Jump to content
Killersites Community

LSW

Moderators
  • Content count

    1,353
  • Joined

  • Last visited

  • Days Won

    6

LSW last won the day on December 7

LSW had the most liked content!

Community Reputation

17 Excellent

About LSW

  • Rank
    Cybersecurity Advocate

Profile Information

  • Gender
    Male
  • Location
    Alaska
  • Interests
    Native American Culture, Cybersecurity & avoiding computers because they are evil.

Recent Profile Visitors

35,782 profile views
  1. The Issue of Net Neutrality

    Here are a couple of videos that may explain it and how it can effect you, better than I have. Here's What You Need To Know About Net Neutrality - Screen Junkies News What is net neutrality and how could it affect you? - BBC News
  2. The Issue of Net Neutrality

    Well, as I feared, it is official. Net Neutrality has been repealed in the US. ISPs are now free to play Netflix fast and Hulu slow if one pays more. They can block new technologies from wide usage if they feel they or a partner is working on another competing technology. They can block you from accessing any sites they may not agree with so no more planned Parenthood info if the ISP is owned by Pro-life businessmen or maybe or pro-drugwar ISPs can block web access to marijuana shops in states where it is legal. Of course you can always vote with your wallet, drop your ISP and access a new one you trust or offers what you want... if you are lucky. But those of you in Rural areas may not have another choice. Our Internet access came down to two companies, so we went with the one that we did not hate, but the one we hated bought the smaller one so now they are the only choice in town and they can now control what I have access too. If you think it is not a big deal, remember there was a time when Facebook was a startup and we had no neutrality law and a certain major player ISP banned Facebook from their services as it was competing with some idea of their own. Facebook may never have come into existence without the neutrality laws. So what new technology or service will we never have now because of the whims of big business? But more than a few groups are swearing the fight is not over yet.
  3. For those of you using DirtectTV, there is a risk that could allow attackers access to your system and network. Zero-Day Remote 'Root' Exploit Disclosed In AT&T DirecTV WVB Devices https://thehackernews.com/2017/12/directv-wvb-hack.html I have not discussed this issue yet as it can be a tad complicated for those who have never dealt with your routers yourselves. It may be a good idea to talk to someone in "The Know" or discuss it with your ISP support team. The real issue here is IoT (Internet of Things), all the gadgets that are being developed to use the internet. The folks who create your OS generally think about security. The folks who develop your router think about security. But does the developer of all this IoT crap think about security? Did the software developer for you internet connected coffee machine, pace maker, iBarbecue thing think about security? Likely not... so time and time again researchers and bad actors have found ways to bypass the best security people thought they had by hacking a unprotected IoT device. This is another example how hackers can get into your network through your Smart TV. For those of you who like a challenge, find a way to limit your IoT things contact to your network. It needs access to the Internet, but no other devices, it needs no access to your computers or tablets and phones. This way if compromised, the attacker can't do much of anything. Another way is to replace your Router's firmware with an opensource software with something like DD-WRT. Routers can do much more for security if you understand them, but their firmware is "Simplistic" for the average user. By getting more control with other software you can create two networks, your main network and a locked down network for just IoT devices with no contact to your personal devices.
  4. Let me toss this out: Sha1 is outdated and easy to crack. You should use Sha-256 at a minimum for user protection.
  5. Read this and you will see why it is a bad idea. I get it, passwords are hard to remember when you have lots of them or you change them a lot. But the disturbing thing here is that of this 1.4 Billion passwords, many are still active as the authors discovered. Also, remember to check periodically if your passwords etc. have been stolen and posted online: https://haveibeenpwned.com/ Collection of 1.4 Billion Plain-Text Leaked Passwords Found Circulating Online https://thehackernews.com/2017/12/data-breach-password-list.html
  6. For HP Users:

  7. Music while coding

    I almost always listen to music, and music of all sorts. European Goth mostly, but bagpipes as well and sometimes Native American or Celtic. It has little to do with what I am doing either, more my mood. If I am angry then a lot of Linkin Park, if mellow then classical or Native. If my cubicle mate next door is being obnoxiously loud then we get into Bagpipes or death metal... something loud to drown him out. In the end it depends on the person, some can do anything with any type of music. Some like Stef says depends on what they are doing. Some other folks may need silence. I simply don't like all the background noise and conversations around me so music of any sorts drowns it out so I can concentrate. Silence makes it hard for me to concentrate as I get bored, that is the ADHD coming through.
  8. Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability https://thehackernews.com/2017/12/windows-update-malware-protection.html
  9. If anyone at Killersites builds Android mobile apps or knows someone who does, take note of vulnerabilities is the development tools. https://thehackernews.com/2017/12/android-development-tools.html
  10. Cybersecurity News

