I am running for the (ISC)2 Board of Directors in 2017, and need to collect 500 emailed signatures for the petition. See why I want to take on this volunteer responsibility and how you can help in THIS POST. It only takes a moment and I really appreciate it.
Yesterday was one of the longer trips I’ve had in a while. This trip was from Tampa two DFW, then To San Francisco. It’s a pretty long day of travel when you’re going across the country like that, and that just means more opportunities for interesting things.
In this case, we started out in Tampa boarding a “Super 80” aircraft. Now let me tell you, there is nothing super about a “Super 80”. It’s about 116 years old and considered a narrow-body. That means two seats on one side of the aisle and three seats on the other. This is an updated version of the DC-9 and was launched back in 1979. Let this be a reminder to me to double-check the aircraft when I book flights.
So I got on the plane, and got to my seat. For me this is the most important part. I just want to get in my seat let everyone board and relax. As we were all loaded up and getting ready to head out, I started hearing some noises even through my Bose headphones. It was sobbing and hysterical crying from the gal two rows ahead of us. My first reaction was to be a little annoyed, thinking that this was just a case of someone afraid to fly. However, it became fairly clear that it was more than that. I was able to discern some phrases related to somebody passing away, So I felt a bit bad for her. I felt even worse for the people sitting next her, who did not know her and were now quickly becoming a part of the drama. I personally was in flight heaven, because the middle seat in My row was empty. Once that was clear to me, I could deal with just about anything… so I thought.
About an hour into the three-hour flight, the person in the seat in front of me decided to recline. This was not a gentle action, this was more of the action of an angry Hun who’s decided to lay back. If I hadn’t had anything on my tray table, it would’ve been game over. Another side effect of the ”Super 80 “ is that the seats were apparently designed to recline completely into somebody’s lap. Maybe things were more friendly back in the 1930s when these planes first took to the sky, but I was practically gaining a family member here. This did not deter her however, and we spent the rest of the flight like this. I have to admit, I was a bit annoyed around landing time, as the attendance did not have her put her seat up for landing. Now for me, it seems like if the seat is even slightly reclined they’re all over me like a pack of wild hyenas when it comes time to land.
So we made it on the ground safely, and as we’re getting ready to deplane, any sympathy I had for the lady that had been crying was lost. Now I was a sailor and supported the Army for a long time, but the string of obscenities coming from her mouth, very loudly, would’ve made a 1st Sergeant blush. There was a lady about two rows ahead of her who I’m pretty sure was filing her toothbrush down to a shiv so she could shank the lady as she walked by. If looks could’ve killed, this lady would’ve been vaporized where she stood.
Having survived this flight, I was able to move onto my next connection to San Francisco. This was mostly uneventful, with exception of the boarding. What was unusual was, the TSA was at the gate in force. They did an identification recheck on everyone boarding, Then as we went down the hall toward the plane, they had a dog sniffing every person, and Johnny McBigKnuckles standing at the end of the walkway. I’ve never been so intimidated by rubber gloves. This flight was on an Airbus 321, which was a world of difference. Everything is better on those planes including the in-flight entertainment. Over the next four hours or so flying, I did watch the Deepwater Horizon movie and thought it was pretty good. We landed without incident, And I was able to find an Uber pretty quickly. The ride into town was mostly uneventful, with the exception of the driver who thought he was in some sort of race. Let me tell you, in the hills of San Francisco, a fast driver can give you all the butterflies in your belly you ever need.
I’m staying in a very nice hotel called ”The W” in downtown San Francisco. It’s a very nice hotel, but a little more upscale than I’m comfortable with. I’m a blue-collar meeting potatoes sort of guy, in these folks are all refined and whatnot. On a plus note, my hotel room is full of booze, and a very interesting glowing Buddha. At five bucks for a bottle of water, I can’t imagine how much they get for the Patron.
This bed was one of the more comfortable ones I’ve been in at hotels. My sleep was therefore fantastic and my dreams were filled with happy visions filled with the soft pink light of the glowing Buddha. I was up a bit early as expected due to the time change. I’m trying not to adjust since I’m only going to be here through tomorrow.
