Sophos has some security software. In their recent report about WannaCry, which is ransomware. The patch against the exploit WannaCry was using has not been installed on a countless number of machines. Still despite being released more than two years ago. It's crazy, isn't it? Do you guys agree with me? Am I just being kind an alarmist? Now the average time to weaponize this is seven days. Many weaponization comes in less than seven days. Like the infamous ApacheStruts vulnerability. You have effectively 72 hours to harden new systems. Now the numbers are even worse. When we're talking about incident response. There's a new rule out from a company called CrowdStrike. You might have heard of them before, they've been in the news for some political stuff as well. But they are a security company. They do a lot of investigations after the fact and try to figure out what happened and try and clean things up. CrowdStrike has a new rule. It's called the 1-10-60 rule. And it's based on what they call breakout time. So here's what that is. Most nation-state actors, in other words, the more advanced hackers out there, move laterally from an initial attack within two hours on average. In other words, if there is a country that's coming after you say, for instance, China. Most say now it isn't like China is going to go after me. I'm not Military and not a military contractor. China comes after you to steal your intellectual property. Once they have gotten inside of your network, they will move around inside your system. What this means is it gives defenders of a network one minute to detect a breach, 10 minutes to understand what has happened and that it was a breach and one hour to contain that breach from the initial incursion. That is huge. Now, this is part of this meantime to hardening and goal response that we're trying to achieve. If you're a regular business, and it's six months before you even notice that a hack occurred, if you ever even notice, which is par for the course, and one that we see that quite frequently. We will come in and look for signs of hacking. Many times, companies don't want to know. They just want to know if there are any openings that they should be closing right now. Why? If you see a hack occurred, there are specific legal responsibilities that you have. Companies say, Listen, don't tell me, I don't want to know. Without monitoring and watching what our organizations are doing, if we're not at the very least, patching and hardening, we're in real trouble. Now, I know you guys know how to patch it's not that difficult to do. We're not going to spend a lot of time on that in the upcoming tutorials or courses, but we are going to spend a lot of time in the course on Hardening because it is one of your best defenses. It's kind of like having a package on the front porch that was just delivered by Amazon people, right? If there is no package on the porch, the porch pirates are not going to show up and to steal the box. It's the same type of thing here. If you do not have services available on your machines inside your network, there is no way for the bad guys to move laterally. There's no way for them to get in remotely. That is our goal in our hardening courses, how to harden your Windows machine. That's coming up in about a week, week and a half. So make sure you are on my email list. You get all of that free training. You can find out about the courses as well that we are putting together for this. All of that at Craig Peterson dot com slash subscribe. You're listening to me here on WGAN. You can always send questions to me -- me at Craig Peterson dot com. Hey, welcome back, everybody, Craig Peterson online at Craig Peterson dot com and right here on WGAN. I am also putting these up on Facebook and making them available on YouTube. For those that are interested.  I want to talk a little bit right now about Clearview AI. You know, again, I've said so many times that we've got to be careful with our data online. Clearview AI is this company that we talked about a few weeks ago, that has been scraping all of the information it could get online, mainly related to photographs. All of the pictures that you posted on Facebook or that you put up on any photo sharing sites, all of that stuff, Clearview scraped. Now, they have this app that allows you to take a picture, and then it will do facial recognition to find all of the places online that that picture appears. And it has been used by looks like more than 2200 different organizations, many of them police department to track people down. So if you have a picture, even if it's not a great picture, that picture can then be put into the clear view AI app. And it'll show you here you go, here's where we found this guy or gal online. And even if you didn't take the picture, and you are in a photograph, it is going to show up in clear view is going to find it. Now, Clearview AI grabbed all of these photographs online without asking permission of anyone. I don't think they asked your permission, did they? They didn't get my permission. They scraped them from Twitter, who they didn't ask permission. They scraped them from Facebook. They scraped them from all over the internet. They ended up with billions of photographs. They logged it all along with where they found them online. That way, if the police department is looking for this person, they have a photo of them. They can put it into the Clearview AI app and can authenticate where online it was found. And then the police department just goes there and says, Oh, well, that's a Mary Jane's homepage. Here's more about Mary Jane, where she lives and everything else and now off they go to get Mary Jane. Now remember, of course, first off, these things are not 100% accurate. They could be false. There are false positives, although in many cases, they have been very successful at identifying people, and they have helped to solve some crimes, which is I guess a good thing, right. I think that's what you might want to say, okay. In a notification that The Daily Beast reviewed, Clearview AI told them that there had been an intruder that gained unauthorized access to its list of customers, and they got access to many accounts they've set up and the searches they have run. Now, this disclosure also claimed that there was no breach of Clearview AI servers and that there was no compromise of Clearview AI systems or networks. That puzzles me makes me wonder, well, maybe they were using a cloud service, and they had it stored up there, and that's how it got stolen. It's hard to say. Clearview AI went on to say that it patched the unspecified hole that let the intruder in and that whoever was didn't manage to get their hands on their customer's search histories. Now there's a release from a Clearview AI attorney, and his statement said that security is Clearview AI top priority, which is total crap, right? They did everything they could to breach ethics and security of the user agreements from all of these websites from which they scraped our information. Unfortunately, data breaches their attorney says are part of life in the 21st century. Our servers were never accessed. We patched the flaw and continue to work to strengthen our security. All of this is in a report on naked security dot com. Now, this, frankly, is very concerning to me from several different standpoints, right. First of all, Clearview AI had this massive database of facial images that they had sold to hundreds of law enforcement agencies. In many cases, it wasn't like the overall agency. It was just a police officer themself that subscribed. It may be a detective, etc. The New York Times ran a front-page article in January, saying that Clearview AI may end privacy as we know it and man, is that ever true. They have been quietly selling access to these facial images and facial recognition software to over 600 law enforcement agencies. Now with this data breach, it looks like it's more than 2200. Although we have not seen the list posted online yet, we may end up seeing the posted online. It depends on who did this and if it was a nation-state, which is entirely possible. They are trying to find out a little bit more about us or whether it was somebody else.  It reminds me of a lot about the founding of Facebook and why I've been against Facebook over the years, right? Facebook had a very unethical at its start. They stole all the photos of women going to Harvard University and then had people be able to go to their little website and rate the women, right? Rate them? Yeah, on their looks using all stolen photos. That's the allegation behind it all. It certainly seems to be true. Microsoft, that's another reason I just, I don't use the word hate very often believe me, but I do hate Microsoft and the way they started. They unethically sued people and play games with trying to buy them by lying about the rights that they had. Bill Gates outright lying to IBM and others, back in the early days. I have a good friend of mine who says Craig if you didn't have any ethics, you would be one of the wealthiest people in the country. Your ethics kept you from doing them, yet you bent over backward to help people. Companies, like these need to go out of business and need to go out of business fast, it's crazy. We've got the Biometric Information Privacy Act that Clearview AI has violated. ClearView AI has also been told by Twitter, Facebook, Google, and YouTube to stop scraping. Those companies have ordered it to stop that. It is against the policies. The Times noted that there's a strong use case for ClearView AI technology finding the victims of child abuse. News. It makes a lot of sense. One, retired Chief of Police said that running images of 21 victims of the same offender returned nine or 14 miners identifications, the youngest of whom was 13. So where do we draw the law watch line, I should say, what should we be doing here? It goes back to the whole fruit of the poisoned tree principle that exists in the law. That you've seen on TV and in movies many times, any evidence illegally obtained can't be used nor anything that comes of that evidence. It is why some Federal investigators play games with where did you get this evidence? Russia? Did it come from Christopher Steele? Should we have something similar In this case, and I think that we should if they stole information from these companies, which they did. It's, frankly, intellectual property theft at the very least. That means it is of no use in any sort of a police case that started an investigation and any legal matters that follow. That's my opinion. I don't know what yours is. I'd love to hear from you email Me at Craig Peterson dot com. Thank God they were able to find some of these victims of child abuse. But at the same time here, we should have some rights to privacy. It may already be too late. I guess we'll know. Soon enough.  Hey, when we get back, we're going to talk about Barbara Cochran. She's the star of Shark Tank, and she just lost 400 grand in a scam will tell you all about it. You are listening to Craig Peterson and WGAN. And make sure you sign up online at Craig Peterson dot com. Hi, everybody. Yeah, that means we're back. Craig Peterson here on WGAN.  We're going to talk right now about a TV show that I have enjoyed watching over the years. There are a few shows that I watch pretty regularly. Of course, there are some sci-fi shows we won't talk about those right now. But a couple of them are The Profit I enjoy that show. I like the guy who is the main character on that show, and his name is Marcus Lemonis. He owns a considerable interest in Camping World, as well as GoodSam Club, and he invests in small businesses. I disagree with him almost 100% on politics, but he does try and help people out which I think is fantastic and, and he goes into these businesses that are struggling, that are trying to figure out how do we move to the next step or how do we even survive? Then he helps him out, and he frequently invests in them. When he invests, he takes a good chunk, usually enough so that he has a controlling interest in other words 51% sort of a thing. Then he's often running, and he helps build them into real successful companies. Now, I guess it goes back to the question of, would you rather have a small slice of a massive pie as an owner, or would you rather have 100% of a tiny pie, that may end up collapsing in on itself at some point in time. That's kind of the decision these people have to face as they are talking with him and trying to figure it out. So I like that show. He had a good episode, recently that I found very, very fascinating. Check that one out, The Profit. Another one that I've enjoyed over the years is Shark Tank. Now Shark Tank is if you haven't seen it, it is a show, and there are a number of them. It's called Dragon's Den overseas. There's one in the UK. There's a shark tank in Canada, and there's a shark tank in Australia, all called slightly different things. The idea behind Shark Tank is you go in there you make a pitch to these investors, and the investors decide if they're going to throw some money at you. They will make a deal saying okay, I'll give you 20% for 20% of your company, I'll give you this much money, or you know, I'll bring in people to help out, but I want controlling interest or whatever it is. Well, one of the business moguls on there that part of this whole judging team on Shark Tank just last week lost nearly $400,000. It was disclosed that the 400 grande loss came through an email scammer. Now, if she had been listening to this show, she would have known about it. She would have known what's happening. She has enough money that she kind of brushed it off. Oh well, she thinks that she'll never get the money back. And you know what? She's probably right. We've seen that happen many times, even with the FBI getting involved most of the time that money never, ever comes back to you. According to media reports, a scammer who was posing as Barbara Cochran's executive assistant forwarded to her bookkeeper an invoice requesting that payment. I'm looking at the email right now. Barbara released it, which is great as that way people can see what happened. It's an email it's from, Jake somebody. Sent on Friday, February 21, and addressed to Emily carbon copy Michelle. The subject was forward Invoice 873, and it's got the name of a German company. It begins, Hello Emily. Please see the attached invoice below for payment. We are ready to proceed, and we are shipping next week. Please ensure the invoice is paid on time, shipping charges are additional. It appears like a little real invoice. It's got the due date on it, which was due on the 27th, and the amount was $388,700 and 11 cents. And it looks as I said kind of like a standard invoice. Dear customer. Please see the attached invoice. Wire transfers should be directed to FFH concept GMbH address in Berlin, Germany. Bank details include the bank name, the account name, bank address As the IBN number, the swift number, thank you for your business, we appreciate it very much.  The truth was, this email did not originate from Barbara Cochran's executive assistant. Instead, what happened here is that the scammers and created an email address that looked the same as her executive assistant. It had one letter different in it. At first glance, it seems legitimate, yeah, this is from the Executive Assistant. You and I look at 400,000 and say, Whoa, wait a minute now. I don't even have that much. In this case, Barbara Cochran, this was pretty normal for her. There's not only this amount because she is involved in so many real estate deals. That's how she made her money was in real estate. She gets these invoices from these companies all over the world. It did not look that strange. All the bad guys, in this case, had to do was a little bit of research. They found out what the executive assistant's name, they found out what the email address was. The bookkeeper did not spot this little spelling error, if you will, in the email address. When she asked questions about the purpose of the payment, all communication went straight to the scammer's and not to the assistant. What did she do? She hit reply, and the response went straight to the scammers, and the scammers gave him what looked to be or gave her what appeared to be a reasonable answer, right. On Tuesday last week, seemingly satisfied by the answers she'd received by the scammers posing as Barbara Cochran's executive assistant. The bookkeeper transferred almost $400,000 into the bank account contract controlled by the scammers. It was only one the bookkeeper manually CC'd Cochran's assistant directly with confirmation that the invoice had was paid. It became clear what happened. So, again, that tells you don't respond to emails, right? Look it up, use a contact list, use your autocomplete to try and reach out to somebody to verify it. I always go one more step further, and that is to get on the phone and confirm the transaction. Now in speaking to people magazine, Barbara Corcoran again apparently was pretty okay about the theft. She says quote, I lost the 400,000 as a result of a fake email sent to my company. It was an invoice supposedly sent by my assistant to my bookkeeper, approving the payment for real estate renovation. There was no reason to be suspicious. I invest in quite a bit of real estate. I disagree with that there was reason to be suspicious. Anyhow, I was upset at first, but then remember, it's only money good for her. Frankly, she posted on Twitter about it. Lesson learned. Be careful when you wire money. She retweeted something from TMZ about her getting hooked in this scam. I'm glad she has a positive attitude about it. It's very unlikely, as I said earlier, that she'll ever recover a dime from these fraudsters because of the way the money was wired. Ninety seconds later is all it takes for the cash to be gone and out of reach. And they probably went ahead and transferred it from German banks to other banks, and it continues to move the money around. It's kind of like what happened in Eastern Europe and Ukraine, with a billion dollars in aid that we sent that ended up bouncing around between multiple companies in multiple countries to hide whose pocket it ended up. It's just kind of crazy. It can happen to anyone, and it can happen to any of us. Every last one of us, business person or otherwise, needs to be on guard. Don't reply to emails. Always make sure you enter in the email address if it's anything that might be of concern. Remember that banks and other places are unlikely, including the IRS tax time, to be sending you emails about some of this stuff. Just double-check and phone them, look them up online, and phone that number. Ask a question from their help people over on their website.  Well, we've got one last segment here, and we're going to be talking about new security features from Firefox that means insecurity to you. This is Craig Peterson on WGAN, and you know, I like Firefox, right? Hey, welcome back, everybody, Craig Peterson, here on WGAN and online Craig Peterson dot com. Well, that's Peterson with an -On dot com.  Hey, thanks for joining us today we've had a great day, we've talked about where you find a little bit of nostalgia online over at the Internet Archive. We talked about reducing the risk through data minimization. I described how ransomware became a multi-billion dollar industry. We talked about the changes that have recently happened with ransomware that will require you to make a change in what you're doing to stop becoming a victim. Then we got into how should you answer a non-technology related executive who asks you, how secure are we? How do you answer that question to your family as well? Because we are all the Calvary, right? We're the people that our friends, family, our people from church, the business people, they all come to us. So I wanted to make sure we covered that the next generation here of security metrics, how long does it take to harden your systems, and we've got a course coming up on that here in a couple of weeks and a bunch of tutorials to help you out. The company that we talked about clear view AI, very, very bad guys, frankly, very unethical. They just lost their entire database of Facebook buying clients to hackers. And then they brushed it off like it's no big thing. Hey, you know, everybody gets hacked nowadays. Man is talking about a company with no ethics at all. We talked about them, and then, of course, most recently, we just talked about business email compromise. We gave you a specific example here of Barbara Corcoran. She is one of the business moguls over on Shark Tank. How she lost almost $400,000 in a scam, and what you can do to help protect yourself. And we gave away some actual clues here precisely what the bad guys are doing to try and get that information or get us to to to do that, right? What kind of information are they gathering about us? Well, I want to talk about Firefox here for a few minutes, all web browser thing. And this has to do with security. And this is an article over on we live security.com that made me think about what is going on with Firefox and Mozilla. Now, if you've been on any of my training courses, you know, the browser you absolutely should never use ever, ever, ever unless there is a gun to your head, and then it's okay. Is Internet Explorer is just one of the worst browsers ever? You know, it's just terrible. It's right up there with the original browser, the NCSA Mosaic, but at least it was changing the industry. Internet Explorer was just a huge security hole. I mean crazy. The things that allowed programmers to do, and it was such an avenue for hacking. You know that right, don't ever use Microsoft's Internet Explorer. Then they came out with the Edge browser, and they had problems

