Wednesday, October 29, 2014

This site is officially closed, but the story continues at my other site.

Please go to louisbrowntruths.wordpress.com.

Thank you for your continued support.

Wednesday, October 22, 2014

The Best Hacking to Date?

It was rumored this week that the latest company to be hacked into was Staples.

Honestly, I am not surprised as I mentioned that this would happen back a few months ago.

Apparently, the company has the authorities looking into this hacking, but has not made any official announcement regarding any hack on its credit card system.

The word is that the affected area was the northeastern part of the U.S.  This would mean possibly that the areas would include New England and possibly New York and further.

Since no other details have been given, I am not going to speculate on the scope of the hack, but I expect that Staples will release that information soon hopefully,

However, it should be noted that Staples has been the only company that has not formally come out and admit to being hacked after it was announced publically by a third party security blogger.  This leads to a couple of questions:

·         Why is Staples reluctant to admit to the hack? 
·         Are they afraid of losing sales?
·         Are they afraid that their stock price will plummet on the formal news as other companies have already have happen?
·         And most importantly, are they afraid it will be over for their company?


While I can’t answer any of these questions, it should be of no surprise to readers of this blog that Staples is in denial of any hack to their company.  After all, Staples is known for their underhanded ways of doing business and of course all of their lies.

I expect to report back in some future post when more is known about this hack, but until then we are all left sitting on our hands.

IMPORTANT ANNOUNCEMENT:

To those of you who follow this blog through the Blogger service, this message pertains to you.  This site is at http://louisbrowntruths.blogspot.com/.

For those who go to the above mentioned site, this will be the LAST post to that site.  I have been thinking about ending support for this site since the WordPress version has caught fire.  However, my answer was made much easier over the last few weeks for the following reasons:

·         Microsoft has discontinued support for Microsoft Live Writer, which was the main program that I used to post to Blogger.  Many of the add-ons haven’t worked for months so the posts got no exposure through Facebook or Twitter.   
·         There were only 2 known followers to that blog site.  Supporting 2 followers is impractical given the time it takes to make a version for Blogger.  If I had more followers, I may have continued to post to that site.  It just is not practical.
·         Finally, Google search only shows my WordPress entries and not the Blogger posts.  It is ironic for an application owned by Google doesn’t even show up in their own search results. 

So overall unless you stumbled upon the blog, you would not even know it existed.  I feel that the time saved in transferring the blog over will allow me to spend more quality time in the WordPress version.  Hopefully, no readers feel slighted by this elimination.  All of the posts will remain on this site until either Blogger is closed down or they decide to close my site down due to inactivity.

In a way, I feel sad about ending that site as this is where it all began but I believe it is the best for everyone.





Wednesday, October 8, 2014

More Hacking for Your Enjoyment (Part 2)

WARNING: The following blog post contains adult content that may be offensive to some readers. Discretion is highly advised.

This is a story that I was once told by one of the Staples techs never to tell but I feel now is a good time to tell it.

Back about 6 years ago (approximately 9 months before I was forced out of the company), a father came in with his teenage daughter (probably 15 years old) to have some technical work done on her computer. At first this seemed just like every other repair request that is done in our store.

Later that day when the technician started to check out the system integrity, he came across the pictures folder. Interestingly enough, the teenage girl had the setting to show all the pictures in the folder set to large icons.

At this point, the technician clicked on the first picture to enlarge it and discovered something shocking. Here was a picture of that teenage girl displayed in all her naked glory. Yes, she either took a picture of herself or somebody else took a picture of her. The technician and I looked at each other in complete disbelief in what we were seeing and quickly went to the next picture. The next picture was even more disturbing. It was a picture of a teenage guy in his fully exposed birthday suit. At this point the technician looked at no further pictures and decided to quickly continue on with the rest of system integrity investigation.

Disclaimer: I honestly don’t know what the policy of Staples is/was at the time regarding child porn, but I know that it should not be acceptable under any circumstances. Whether the technician should have notified management on what he saw on this machine is debatable, but there was no question of its legality. I also don’t know if the proper authorities should have been contacted over what was on the computer in question. Let me say that I don’t know if this had ever happened before this but if it had, it was never brought up in any discussion. I would also say that I don’t know what the policy of any other retail repair company’s policy is regarding this matter.

The next day when the father and daughter came back in to pick up the laptop, it was obvious from the girl’s expression on her face that she might have realized that something was very wrong with what she had been doing on her computer. Something inside of me was almost tempted to blurt out to the father to say something like “we saw your daughter and a guy naked on her computer”. However my better instincts told me not to say anything like that as I would presume that the girl would never see her next birthday.

Of course this story leads me into the topic of all the celebrity hacking of naked pictures from Apple iCloud services. While some celebrities have denied that the pictures are real, others have said that they are, while a third group has remained on the fence neither confirming nor denying the truth of the pictures.

Like the teenage girl mentioned above, these celebrities certainly should have known better than having pictures of them floating around in the internet despite the fact that they should have been protected in a cloud environment. With so much hacking going on, it was only time before somebody would start hacking cloud services.

While celebrities like Jennifer Lawrence have come out to say that anybody who looks at the pictures are creating a “sex crime”, this is nothing but hypocritical behavior especially since she is the one who posted the pictures online in the first place. To have anybody think otherwise would be stupid.

A week after the first group of celebrity hacked pictures were released; Apple Computer CEO Tim Cook introduced the world to Apple Pay. This new system is supposed to create a sort of virtual wallet for your credit cards on your smartphone so that it would be easier to pay for purchases at retail stores. From what I have read is that this system uses a fingerprint password system on the smartphone to activate the wallet then the customer waves his phone over or around the retailer’s cash register’s pin pad.

While this sounds great in concept, there are 2 major problems that I would like to bring up. The first is that the fingerprint doesn’t have to be a “live” fingerprint meaning that anybody who has access to that fingerprint could use it to access a possibly stolen phone. Of course given the recent problems with the most recent iOS upgrade regarding fingerprint technology, this doesn’t seem as foolproof as it possibly could be or maybe ever be. I expect somebody to be able to hack and workaround that system very soon.

The second problem is the waving of the smartphone over another unit. Anybody who might be nearby could possibly pick up the signal as it is being transmitted from phone to pin pad thereby capturing the credit card information before it is processed. Since many companies have unsecured Wi-Fi access, it probably is the same system that is used to transmit credit card information meaning that a thief may not even have to be close by to steal somebody’s information.

Which finally leads me to this point: Staples is one of the first companies to want to adopt this new Apple Pay system. Given all of the problems with Staples in the past, do we dare trust them to have a secure payment system with this idea? My thought is that no way they can be trusted given their wretched past.

Overall, Apple Pay sounds as safe to use as iCloud. Why not combine the 2 and do full body scanning in the store that way nobody could steal your personal information? On second thought, there would be no more privacy to give up. I really don’t think Staples would really go for that no matter what stupid things they do.