Geek News: Latest Technology, Product Reviews, Gadgets and Tech Podcast News for Geeks

Tag: Security

Formspring Had a Security Breach

Posted by JenThorpe at 8:20 PM on July 10, 2012

Those of you who have a Formspring account might want to take a minute to go and check on it. Formspring announced today, July 10, 2012, that it has had a security breach. and that some user passwords may have been accessed.

They are taking a precautionary measure and asking all Formspring members to change their passwords now. The same blog post that announces the security breach has advice about some guidelines that they recommend you use in order to create a strong password.

I found out about this just a few minutes ago when Formspring sent me an ominous sounding email.

At first, I wasn’t sure if this email was legitimate, or if it was some sort of phishing scheme. So, I opened up a new window in my browser and attempted to log in to my Formspring account. The result wasn’t good.

Since I was getting nowhere, I decided to click the word “resend”, in the hopes that this would help me to recover my Formspring account. I rarely use it, but even so, I didn’t like the idea of it potentially being accessible by someone other than myself. It took a few tries, but I was, eventually, sent an email that gave me a link to click on so that I could reset my Formspring password.

I was able to click on the new link that I was sent. However, this did not enable me to achieve a desirable result.

Uh-oh! I ended up having Formspring resend another email, with a new link inside it. That one worked, and I was able to successfully access my Formspring account, and change the password to something completely different than what it was before the security breach. I figured it was worth it to send out this little “heads up” to other people out there who are using Formspring. Hopefully, after reading this, you won’t panic if Formspring sends you an email like the one it sent me.

Tags:

Posted in Security, Social Media

Comments Comments Off

Has DNSChanger Infected Your Computer

Posted by KL Tech Muse at 4:06 PM on July 8, 2012

Back in November 2011 a group of Estonian and Russian hackers were arrested for creating and running a botnet called DNSChanger. DNSChanger was true to its name, it changed the DNS address of the computer it controlled and directed it to  rogue DNS servers. These rogue DNS servers were shut down by the FBI and the Internet Systems Consortium, a nonprofit company was assigned to run the replacement DNS servers so those who had effected machines wouldn’t lose their connection to the Internet. That was over eight months ago and the time that the court assigned the Internet Systems Consortium to run the replacement DNS servers has run out. So on Monday, July 9, these replacement DNS servers will be shut down. The computers that are still connected to these DNS servers will no longer be able to connect to the Internet. There are an estimate 300,000 computers that are still effected. These are not only personal computers, but also computers run by Fortune 500 companies.

The FBI has set up a site where you can check to see if your system has been effected and what to do if it has been. Most likely if you have kept your computer updated and have run your anti-malware and virus programs you will be ok. However we all know someone who never updates their system either because they are too lazy or for some reason believe they are invulnerable. If you know someone like that, suggest they go to the site the FBI set up. If they decide not too, you may get a call Monday morning if you are the computer “expert” of the family, with them screaming they can’t connect to the Google.

The most interest part of this story of course was not the DNSChanger bot, itself, but how the FBI and the court handled it. They could have shut it down immediate and the results would have been the same for those 300,000 plus 270,00 more. By delaying the shut down they did allow those 270,000 to recover. However it seems to me they dropped the ball in getting the word out. This didn’t become big news until the past week. I am not sure if the court and the FBI is to be blamed for this, or is it the media’s fault for not getting the word out. Whose ever fault it is, communication was lacking.

Tags: , , ,

Posted in Information, Security

Comments Comments Off

Hijacking a Drone

Posted by KL Tech Muse at 1:09 PM on June 30, 2012

droneDrones are unmanned flying vehicles which are controlled by operators from thousands of miles away. They are used extensively in Afghanistan to track the Taliban’s activities. There has been increase talk among law enforcement in the United States that using drones might be useful in fighting crime. There is a Federal mandate that would permit drones to be used in US airspace. There are many questions involving the use of drones including privacy rights, lack of search warrants …. There are also technical questions. Right now the biggest problem that the DHS and the FAA are facing involving drones are jammers which don’t control the drones but simply jam the signal. This is the way the Iranians insist they were able to bring down a drone in 2011. Although that is still disputed by the US who insist it was operator error and not Iranian jamming that caused the drone to land off course.

However solving the jamming problem maybe easy compared to the problem of spoofing. Spoofing is where the drone is actually controlled by a third-party. In order for spoofing to be successful the drones GPS system must be hacked. That is what the University of Texas, Cockrell School of Engineering did under Assistant Professor Todd Humphreys when it hijacked a drone using $1,000 worth of equipment and custom software. These drones were using unencrypted software that the University of Texas team was able to hack. Their signal was more powerful than the GPS signal that the drone was receiving from the satellite that was originally controlling it. They were able to over ride that GPS signal sending the drone where they wanted to. As you can image this is a huge potential problem. Imagine what would happen if a terrorist group was able to hack a drone and send it where ever they wanted it to. They could control it from anywhere and sending it crashing into buildings with no risk to themselves.

Right now the DHS is still working on the jamming problem through the Patriot Watch and the Patriot Shield programs but the programs are underfunded and haven’t even started looking into the spoofing problem. Before we allow drones to fly above US cities we might want to find a solution to both jamming and spoofing first.

Tags: , , , ,

Posted in Information, Security

Comments 1 Comment

Arq and Backup Solution for the Mac

Posted by KL Tech Muse at 12:47 PM on May 4, 2012

Arq Having a good backup system both locally and offsite is important for anyone with a computer. Once you have decide to use a cloud backup the first problem you face is the overwhelming number of options. There are two broad category of backups, manual and automatic. Services like Dropbox or Google Drive are what I call manual backups, in that they require you to physically drop a file or folder into them. An automatic backup system is just that, you choose the files/folders you want to back up and the system you choose backs up those files automatically either at a specific time or interval. There are a couple of things I look for in a backup system: first is it easy to use, second when I recover a file do I get back what I put in, third is the cost, and finally is it trust no one(TNO) compliant. The idea behind TNO is that you and only you has access to your content including your password and keys.

The solution I have found is called Arq after trying Backblaze, Carbonite, and Jungle Disk. Arq falls into second category of backups in that the backup happens automatically once you have set it up.
I first heard about Arq on Security Now Episode #351: Back To The Cloud. Arq is a Mac only backup solution, although there is an app available to view the files on iOS. Arq runs on Amazon S3 and does require you to sign up for the Amazon Web Service
Once you sign up it will give you an access key id, secret access key and you also have to provide a password. Make sure you keep a copy of all these, neither Arq nor Amazon can recover them for you (I use 1password for this purpose). Although this can be inconvenient it makes Arq TNO compliant. There is a 30 day trial, during the trial you pay only for the Amazon S3 fees After 30 days if you decide to continue to use it there is a $29.00 one time licensing fee. Amazon S3 fees are $1.25 $12.5 cents/GB or $.93 9.3 cents/GB for reduce redundancy storage. They also bill you for outgoing transfers. Outgoing transfers are free up to 1GB/month, from 1GB/month to 10/GB it is .120 per GB and so on. The price per GB goes down the more GBs you use. This is one of the things I like about Arq you are only paying for what you are using instead of a flat fee. As part of the sign up process Arq will ask how much you want to budget for backup starting in $5.00 increments. You put in the dollar amount you want to spend and it will tell you how much that will backup. If you are about to go over your budgeted amount Arq will automatically delete the oldest files. Arq does version backup similar to Time Machine, so it will always keep at least two versions of a backup.

You can choose which files/folders you want to back up and you can exclude specific files by name. You can back up from a network attach storage drive. It doesn’t delete backups from network storage devices even if you remove those devices from your network. If you can see it in the Finder menu it will back it up. In fact when I first start the backup process I noticed it was backing up my Dropbox folder, which I quickly unchecked. It does not care what type of file you are backing up. Arq allows you to back up automatically every hour at a specific time during that hour, you can schedule a backup once a day or you can do a manual back up and have it only back up when you tell it too. You can control the transfer rate, either maximum, automatic which will throttle the speed if you are transferring something else over the Internet or a fix transfer rate at a specific KB per second. If you want you can get a Growl notification when a backup is completed. Plus you can have Arq start-up on login, show on the menu bar and prevent your computer from sleeping when backing up.

To restore a file or folder you simply highlight it and then either click restore, which restores it to a folder labeled Arq folder or you can drag and drop the folder/file on to the Finder Window. I did a test restore on an image and it worked great, the image and all the metadata restored perfectly.

I have only been using Arq for a day now but so far I really like it. It was easy to set up, I like the fact it is TNO compliant and I like the cost. If you want to share the files with someone this is not the solution you are looking for. However if you are on a Mac and are looking for a good, secure backup solution I do recommend trying Arq.

Correction: made on Amazon fees 18:55 May 4

Tags: , , ,

Posted in application, backup, Information, mac

Comments 2 Comments

GNC-2012-05-01 #761 Listener Appreciation Month

Posted by geeknews at 1:01 AM on May 1, 2012

May will be the month of giveaways, listen to win. I also go into some of things that I have been doing which you are probably already aware to ensure the stability of the show for the long hall. Extended dialogue time on this show but with a hard hitting tech show as well.

Sponsored by:
On new orders get 35% off total order amount: Promo Code go35off2

Download the Audio Show File

Show Notes:
Wind Generators and Global Warming?
Can’t trust the Tech Blogs!
Copyright is broke really bad.
Copyfraud and Trolls.
More Copyright Stupidity.
Harvard Battles Journal Costs.
Facebook likes not Protected Free Speech.
McCarthy is back at FBI!
Dotcom gets a bunch of his Money back.
Pirate Bay censored in U.K.
Hulu to require cable?
Backdoors Everywhere.
SETI to help Air Force?
Soyuz lands!
100 days to Mars Landing.
Time running out for Moores Law?
SiriusXM App Update not so good!
Microsoft dumps 300 million into Nook.
Fair Use is dead.
Digg to Washington Post?
Harley makes it from Japan.
Mirrorcase Kickstarter.
Paul Miller leaves the Net!
SpaceX test fire on pad?
Triggertrap.
Dish Hopper up to 6 channel record DVR.
Internet Speed down overall.
Bluetooth everywhere.
Skype Update on iOS.
www Turns 19.
Cloud Storage chart.

Podcast: Play in new window | Download | Embed

PlayPlay

Podcast (video): Play in new window | Download | Embed

Tags: , , , , , , , , , , ,

Posted in Podcast

Comments Comments Off

GNC-2012-03-29 #754 Tech News and Info

Posted by geeknews at 1:05 AM on March 30, 2012

How many hours a week do you work, I read that working more than 49 hours a week is excessive.. I guess I have been working excessive hours for the past 30 years… Full stack of Tech News and Info. Heads up will be looking for someone to do the show on Monday as I do not think I will get into Indy early enough to do the show.

Sponsored by:
On new orders get 35% off total order amount: Promo Code go35off2

Download the Audio Show File

Links to all the articles talked about in this Podcast are on the GNC Show Notes Page [Click Here]

Podcast: Play in new window | Download | Embed

PlayPlay

Podcast (video): Play in new window | Download | Embed

Tags: , , , , , , ,

Posted in Podcast

Comments Comments Off

GNC-2012-03-05 #747 Early Show

Posted by geeknews at 9:33 PM on March 5, 2012

Very early show today as my schedule allowed it. Lots of fun doing the show in the afternoon versus early evening. Enjoy the march continues to show 750.

Sponsored by:
On new orders get 35% off total order amount: Promo Code go35off2

Download the Audio Show File

Links to all the articles talked about in this Podcast are on the GNC Show Notes Page [Click Here]

Podcast: Play in new window | Download | Embed

PlayPlay

Podcast (video): Play in new window | Download | Embed

Tags: , , , , , , ,

Posted in Podcast

Comments Comments Off

GNC-2012-03-01 #746 Back from DC

Posted by geeknews at 12:13 AM on March 2, 2012

Great quick trip to DC. Should be back in Honolulu for a couple of weeks before any other trips.. Studio construction to commence shortly. Video viewers watch to qualify to win!

Sponsored by:
On new orders get 35% off total order amount: Promo Code go35off2

Download the Audio Show File

Links to all the articles talked about in this Podcast are on the GNC Show Notes Page [Click Here]

Podcast: Play in new window | Download | Embed

PlayPlay

Podcast (video): Play in new window | Download | Embed

Tags: , , , , , , , , ,

Posted in Podcast

Comments Comments Off

iWatchLife IP camera Home Monitoring System

Posted by geeknews at 1:10 PM on February 26, 2012

Over the past year I have done a couple of Network Camera and associated monitoring site reviews, this is the first time I have been able to review a iWatchLife IP Camera which is designed for home or small business. IP based video surveillance has been around for a while, so often times the differentiating points between manufactures end up being the monitoring services features.

Several years ago I had professional installation of a multiple camera wired monitoring system that records areas outside my residence/business along with key areas inside. While my solution is fantastic it comes at a hefty monthly price and required an initial very large cash outlay. Most of us do not need a big fancy system like mine, most of us need a couple of cameras to monitor key areas.

The camera that came with the iWacthLife kit was an Axis IP Camera that retails for $279. Setup was pretty straight forward, within about 5 minutes I had the wireless camera setup and feeding the iWatchLife website video. Camera configuration was managed through the iWatchLife.com website.

What struck me about the Axis camera that was different from other IP cameras I have reviewed was that it had a microphone, so not only could I watch what was happening I could hear as well.  The cameras video quality was fine and it did fine in low light.  The camera also had a feature where I could turn on a light mounted on the camera from the iWatchLife website.

The iWatchLife.com website and feature set is what really sets this IP camera package apart from others. You could configure the monitoring website to send  email alerts and record specific actions. The list is extensive intrusion, network outages, major scene changes, dark to light, light to dark, motion and scheduled or on demand video recording.

You can configure multiple cameras and the cameras are tied by serial number to your account making them very secure. The iWatchLife dashboard allows you to see a live view, review security events, and of course manage the cameras.  Cameras are priced from $199 to $279 per year. The iWatchLife service is free but they do have enhanced services priced $59 or $79 per year which allows you to store 75/200 hours of video coverage.

The simple fact that you can grow this monitoring system as you need to is a big added plus. Overall I am very impressed by both the monitoring website and camera options.

Tags: ,

Posted in Information

Comments 1 Comment

Loftek CSX 2200 Remote Wireless IP Camera

Posted by tomwiles at 10:36 PM on February 24, 2012

I recently started looking to purchase a remote IP camera that would allow me to remotely view my home via the Internet. There are quite a variety of remote IP cameras that offer a number of different viewing options at widely varying price points. After a bit of looking, I ended up purchasing a Loftek CSX 2200 wireless IP security camera via Amazon.Com based mostly on the large number of positive buyer reviews.

Among other features, the Loftek CSX 2200 offers VGA/QVGA/QQVGA resolutions, a built-in microphone, supports external audio, UPNP/port forwarding, 802.11 b/g WiFi, 270-degree horizonal pan, 120 deree vertical tilt, automatic motion detection and alarm, alarm notification via email or FTP server, infrared LED’s cover up to about 15 feet, and support for all major browsers.

The Loftek CSX 2200 offers a lot of features for the $67.99 price tag. The downside is that the small included quick start guide is printed in very small type and isn’t all that helpful.  A fair amount of networking knowledge is required in order to be able to get all of the features working properly. Simple Windows setup software is included, and even though once it is set up it will readily work with Apple and other non-Windows devices, Windows is required for initial setup. Initially it has to be plugged in directly to an Ethernet port so the included software can detect it. Once detected via Ethernet and into the browser setup screens, WiFi can be enabled. A more complete PDF manual can be downloaded from the Loftek website.

I was able to go into my ISP’s DSL router and enable port forwarding to port 1029 and get remote access to work from outside my home network. I was also able to get the automatic email alarm notification feature to work on motion detection. Motion detection sensitivity can be selected, but it seems to work good so far at the default setting. When motion is detected, it will automatically take a series of 6 photos and email all 6 photos to up to four pre-determined email addresses. One quirk I ran into is that when setting up an email account the email “test” feature won’t work even if all of the parameters are correctly set up until the configuration has been saved to the camera.

Since this camera is designed to work with it’s own infrared LED’s in complete darkness, the color balance can be a bit off in normal lighting conditions. I’m including two photos of the same scene, one with my compact florescent lights on and the other with the lights completely off.

 

Even though one of the Amazon.Com reviewers claimed he was able to get this camera to work with an iOS app designed to work with Foscam brand IP cameras, so far I’ve been unable to get any of the free iOS apps to work with the Loftek. On the other hand, I can easily access the camera directly in Safari both on my iPad and my iPod Touch using an Internet connection completely external to my home network DSL connection.

Overall I’m quite pleased with my purchase. The Loftek CXS 2200 offers a lot of value for the $67.99 price.

Tags: , , , , , , , ,

Posted in Apple, Information, iOS, IPAD, iPhone, ipod, Security

Comments 1 Comment

« Older Entries
Newer Entries »