Craig Peterson's Tech Talk
AS HEARD ON: WGAN Mornings with Ken and Matt: Setting up a New Computer and Protecting Yourself from Ransomware.

Craig Peterson's Tech Talk

Play Episode Listen Later Mar 4, 2020 12:08


Good morning everybody! I was on with Ken and Marty (who was sitting in for Matt.) We had a good discussion Setting up a new computer and How you can protect yourself from Ransomware. Here we go with Ken and Marty. These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig John McAfee, here's the guy that started the Anti-Virus movement by many arguments, saying, our software is useless. Don't buy it. Craig Hey, I was on with it was Marty this morning in place of Matt and Ken Altshuler, and of course, yesterday was the big election day in Maine on Super Tuesday. We didn't talk about that, really because we spoke about Marty's new computer and what you should do with a new computer, so I gave him the advice that I give all of my employees. It is what we do when you get a brand new computing device. Ken Well, now Craig Peterson is on. How are you? Craig Hey, good. Yeah, blame it on rank choice voting, I think. Marty So everybody's second choice. Ken Let's start talking about ransomware, shall we? I mean, so does ransomware work? Do people pay ransoms? Craig You'd have to ask the question, right? How Does it still work? Ransomware has been around for two years. Well, it goes back further than that. It was two years ago certainly had the vast, huge, massive hit on ransoms. That has brought down multinational companies for weeks, in some cases, very, very big deal. It's kind of fallen off. People aren't thinking much about it anymore. They're not protecting themselves. Now we've got this warning that's come out about ransomware. It is back with a vengeance. Kind of what you alluded to here, Ken has happened. We're no longer just seeing ransomware encrypting our data. What's happening now is ransomware gets onto your computer, and it's a whole new generation. What it does now is it starts poking around your computer, looking for Word documents, looking for your spreadsheets, and in your case, I think it would be what Word Perfect documents. Ken Word Perfect. The best word processing program ever made. Oh, all the legal guys like eight and a half by 14 and all that. Craig Yeah, yeah, exactly. It looks for those, and then it sends them back to the bad guys. Then the bad guys have a look at them and say, Okay, is there any real value here might there be something else on that computer? Can we spread laterally throughout the organization? Then they will hop on your computer unbeknownst to you because your laptop called home when it got this new kind of Once they've got all of the data off your computer that they want, then they probably will encrypt all of your data for the heck of it. They will put a ransom up on your screen. Now what they're doing, and this is up dramatically now we're talking about more than seven and a half billion dollars here in the US ransomware the last couple of years. What they're doing now is they're saying, Hey, I'll pay up Ken, or we're going to release all of your client files, even though nobody can read the WordPerfect files anymore. All of your client files to the internet, all of your personal information, your trade secrets, intellectual property, pay up, or else. The FBI is warning about this increase in is a new type of ransomware. It grew by 100% over the last two quarters. It is getting dramatic is getting out of control. What people need to do here is to protect themselves. Backups. However, having backups would help with the encryption, right? Because you can restore your files from the backup. But, it's not going to help with the, "Hey, we're going to release all of your information if you don't pay up." We have to start doing penetration tests on our systems, making sure that they're relatively safe. I'm going to have some training on that coming up. Starting next week, on some of the things you can do just some free training. Absolutely. I'm not selling anything in this course, right. I do have some classes for sale, but I'm trying to help out because, man alive there is some nasty stuff happening right now to home users, as well. It's the businesses that are more likely to pay this type of violence. What Jack Sparrow type of ransom. Yeah, that's something we don't want. I hope people will, will take advantage of that and avoid that in their business. Marty So Craig Marty here. A question that just came up for me at my nonprofit ET-tech is that we just bought a new HP laptop and it has McAfee antivirus on it now. I hate that program, to be frank. It takes forever. And I've said to my staff, and we don't need that. Whatever comes with Windows Windows Defender is fine. Delete McAfee. Was that the right call? Craig Oh, Marty, Marty. Marty. You're right. Here's the dirty secret right now when it comes to antivirus software. It is 100% ineffective, 100% useless when it comes to these modern types of attacks. When you're talking about McAfee, Norton, it's just mind-blowing here. John McAfee has a video out on YouTube that you can watch anytime you'd like. We're here. Here's John McAfee. The guy that started the industry by many arguments, saying, our software is useless. Don't buy it. Right. Oh, he doesn't own the company anymore, but that's what he's saying. You've got one of the top people over at Symantec Norton. There, I think he was VP of Marketing, if I remember right, getting caught saying at any event here after a couple of drinks, that their software is useless, and of course, losing his job shortly after that. The antivirus software industry is trying to mess with us. Frankly, now that McAfee probably paid about $2 to Microsoft or, in this case, HP is more likely about two bucks HP to have their software installed on your computer because they hope you're just going to go ahead and do it. So here are the basics of what you're going to do. It ties in with these tutorials that I'm going to have in the next few weeks because the right thing to do is get rid of all of that kind of extortion where they get onto your computer when you buy it new. So the first thing I do, Marty is a completely erase the computer, I mean, completely reformat the disk, and reinstall Windows without all that extra crap on it. And then, I turned on Windows Defender and made sure it's turned on and make sure you turn on automatic updates. Then I go in and configure Windows Firewall because, for some reason, Microsoft shipped it with a firewall. Yet the way they have everything turned on makes the firewall almost entirely useless, which drives me crazy. There's a configuration that you have to do on that, and I'll be talking about that a little bit if you listen to my show on Saturday at one o'clock I'll be starting to talk about these things. Next week, I'm going to have a lot more, but one o'clock every Saturday, by the way. So, Marty, you are right, you are going to get a lot of defense, just by turning on Windows Defender. I would also advise that you to use OpenDNS or Umbrella, you can use a free version, and there's a paid version that is going to stop this type of ransomware we just talked about. Right there with the OpenDNS, even the free version. For my customers, I use the commercial version, which I sell to them and support them. That's number one. There are several other things you should do to try and keep your computers safe. I'm going to go through step-by-step what to do and how to turn all these things on. On the browsers, you can turn on a few different things. You're going to want to have Ghostery on there, you're going to have Ublock Origin on there, and you are also going to have Privacy Badger on there. Those are few things that I'll be talking about in these webinars coming up and showing you guys exactly what to do and how to do it. Marty We are talking to our tech guru Craig who joins us every Wednesday at 730. Let's go to Shark Tank. One of the judges or sharks of Shark Tank lost, for $200,000, which kind of drop in the bucket for me, but probably hurt her a little bit, but then got it back. Yeah. How did she get it back is my question because the FBI warns you that you're not getting that money back? Craig Yeah, ever. It's gone. They're saying that, after 90 seconds, the money is out of the country, which is true, in this case, as well. And what happened is this is a business email compromise here real quick. And there was a bad guy who did a little bit of research on Barbara Cochran, who is this one of these Investors over in Shark Tank. They found out who her assistant is. They found out who her bookkeeper is. And they sent some fake emails and the bookkeeper wired some money 388,000 bucks to a bank over in Germany based on the email. The big mistake on the bookkeeper's part was that the bookkeeper responded to the email asking for the money to be wired. The email address of the assistant was one character off. So they just kind of faked it. Then they found out about it because when the bookkeeper wired the money. The bookkeeper forwarded the wire confirmation to the assistant using the correct email address. The assistant said what the heck's going on here, called the bank immediately, and was able to get the German bank to freeze the account before it got wired out in this case, to China. Usually, it's Eastern European countries that have people that are doing this, but in this case, it was China. Surprisingly enough, Barbara Corcoran got back all of her money minus wire fees from his from this bank over in Germany. And you're right can this like never happens you never get your money back. Yeah, I was shocked about it. I mean, that was unbelievable. Yeah, it was shocking to her too. So be careful on these emails. Always confirm with a phone call. You know, use it. Just stop and think about what would do? Well, ten certainly would not send an email you never get. He gets his dial phone, their rotary phone, and he would call someone, and that's what you should do. You know this, this new tech is terrific. But in reality, pay close, close attention, particularly when it comes to stuff like this. I've worked with companies that have had all of their money stolen, and we worked with the FBI to start investigations for them. Although they will investigate, you never get your money back, right. Ken Craig Peterson, our tech guru, joining us as he does every Wednesday. Thank you so much, Craig. Appreciate it. We'll talk to you next week. Craig Thanks, guys. Bye-bye. Ken Okay. All right. Let's get CBS News and when we come back Transcribed by https://otter.ai --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Craig Peterson's Tech Talk
Microsoft Protects Windows Defender by Preventing Tampering and more on Tech Talk With Craig Peterson today on Maine's WGAN Saturday Show [10-19-19]

