Author Archives: Marc Handelman

Infosecurity.US: Rather Than Focusing On Fixing Lame Windows Update System, Microsoft CEO Targets New Electronic Cricket Bat

 Image Credit: Microsoft Corporation

Image Credit: Microsoft Corporation

Smart Move - Satya - Smart Move Now, what was it you were going to do about the October Creators Update for Windows 10 nagging problem of deleting user documents and other files en mass? Was this a redirection marketing tactic to deflect attention from the recent rash of Microsft Windows Update failures plaguing Redmond; or is it a Lack of Focus Mr. Nadella? (Update: News from Martin Brinkmann at GHacks that the file deletion issue is reportedly fixed). To be fair, an inability to service operating system updates robustly is not just a Microsoft Corporation (Nasdaq: MSFT) failure, this SNAFU is a hallmark of the so-called Android 'ecosystem' as well. Oh, and I'm a cricket fan as well. Enjoy.



Infosecurity.US

Infosecurity.US: Too Busy, Don’t Care; So Sorry, Not Sorry

via Lawrence Abrams, writing at Bleeping Computer, comes news of a the most recent Attorney's General - The Gathering, colaescing into a brilliant coterie of top Law Enforcement Officials for their individual States. In which, Mesdames et Messieurs Procureurs Généraux demanding Somthing Be Done about Robo-Calls (cetainly the 1st, 2nd and perhaps 3rd World Scourge of Telecommunications) in a missive to the Federal Commmunications Commission (FCC).

Now, whilst I do enthusiastically laud the Advocatus Generalis' cumulative effort to stem-the-tide of robotic-calling systems - that enthusiasm is tempered by the herculean proposition it is to make such a request of the FCC, as Charman Pai of the Commission is far too busy casting his Reese's Peanut Butter Cup soaked visage for former employer Verizon and the other telcos' interests, rather than the People's Business.

 Image Credit:   TransNexus

Image Credit: TransNexus

"As these illegal telemarketing scams are estimated to have stolen 9.5 billion dollars from consumers, the letter urges the FCC to push for new protocols that can further help to battle these scams. These protocols are STIR (Secure Telephone Identity Revisited) and SHAKEN (Secure Handling of Asserted information using toKENs) and can be used by telephone providers to identify legitimate calls and those from bad actors..." - via Lawrence Abrams> , writing at Bleeping Computer



Infosecurity.US

Infosecurity.US: El Cubano de Googlery

Otherwise known as a 'Memoranda of Understanding', and considering no information is available on what Google Inc. (Nasdaq: GOOG) agreed to 'understand' in their 'Memoranda of Understanding' with the Republic of Cuba and the ruling party - the Cuban Communists...

Let's just say the deal between Sundar Pichai (you know Sundar - he's the decision-maker who decided - with his decision-making-super-decision-powers to not tell Google+ users (also known as 'the Product') that Google, Inc. lost their data due to flawed code-smithing in an API...) and the Cuban Communist Party is a might murky down Havana Way...



Infosecurity.US

Infosecurity.US: The Fix Is In: Clodflare’s eSNI

 eSNI Image Courtesy of Cloudflare

eSNI Image Courtesy of Cloudflare

Another fix is in the works for one of the more hidden aggravations of internetworking security, the so-called Server Name Indication (SNI) extension debacle. The fix - an Encrypted Server Name Indication has been crafted by Clouflare and evidenced by the service itself - eSNI - is an indication of a Company-Doing-The-Right-Thing and enrypting-all-the-things. Additional work is currently underway targeting a IETF Draft RFC. Simply Outstanding Work, Cloudflare.



Infosecurity.US

Infosecurity.US: Gerhard Jacob’s ‘Taking Stock: The Internet of Things and Machine Learning Algorithms at War’

Image Credit , Israeli Defense Forces, The IDF Desert Rreconnaissance Battalion Training Exercises

Terrific blog post by Gerhard Jacobs, writing at the Imperva Cybersecurity blog, and discussing IoT and ML with Gilad Yehudai (Gilad is a Security Research Engineer at Imperva), this time where connect devices and machine learning both interact and inform war fighting and warrior capabilities. Today's Must Read.



Infosecurity.US

Infosecurity.US: Hardware Security, Ramtin Amin’s Take

Friend of the Blog Trey Blalock of Firewall Consultants sent a link in yesterday which amgically trasnprted us to Ramtin Amin's Web Blog yesterday (in actuality, a Hardware Security blog of considerable reknown)(gracias Trey!). Ramtin's work is indicative of a curious intellect, and tremendous hardware investigatory chops - (plus, keen eye-hand coordination!). If you are at all fascinated by hardware security (coupled with mobile telephony, femto-cells, cabling/dongles and the like) his blog will come as a refreshing changement de rythme of to-the-point discussions of same. Don't Doddle, Chop-Chop, Enjoy!



Infosecurity.US