    I have decided to make the Data Breaches section it's own post as it is getting rather long and it shows just how insecure your data is from even some of the best known companies. Do not give up info to anyone who really does not need it. Just these headlines as of 12/6/2017 show over 273 Million people's data has been compromised. Data Breaches Insider Allegedly Steals Mental Health Data of 28,000 Patients (San Antonio, Texas) [12/7/2017] Uber Paid 20-Year-Old Florida Hacker $100,000 to Keep Data Breach Secret [12/7/2017] Massive Breach Exposes Keyboard App that Collects Personal Data On Its 31 Million Users (virtual keyboard app, AI.type) [12/6/2017] Stanford University server exposes data of 10,000 staffers [12/6/2017] PayPal Subsidiary Data Breach Hits Up to 1.6 Million Customers [12/4/2017] NOTE: This was the TIO Platform and not PayPal, PayPal just owns them since July 2017. They claim it does not effect PayPal customers. Uber's British Breach Tally: 2.7 Million Victims [11/30/2017] Imgur Warns: Old Breach Compromised 1.7 Million Accounts [11/28/2017] Did Uber Break Breach Notification Minimum-Speed Limits? [11/28/2017] Uber Concealed Breach of 57 Million Accounts for a Year [11/22/2017] Forever 21 Warns Shoppers of Payment Card Breach at Some Stores [11/16/2017] Malaysia Stung by Massive Data Breach Affecting Millions [11/3/2017] How Top Companies Accidentally Leaking Terabytes of Sensitive Data Online WebSites Found Collecting Data from Online Forms Even Before You Click Submit US Defense Contractor left Sensitive Files on Amazon Server Without Password Viacom Left Sensitive Data And Secret Access Key On Unsecured Amazon Server Passwords For 540,000 Car Tracking Devices Leaked Online Amazon's Whole Foods Market Suffers Credit Card Breach In Some Stores Disqus Hacked: More than 17.5 Million Users' Details Stolen in 2012 Breach Blood Test Results Exposed in Cloud Repository This is getting too stupid, so I am giving Equifax their own list Equifax Equifax Hack Exposes Personal Info of 143 Million US Consumers Equifax Data Breach: Steps You should Take to Protect Yourself Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw Whoops, Turns Out 2.5 Million More Americans Were Affected By Equifax Breach Equifax: 15.2 Million UK Records Exposed Equifax, TransUnion Websites Served Up Adware, Malware
  11. The Issue of Net Neutrality

    Here is a Good look at why non-US killersites members should be paying attention. This reviews Net-Neutrality from a Canadian view, not the US vote of the FCC, but in general, the whole general subject faced by Canadians. Threat To Net Neutrality Hits Canada In a New Form
  12. The Issue of Net Neutrality

    What the world looks like without net neutrality... - Jan. 2014 Net Neutrality Explained - Wall Street Journal Feb. 2015 Now this may be funny, they make some good points about the rules: Net Neutrality II: Last Week Tonight with John Oliver (HBO) - May 2017
  13. The Issue of Net Neutrality

    This is a keynote speech sponsored by "New America" and makes some very good points. He goes into the history of why these rules were created. How ISPs blocked start-up companies like Facebook and google and the like because the ISP were working on their own services or were partnered with others who were creating services and so all competition was blocked. For those of you not in the US, this is still important, because you may have such issues in your countries or such laws to stop such actions. If we lose our rights, that could be used by your ISPs to argue for changes in other countries. Total Eclipse of the Net: The End of Net Neutrality? - New America
  14. Cyber Warriors Fight USAF's Most Active, and Secret, War http://www.airforcemag.com/MagazineArchive/Pages/2018/January 2018/Cyber-Warriors-Fight-USAFs-Most-Active-and-Secret-War.aspx Again, as I have stated before in different places here, Cyber Security is a case of National Security. It is estimated that the US will be missing some 3.5 million jobs in cyber security by 2021 and in the meantime Pres. Trump suggests joining the Russians for cyber security. If you, family, or friends are looking to get into a new field, cyber security is a great place to go. Have kids join the military for cyber training and experience any big company will love to hire later. For those not in the US, every nation now has cyber security embedded into their military and every nation is going to need cyber security in the coming years.
  15. Is Your DJI Drone a Chinese Spy? Leaked DHS Memo Suggests https://thehackernews.com/2017/12/dji-drone-china-spying.html This article falls into the area of IoT (Internet of Things) and how with so many things becoming connected to the internet we are losing control over what data is collected. For my point here you can drop China (although that is a concern) and concentrate on the larger picture. To you these UAVs (Un-manned Aerial Vehicles) are often little more than toys or just a hobby like RC Aircraft... but with today's technologies they can be used to pinpoint points of interest. Are any of you aware of a US Airstrike a few years ago on an ISIS headquarters? Some little putz with a smart phone took a photo of himself with his assault rifle and posted the photo online. That was picked up by intelligence and as he had not turned off tagging, the phone GPS tagged the photo and gave the US the HQ direct location and in less than 48 hours a airstrike hit it killing some high ranking commanders. In another (accidental) case years ago, a power station failed. The load must then be spread in the system causing other smaller stations to fail, their loads in turn exceeded the draw on larger nets and the cascade effect finally knocked out power grids in the upper east coast, as far west as Michigan and as far north as into Canada. Millions without power for days. Now just as an example, add these three stories together. I live near a small power center, I fly my UAV (Drones are military un-manned targets) and GPS is collected as well as the fact it is flying around a power station. A few others do the same and the adversary now knows where they are to within a few feet. They hack in, or physically break in, bring down the stations so the power defaults to other lines that then collapse and whole grids begin to fail. We can argue all day about the likelihood of this, but it is a very real threat, it is possible regardless of how unlikely you think it is. It is merely a precautionary tale. This is also not including the fact that these UAVs are collecting personal data on you. Always limit as much info going out about you as possible from any IoT, app or device.
×