Thursday, April 10, 2014

LastPass helps Bleeding hearts

According to a recent list sent to me (after she ran the LastPass "Security Check" - avilable in both paid and free versions, btw) re: Bleedheart here is the April 10th, 2014 skinny:

These are ALAL still not patched and do not have updated (after April 8) SSL CERTs!

airbnb.com



Wait
openoffice.org

Wait
path.com

Wait
pearltrees.com

Wait
pond5.com

Wait
quora.com

Go update!
rememberthemilk.com

Go update!
reverbnation.com

Go update!
soundcloud.com

Go update!
squidoo.com

Wait
timeanddate.com

Wait
tumblr.com

Go update!
wikispaces.com

Wait
yahoo.com

Go update!
zoho.com

Also, WAIT before updating paswrrods on the following:




apache.org


archive.org


blip.tv


doodle.com


dropbox.com


facebook.com


godaddy.com


google.com


gravatar.com


imgur.com


libsyn.com


livefyre.com


minus.com


mobypicture.com


netflix.com
Posted by at No comments:

Saturday, April 23, 2011

Apple's "Care" and Droid Doesn't

Perhaps Apple didn't take care (or care) when putting/keeping their "tracking" database file in the iOS 4 devices, but that doesn't matter.

  1. The "tracking" is merely Lat/Lon coords (as per FCC regulations) and Date/Time stamps reported directly from nearby cellular towers and WAPs.  Given that WAP Lat/Lon comes with the caveat that owners/users of WAPs enter the info thenselves and either enter just Zip Code or Lat/Lon or both, model/brand depending
  2. Apple has no software (that works, as of 4-23-2011) that tracks devices or uses this database file on the iOS side.  There currently are ZERO Apple apps that can read nor use this information - that does not pre-clude future apps gaining the permission or desire.  Recently, according to Andy Inhatko (paraphrased), there "...[an insider/former insider] stated that there was an app that was supposed to have been running by now, that uses this database, that collects the info for cellular service quality purposes]..." (hopefully benefiting such carriers as AT&T with their iPhone?).  Andy further mentions "triangulation" as a point for the paranoid (not saying that Andy is paranoid here!), which  however possible, he should be referring to trilateration - and I am sure he knows the definitions of both, perhaps me using the term "trialteration" is my own "purple cow" [By the way, I am not referring to the Trialateral Commision. That would be a but paranoid here! In Wikipedia, itself a curiosly deleted page, hehe - but I digress...)
  3. There are GPS apps that people have on their iWhatevers right now that are FAR MORE ACCURATE and have a DISCLOSED PURPOSE in tracking you or your device because, simply, that's what you WANTED (so in that case, those people shouldn't really count as the, as I suggest,  overly concerned ones here)
  4. There are most likely a few more files that are in the PROPRIETARY iOS root that sit and do nothing, and were probably just left over from various builds or waiting for more purposeful, publicly announced use
  5. Even Old Tyme TDMA phones were CONSTANTLY being pinged or pinging back (I forget which or both) to cell towers for hand-off purposes - and THIS PRACTICE HASN'T CHANGED MUCH
  6. You can turn  off GPS, but that won't stop your phone from collecting this data.  You would need to turn off 3g/4g and Wifi to stop it. But, then, you will recieve ZERO calls. You have an Android device? Well, "I can just run on Wifi and use Google Voice!". Uh, NO, you can't use Google Voice by itself over Wifi. You CAN use Google Voice IN A BROWSER over Wifi.  (I wish we could use Google Voice over Wifi, without need for a browser, by just using the Contact list or Phone TouchTone buttons to initiate calls over Google Voice, but we can't because Android Doesn't
  7. The database file IS NO SECRET and is NOT HIDDEN.  The file is EASILY readable form a readily available database file reader (actually most of them out there now will read the data, but this particular reader made recently formats it properly and will load a map of the points for you)  The data comes from GPS data already permanently stored in FCC-regulated cell towers and from user-supplied info within WAP routers, and then only if the user supplied it - and most dont care or if they do care, WON'T supply it. The data does NOT COME FROM GPS SATELLITES CONECTING WITH YOUR PHONE THROUGH WHEN YOU USE AN APP YOU ALREADY HAVE DOWNLOADED FOR SUCH PURPOSE NOR THROUGH GOOGLE MAPS IF AND IF YOU ALSO HAVE GOOGLE LATITUDE TURNED ON, using an Android device in the latter, of course.
  8. Encrypting your backup (for when syncing through iTunes) does NOT ENCRYPT THE DATABASE THAT STAYS ON THE iDevice!  And if your easy-peasy-to-remember iStore login password is what is being used to encrypt this data, that data is vulnerable to easier un-encryption
  9. Hackers are challenged by ENCRYPTED DATA, not usually easily readable data - such as this data base file while on your iDevice. Crackers/Criminals might want this data to get a GENERAL idea of where your location MIGHT be relative to nearby cell towers, but more lilkely would want contact data, or better yet, data such as passwords or creditcard numbers or login username/passcodes that people put into EASILY READABLE AND NON-ENCRYPTED DIALING STRINGS IN THEIR CONTACT LISTS all the time, without batting an eyelid. Those strings are not "out-of-the-box" encrypted nor hidden, although their MAY BE in that case of Android,, some apps that can do this. But, frankly in the Android cases, their should be a proprietary in-house Andorid OS bulit-in protection for such common dialing strings. I do not currently know if Apple hides or encrypts codes in dialing strings, they may.
  10. You CAN DELETE this database file - it will be recreated, but will start anew with fresh data (the old data won't come back, as long as you ALSO DELETE THE ENCRYPTED FILE THAT WAS ENCRYPTED BY iTUNES DURING YOUR LAST BACKUP, as syncing with iTunes may just bring it all back to your device, just as unencrypted as before
  11. I don't recall the name of the database file, but that is what Google is for. Google is for you, the people.

