Can you trust technology?

Topic

New Reply

ON SECURITY By Susan Bradley The other day, a reader asked why I use a Lenovo laptop, expressing concern that it was built overseas and contained sens
[See the full post at: Can you trust technology?]

Susan Bradley Patch Lady

6 users thanked author for this post.

Perq, AlphaCharlie, teuhasn2, oldfry, JohnW, lmacri

Reply | Quote

Replies

Excellent, Susan!

FYI:  although our Cisco RVS4000 router is starting to age, it continues to operate reliably.

A few months back, I decided to dive into the administrator console.

Turns out, that router was already detecting and BLOCKING numerous “intrusion” attempts.

It has what Cisco calls an “Intrusion Prevention System”, which records the IP of each intrusion attempt.

Each IP can then be traced to the host system’s domain name, many of which are located in China.

Attached are a few screen shots of that “IPS” option in our Cisco RVS4000 router.

Reply | Quote

SupremeLaW wrote:

Turns out, that router was already detecting and BLOCKING numerous “intrusion” attempts.

It’s pretty much standard for any public facing IP address to be constantly scanned and probed. Your router is apparently doing its job!

That’s why it’s important these days to have a router between your computer and the public internet. Your 192.168.x.xx local addresses are by default hidden from the outside world, due to the nature of NAT (Network Address Translation).

But if your router has a security flaw that exposes it’s admin console, one of those external probes might just hack your router. Current firmware updates from the router vendor are always recommended! And if the router model is out of support, it may be time to think about a replacement!

5 users thanked author for this post.

OscarCP, wavy, BobbyB, Fred, SupremeLaW

Reply | Quote

Many thanks!

One of those IPS reports appeared to show a peak of activity at 5:00 AM when I am normally sleeping.

So, on a theory that hackers might be attempting WAKE ON LAN and/or WAKE ON MAGIC PACKET, I have modified the internal settings of each NIC in our home lab:

WAKE ON LAN = DISABLED

WAKE ON PATTERN MATCH = DISABLED

WAKE ON MAGIC PACKET = DISABLED

Reply | Quote

Hopefully the only way into your admin console is via your local LAN. Remote admin is a bit too risky for me.

1 user thanked author for this post.

SupremeLaW

Reply | Quote

Thanks.

I should add that we also DISABLED any “Remote Assistance” features in Windows.

On the rare occasion when a third-party vendor has requested that access mode, we simply tell them that it would violate our security policies, and that a different solution will be needed.

The ONLY exception we ever allowed was a Customer Support request to Microsoft, to fix high CPU activity on an otherwise idle HP workstation.

MS Tech Support escalated our problem, and a Tech Support expert helped us for several hours.

After that difficult problem was fixed, we DISABLED Remote Assistance again, and all related options e.g. Remote Desktop.

1 user thanked author for this post.

JohnW

Reply | Quote

Another policy we enforce is “NO WiFi”.

The LAN in our entire home lab is all hard-wired.

What convinced me was a “packet sniffer” that was expressly documented in the U.S. patent application for Google’s “Street View” technology.

 

Reply | Quote

Understood. There is a lot of information and misinformation out there regarding Wi-Fi security.

I am not as concerned about someone “sniffing” my packets, as I would be about someone joining my network uninvited. I run software that alerts me if any unknown device joins my network. Other than that, I use a very long random WPA2 password.

Someone would need to go to great effort to attack my network. I just don’t think that I’m a valuable enough target for that effort. Wi-Fi security doesn’t keep me awake at night. YMMV.

1 user thanked author for this post.

SupremeLaW

Reply | Quote

Isn’t it better to set the DNS on the machine rather than the router, because the machine setting takes priority over the router setting?

Thanks,

-p-

1 user thanked author for this post.

SupremeLaW

Reply | Quote

Paul wrote:

Isn’t it better to set the DNS on the machine rather than the router, because the machine setting takes priority over the router setting?

Thanks,

-p-

I do it on the router, as that covers all of my internet connected devices in one place.

1 user thanked author for this post.

SupremeLaW

Reply | Quote

JohnW wrote:

But if your router has a security flaw that exposes it’s admin console, one of those external probes might just hack your router.