Craig Peterson's Tech Talk

Play Episode Listen Later Oct 18, 2019 12:58


Welcome Back!   Microsoft Windows has some built-in Anti-Malware.  It is called Windows Defender.  However, some cyber criminals found ways to defeat it and so now Microsoft has a new feature to prevent that from happening.  Listen in to find out more and how it can help you. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: New Tools Keep CyberThieves From Disabling Your Cyber Protections --- Automated Machine-Generated Transcript: Craig Craig Peterson here. Welcome back. We are live and of course, we are live on WGAN. And I love it when you guys send me an email, I got a few comments from our friends over listening on WGAN and some more people who are online as well. I love hearing from you and you can always just send me an email with a question etc me ME at Craig peterson.com. So let's get into this. This is I think, very, very good news for everybody who is using Microsoft or maybe those people who are security people who are using Microsoft or who are the support people they're supporting using Microsoft. Microsoft has something called defender and they also have a firewall that's built into Windows, there are a lot of misc and figuration frankly, with the whole Windows Firewall and, and the way Microsoft turns on services and has certain services loaded up and running all the time, I have some major disagreements with Microsoft on that. And that's what our hardening course is all about. But let's talk about Microsoft defender. If you are going to do nothing else, at the very least make sure you have Windows Defender turned on. And up to date. Microsoft has taken some of the best techniques, the best technologies to protect windows and combine them into this free package that comes with the latest versions of Windows, the Windows 10 that has the best version of it. They've had this around the action for a little while, but they keep improving it. And that brings us to help net security article about the new feature that Microsoft has added to Windows Defender. If, if you're like most people, you know, you're just somebody who's become the de facto, IT security specialist. Right? You're probably the de facto IT person, right? You're the person that people go to when they have a problem when they have a question, right? And so you got to figure out who do you go to? What can you trust and that's man, that's hard to do? Nowadays, you can search for any topic and see a million videos online about it. So let me give you the bottom line here. If you're going to do nothing else, turn on Windows Defender and turn on automatic Windows updates. That'll get you about 80% safe. So it's very, very good, right. If you want to get to 95 or 99.9% safe, there's a lot of other things you have to do and it can get expensive. But those two things are the biggest things that you can do. And you can do them easily you can do them quickly. Now, Windows Defender and one of the drawbacks to it is that you could make changes to the security settings, and potentially malware or hackers could make changes to it. So one of the things Apple has done for quite a while now is Apple has really tried to harden their OS even further and prevent the ability to make changes to all kinds of system-wide software like Catalina introduced some serious serious protections and caused a lot of applications to break. And that's been true in Microsoft's world as well. You can't just run XP code anymore on Windows 10, which is frankly a good thing. But what Microsoft Windows Defender has done now is it is added tamper protection to Windows That is absolutely phenomenal. Okay, very, very good. And when the features turned on and you should turn it on, this prevents malware, from disabling the virus and threat protection, real-time and cloud-delivered protection. And it also stops viruses and malware from turning off behavior monitoring or removing Security Intelligence updates. It's really really important to make sure it is turned on because this could save you big time. So here's a quote straight from Health Net security and from Microsoft. I don't have a name this is from there on Microsoft 365 Device Management Portal. tamper protection essentially locks Microsoft defender and prevents your security settings from being changed through apps and methods such as configuring settings and Registry Editor on new Windows machine, changing settings through power. Shell command lets editing or removing security settings through group policies, and so on. Obviously, it's something you should do now if you're running an Active Directory, you can push some of these settings out to all of the clients or new network, which I would suggest you do. home users, by the way, will still be able to switch tamper protection off by the Windows Security app. If you have admin permissions on the computer, enterprise users will not be able to do that. There are quite a few differences between the enterprise versions of Windows and the home versions. The home versions don't have all of the security settings even to begin with the enterprise versions you can schedule when you want software updates to be installed. The home versions you can't I got a call from a law firm who had a deposition that was due in the court by 4 pm. And it was like 230 and their machine decided to do update And they could not override it, because they were running the home edition of Windows not knowing the difference, right? Again, another example of a managed services provider not doing their client any good, which was certainly the case here. Tamper protection can be available to organizations that have Microsoft defender ATPE, five. Now, this again gets complicated. We've had this happen before we go into a company will do a security audit, we'll put together an action plan for them. And we'll say okay, well, we advise you to subscribe to this Microsoft service and we'll usually sell it to them. And there are various levels or different levels of Microsoft service for the basic office 365 or also for your windows licenses. There's a lot of different services that are out there. So a TP five is a level Microsoft has more than ten-thousand SKUs, if you can believe that 10,000 different products, so you have to really know what you're doing when you're buying the Microsoft licenses. So we'll go into an organization and will say, Okay, well, it's going to be this much per month, per desktop. And people will ask their smart uncle, hey, Uncle, you know, I'm been talking to this managed security services provider. And they say it's going to cost this much per machine per month, and those are Microsoft Office and Windows only cost you five to $10 a month. What are they charging them for? Well, yeah, that's true. If you're getting the home version if you're not going to get any of the extra features. Yeah, that's very true. But it is not true if you want the professional version. So tamper protection, ATP five or higher, and only for endpoints that run the latest versions of Windows, which is Windows 10 1903. Which, by the way, is being dedicated, I think this week or next week. Alright, so there's a lot of stuff to understand. I know this is confusing. If you want help with any of this reach out to me, and my team will be glad to help you out and talk to you talk you through it. If you want my services to hire great. If not, that's fine, too. We are really here to help just email me and II at Craig Peterson calm because I understand this stuff is very, very complicated. So kudos to Microsoft for doing that. I think it's important, we need to understand that we need our systems to be safe. And that's one of the things that Windows Defender help so make sure you have that in place. Now another thing that I see very commonly when we're out in doing these assessments, these cyber health assessments or the security assessments and action plans Is that Moore's better? Have you got that, you know, basically, if, if I am going to run antivirus, and I bought Norton, let's say, and I got it at Staples, if I want better security, I'm going to get something else? So maybe you have Microsoft defender turned on. And then you also go out and you get bit defender and you get some anti-spyware software and you get Norton and you know what, it'd be even better, I'm sure if I went and got semantics software, or if I went and got you to know, you name it. There are a lot of them out there antivirus and anti-malware packages that don't tie together. Okay, so it's going to make your life more confusing, but potentially even worse than that. What is going to end up doing is it's going to have all of these pieces of anti-malware software anti-virus off We're competing with each other. So we go out and we'll see that there are two or three different pieces of software out there. And they are fighting with each other. And they're complaining about each other because of it to all to each antivirus software package. The other antivirus software package looks like it's a virus because of what it can do, what it does do this signature that has onboard, etc, etc. So you see what, where I'm going here, you're much better off using a single end-to-end product that is going to keep you save this going to keep all of your systems safe. That's going to also alert you when something's going on. Because these point products that we're talking about my point product is like Microsoft defender, it runs on one computer it has one point of information, so it knows what it is seen. Now some of these pieces of software like When Microsoft defender does look in memory, others don't they only understand desk, etc, etc. But it's a point product, it's looking at one machine, versus what you need to be doing in this day and age where you're looking at all of the machines in concert. So you can see that there is an attack underway where the attack is coming from what kind of attack it is, where not only are the machines in your office working in concert, but they're tied into smart switches that can turn off the spread of ransomware. If someone brings ransomware into your office, right, because you don't want that to spread, you want to stop it right away. And one of the easiest ways to do that is if you have software that can turn that switch off automatically that port on the switch to shut off to isolate that machine that's trying to spread the ransomware or it's trying to spread a virus. And then beyond the switch. You have a smart next-generation firewall that's watching everything that's going on stopping things from getting in, watching the internal networks communicating with the switches communicating with the desktops, then going out even further. And all of these firewalls data are tied together. So we know right now China, North Korea, you name it is running an attack against us businesses in this way, watches forward and updates within seconds. That's what you want. You don't want all these point products fighting against each other to get complicated. Again, if you have any questions, just reach out to me at Craig Peterson calm and make sure you subscribe to my newsletter, Craig peterson.com slash subscribe. I'll keep you up to date on all the things you need to know. So stick around after the top of the hour will be back. We'll be talking about the Tor Browser. Is it the world's safest browser? What does it mean? What is it doing? All of that right here. So stick around. We'll be right back. Transcribed by https://otter.ai   --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Craig Peterson's Tech Talk
Welcome and Quick Start Reboot Guide for Solving Some Cybersecurity Issues and more on Tech Talk With Craig Peterson today on Maine's WGAN Saturday Show [10-5-19]

Craig Peterson's Tech Talk

Play Episode Listen Later Oct 4, 2019 12:01


Welcome!   Hello, everybody, Craig Peterson here, you listening to me on WGAN. If this is Saturday, otherwise, you might be listening to me streaming on a podcast services and of course, you can find all of that at Craig Peterson dot com. Hey, we've got a number of problems this week, some of which you might have heard of, I was listening to the radio earlier today. In fact, I heard an ad for one of these companies that supposed to be able to help you out if your data is stolen. Remember, some of those guys can be good, some of them not so good. And I want to give you guys something here, we'll be talking about that a little bit later. I also, have a gift for you that can help you address some Cybersecurity issues. For more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Terminated Government Contractor Ends Up in Jail After Destroying IT System Resources  --- Automated Machine-Generated Transcript: Craig Peterson 0:06 Hello, everybody, Craig Peterson here, you listening to me on WGAN. If this is Saturday, otherwise, you might be listening to me streaming on a podcast services and of course, you can find all of that at Craig Peterson dot com. Hey, we've got a number of problems this week, some of which you might have heard of, I was listening to the radio earlier today. In fact, I heard an ad for one of these companies that supposed to be able to help you out if your data is stolen. Remember, some of those guys can be good, some of them not so good. And I want to give you guys something here, we'll be talking about that a little bit later. But if you need security, you almost certainly have to do a reboot, there is so much going on today. And you got to kind of start from scratch. You know, I was out at client side a new client, and we were looking at their systems. And we found no fewer than three and sometimes as many five pieces of anti virus software on their computers. Now, there's a few things to remember here when we're talking about security. And I'd have Iris software. Number one is, it doesn't work anymore. antivirus software is okay, in some cases, but it doesn't work for many of the problems that we're really facing today. You know, we have a bigger ransomware problem than we've ever had. Although it's not going out to just about everybody. It's it's been more targeted than it used to be. And it's it's almost useless when it comes to the via anti virus because so much of this code now ransomware and others is continually morphing, thinking of a virus in nature. Why do you get the flu every year or cold every year? If you right? Some of us don't. But why is there a new one coming out every year. And the reason there's a new virus every year and a new cold virus that's behind her maybe flu is because it is morphing. So your body's immune system sees it but doesn't really recognize it as an invader doesn't recognize it as something that should be fighting. And before it, your minister really knows what's happened, that virus is taking control and is using your own cells to generate viruses, then try and overwhelm your whole system. Well, that's kind of the simplified way of talking about it. Well, as much as the same true with the new viruses that are out there. They are constantly morphing themselves, they get onto one computer, it morphs itself before it goes on to another computer. And one of these weeks here probably pretty soon, we're going to talk more specifically about these new types of malware. The never even put themselves out on the heart desk. It's just amazing what they're doing. And they're using their internet connection in order to call home, but also in order to get another version of it. And it just gets kind of crazy. So when we're talking about antivirus software, it doesn't work. So what these guys have done is they put on multiple types of antivirus software from different vendors. Now I understand that right? I really do. What are you supposed to do? Well, maybe McAfee old kept some might catch some others, you know, the bigger Symantec packages might catch some others and see whether kindness anti virus is out there. And I want to turn on Windows Defender, and I'm going to do some stuff, make sure my Windows Firewall is turned on. And then I should be protected. And it makes sense when you think about it, right? They're all not going to detect all of the viruses, they're not all going to detect all the different types of malware. So maybe by installing three or four or five different versions, you're going to be a little bit more covered, even if they all only cover say 50 or 60%. And the real number, by the way, right now is about 20%. But no, let's say that will give them the benefit of the doubt. Even if they cover 50 or 60% 50 or 60%. Each time you install a new piece of antivirus software from a different company, you should be adding to that right. So maybe you get up to 8090 100%. That's not what happened. What ends up happening is the anti virus software starts fighting with the other antivirus software. Because we went ahead and we installed a whole stack of software. It's not just anti virus software. But it's all kinds of anti malware software, which is what we do, right? That's really what you have to do as a security professional nowadays, you can't just have antivirus. So we saw this whole stack. And we got a call from a company that we had done this with we had just installed all of this stuff. We hadn't removed all of their other antivirus software yet, because we want to do bit of a cleanup and get it going quickly, quickly, quickly because they had already been infected. So we had to go ahead and start doing some cleanup. And so we got a call from them. And the lady there was saying, Oh no, my Norton Antivirus software says you're the software you installed is a virus. Well, that's also true, because these antivirus packages are fighting against each other. And here's why. Most of the antivirus software looks for certain patterns in programs that are installed on your computer programs that are in your hard disk is that's the typical way. In our case for the last about two years now. We've also been monitoring all of the processes that are running in memory. So they're they're looking at it, they're saying, Oh my gosh, this new software that Craig installed, it has something in it that looks like a virus. Well, yeah, in a number of ways. It does, as does the Norton and Symantec and the McAfee and everything else out there. Because what they have in them are check sums of, or signatures of various types of viruses that are out there. So installing multiple pieces of antivirus software, and or anti malware software is not going to help. In fact, it's going to make life worse for you ultimately. And then of course, people they don't update them and they get out of date, and it gets to be a real big problem. So that's what this quick start guide is about. I've got it here right now in front of me. I have never given this away before except as part of a paid program. This thing's 32 pages long. And it goes through and talks about some of the detailed stuff that that you might need do. We've got bonus tips in here. Let's see how many of them are there. 1718 bonus tips. Okay, so there's 22 as well bonus tips, software availability, what you can do, what you might not want to do all of that is in here and have given this away before passwords what to do what kinds to use virtual private networks want you to use them when shouldn't to firewalls, securing your endpoints which are your computer's your printers, anything that sitting there on your network, some of the good anti malware software that's out there. So this is a very, very, very good guide. As I said, we sold it before we've never given it away. If you want a copy of it, you can get it by going to Craig Peterson comm slash Quick Start. Right now Craig peterson.com slash Quick Start. And this steps you through all the the major things you have to do now I have courses on how to do all of this. And, and they are dozens of hours long. Okay, so this isn't, this is just a quick start, okay, this isn't one of these big courses, where I'm going to hold your hand give you coaching or anything. This is just something that you can print out and and share with the other people in your organization or at home. Now, most of what I do is geared for businesses. So you'll see, this is called a security reboot guide for today's small business. And I go through a couple of stories of recent clients and the problems they had been having. So that you can kind of get an idea on what is going on out there. And you're not alone. Okay, if you've been hacked already, believe me it is not your fault. These people are selling you stuff that just doesn't work. And in isn't probably the right thing for you. So hey, I get it. But it's a quick start guide, you can get it by going to Craig Peterson. com slash Quick Start. Now if you don't want to go there, I get it. It's fine. Don't bother. Okay. This is not for everybody. But it's important enough. Just looking at what I have coming up today. We've got we're going to talk about Kaspersky today. This IT admin man. This is part of my Do It Yourself course. And I think this is really important. This just happened October 1, it appeared in zero day. And man, this, this IT admin, you got to be careful, okay? You gotta be careful when you hire people, when you bring in outsourced it people when you bring in outsource, break fix shops. This guy, he's a former systems engineer. And he ended up in prison, in prison because of what he did. So we'll be talking about that a little bit later. And some new some features that we'll talk about here. Amazon Echo, the father of identity theft. He's been convicted on 13 federal counts, we'll talk about what he was doing. And then into some security stuff here. We've got 172 malicious apps on the Google Play Store 35, or excuse me, 335 million installs. So these apps are all malicious. General Electric, what they're doing, of course, Words with Friends, you might have heard about that. Apparently, they had their data stolen, and it could affect 218 million users. So what I don't want to have happen is I don't want to have your business breach because most small businesses that are breached are out of business within six months, absolutely. no two ways about it, you get breached, you're out of business six months. And I want you to understand what you should be doing. So that's what this quick start guide is about. That's why I'm releasing it for free today. 32 page Quick Start Guide. And the only place you can get it right now unless you buy one of my bigger courses is by going to Craig peterson.com. Slash Quick Start. If you want to get it great if you don't I understand. Okay, there. This is confusing. It can be overwhelming. You already have it people, right. So is this going to step on their toes while it may and maybe they should have their toes stepped on? But that's what that's all about. Hey, when we come back, we're going to be talking about some of these problems this week. What's up with Kaspersky and the federal government you're listening to Craig Peterson on WGAN and online at Craig peterson.com. Transcribed by https://otter.ai --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

Craig Peterson's Tech Talk
Best Malware Advice - What's My Mario Brothers' Worth - Spam Phone Calls: AS HEARD ON WGAN

