Image Courtesy of Brian Smale and Microsoft — Image Courtesy of **Brian Smale and Microsoft**

MSFT Drops OS Ball, Again

November 02, 2018 by Marc Handelman in Oops!, Operating System Security, Or Lack Thereof

Why is Microsoft Corporations' (NASDAQ: MSFT) CEO Satya Nardella touting underwater servers instead of focusing on the plight of current Windows Server and Desktop users dealing with the apparent incompetence of Microsoft staff and contractors running Windows Update systems? (With the latest screwup in Windows Update-land - the bad code pushed out to users in the October 2018 Update that deleted user files, and other necesary system files - is as of today NOT not fixed which caused the company to pull the October Update - and it's now November...) Is it the money from the cloud profit center (otherwise known as Azure) that's 'clouding' his vision? You be the judge!

GrrCon Augusta 2018, Joshua "Naga" Crumbaugh's 'Guaranteed Failure: Awareness The Greatest Cyber Insanity' →

September 28, 2018 by Marc Handelman in Conferences, Education, GrrCon Augusta, Information Security, Security Awareness, Or Lack Thereof

Videography Credit: Irongeek (Adrian Crenshaw).

Amazon, The Rekognition Fail

July 31, 2018 by Marc Handelman in Hubris, Corporate Evil, Corporate Accountability, Or Lack Thereof

This situation - the failure of a highly touted Amazon Corporation (NasdaqGS: AMZN) machine learning/psuedo-artificial-intelligence API/Database construct known as 'Amazon Rekognition' - is a Prime example of large-scale, resilient corporate hubris. Highly disappointing, yet the stock is not suffering... And, then there's this.

The Polar Exposure →

July 08, 2018 by Marc Handelman in Information Security, Or Lack Thereof

via the eponymous Ms. Smith, whilst writing at CSO, has detailed another Polar branded (Polar Flow) fitness tracking app exposure of service member's personally identifiable information (specifically locale, names and addresses). The flaw includes all users, even those who explicity set their particulars to private. Bad news for your Sunday morning jog...

Polar makes an online map available to its users and displays all their exercise routes and locations since 2014. According to an investigation by Bellingcat and De Correspondent, that map can also be used to let “anyone” find the names and addresses of military and intelligence agency personnel, as well as names and addresses for “personnel at nuclear storage facilities, maximum security prisons, military airports where nuclear weapons are stored, and drone bases.” - via Ms. Smith reporting for CSO

via Luke Kingma & Lou Patrick-Mackay at Futurism Cartoons — **via** **Luke Kingma** & **Lou Patrick-Mackay** at **Futurism Cartoons**

Luke Kingma & Lou Patrick-Mackay's 'Door To Door Data Miners' →

June 28, 2018 by Marc Handelman in Satire, Sarcasm, Security Humor, Privacy, Or Lack Thereof

Buys your location data, doesn't seek permission... Time to call your attorney!

AT&T, Verizon, T-Mobile, AT&T, Sprint: We're Selling Your Location Data To Prison Tech Company. Nothing To See Here!

May 17, 2018 by Marc Handelman in Blatant Stupidity, Privacy, Or Lack Thereof, Demise of Privacy, Information Security

via Zack Whittaker, writing at ZDNet's Zero Day, exposes the selling of mobile device location data (for all customers) to a prison technology-focused organization monikered 'Securus. Where's the consent? H/T

DOD, The Banning →

May 07, 2018 by Marc Handelman in National Security, Hardware Security, Or Lack Thereof

DOD Bans On-Base Sale of Huawei, ZTE Mobile Devices

via Graham Cluley, writing at GrahamCluley.com, comes this interesting story, originaly via Stu Woo and Gordon Lubold, both at The Wall Street Journal, in which, Messrs. Woo and Lubold detail the banning of Huawei and ZTE mobile products from Exchanges On-Base , world wide.

“Huawei and ZTE devices may pose an unacceptable risk to the department’s personnel, information and mission,“ said Army Maj. Dave Eastburn, a Pentagon spokesman, in a statement. “In light of this information, it was not prudent for the department’s exchanges to continue selling them.” - Dave Eastburn, MAJ US Army, a US Department of Defense spokesman - via Stu Woo and Gordon Lubold, both at The Wall Street Journal

Twelve Percentile →

November 27, 2017 by Marc Handelman in Cyberthis Cyberthat, Information Security, Cybersecurity, Cybersecurity Competence, Or Lack Thereof

Deaf, Dumb and Blind, but they sure play a mean pinball..., or, why only 12% of companies can detect a so-called 'sophisticated' cybersecurity attack.

Developer Errors Exposes 180 Million Phones to Compromise →

November 14, 2017 by Marc Handelman in Cellular Telephony, Mobile Security, Mobile Telephony, Mobile Networks, Lack of Security Regimen, Or Lack Thereof

Oops, They Did It Again! Coupled with the other well-known security issues (e.g., the recently exposed (but decades old) SS7 Flaw) this latest display of security-related development governance (or lack-thereof) by the MNO's is highly dangerous; and spans borders.