Yes, ofcourse JohnW
Once I had a very ‘wise’ CO who stated that all was running smoothly, and he did not notice any flaws or whatever. Why give it a change then?
So it was time to have a break and walk 🥴

* _ the metaverse is poisonous _ *

2 users thanked author for this post.

JohnW, SupremeLaW

Reply | Quote

Whenever I surf the web, I use Firefox with NoScript installed. It is fascinating (and scary) to see all of the stuff that is running quietly in the background, that the vast majority of people have absolutely no awareness of.

When I first started running NoScript, I discovered immediately that Google scripts are running on pretty much every website you visit (even your bank’s website!), except that they don’t run on Microsoft websites. I came to realize that Google is silently “looking over your shoulder and taking notes” during the entire time you are surfing the web. As Susan said, you are the product; and all the free stuff that Google gives you is merely the bait that gets you putting your personal information out there, so that Google can then collect it and monetize it.

I also discovered that Microsoft scripts don’t run anywhere except on their own websites. In other words, Microsoft makes their money the old fashioned way – by selling products and services.

My trust of Microsoft grew a lot after I started using NoScript.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

8 users thanked author for this post.

Perq, KP, wavy, rc primak, SueW, Charlie, alejr, SupremeLaW

Reply | Quote

Simple answer is no.

You can not trusted technology but you have no choice. You can only try to limit the amount of data that is stolen from you. Technology was been made to spy, to record, and to monitor users for the years now. I remember back in the old days, working a building with others listening and noting everyone’s phone calls. Now it was replaced by computers and AI that do it and pickup the keywords that are marked. Even on internet, need to avoid them or use images to keep from getting flagged. Smart cell phone now allow 24 hours listen devices even when you turn them off. This is why have a batteries that can not be removed. Now most laptops have batteries built inside to make it more difficult for regular users to remove them and keep themselves safe.

There are more severe issues than computers made overseas. Most everything is now outsourced.

There are more issues with Google, Microsoft, Facebook, Twitter, and the other big agencies/governments/networks/businesses that are spying on you than the overseas companies spying on you.

This is one of the main reason Woody allowed for people to post annon on here. He understood how privacy is in other countries. Since he know that people did not have privacy in his home country. Susan has partial changed that since need to give a name and email but I can not give that. I care about my privacy more.

 

Reply | Quote

Converts non-autonomous cars into self-driving vehicles

NVIDIA Metropolis member makes cars autonomous using AI-enabled computer vision platform powered by NVIDIA Jetson AGX Orin.

Imagine driving a car — one without self-driving capabilities — to a mall, airport or parking garage, and using an app to have the car drive off to park itself.

Software company Seoul Robotics is using NVIDIA technology to make this possible — turning non-autonomous cars into self-driving vehicles.

Headquartered in Korea, the company’s initial focus is on improving first- and last-mile logistics such as parking. Its Level 5 Control Tower is a mesh network of sensors and computers placed on infrastructure around a facility, like buildings or light poles — rather than on individual cars — to capture an unobstructed view of the environment.

The system enables cars to move autonomously by directing their vehicle-to-everything, or so-called V2X, communication systems. These systems pass information from a vehicle to infrastructure, other vehicles, any surrounding entities — and vice versa. V2X technology, which comes standard in many modern cars, is used to improve road safety, traffic efficiency and energy savings…

https://www.youtube.com/watch?v=6bjhtynL_cw&t=4s

Reply | Quote

Imagine driving a car — one without self-driving capabilities — to a mall, airport or parking garage, and using an app to have the car drive off to park itself.

I cannot imagine such a thing. For if my app can do it, someone else’s app can too.

Group "L" (Linux Mint)
with Windows 8.1 running in a VM

1 user thanked author for this post.

OscarCP

Reply | Quote

MrJimPhelps wrote:

I cannot imagine such a thing. For if my app can do it, someone else’s app can too.

No.

There are already self-parking cars, just like keyless cars.
Would you think that anyone can park/start these cars with any smartphone ?
The connections between the apps and cars are secure with unique id.

Reply | Quote