Oh, and the same goes for Android, folks. With the exception that Android OS HAS NO DATABASE THAT IS BEING UPDATED. (that is about the ONLY difference herein described, and is somewhat in itself and unintended red herring). Addendum: as you can tell, I have recently revised and thrown in newer Android information as recently news reports coming in are hammering Google just as hard as Apple.

STOP the HYPE and PARANORMAL!

From a most hilarious article/nlogpost "But consumer advocates warn that too many people click right through privacy notifications and breeze over or ignore such legalese." - OMG, are these the same advocates that would defend someone getting hit by a bus while jay-walking and texting. I hope not.

The full article's link:
http://www.google.com/hostednews/ap/article/ALeqM5gDbgW-3buo00Q1EEts94wISIIFwA?docId=818ec774dfc747e4bc8c2be545995bd2 


Well, did you read the article? I hope so, because this article reveals a gem of sociology, folks, that for the first time in the wild we are witness to the very first observed Android user that can be as clueless/"care less" as an iPhone user, and that user is Josh Dickey from Reading, PA. Congrats!
Posted by at No comments:
Labels: , , , , , ,

Thursday, June 3, 2010

Bi-Monthly, then!

This summary is not available. Please click here to view the post.
Posted by at No comments:
Labels: , , ,

Thursday, April 30, 2009

Verizon finally may have done it right.

While musing, pondering, searching, waiting, hoping for Mobile TV from Verizon Wireless to actually WORK with the LG10000 - Voyager, earlier tonight I noticed that the tiny TV logo was solid - meaning signal present! For 6 months of paying 10 dollars extra per month for the mere privilege of being able to receive the Mobile TV signal I would usually see an X in the TV logo. But, not tonight.
This is now uncharted territory, as having only seen the promo play while the phone fails to acquire a signal, I was presently surprised with the Channel Guide popup AND the first channel on the list was already playing audio AND VIDEO.
Yeah.
Now, I am one to play hunches, and my usual hunch about Verizon's Dongle-Pay first, answer consumer complaints second, I played the "this will NEVER work, but what the hell" hunch, and hooked up my laptop to the phone WHILE THE TV WAS STILL RECEIVING. I proceeded to run the internet connect software.
It worked - the TV went black for a second until I jogged the volume control - internet AND Mobile TV.
Both.
Finally.
Verizon does it RIGHT.

Now I can only expect that when Verizon realizes their mistake, they will "fix" this capability in the next firmware upgrade (which still at version 11 hasn't fixed the "I can no longer play audio files longer than 53 minutes with the lid closed, so that Imay carry the darned phone in my pocket; so much for trying to play any audio books from AUDIBLE.COM" bug. Playing such long audio files wasn't a problem with version 7)

So, Verizon, here's to musing, pondering, searching, waiting, and hoping for you to keep doing it right.
Posted by at No comments:
Labels: , , , ,

Hasbro donates 100,000 LightBrite pegs for artist's Last Supper

I won't comment until I can at least find the damned link.
Posted by at No comments:
Labels: , ,

Thursday, January 15, 2009

Fight "fires" with F.I.R.E.

Check this shit out, dudes-of-another !

http://thefire.org/index.php/video/9547 :


Chainsaw Etiquette at Colorado College
Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)