Today should be a lot of fun as I’m doing a very interactive talk. I really like the sorts of events. I look forward to sharing with you how my day goes tonight or tomorrow morning. Thanks for reading.
Yea though I walk through the valley of flights, I fear no evil…
Well, that’s not exactly true. You see, I do a lot public speaking and therefore travel a lot. Some things do cause me some stress, maybe not exactly fear, but definitely stress.
Mostly this revolves around the fact that I am an airline snob. Yep, I will freely admit that when I fly, I place a high value on the experience. You see, I really hate the traveling part of travel. More specifically, I hate the flying. I’m not afraid to fly, but the experience is not pleasant or exciting for me. I love interacting with the people once I reach my destination, but until that point, I could do without the travel part.
I have decided to document my travels a bit because they can be pretty entertaining. Who knows, maybe we can even learn a thing or 2. Either way, I hope we can have some fun with this. These will be documented under the “Stories from the road” category.
If you want to make sure you don’t miss any of these future episodes, subscribe to this blog up on the top right and you can get notified of my updates via email.
Select Restaurants Inc., which owns a number of other brands, appears to have suffered a POS malware related breach. POS vendor 24×7 Hospitality Technology notified customers that its system was compromised after being hit with PoSeidon malware, which grabs data of swiped cards.
It will be interesting to see where the liability comes to rest here. A couple of things are in play as Select Restaurants obviously outsources CC processing, however if EMV processing was not enforced or available from the vendor and that would have rendered PoSeidon malware ineffective, the banks may go after the vendor for the cost of card reissuance.
This could be unfortunate for Saks Fifth Avenue if the data is found to be used for malicious purposes. In this case, even though it’s just a phone number and email address, this is prime info to perform a very targeted phishing attack with an SMS or voice followup, on some potentially elite (a.k.a. not broke) clientele.
Please note, this is a reposting of some previous entries made in 2016 when my position was eliminated and I found myself unexpectedly unemployed. This is being reposted here simply for the purpose of preservation as I am not maintaining the old site much. In any case, enjoy if you feel like reading it:
Day 17 and 18 of unemployment – Bathrooms and Suburban Gangs
Sorry about the lack of updates, but it’s been a busy couple of days folks. It all started with the crappy weather. Because it was crappy, I could not do the sawing I needed to finish up some kitchen trim pieces, so I decided to take on the simple task of re-caulking the bathtub/shower area in our downstairs bathroom. It had some mildew stains and did not look very nice.
Yeah, so I would like to share the following message with my fellow human beings…
If you don’t know how to properly caulk a tub, just don’t. Hire someone, please? Honestly, the amount of effort I had to put in to taking this old caulk out was ridiculous. I don’t know what they used, but it seemed to be part caulk, part Adamantium. I’m not even sure how many razor blades I broke, both straight edge and utility knife types. After about 2.5 hours, I finally got the major part of the silicone removed.
During this time, I started to notice how bad the grout was. Dangit! I should have just focused on the super-caulk, but once seen, something cannot be unseen. Suffice it to say that this generated multiple conversations about replacing the tile vs regrouting, changing colors, 6 or 12 tiles, etc. This led in to the inevitable, “I really don’t like the counter top or cabinet” conversation. Here I am a day later, with a new countertop/sink, lighting fixture, a new dremel tool and a plan to regrout.
I also removed the shower doors and frame (so 1990’s, sheesh). Now I have been working on removing the white grout with the dremel. Let me tell you, this is dusty, dirty work. Jen got me some dust masks, but I had already started working before she got home from the store. Let me tell you, I’m going to have white-grout boogers for a month. I also looked like a coke head with all the powder around my nose and have a feeling if I had gone somewhere and been pulled over, some rubber gloves and close inspections would have followed. Bad boys, bad boys, whatcha gonna do?
While I was working, the mandrel for the grout removal wheel broke off. There were diamond coated wheel parts flying around everywhere. Smacked me square in the arm. I’ve taken a break for the night and will regroup after church in the morning. Enough is enough.
