Featured Posts

<< >>

Password Insecurity – 2015

As readers of Bach Seat, you have protected your personal data with strong passwords, but Engadget warns that when hackers seize control of unenlightened users computers, the resulting “botnets” can cause plenty of mayhem and collateral damage to enlightened users who take their online security seriously. There are ways to deal with these users who

Palm Now A Chinese Mobile Company

Lets take a trip on the way-back machine and visit the first cool – gotta-have it tech toy, the Palm Pilot. I had several versions of the Palm Pilot, The Palm V was the best version, but the  PalmOne-m515, had a color screen. The oft traded PDA builder moved from Palm to modem-maker US Robotics,

Who Runs The Internet

While no one “owns” the Internet (for now, despite republican plans) there are a handful of companies that control the Internet. Unless you are a geek, most of these organizations fly under the typical users radar. The first organization that is actively trying to take over the functions of the Internet is the United Nations

2014’s Major Web Vulnerabilities – Heartbleed, Shellshock and POODLE

2014 was the year of cyber-security mega-vulnerabilities. What makes mega vulnerabilities unique are they strike at the core of the Internet infrastructure and can impact nearly every connected device and every Internet user on the globe. 2014 saw the emergence of three mega-vulnerabilities Hearbleed, Shellshock and POODLE. Heartbleed, Shellshock and POODLE were the top three major

More Competition – Birch Enters Detroit Market

Atlanta-based Birch Communications a technology service provider of IP-based communications, broadband, cloud and IT services to small, mid-sized, enterprise and wholesale businesses is expanding into Detroit. Birch already operates in all 50 states, Washington D.C., Canada and Puerto Rico. The firm is opening a new sales branch office in Livonia, MI, and expanding its sales force according

Password Insecurity – 2015

Password Insecurity - 2015As readers of Bach Seat, you have protected your personal data with strong passwords, but Engadget warns that when hackers seize control of unenlightened users computers, the resulting “botnets” can cause plenty of mayhem and collateral damage to enlightened users who take their online security seriously. There are ways to deal with these users who refuse to close the holes on their computers.

PasswordsThe depressing part is that one of the biggest holes is the easiest to fix: terrible passwords as I have documented again and again. Despite all of my rantings, SplashData has just released its annual list of the worst passwords compiled from more than 3.3 million leaked passwords during 2014 and the article observes that things haven’t changed over last year.

2014's 25 Worst passwords

 2014201320122011
1123456
123456
password
password
2password
password123456
123456
31234512345678
12345678
12345678
412345678
qwerty
1234
qwerty
5qwertyabc123qwertyabc123
612345678912345678912345
monkey
71234
111111dragon
1234567
8baseball
1234567pussy
letmein
9dragoniloveyou
baseball
trustno1
10footballadobe123
football
dragon
111234567123123
letmein
baseball
12monkey
admin
monkey
111111
13letmein
1234567890
696969
iloveyou
14abc123
letmeinabc123
master
15111111photoshopmustang
sunshine
16mustang1234michaelashley
17accessmonkey
shadow
bailey
18shadow
shadowmasterpassw0rd
19mastersunshinejennifer
shadow
20michael
12345
111111
123123
21supermanpassword1
2000
654321
22696969princessjordansuperman
23123123azertysupermanqazwsx
24batmantrustno1harleymichael
25trustno10000001234567football

SplashdataSplashData says the most common stolen password is still “123456,” which edged out perennial groaner “password.” Other top picks in the an alphanumeric hall of shame are “12345678,” “qwerty,” “monkey” and new this year, “batman.”

Online security author Mark Burnett, who wrote the book Perfect Passwords claimed in the presser that the top 25 account for only 2.2 percent of all passwords exposed. The good news is that fewer people are using bad passwords than in 2013, perhaps thanks to some well-publicized data breaches at Sony, Target and elsewhere.

Good passwordSplashData reminds folks to create good passwords with at least eight mixed characters — preferably more — not based on easy-to-brute-force dictionary words.

As pointed out by Buffer Open, other methods include pass phrases, mnemonic devices and other memory tricks.

You shouldn’t use the same password on more than one site. Use one of the many password managers out there, like LastPass or SplashID. Those let you access your entire collection of passwords with just a single passphrase — one that had better be a lot stronger than “123456.”

rb-

If your favorite password is on the list, you should change it now.

For those doing the math, 53% of the weak passwords appeared in multiple years; 27% of these weak passwords appeared in all 4 years and 16% appeared in 3 different years.

Passwords can’t die soon enough. At some point we are just going to have to say to bad, so sad, but they keep making the rest of us sick, just like anti-vaccine crazies  like Jenny McCarthy, who have brought back whooping-cough to Michigan.

 

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Palm Now A Chinese Mobile Company

Palm Now A Chinese Mobile CompanyLets take a trip on the way-back machine and visit the first cool – gotta-have it tech toy, the Palm Pilot. I had several versions of the Palm Pilot, The Palm V was the best version, but the  PalmOne-m515, had a color screen. The oft traded PDA builder moved from Palm to modem-maker US Robotics, which was later purchased by 3Com then Handspring, then PalmOne/Source and finally purchased in 2010 for $1.2 billion by HP, where many tech firms go to die.

PalmNow ChinaTechNews.com reports that the Chinese consumer electronics group TCL recently announced that they will acquire the Palm brand from HP as part of Meg Whitman’s struggles to right the floundering HP (HPQ).

Li Dongsheng, chairman of TCL Group, told the author the Palm acquisition is different from their earlier purchase of Alcatel’s mobile division. According to the Chinese firm, Palm has its fans in America and its operating ideas are similar with Apple (AAPL) and this type of fandom can give Palm strength. Li said the Palm brand still has value in some of the global markets and people expect its re-emergence to continue to offer innovative products.

ChinaAccording to the article, TCL will launch new Palm products at the end of 2015. TLC plans to position Palm as a high-end smartphone brand.  Maybe in China, the Palm name is an innovative mobile terminal brand, which will be closely related to users and fans.

Variety reports from CES that TCL said that it will re-create Palm in Silicon Valley. In the statement TCL claims:

Palm has always carried a lot of affect and emotions … That’s why TCL has set the direction to rebuild the brand involving Palm’s very own community, making it the largest scale crowdsourced project ever seen in the industry.

The firm will back the crowdsourced development of new Palm products with 5,000 engineers and seven research and development centers around the world.

Guo Aiping, CEO of TCL Communication, told ChinaTechNews.com that this acquisition is limited to the Palm brand and it does not include other assets such as employees.

rb-

First, another US company sold to the competition. Just saying.

I agree with ArsTechnica they hypothesizes this move could be seen as TCL’s attempt to break into the US smartphone market under a well-known brand. Other Chinese companies such as Lenovo, which now owns Motorola, have a similar strategy of operating in America under a well-known brand.

 

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

Who Runs The Internet

Who Runs The InternetWhile no one “owns” the Internet (for now, despite republican plans) there are a handful of companies that control the Internet. Unless you are a geek, most of these organizations fly under the typical users radar.

The first organization that is actively trying to take over the functions of the Internet is the United Nations International Telecommunications Union, in my and many other opinion an out-dated, pointless throw-back to the days of the telegraph, with polices to match. I covered the last power grab by the UN’s ITU here.

Next is the Internet Architecture Board (AIB). The IAB is the overseer of the technical evolution of the Internet. The IAB supervises the Internet Engineering Task Force (IETF), which oversees the evolution of TCP/IP , and the Internet Research Task Force (IRTF), which works on network technology.

The IAB declared a major strategic move for the Internet. The Internet Architecture Board is calling for global encryption on the web (which I have covered many times from my Bach Seat) to become the norm across the Internet in a move to lock down the privacy and security of information exchange according to Dark Reading.

The Internet Engineering Task Force (IETF) develops and promotes voluntary Internet standards, in particular the standards that comprise the Internet protocol suite (TCP/IP). It is an open standards organization, with no formal membership or membership requirements. All participants and managers are volunteers, though their work is usually funded by their employers or sponsors. The IETF is also well known for their RFC’s or Request for Comment documents like RFC RFC 1918 and RFC 873

Another organization that shapes the Intertubes is ISOC. The Internet Society (which I am a member) was formed in 1992 by Vint Cerf and Bob Kahn, to provide a corporate structure to support the Internet standards development process.

The Internet Corporation for Assigned Names and Numbers (ICANN) is perhaps the most critical organization that helps run the Internet. ICANN coordinates the distribution of IP addresses and the Internet’s Domain Name System (DNS). IP addresses are the numbers that are assigned to every computer on the Net to uniquely identify each device. There are two types of IP addresses, IPv4 and IPv6. The web has run out of IPv4 addresses (which I covered here and here) and is very slowly being replaced with IPv6 addresses. ICANN doles out these addresses.

ICANN also manages the Domain Naming System (DNS) on the web that converts IP addresses to names. DNS makes it possible to remember www.google.com, which easy for humans to remember instead of remembering http://74.125.224.72/, which is easy for computers to deal with, to get to Google.

The U.S. government funds ICANN, so they have gotten heat from around the globe after Eric Snowden’s revaluations about global spying operations. The role of ICANN is changing.

The only group that makes money on the Internet but does not help run the Internet (yet) are the Internet Service Providers (ISP). ISP’s control nearly everyone’s access it. The gatekeepers to the web are ATT (T), Comcast (CMCSA), Charter (CHTR) and Time Warner Cable (TWC) are the biggest name ISP’s. ISP’s “perform” two key functions. First they provide last-mile connections, that is the connection to your home or business to their offices, which we all over-pay for. Next they provide back-haul or backbone services that move your email across the town or across the globe. The ISP’s also make money on these ISP-ISP connections.

Right now the FCC is considering the future of the Internet during its Net Neutrality decisions. If the ISP’s get their way, it is likely that home and businesses will be required to pay the ISP’s more money to maintain the crappy service we already get.

 

6 Shadowy Companies That Run The Internet

rb-

Lets add this up big business telecom money + millionaire politicians = the 1% screwing the rest of us. Get involved, save the Internet, get in touch with your alleged representatives and tell them NO MORE. 

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

2014’s Major Web Vulnerabilities – Heartbleed, Shellshock and POODLE

2014's Major Web Vulnerabilities - Heartbleed, Shellshock and POODLE2014's Major Web Vulnerabilities - Heartbleed, Shellshock and POODLE2014 was the year of cyber-security mega-vulnerabilities. What makes mega vulnerabilities unique are they strike at the core of the Internet infrastructure and can impact nearly every connected device and every Internet user on the globe. 2014 saw the emergence of three mega-vulnerabilities Hearbleed, Shellshock and POODLE.

IncapsulaHeartbleed, Shellshock and POODLE were the top three major web vulnerabilities uncovered in 2014 according to Fred Donovan at FierceITSecurity. In case you have not heard of this trio of troublemakers, Web security firm Incapsula produced the following infographic.

The Incapsula infographic looks at each of these vulnerabilities and lay out when they were discovered, what type of vulnerability they are, what systems and the number that are affected, the risks posed by the vulnerabilities, their severity, how easy they are to exploit, and the difficulty of fixing. Tim Matthews, vice president of marketing for Incapsula wrote in their blog:

What makes these mega vulnerabilities special is that unlike most vulnerabilities that are specific to a particular OS, browser or software application, these three relate to the core Internet infrastructure (e.g., SSL and Linux devices) and, in essence, affect just about every connected device owner and every Internet user on the globe.

 

rb-

In their blog, Incapsula warns this is the tip of the iceberg of mega-vuln‘s that exploit other structural in core functions of the intertubes. Wired reports that after 8 months, 300,000 machines remain unpatched against Heartbleed.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.

More Competition – Birch Enters Detroit Market

More Competition - Birch Enters Detroit MarketAtlanta-based Birch Communications a technology service provider of IP-based communications, broadband, cloud and IT services to small, mid-sized, enterprise and wholesale businesses is expanding into Detroit. Birch already operates in all 50 states, Washington D.C., Canada and Puerto Rico. The firm is opening a new sales branch office in Livonia, MI, and expanding its sales force according to FierceTelecom.

birch.comThe new office is located at 17197 North Laurel Park Drive, Suite 281, Livonia, MI, and occupies 2,305 square feet of space in the Laurel Office Park III. The new regional office will be fully staffed by the Summer of 2015.

Complementing the direct sales force is a series of Detroit-based indirect and enterprise sales channel partners. Leading the new Detroit sales team will be Birch’s regional general manager of direct sales, Michael Perrone said in a presser:

Cloud Based PBXI’m very excited to open our Detroit office. Having lived in the community from 2009 to 2011, I’m very pleased to be serving the market with a new direct sales force. Our TotalCloud PBX offering and network capabilities are a win-win for this marketplace and we’re proud to deliver a full suite of products to our customers.

The opening of the new sales office in Detroit comes on the heels of Birch’s acquisition of Cbeyond to attract new customers and help keep existing ones from potentially churning to another CLEC or cable operator. Birch acquired Cbeyond in early 2014  through an all-cash $323 million deal. CBeyond had a presence in Farmington Hills, MI until the Birch transaction.

The service provider said that it chose Detroit as its next area of expansion because it lies on the backbone of its IP network, which extends to 41 markets in 22 U.S. states.

rb-

Good to see a new player in the Detroit market. Hopefully they can last for a while and shake up the Detroit IT services status quo.

Ralph Bach has been in IT for fifteen years and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow me at Facebook and Twitter. Email the Bach Seat here.