Craig Peterson's Tech Talk

Play Episode Listen Later Feb 20, 2019 16:08


Craig joins Ken and Matt as he does every Wednesday morning. They talked about robocalls and the Super Mario Brothers video game that sells for $100,000. Craig also shared with Ken and Matt his best malware advice. These and more tech tips, news, and updates visit - CraigPeterson.com --- Related Articles: Robocalls And Phone Scams Are All The Rage In 2019 Unopened Copy Of Super Mario Bros Video Game Sells For Record $100k ---   Transcript: Below is a rush transcript of this segment, it might contain errors. Airing date: 02/20/2019 Best Malware Advice - What's My Mario Brothers' Worth - Spam Phone Calls Craig Peterson 0:00 Hey everybody, bOy getting busy this week, I'm putting together all of the content for our course. And this is really exciting. This is, I'm so excited because this is gonna be the best course ever. Anyways, so everybody who signed up for this welcome aboard. Glad to have you here this morning I spoke with Mr. Ken and Matt we went over the this whole problem that we're having with frankly, these robocalls that are coming in. The spam calls the junk calls, what does it mean? What can we do about it? So we talked about that this morning. We also talked about our friends over at Nintendo here and is your game your Super Mario Brothers game worth $100,000 or more? A kind of an interesting question right. If you have one of those sitting around in your in your attic or your basement also I did some tech support help this morning for Ken which is kind of interesting because it ties in exactly with the course I'm doing right now but if you want little tech support help and want to know how to use secure your machines what's the best browsers and stop did that this morning with Ken as well. So here we go with Ken and Matt. Happy Wednesday. Unknown 1:27 Back again and Craig Peterson is with us now as he always is Wednesdays at this time 7:38 on Wednesday Wednesday Wednesday. Craig, how are you this morning sir? Unknown 1:37 I am I am I'm doing pretty well this morning. It's been a busy week and now almost winter again. Unknown 1:45 Before, I have a question to ask you because I you know I was using Firefox and I started using Chrome and I opened this link and all these you know Orbits drops. It says, don't you want to buy an airplane ticket? Unknown 2:01 Your PC may be infected right now.  Unknown 2:05 So what is the spyware clean your computer program to put on, Unknown 2:12 or we learned a lot from Wreck It Ralph. And Ralph breaks the internet. And I don't know if you've seen that movie. You Unknown 2:19 know, Unknown 2:24 the problem is, there's a little green guys running around trying to get you to click on things. So I think you're real question is, how do I stop those little green guys? Right? Yeah. Okay. Okay. How Unknown 2:36 do I do my computer? How do I get rid of them? Do I get pest modern pest services? Unknown 2:43 Yeah, that's kind of what you have to do. The pop up stuff is fairly easy to stop. Famous last words and what you do what I always do, and I do this in, in Firefox, which is a little better I should Unknown 2:56 go back to Firefox. I don't know why my daughter told me to use Chrome stopping and going back to Yeah, Unknown 3:03 yeah, it is. Firefox is much much safer with your information just in general, right? They're not out there trying to watch everything you do and sell it all in fact, they're they're very good about making sure they're up to date and blocking things but what's the best malware? That's such a good question and last week I started I had what four different cult courses classes last week for people free ones that I did. And that's one of the top questions and it's a kind of a difficult one to ask. It's kind of like you know, what's the best helmet to wear? Well, it depends and what it depends on is what you're trying to protect against because there's a lot of nastiness out there but here goes the drum roll because if you're running Windows you have a Windows machine then you're looking for the basic protection you can turn on Microsoft software and it's got Windows Defender get that turned on and Windows Firewall get that turned on and you're pretty safe as far as everything in general goes and then there's one more piece of software that I advise everybody to get and put on their machines and that's Malwarebytes. Malware-B-Y-T-E-S. It's very very good that was Unknown 4:21 what Unknown 4:23 that's what Matt suggested Malwarebytes Unknown 4:25 ladies Florio Yes. Yes, exactly. And I got a great tip from Matt last week to with this this of Facebook plugin though. Are you enjoying? It Unknown 4:37 isn't it's life changing? But Unknown 4:39 whatever. What's that one? Unknown 4:41 That's the one where you can filter your Facebook feed and get rid of all i don't Unknown 4:45 i don't do Facebook. So I don't care. Maybe you would if you could filter? No, I'm not. No. Unknown 4:50 Yeah, it actually works quite well. Yeah, Unknown 4:54 Malwarebytes is really, really good. And then, you know, the Facebook stuff, there's a few the little filters, but built into Chrome, you can turn on pop up blocking, and I do that as well. So with Chrome, you go to your settings. And there's got to be there's a great search bar inside of the settings and look for pop up blockers. You can do the same thing on Safari, you can do the same thing on Firefox, it makes life much easier. Now, if you're a business, you can certainly use those basic pieces of software and Apple, if you keep up to date with your patches on Apple. It's even safer from the standard virus and hacker standpoint. And then Microsoft is, but since Windows seven Microsoft to ship with some of the stuff turned on. So there's your basics I really like. And this is what we use for our professional customers. I really like Cisco's, what they call AMP, which is their anti malware protection stack. And it's a bunch of different software. But there's one other thing you guys got to do, right? So I mentioned carry on all of your default stuff right now, at least on turn it off use Malwarebytes, but there's something out there called OpenDNS. And this is a lifesaver. This is probably one of the best things you can do as well. And it's also available for free or really, really, really, really cheap depending on what you're trying to do. And what OpenDNS does is when your computer tries to find where to go online. So you type in google.com, it has to turn that name into an address. So it has to be turned into an internet address, because that's the only way to get around. Right. It's not it's like a sort of Ken's house. So where's Ken's house? Well, now you have to look it up in the phone book. Right Ken? Right. And it's 123 mainstream street in Scarborough, Maine. It's the same sort of a thing. So what happens with OpenDNS, if you're using that is the computer says, Okay, well, where's Google that it's trying to find the address and sort of asks, in this case, if you set it up, right? Ask OpenDNS, OpenDNS, okay, well, he's he's 123 Main Street, and off you go, everything's wonderful. But if you have some malware, if you have some evil software on your site, or let's say it's trying to drive you to some adware based site or trying to get you to go somewhere you shouldn't have be cooked on something you shouldn't have is going to ask, Hey, how do I get to the Kaminski house over there in Moscow, Russia, OpenDNS is looking at that and say, Whoa, wait a minute, we know those Kaminski guys and they're tied into this unabomber guy and this is a bad place to go. And so it OpenDNS as at that point is it stops you from going there and pops up a little while doesn't pop up. But it comes up a little message on your browser saying that's an evil place to go but it also stops malware that's on your computer so one of the first things this evil software does matter where does is it phones home just like ET and tries to figure out what do you want me to do next to do you want me to infect next. Our evil plan to take over the world. And so it tries to call home so how does it call home it does the same thing it says hey I want to call home and it goes to mask OpenDNS. OpenDNS says I know who you are I'm not letting you call home and we're talking about even on their paid plan one or two bucks a computer a month just stop the bad guys from calling home. It's phenomenal OpenDNS look it up now there's better software than that we tend to use Cisco Umbrella which is the next level up from OpenDNS but there you go I just gave you my best tip ever can they keep faith and and it's Mac and Windows okay so is it just across the board is great Unknown 8:57 doing it Unknown 8:58 okay all right so Craig Peterson joins us at this time every Wednesday and he tells us about all the things that can needs to know about his computer I've noticed Craig by the way that on my phone I had installed a like a robo killer app which had been reasonably effective for the past few months in stopping this avalanche This is waterboarding effort of these people to try to just destroy my phone and get like a call every 30 minutes or so but in the last two weeks like I don't know if they're getting around it they got new numbers whatever but now I'm starting to get more of these stupid robo scam thing calls and whatnot again and they're always the same they're always some insurance thing or they always have a warranty to sell me or or whatnot but there's also some people that are actually like literally scamming you and saying that you know you owe money and you got to pay the police department or whatever talk to me about phone scams and 29 in 2019 Unknown 9:55 Yeah, IRS, etcetera etcetera. I've gotten most as well and the FCC just released these results of a new study. And it's a welcome to 2019 guess what half of all cell phone calls give or take this year are projected to be spam calls these these junk calls, or worse their their phishing attack phishing P-H. Not the not the kind with the line and the hook but what they're trying to do is hook you so they call up I got I was on the floor of a conference and I was actually the exhibitor and I got calls from the IRS. And like, repeatedly, you have to send money and how do you pay the IRS? Well, it turns out from this phone call that I have to buy Apple gift cards and send them to the IRS in order to make good on my debt to Unknown 10:51 it's just crazy. So what do you do? Oh, my gosh. Well, yet you're using Hiya right, Matt? Yes. Okay. Yeah. Hiya, H-I-Y-A is very good at stopping these just in general. But it's gotten so bad because they're, they're using your local area code and prefix when they're calling you. So if a call comes in, and it looks like it's from your neighbor, because it's your neighborhood phone number, you're more likely to answer it, then it's easy to fake and they're continually faking it. And there's no end to this insight. And I hate to say that, so let me tell you what I do. Okay, guys, I've set my iPhone into Do Not Disturb mode. Now, that can be a problem, because there's people who you want to call you. Well, Unknown 11:43 they want to be disturbed, right? Yes. Unknown 11:46 Yeah, exactly. So on the iPhone, what's really nice is I can put it in Do Not Disturb mode. And then I can say, if someone's in my contact list, let the call through. So I have a I have thousands of contacts in my phone. And so if any of them call me it goes right through to my phone. But you know, between us nowadays, when you call someone you kind of expect to get voicemail so if it's not someone who knows you really well, and they end up in your voicemail because you have Do Not Disturb turned on and you have habitat of culture contacts through and great, okay, so your wife's college kids calls, etc. going to come right through. But somebody that you haven't spoken to, in 10 years might go to voicemail. I don't think that's a big deal. But that's what I've done. I've got higher running, I ended up buying the paid version, which is pretty good. And then on top of it now, because it's gotten so bad. And the FCC is agreeing with us. We're not crazy, at least not about this Matt, that, hey, this is going to get worse. So take a look at that. On the Android side. There's a bunch of apps that you can put on your phone. Apple doesn't let apps begin to your phone calls away. Android does. So there's a lot of different options in the Android space. But I have found this to be very, very effective. Unknown 13:15 We are talking to Craig Peterson, he joins us every single Wednesday. Right around this time. I you know, Craig I was kind of I don't know a lot about video by new I remember Mario Brothers and and because I they were kind of cute. And they ran around a lot. Why would Why would a a video game sell for $100,000? Unknown 13:42 I mean, seriously, What? Why? Why? Unknown 13:46 Well, it wasn't 100,000 100,000 Unknown 13:55 Yeah, it's Unknown 13:56 it's interesting because this version of the video games it was sealed. It was unopened. Now just because you have one that might be sealed and unopenedn, it's not probably going to sell $100,000. This was a special version at only sold in New York. And Los Angeles was called sticker sealed so it has a special sticker on it. And it was also certified by this gaming authority of some sort.  Unknown 14:25 So it's a collectors' item is what you're saying? Unknown 14:27 big time Okay, big time. But you know, a lot of people loved it. It was one of the big first big games frankly out there for the Nintendo 1985 was when of course it was this version of the game was released. There were some that were a little bit earlier than this but that's why it's sold for that so don't go out digging them up from the basement of the attic. The odds are excellent. Your Nintendo game is probably worth at least $5 okay but it's probably not 100,000 Unknown 14:58 that's such a bummer oh Unknown 15:01 alright Unknown 15:02 we're up Unknown 15:03 Craig Peterson our tech guru joins us at this time every Wednesday and this was no exception appreciate it Craig thanks so much for joining us Unknown 15:11 I'm gonna go to that Malwarebytes place Unknown 15:15 yeah hey if you guys want access to that training I did last week I did record it it's a few hours worth of it all about security stuff just send me an email just me@CraigPeterson.com and and I'd be glad to make it available to Ken or anybody else who wants to. Just me@CraigPeterson.com. Unknown 15:34 all right there it is. Ladies and gentlemen Craig Peterson the man the myth the legend is with us as usual and we'll talk again next week Craig. Unknown 15:40 happy wetness day Unknown 15:43 wetness day indeed. Alright, so coming up at 8:08. Unknown 15:48 That's part of the reason I do these. These hits here on the radio. It's just so much fun. Sometimes. I have fun with these guys. They're a little bit of play around. Anyways, hope you're going to have a great we talk to you later. I'm going back to the treadmill today. Yeah. Isn't that fun? Go Craig. Start an exercise again. Have a great day. Bye bye. --- More stories and tech updates at: www.craigpeterson.com Don't miss an episode from Craig. Subscribe and give us a rating: www.craigpeterson.com/itunes Follow me on Twitter for the latest in tech at: www.twitter.com/craigpeterson For questions, call or text: 855-385-5553

BSD Now
Episode 239: The Return To ptrace | BSD Now 239

BSD Now

Play Episode Listen Later Mar 29, 2018 92:43


OpenBSD firewalling Windows 10, NetBSD’s return to ptrace, TCP Alternative Backoff, the BSD Poetic license, and AsiaBSDcon 2018 videos available. RSS Feeds: MP3 Feed | iTunes Feed | HD Vid Feed | HD Torrent Feed Become a supporter on Patreon: - Show Notes: - Headlines Preventing Windows 10 and untrusted software from having full access to the internet using OpenBSD Whilst setting up one of my development laptops to port some software to Windows I noticed Windows 10 doing crazy things like installing or updating apps and games by default after initial setup. The one I noticed in particular was Candy Crush Soda Saga which for those who don't know of it is some cheesy little puzzle game originally for consumer devices. I honestly did not want software like this near to a development machine. It has also been reported that Windows 10 now also updates core system software without notifying the user. Surely this destroys any vaguely deterministic behaviour, in my opinion making Windows 10 by default almost useless for development testbeds. Deciding instead to start from scratch but this time to set the inbuilt Windows Firewall to be very restrictive and only allow a few select programs to communicate. In this case all I really needed to be online was Firefox, Subversion and Putty. To my amusement (and astonishment) I found out that the Windows firewall could be modified to give access very easily by programs during installation (usually because this task needs to be done with admin privileges). It also seems that Windows store Apps can change the windows firewall settings at any point. One way to get around this issue could be to install a 3rd party firewall that most software will not have knowledge about and thus not attempt to break through. However the only decent firewall I have used was Sygate Pro which unfortunately is no longer supported by recent operating systems. The last supported versions was 2003, XP and 2000. In short, I avoid 3rd party firewalls. Instead I decided to trap Windows 10 (and all of it's rogue updaters) behind a virtual machine running OpenBSD. This effectively provided me with a full blown firewall appliance. From here I could then allow specific software I trusted through the firewall (via a proxy) in a safe, controlled and deterministic manner. For other interested developers (and security conscious users) and for my own reference, I have listed the steps taken here: 1) First and foremost disable the Windows DHCP service - this is so no IP can be obtained on any interface. This effectively stops any communication with any network on the host system. This can be done by running services.msc with admin privileges and stopping and disabling the service called DHCP Client. 2) Install or enable your favorite virtualization software - I have tested this with both VirtualBox and Hyper-V. Note that on non-server versions of Windows, in order to get Hyper-V working, your processor also needs to support SLAT which is daft so to avoid faffing about, I recommend using VirtualBox to get round this seemingly arbitrary restriction. 3) Install OpenBSD on the VM - Note, if you decide to use Hyper-V, its hardware support isn't 100% perfect to run OpenBSD and you will need to disable a couple of things in the kernel. At the initial boot prompt, run the following commands. config -e -o /bsd /bsd disable acpi disable mpbios 4) Add a host only virtual adapter to the VM - This is the one which we are going to connect through the VM with. Look at the IP that VirtualBox assigns this in network manager on the host machine. Mine was [b]192.168.56.1[/b]. Set up the adapter in the OpenBSD VM to have a static address on the same subnet. For example [b]192.168.56.2[/b]. If you are using Hyper-V and OpenBSD, make sure you add a "Legacy Interface" because no guest additions are available. Then set up a virtual switch which is host only. 5) Add a bridged adapter to the VM - then assign it to whichever interface you wanted to connect to the external network with. Note that if using Wireless, set the bridged adapters MAC address to the same as your physical device or the access point will reject it. This is not needed (or possible) on Hyper-V because the actual device is "shared" rather than bridged so the same MAC address is used. Again, if you use Hyper-V, then add another virtual switch and attach it to your chosen external interface. VMs in Hyper-V "share" an adapter within a virtual switch and there is the option to also disable the hosts ability to use this interface at the same time which is fine for an additional level of security if those pesky rogue apps and updaters can also enable / disable DHCP service one day which wouldn't be too surprising. 6) Connect to your network in the host OS - In case of Wireless, select the correct network from the list and type in a password if needed. Windows will probably say "no internet available", it also does not assign an IP address which is fine. 7) Install the Squid proxy package on the OpenBSD guest and enable the daemon ``` pkg_add squid echo 'squid_flags=""' >> /etc/rc.conf.local /etc/rc.d/squid start ``` We will use this service for a limited selection of "safe and trusted" programs to connect to the outside world from within the Windows 10 host. You can also use putty on the host to connect to the VM via SSH and create a SOCKS proxy which software like Firefox can also use to connect externally. 8) Configure the software you want to be able to access the external network with Firefox - go to the connection settings and specify the VMs IP address for the proxy. Subversion - modify the %HOME%AppDataRoamingSubversionservers file and change the HTTP proxy field to the VMs IP. This is important to communicate with GitHub via https:// (Yes, GitHub also supports Subversion). For svn:// addresses you can use Putty to port forward. Chromium/Chrome - unfortunately uses the global Windows proxy settings which defeats much of the purpose of this exercise if we were going to allow all of Windows access to the internet via the proxy. It would become mayhem again. However we can still use Putty to create a SOCKS proxy and then launch the browser with the following flags: --proxy-server="socks5://:" --host-resolver-rules="MAP * 0.0.0.0 , EXCLUDE " 9) Congratulations, you are now done - Admittedly this process can be a bit fiddly to set up but it completely prevents Windows 10 from making a complete mess. This solution is probably also useful for those who like privacy or don't like the idea of their software "phoning home". Hope you find this useful and if you have any issues, please feel free to leave questions in the comments. LLDB restoration and return to ptrace(2) I've managed to unbreak the LLDB debugger as much as possible with the current kernel and hit problems with ptrace(2) that are causing issues with further work on proper NetBSD support. Meanwhile, I've upstreamed all the planned NetBSD patches to sanitizers and helped other BSDs to gain better or initial support. LLDB Since the last time I worked on LLDB, we have introduced many changes to the kernel interfaces (most notably related to signals) that apparently fixed some bugs in Go and introduced regressions in ptrace(2). Part of the regressions were noted by the existing ATF tests. However, the breakage was only marked as a new problem to resolve. For completeness, the ptrace(2) code was also cleaned up by Christos Zoulas, and we fixed some bugs with compat32. I've fixed a crash in *NetBSD::Factory::Launch(), triggered on startup of the lldb-server application. Here is the commit message: ``` We cannot call process_up->SetState() inside the NativeProcessNetBSD::Factory::Launch function because it triggers a NULL pointer deference. The generic code for launching a process in: GDBRemoteCommunicationServerLLGS::LaunchProcess sets the mdebuggedprocessup pointer after a successful call to mprocessfactory.Launch(). If we attempt to call processup->SetState() inside a platform specific Launch function we end up dereferencing a NULL pointer in NativeProcessProtocol::GetCurrentThreadID(). Use the proper call processup->SetState(,false) that sets notifydelegates to false. ``` Sanitizers I suspended development of new features in sanitizers last month, but I was still in the process of upstreaming of local patches. This process was time-consuming as it required rebasing patches, adding dedicated tests, and addressing all other requests and comments from the upstream developers. I'm not counting hot fixes, as some changes were triggering build or test issues on !NetBSD hosts. Thankfully all these issues were addressed quickly. The final result is a reduction of local delta size of almost 1MB to less than 100KB (1205 lines of diff). The remaining patches are rescheduled for later, mostly because they depend on extra work with cross-OS tests and prior integration of sanitizers with the basesystem distribution. I didn't want to put extra work here in the current state of affairs and, I've registered as a mentor for Google Summer of Code for the NetBSD Foundation and prepared Software Quality improvement tasks in order to outsource part of the labour. Userland changes I've also improved documentation for some of the features of NetBSD, described in man-pages. These pieces of information were sometimes wrong or incomplete, and this makes covering the NetBSD system with features such as sanitizers harder as there is a mismatch between the actual code and the documented code. Some pieces of software also require better namespacing support, these days mostly for the POSIX standard. I've fixed few low-hanging fruits there and requested pullups to NetBSD-8(BETA). I thank the developers for improving the landed code in order to ship the best solutions for users. BSD collaboration in LLVM A One-man-show in human activity is usually less fun and productive than collaboration in a team. This is also true in software development. Last month I was helping as a reviewer to port LLVM features to FreeBSD and when possible to OpenBSD. This included MSan/FreeBSD, libFuzzer/FreeBSD, XRay/FreeBSD and UBSan/OpenBSD. I've landed most of the submitted and reviewed code to the mainstream LLVM tree. Part of the code also verified the correctness of NetBSD routes in the existing porting efforts and showed new options for improvement. This is the reason why I've landed preliminary XRay/NetBSD code and added missing NetBSD bits to ToolChain::getOSLibName(). The latter produced setup issues with the prebuilt LLVM toolchain, as the directory name with compiler-rt goodies were located in a path like ./lib/clang/7.0.0/lib/netbsd8.99.12 with a varying OS version. This could stop working after upgrades, so I've simplified it to "netbsd", similar to FreeBSD and Solaris. Prebuilt toolchain for testers I've prepared a build of Clang/LLVM with LLDB and compiler-rt features prebuilt on NetBSD/amd64 v. 8.99.12: llvm-clang-compilerrt-lldb-7.0.0beta_2018-02-28.tar.bz2 Plan for the next milestone With the approaching NetBSD 8.0 release I plan to finish backporting a few changes there from HEAD: Remove one unused feature from ptrace(2), PTSETSIGMASK & PTGETSIGMASK. I've originally introduced these operations with criu/rr-like software in mind, but they are misusing or even abusing ptrace(2) and are not regular process debuggers. I plan to remove this operation from HEAD and backport this to NetBSD-8(BETA), before the release, so no compat will be required for this call. Future ports of criu/rr should involve dedicated kernel support for such requirements. Finish the backport of UCMACHINE_FP() to NetBSD-8. This will allow use of the same code in sanitizers in HEAD and NetBSD-8.0. By popular demand, improve the regnsub(3) and regasub(3) API, adding support for more or less substitutions than 10. Once done, I will return to ptrace(2) debugging and corrections. DigitalOcean Working with the NetBSD kernel Overview When working on complex systems, such as OS kernels, your attention span and cognitive energy are too valuable to be wasted on inefficiencies pertaining to ancillary tasks. After experimenting with different environmental setups for kernel debugging, some of which were awkward and distracting from my main objectives, I have arrived to my current workflow, which is described here. This approach is mainly oriented towards security research and the study of kernel internals. Before delving into the details, this is the general outline of my environment: My host system runs Linux. My target system is a QEMU guest. I’m tracing and debugging on my host system by attaching GDB (with NetBSD x86-64 ABI support) to QEMU’s built-in GDB server. I work with NetBSD-current. All sources are built on my host system with the cross-compilation toolchain produced by build.sh. I use NFS to share the source tree and the build artifacts between the target and the host. I find IDEs awkward, so for codebase navigation I mainly rely on vim, tmux and ctags. For non-intrusive instrumentation, such as figuring out control flow, I’m using dtrace. Preparing the host system QEMU GDB NFS Exports Building NetBSD-current A word of warning Now is a great time to familiarize yourself with the build.sh tool and its options. Be especially carefull with the following options: -r Remove contents of TOOLDIR and DESTDIR before building. -u Set MKUPDATE=yes; do not run "make clean" first. Without this, everything is rebuilt, including the tools. Chance are, you do not want to use these options once you’ve successfully built the cross-compilation toolchain and your entire userland, because building those takes time and there aren’t many good reasons to recompile them from scratch. Here’s what to expect: On my desktop, running a quad-core Intel i5-3470 at 3.20GHz with 24GB of RAM and underlying directory structure residing on a SSD drive, the entire process took about 55 minutes. I was running make with -j12, so the machine was quite busy. On an old Dell D630 laptop, running Intel Core 2 Duo T7500 at 2.20GHz with 4GB of RAM and a slow hard drive (5400RPM), the process took approximatelly 2.5 hours. I was running make with -j4. Based on the temperature alerts and CPU clock throttling messages, it was quite a struggle. Acquiring the sources Compiling the sources Preparing the guest system Provisioning your guest Pkgin and NFS shares Tailoring the kernel for debugging Installing the new kernel Configuring DTrace Debugging the guest’s kernel News Roundup Add support for the experimental Internet-Draft "TCP Alternative Backoff” ``` Add support for the experimental Internet-Draft "TCP Alternative Backoff with ECN (ABE)" proposal to the New Reno congestion control algorithm module. ABE reduces the amount of congestion window reduction in response to ECN-signalled congestion relative to the loss-inferred congestion response. More details about ABE can be found in the Internet-Draft: https://tools.ietf.org/html/draft-ietf-tcpm-alternativebackoff-ecn The implementation introduces four new sysctls: net.inet.tcp.cc.abe defaults to 0 (disabled) and can be set to non-zero to enable ABE for ECN-enabled TCP connections. net.inet.tcp.cc.newreno.beta and net.inet.tcp.cc.newreno.betaecn set the multiplicative window decrease factor, specified as a percentage, applied to the congestion window in response to a loss-based or ECN-based congestion signal respectively. They default to the values specified in the draft i.e. beta=50 and betaecn=80. net.inet.tcp.cc.abe_frlossreduce defaults to 0 (disabled) and can be set to non-zero to enable the use of standard beta (50% by default) when repairing loss during an ECN-signalled congestion recovery episode. It enables a more conservative congestion response and is provided for the purposes of experimentation as a result of some discussion at IETF 100 in Singapore. The values of beta and betaecn can also be set per-connection by way of the TCPCCALGOOPT TCP-level socket option and the new CCNEWRENOBETA or CCNEWRENOBETA_ECN CC algo sub-options. Submitted by: Tom Jones tj@enoti.me Tested by: Tom Jones tj@enoti.me, Grenville Armitage garmitage@swin.edu.au Relnotes: Yes Differential Revision: https://reviews.freebsd.org/D11616 ``` Meltdown-mitigation syspatch/errata now available The recent changes in -current mitigating the Meltdown vulnerability have been backported to the 6.1 and 6.2 (amd64) releases, and the syspatch update (for 6.2) is now available. 6.1 ``` Changes by: bluhm@cvs.openbsd.org 2018/02/26 05:36:18 Log message: Implement a workaround against the Meltdown flaw in Intel CPUs. The following changes have been backported from OpenBSD -current. Changes by: guenther@cvs.openbsd.org 2018/01/06 15:03:13 Log message: Handle %gs like %[def]s and reset set it in cpu_switchto() instead of on every return to userspace. Changes by: mlarkin@cvs.openbsd.org 2018/01/06 18:08:20 Log message: Add identcpu.c and specialreg.h definitions for the new Intel/AMD MSRs that should help mitigate spectre. This is just the detection piece, these features are not yet used. Part of a larger ongoing effort to mitigate meltdown/spectre. i386 will come later; it needs some machdep.c cleanup first. Changes by: mlarkin@cvs.openbsd.org 2018/01/07 12:56:19 Log message: remove all PG_G global page mappings from the kernel when running on Intel CPUs. Part of an ongoing set of commits to mitigate the Intel "meltdown" CVE. This diff does not confer any immunity to that vulnerability - subsequent commits are still needed and are being worked on presently. ok guenther, deraadt Changes by: mlarkin@cvs.openbsd.org 2018/01/12 01:21:30 Log message: IBRS -> IBRS,IBPB in identifycpu lines Changes by: guenther@cvs.openbsd.org 2018/02/21 12:24:15 Log message: Meltdown: implement user/kernel page table separation. On Intel CPUs which speculate past user/supervisor page permission checks, use a separate page table for userspace with only the minimum of kernel code and data required for the transitions to/from the kernel (still marked as supervisor-only, of course): - the IDT (RO) - three pages of kernel text in the .kutext section for interrupt, trap, and syscall trampoline code (RX) - one page of kernel data in the .kudata section for TLB flush IPIs (RW) - the lapic page (RW, uncachable) - per CPU: one page for the TSS+GDT (RO) and one page for trampoline stacks (RW) When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the thread's real kernel stack, then copies over the necessary bits from the trampoline stack. On return to userspace the opposite occurs: recreate the iretq frame on the trampoline stack, switch stack, switch page tables, and return to userspace. mlarkin@ implemented the pmap bits and did 90% of the debugging, diagnosing issues on MP in particular, and drove the final push to completion. Many rounds of testing by naddy@, sthen@, and others Thanks to Alex Wilson from Joyent for early discussions about trampolines and their data requirements. Per-CPU page layout mostly inspired by DragonFlyBSD. ok mlarkin@ deraadt@ Changes by: bluhm@cvs.openbsd.org 2018/02/22 13:18:59 Log message: The GNU assembler does not understand 1ULL, so replace the constant with 1. Then it compiles with gcc, sign and size do not matter here. Changes by: bluhm@cvs.openbsd.org 2018/02/22 13:27:14 Log message: The compile time assertion for cpu info did not work with gcc. Rephrase the condition in a way that both gcc and clang accept it. Changes by: guenther@cvs.openbsd.org 2018/02/22 13:36:40 Log message: Set the PG_G (global) bit on the special page table entries that are shared between the u-k and u+k tables, because they're actually in all tables. OpenBSD 6.1 errata 037 ``` 6.2 ``` Changes by: bluhm@cvs.openbsd.org 2018/02/26 05:29:48 Log message: Implement a workaround against the Meltdown flaw in Intel CPUs. The following changes have been backported from OpenBSD -current. Changes by: guenther@cvs.openbsd.org 2018/01/06 15:03:13 Log message: Handle %gs like %[def]s and reset set it in cpu_switchto() instead of on every return to userspace. Changes by: mlarkin@cvs.openbsd.org 2018/01/06 18:08:20 Log message: Add identcpu.c and specialreg.h definitions for the new Intel/AMD MSRs that should help mitigate spectre. This is just the detection piece, these features are not yet used. Part of a larger ongoing effort to mitigate meltdown/spectre. i386 will come later; it needs some machdep.c cleanup first. Changes by: mlarkin@cvs.openbsd.org 2018/01/07 12:56:19 Log message: remove all PG_G global page mappings from the kernel when running on Intel CPUs. Part of an ongoing set of commits to mitigate the Intel "meltdown" CVE. This diff does not confer any immunity to that vulnerability - subsequent commits are still needed and are being worked on presently. Changes by: mlarkin@cvs.openbsd.org 2018/01/12 01:21:30 Log message: IBRS -> IBRS,IBPB in identifycpu lines Changes by: guenther@cvs.openbsd.org 2018/02/21 12:24:15 Log message: Meltdown: implement user/kernel page table separation. On Intel CPUs which speculate past user/supervisor page permission checks, use a separate page table for userspace with only the minimum of kernel code and data required for the transitions to/from the kernel (still marked as supervisor-only, of course): - the IDT (RO) - three pages of kernel text in the .kutext section for interrupt, trap, and syscall trampoline code (RX) - one page of kernel data in the .kudata section for TLB flush IPIs (RW) - the lapic page (RW, uncachable) - per CPU: one page for the TSS+GDT (RO) and one page for trampoline stacks (RW) When a syscall, trap, or interrupt takes a CPU from userspace to kernel the trampoline code switches page tables, switches stacks to the thread's real kernel stack, then copies over the necessary bits from the trampoline stack. On return to userspace the opposite occurs: recreate the iretq frame on the trampoline stack, switch stack, switch page tables, and return to userspace. mlarkin@ implemented the pmap bits and did 90% of the debugging, diagnosing issues on MP in particular, and drove the final push to completion. Many rounds of testing by naddy@, sthen@, and others Thanks to Alex Wilson from Joyent for early discussions about trampolines and their data requirements. Per-CPU page layout mostly inspired by DragonFlyBSD. Changes by: bluhm@cvs.openbsd.org 2018/02/22 13:18:59 Log message: The GNU assembler does not understand 1ULL, so replace the constant with 1. Then it compiles with gcc, sign and size do not matter here. Changes by: bluhm@cvs.openbsd.org 2018/02/22 13:27:14 Log message: The compile time assertion for cpu info did not work with gcc. Rephrase the condition in a way that both gcc and clang accept it. Changes by: guenther@cvs.openbsd.org 2018/02/22 13:36:40 Log message: Set the PG_G (global) bit on the special page table entries that are shared between the u-k and u+k tables, because they're actually in all tables. OpenBSD 6.2 errata 009 ``` syspatch iXsystems a2k18 Hackathon Report: Ken Westerback on dhclient and more Ken Westerback (krw@) has sent in the first report from the (recently concluded) a2k18 hackathon: YYZ -> YVR -> MEL -> ZQN -> CHC -> DUD -> WLG -> AKL -> SYD -> BNE -> YVR -> YYZ For those of you who don’t speak Airport code: Toronto -> Vancouver -> Melbourne -> Queenstown -> Christchurch -> Dunedin Then: Dunedin -> Wellington -> Auckland -> Sydney -> Brisbane -> Vancouver -> Toronto ``` Whew. Once in Dunedin the hacking commenced. The background was a regular tick of new meltdown diffs to test in addition to whatever work one was actually engaged in. I was lucky (?) in that none of the problems with the various versions cropped up on my laptop. ``` ``` I worked with rpe@ and tb@ to make the install script create the 'correct' FQDN when dhclient was involved. I worked with tb@ on some code cleanup in various bits of the base. dhclient(8) got some nice cleanup, further pruning/improving log messages in particular. In addition the oddball -q option was flipped into the more normal -v. I.e. be quiet by default and verbose on request. More substantially the use of recorded leases was made less intrusive by avoiding continual reconfiguration of the interface with the same information. The 'request', 'require' and 'ignore' dhclient.conf(5) statement were changed so they are cumulative, making it easier to build longer lists of affected options. I tweaked softraid(4) to remove a handrolled version of duid_format(). I sprinkled a couple of M_WAITOK into amd64 and i386 mpbios to document that there is really no need to check for NULL being returned from some malloc() calls. I continued to help test the new filesystem quiescing logic that deraadt@ committed during the hackathon. I only locked myself out of my room once! Fueled by the excellent coffee from local institutions The Good Earth Cafe and The Good Oil Cafe, and the excellent hacking facilities and accommodations at the University of Otago it was another enjoyable and productive hackathon south of the equator. And I even saw penguins. Thanks to Jim Cheetham and the support from the project and the OpenBSD Foundation that made it all possible ``` Poetic License I found this when going through old documents. It looks like I wrote it and never posted it. Perhaps I didn’t consider it finished at the time. But looking at it now, I think it’s good enough to share. It’s a redrafting of the BSD licence, in poetic form. Maybe I had plans to do other licences one day; I can’t remember. I’ve interleaved it with the original license text so you can see how true, or otherwise, I’ve been to it. Enjoy :-) ``` Copyright (c) , All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: ``` You may redistribute and use – as source or binary, as you choose, and with some changes or without – this software; let there be no doubt. But you must meet conditions three, if in compliance you wish to be. 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. 2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. 3. Neither the name of the nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. The first is obvious, of course – To keep this text within the source. The second is for binaries Place in the docs a copy, please. A moral lesson from this ode – Don’t strip the copyright on code. The third applies when you promote: You must not take, from us who wrote, our names and make it seem as true we like or love your version too. (Unless, of course, you contact us And get our written assensus.) THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. One final point to be laid out (You must forgive my need to shout): THERE IS NO WARRANTY FOR THIS WHATEVER THING MAY GO AMISS. EXPRESS, IMPLIED, IT’S ALL THE SAME – RESPONSIBILITY DISCLAIMED. WE ARE NOT LIABLE FOR LOSS NO MATTER HOW INCURRED THE COST THE TYPE OR STYLE OF DAMAGE DONE WHATE’ER THE LEGAL THEORY SPUN. THIS STILL REMAINS AS TRUE IF YOU INFORM US WHAT YOU PLAN TO DO. When all is told, we sum up thus – Do what you like, just don’t sue us. Beastie Bits AsiaBSDCon 2018 Videos The January/February 2018 FreeBSD Journal is Here Announcing the pkgsrc-2017Q4 release (2018-01-04) BSD Hamburg Event ZFS User conference Unreal Engine 4 Being Brought Natively To FreeBSD By Independent Developer Tarsnap ad Feedback/Questions Philippe - I heart FreeBSD and other questions Cyrus - BSD Now is excellent Architect - Combined Feedback Dale - ZFS on Linux moving to ZFS on FreeBSD Tommi - New BUG in Finland Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv

Michael Donovan's Walking Home
117 Stephanie Losi

Michael Donovan's Walking Home

Play Episode Listen Later Mar 1, 2017 83:39


Stephanie was a senior Bank Examiner for the Federal Reserve and has promoted security awareness for CERT and others. Today she sits down to talk about what we can and cannot do to protect ourselves and keep our personal information safe. We also geek out about AI for a moment!  ***Check out the MindPod event in LA on March 18th!*** Stephanie's Art   ///Here are Stephanie's tips for your security "1.) To make sure your computer's firewall is on: On a Mac, open System Preferences, open the Security & Privacy preferences, and click the Firewall tab. Bonus: Click on Firewall Options and check Enable Stealth Mode to make your Mac less discoverable. (It will stop responding to some common network reconnaissance techniques.) On a Windows PC, open Control Panel and then Windows Firewall to see the firewall status. If you want to get fancy and try some alternative firewalls for Windows, there are many options, such as ZoneAlarm Free Firewall or Comodo Firewall. You only really need one firewall, so choose the one you prefer.  2.) Use a VPN on public Wi-Fi networks, whether or not they require a password for access. A VPN encrypts the traffic you are sending over the network, so anyone snooping on traffic won’t be able to decipher yours. I use Witopia, which has good support and is fairly easy to set up, but there are many options. How to use a VPN: Log on to a public Wi-Fi network. Once you are connected, BEFORE doing anything else or visiting any other sites, log in to your VPN service. Then launch your web browser and you can surf more securely.  3.) Consider a password manager. You can use one that stores passwords on your computer, for example Keychain Access or KeePass, or one that stores passwords online like LastPass. It’s a personal choice. Pluses: You don’t need to type your passwords each time you want to use them. Copying-and-pasting passwords protects you from key loggers (malicious software programs that capture your keystrokes in an attempt to capture your passwords). Caveats: Use a strong master password, and don’t forget it or you could lose access to your passwords permanently (especially with some password managers that store passwords on your computer). Also, be aware that online password managers can be and have been compromised, so be prepared to change your master password promptly if you receive notification of a compromise.  4.) You can reduce the amount of data stored about your web searches by logging out of your Google account before searching, as well as frequently clearing your browser cookies/history/cache or using Private Browsing or Incognito Mode. If you want to search the web with no trace, consider using DuckDuckGo, which does not track or store search queries at all. For example, to clear your browser data in Chrome: From the Chrome menu, choose Clear Browsing Data and check off as many boxes as you like. Be aware that this will leave you logged out of websites such as Facebook, and you’ll have to log back in later.  5.) Don’t plug untrusted USB drives (flash drives) or other untrusted devices into your computer. They can introduce malicious software directly to your system. (We didn't discuss this, but I think it's important to mention here.) 6.) Consider hard drive encryption if losing your laptop would be catastrophic from a data-leak perspective. Caveat: If you forget the password to decrypt your hard drive, you will lose access to your data. Some programs allow you to create sub-drives on your hard drive and then encrypt just those sub-drives. Caveat: Same as for whole-drive encryption: Don’t forget the decryption password or you could permanently lose access to your data!  7.) If you’re taking your smartphone into a high-risk situation (as defined by you), you can remove as many email accounts and apps as you want from your phone. It’s easy to reinstall them later.  8.) Think of email as a postcard that you send to someone. Other people along the sending path may be able to read it. One possible solution for privacy is Canada-based Hushmail, which allows end-to-end encryption of email messages. Caveat: Both sender and recipient need to have Hushmail accounts with strong passwords and check the “encrypted” box before sending messages with the service. Be aware that Hushmail can decrypt emails on their end and will do so if they get a request that’s enforceable under local laws, so use it for privacy, not illegal activity. 9.) Rather than sending plain-text texts, you can use end-to-end encryption for messaging. Two possible solutions are the Signal app and Off-the-Record Messaging. Remember to periodically delete local messages from your phone/device; otherwise, losing your device could expose all of your messages. 10.) If you’re on Windows, an antivirus program may be useful, but you certainly don’t need to have 20 antivirus programs running at once. Some options include Windows Defender, AVG and Avast, but there are many others.  Further Reading: There are lots of guides online to securing your computer. One interesting guide is at https://spideroak.com/infosec and gives you some different perspectives on ways to secure your online accounts."

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Verizon Webmail XSS Exploit https://randywestergren.com/persistent-xss-verizons-webmail-client/ Blocking Powershell Connections via Windows Firewall https://isc.sans.edu/forums/diary/Blocking+Powershell+Connection+via+Windows+Firewall/21829/ Exploit Kits Delivering Cerber Ransomware https://isc.sans.edu/forums/diary/One+if+by+email+and+two+if+by+EK+The+Cerbers+are+coming/21823/ More Security Companies joining "No More Ransom" https://www.nomoreransom.org IT Contractor Trying to Take Over Radio Station https://regmedia.co.uk/2016/12/16/kcohvtaylorfiling.pdf Holiday Safe Computing Tips https://isc.sans.edu/forums/diary/Holiday+Safe+Computing+Tips/21827/

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Verizon Webmail XSS Exploit https://randywestergren.com/persistent-xss-verizons-webmail-client/ Blocking Powershell Connections via Windows Firewall https://isc.sans.edu/forums/diary/Blocking+Powershell+Connection+via+Windows+Firewall/21829/ Exploit Kits Delivering Cerber Ransomware https://isc.sans.edu/forums/diary/One+if+by+email+and+two+if+by+EK+The+Cerbers+are+coming/21823/ More Security Companies joining "No More Ransom" https://www.nomoreransom.org IT Contractor Trying to Take Over Radio Station https://regmedia.co.uk/2016/12/16/kcohvtaylorfiling.pdf Holiday Safe Computing Tips https://isc.sans.edu/forums/diary/Holiday+Safe+Computing+Tips/21827/

TechByter Worldwide (formerly Technology Corner) with Bill Blinn
TechByter Worldwide 2010.09.26: Giving Away Your Identity; Fun—Useful—Amusing—Silly; The Windows Firewall is Blocking; and Short Circuits.

TechByter Worldwide (formerly Technology Corner) with Bill Blinn

Play Episode Listen Later Sep 25, 2010 23:00


Wi-Fi hotspots are useful but dangerous. There's a way to eliminate the danger. I'll share with you some amusing sites I've recently found. Be careful when your firewall issues a warning. In Short Circuits, PARC is 40 and a British teen plans a big party.