While we were out looking at sink tops and other bathroom stuff, I noticed something odd happening in our little part of suburbia. The children seem to no longer walk anywhere. They only move by hoverboard. You see them in small wheeled mobs and I even saw one kid playing basketball while riding one. I have my suspicions that hover-gangs are forming in the hood. I won’t be surprised to see tweens sporting 3-patch colors on their “My Little Pony” backpacks saying things like, “Flow-Rida’ in the hizzouse ya’ll, better step off or you gonna get whacked wit my Scooby-Doo lunchbox. BTW, you wanna buy some Girl Scout cookies? I got ‘yer fix, yo!”
Ah, the youth of America. It’s a disturbing trend. I’ll admit, I have not been a fan of those since almost getting run down by a hipster riding one while pulling his back behind him in the Houston airport. I wanted to smack the venti salted-caramel-Frappuccino-with-an-extra-shot-and-soy right out of this hand and feed him that board instead. He was lucky violence is frowned upon in airports. It was a while ago now and I know the airlines have banned them. I’m not bitter at all though. Really.
Another thing I learned while shopping is to stay in the car when your wife and mom go in to Hobby Lobby. No good can come of following them in. I swear at one point I was standing there talking to them, looked down and when I looked up, they were gone in a puff of glitter and yarn fragments. Took me like 20 minutes to regroup with them. I found a seat and got comfy. I had their purses in the cart, so I knew they wouldn’t get far. Next time, I stay in the car and listen to the radio.
On the job front, I am still hoping to hear back soon from the two places I have been interviewing with. I did apply to about 5 or 6 new opportunities last week and today I got a message on LinkedIn from a person I had dealt with while at my last job. He saw that I was between jobs and wants to see about having a talk on Monday. I’m excited because I’ve always been a big fan of their product and them as a whole, so I want to hear what he has to say. I really hope we get to chat.
So, that’s what I’ve been up to. I’ll keep you all posted as things progress.
Hackers were able to get in to an unsecured database and get about 2.3 million names, 2.4 million email addresses and about 290,000 phone numbers, birthdates, etc. Many of the users are teens and the app is in the top 10 apps for iPhone, so it certainly has a following.
The Association of British Travel Agents (ABTA) suffered a breach of records for up to 43,000 people. Record details vary depending on the individual, but most are email address, encrypted password and basic contact information. The source of the breach is not mentioned.
And again with the W2s. This time it was the city of San Marcos that got scammed out of W2s. This impacts every city employee, about 800 of them and was only discovered after city employees found that their taxes had already been filed. As usual this was due to a phishing scam similar to the CEO Fraud emails (a.k.a. Business Email Compromise) which targets money transfers. Unfortunately, when a W2 is lost, it impacts the employee for a long time afterword.
To counter this, you need to train folks that have access to, or work with this sort of data to be very cautious what they send and to whom. When dealing with large amounts of money or sensitive data, it’s a good idea to implement a policy that requires a phone conversation (not recorded call) before sending anything.
Now this is a just a low blow. A new strain of ransomware called “Kirk” is in the wild. Unlike most strains, this one uses Monero instead of Bitcoin for payment. Once you do pay, it provides a decryptor called “Spock”. The bad news, it doesn’t look like the ransomware can actually do the decryption at this point, so they are effectively dragging poor Spock’s name through the mud. That’s just wrong! It does have a cool ASCI art ransom screen though
The good news? It looks like it’s being spread by passing itself along as a copy of LOIC (Low Orbit Ion Cannon), so if you aren’t dorking around with tools like that, you should be ok.
So help me, if they do something like this based on a Firefly theme, I’m going to hunt them down and smack them up side the melon by myself.
A hacker claims to have hacked some outdated vBulletin sites, resulting in about 800k accounts being collected. This was done by exploiting a SQL injection flaw in out-of-date vBulletin installs. While the data includes hashed passwords, and probably aren’t for super important stuff, the concern here is password reuse and the ability to use this data to get in to other accounts, or use it to socially engineer the folks on the list.
Imagine getting a phishing email from one of the domains, linking to the hack and asking for a password reset, but sending you to a credential phishing site. This is one scenario where the info could be used to collect reused passwords.
I strongly recommend using a password vault, like Lastpass or something similar to generate and store random passwords for websites. Protect this with a strong passphrase and 2-factor authentication, and you can go far in securing your online accounts.
FWIW, the domains that are claimed to be hacked are: