Tag Archives: security

hp-drm-og_0

HP “Time Bomb” Locks Out 3rd Party Ink Cartridges

Posted on by
The Guardian Alex Hern
Hewlett-Packard printers have suddenly started rejecting ink cartridges produced or refilled by third parties, apparently due to a “ticking timebomb” left by the manufacturer in an update released in March 2016.
The printers, in the company’s OfficeJet, OfficeJet Pro and OfficeJet Pro X ranges, accepted refills made by third-parties and sold at a significantly lower price than the official ink made and sold by HP itself. But on 13 September, the printers began to reject those refills, with error messages including “cartridge problem”, “one or more cartridges are missing or damaged” and “older generation cartridge”.
Adding insult to injury, the printers themselves have not received a software update recently, suggesting that the last update, six months ago, had a delayed-action effect. In doing so, it prevented affected users from getting the word out about the lockdown and discouraging others in a similar situation from updating their own printers.  read more…
UPDATE  HP issued a non-apology and made it possible for users to back out the change by applying patched firmware to their printers.  See the HP Blog Post. “As a remedy for the small number of affected customers, we will issue an optional firmware update that will remove the dynamic security feature. We expect the update to be ready within two weeks and will post additional information here as it becomes available”.  Emphasis is mine.
mac-virus-trojan

Protecting Macs from Viruses and Malware

Posted on by

March 11, 2016

For many years, computer viruses and malware were mostly the concern of Windows users.  Mac users faced very few threats. This has been atributed to the Mac’s sibgle digit market share and, some have argued, a more secure product.  One common misconception was that Macs were somehow imune from viruses and malware.  While the number of threats may pale in comparrisln to Windows, Macs are indeed suseptible to attack and more and more are appearing.  The time has come for Mac users to make secutity a priority.   

In the last few weeks, researchers have found the first Mac Ransomware malware in circulation.  Ransomware is software that encrypts the files on a computer making them unuseable to the owner.  The person controllling the malware then demnads a ransom to unencrypt the files.  In most cases, the victim has only 72 hours to pay or the ransom or the malware author threatens to eraswe the key that is needed to restore the files.  Regardless of the size of your business, the loss of data can be davastatiung.  

Add these new threats to hardware failures and theft and the need for a well thought out and executed computer protection plan is more important then ever.

You can find my Mac security recomendations here.

 

 

Rarely Patched Software Bugs in Home Routers Cripple Security

Posted on by
 
 
By JENNIFER VALENTINO-DEVRIES WSJ
Jan. 18, 2016 11:58 a.m. ET
 
In late 2014, a small Massachusetts software company got an ominous email: A computer-security researcher said a flaw in one of its programs put millions world-wide at risk of being hacked.
 
Engineers at the company, Allegro Software Development Corp., analyzed the flaw in the program, which can help users access the controls of home Internet routers. They quickly realized something strange: They had fixed this bug nearly 10 years earlier. But it lived on, even in new devices.  Read the article at WSJ

library_congress

Librarian of Congress Renews and Expands Protections for Fair Uses

Posted on by

The new rules for exemptions to copyright’s DRM-circumvention laws were issued today, and the Librarian of Congress has granted much of what EFF asked for over the course of months of extensive briefs and hearings. The exemptions we requested—ripping DVDs and Blurays for making fair use remixes and analysis; preserving video games and running multiplayer servers after publishers have abandoned them; jailbreaking cell phones, tablets, and other portable computing devices to run third party software; and security research and modification and repairs on cars—have each been accepted, subject to some important caveats.

The exemptions are needed thanks to a fundamentally flawed law that forbids users from breaking DRM, even if the purpose is a clearly lawful fair use. As software has become ubiquitous, so has DRM. Users often have to circumvent that DRM to make full use of their devices, from DVDs to games to smartphones and cars.

The law allows users to request exemptions for such lawful uses—but it doesn’t make it easy. Exemptions are granted through an elaborate rulemaking process that takes place every three years and places a heavy burden on EFF and the many other requesters who take part. Every exemption must be argued anew, even if it was previously granted, and even if there is no opposition. The exemptions that emerge are limited in scope. What is worse, they only apply to end users—the people who are actually doing the ripping, tinkering, jailbreaking, or research—and not to the people who make the tools that facilitate those lawful activities.

Read more …..

Android logo

Bug Lets Hackers Into Nearly Any Android Phone Using Nothing But an MMS Text Message

Posted on by

A major flaw in Android software allows an attacker to take complete control of a device by simply sending a specifically crafted media text  message.  The flaw was first reported by Zimperium zLabs VP of Platform Research and Exploitation, Joshua J. Drake – See more at: http://blog.zimperium.com/experts-found-a-unicorn-in-the-heart-of-android/#sthash.92fOeK4Q.dpuf

To kitigate the threat until an Android device receives a patch, go to Hangouts, select the menu in the upper left and select Settings.  SElect the SMS settings, scroll down until you see "Auto retrieve SMS and UNCHECK that box.  

GPG Tools Logo

GPG Suite for Mac – Privacy for People

Posted on by
The GPG Suite for Mac provides everything you need to get started with secure communication and encrypting files in one simple package.  While no longer free unless you compile the code yourself, it is still worth the cost  ($24 per major relase) untill Apple builds encryption into Mac Mail.  
 

Use GPG Suite to encrypt, decrypt, sign and verify files or messages. Manage your GPG Keychain with a few simple clicks and experience the full power of GPG without too much hassle.

One shouldn't need to set up sophisticated encryption tools to protect their private mail, documents and records.  Amendment IV to the U. S,. Constitution reads:

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no warrants shall issue, but upon probable cause, supported by oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.