Z Trek: The Alan Zeichick Weblog

, , ,

Congress votes against Internet customer privacy; nothing changes

It’s official: Internet service providers in the United States can continue to sell information about their customers’ Internet usage to marketers — and to anyone else who wants to use it. In 2016, during the Obama administration, the…
, ,

Three years of the 2013 OWASP Top 10 — and it’s the same vulnerabilities over and over

Can’t we fix injection already? It’s been nearly four years since the most recent iteration of the OWASP Top 10 came out — that’s June 12, 2013. The OWASP Top 10 are the most critical web application security flaws, as determined by…
,

Blue passion vines are ready for butterflies and caterpillars

To our delight this morning, our new Blue Passion vines had their first flowers. Passiflora caerulea is an amazing plant. It grows these colorful and complex flowers, which only last about one day, but there's a long array of buds in…
, ,

Top Do's and Don'ts for creating friendly calendar invites

“Call with Alan.” That’s what the calendar event says, with a bridge line as the meeting location. That’s it. For the individual who sent me that invitation, that’s a meaningful description, I guess. For me… worthless! This meeting…
, , ,

What's the deal with Apple iCloud accounts being hacked?

The word went out Wednesday, March 22, spreading from techie to techie. "Better change your iCloud password, and change it fast." What’s going on? According to ZDNet, “Hackers are demanding Apple pay a ransom in bitcoin or they’ll blow…
, ,

New phishing scam referencing a company called FrontStream

We received this realistic-looking email today claiming to be from a payment company called FrontStream. If you click the links, it tries to get you to active an account and provide bank details. However… We never requested an account from…
, ,

New ban on flying with a laptop or tablet means the terrorists win

The U.S. and U.K. are banning larger electronic items, like tablets, notebooks and DLSRs, from being carried onboard flights from a small number of countries. If that ban spreads to include more international or even domestic flights, this will…
,

Having fun with a vintage HP-28S calculator

Today’s calculation device is this lovely vintage HP-28S “advanced scientific” calculator from the late 1980s. As a working calculator, it’s not my favorite. HP gets points for creativity, but the clamshell design makes for an…
,

The cybersecurity benefits of artificial intelligence and machine learning

Let’s talk about the practical application of artificial intelligence to cybersecurity. Or rather, let’s read about it. My friend Sean Martin has written a three-part series on the topic for ITSP Magazine, exploring AI, machine learning,…
, ,

The Russians are hacking! One if by phishing, two if by Twitter

Was the Russian government behind the 2004 theft of data on about 500 million Yahoo subscribers? The U.S. Justice Department thinks so: It accused two Russian intelligence officers of directing the hacking efforts, and also named two hackers…
,

Repurposing, solution, robust, best of breed, mission-critical, next-generation, web-enabled, leading, value-added, leverage, seamless…

Let’s take a chainsaw to content-free buzzwords favored by technology marketers and public relations professionals. Or even better, let’s applaud one PR agency’s campaign to do just that. Houston PR, based in the UK, has a fun website…
, , ,

Exciting News: BZ Media sells InterDrone to Emerald Expositions

As many of you know, I am co-founder and part owner of BZ Media LLC. Yes, I'm the "Z" of BZ Media. Here is exciting news released today about one of our flagship events, InterDrone. MELVILLE, N.Y., March 13, 2017 — BZ Media LLC announced…
, ,

Look out iOS, Android and IoT, here comes the CIA, says WikiLeaks

To absolutely nobody’s surprise, the U.S. Central Intelligence Agency can spy on mobile phones. That includes Android and iPhone, and also monitor the microphones on smart home devices like televisions. This week’s disclosure of CIA programs…
, , ,

Happy encouragement from my smartwatch

"You walked 713 steps today. Good news is the sky's the limit!" Thank you, Pebble, for that encouragement yesterday. The problem with fitness apps in smartwatches is that you have to wear the watch for them to work. When I am at home,…
, , ,

What to do about credentials theft – the scourge of cybersecurity

Cybercriminals want your credentials and your employees’ credentials. When those hackers succeed in stealing that information, it can be bad for individuals – and even worse for corporations and other organizations. This is a scourge that’s…
, , ,

Apple replaces Videos mobile app with TV — confuses iPad users

Apple isn’t as friendly or as as communicative as one would think. Earlier today, I received a panic call from someone trying to sync videos to her iPad from a Mac – and receiving a message that there was no suitable application on the…
,

Snapchat IPO goes big — let's hope it doesn't go poof!

What’s the Snapchat appeal? For now, it’s a red-hot initial public offering and the promise of more public offerings to come, after a period of slow tech movement on Wall Street. The Snapchat social-media service is perplexing to nearly…
, ,

Chicken sandwich at 12 o'clock high!

If Amazon can deliver packages by drone, then fast-food restaurants like Chick-Fil-A can air-lift chicken sandwiches via hot-air balloon. Right? At least, that's the best explanation for this sighting in my Phoenix neighborhood. Of course,…
, ,

Don't trust Facebook to keep your secrets

Nothing you share on the Internet is guaranteed to be private to you and your intended recipient(s). Not on Twitter, not on Facebook, not on Google+, not using Slack or HipChat or WhatsApp, not in closed social-media groups, not via password-protected…
, ,

The Fifth Column hiding in the Internet of Things (IoT)

I can’t trust the Internet of Things. Neither can you. There are too many players and too many suppliers of the technology that can introduce vulnerabilities in our homes, our networks – or elsewhere. It’s dangerous, my friends. Quite…
, ,

The three big cloud providers keep getting bigger!

You keep reading the same three names over and over again. Amazon Web Services. Google Cloud Platform. Microsoft Windows Azure. For the past several years, that’s been the top tier, with a wide gap between them and everyone else. Well, there’s…
, ,

An intimate take on cybersecurity: Yes, medical devices can be hacked and compromised

Modern medical devices increasingly leverage microprocessors and embedded software, as well as sophisticated communications connections, for life-saving functionality. Insulin pumps, for example, rely on a battery, pump mechanism, microprocessor,…
, ,

Advocating for safer things: On the road, in the home, in business, everywhere

Think about alarm systems in cars. By default, many automobiles don’t come with an alarm system installed from the factory. That was for three main reasons: It lowered the base sticker price on the car; created a lucrative up-sell opportunity;…
, ,

There are two types of cloud firewalls: Vanilla and Strawberry

Cloud-based firewalls come in two delicious flavors: vanilla and strawberry. Both flavors are software that checks incoming and outgoing packets to filter against access policies and block malicious traffic. Yet they are also quite different.…
, , ,

Thinking new about cyberattacks — and fighting back smarter

What’s the biggest tool in the security industry’s toolkit? The patent application. Security thrives on innovation, and always has, because throughout recorded history, the bad guys have always had the good guys at the disadvantage. The…
, ,

Phishing and ransomware attacks against you and your company are getting smarter

Everyone has received those crude emails claiming to be from your bank’s “Secuirty Team” that tells you that you need to click a link to "reset you account password." It’s pretty easy to spot those emails, with all the misspellings,…
, , ,

Mobility and security at two big shows: RSA and Mobile World Conference

What’s on the industry’s mind? Security and mobility are front-and-center of the cerebral cortex, as two of the year’s most important events prepare to kick off. The Security Story: At RSA (February 13-17 in San Francisco), expect…
, , ,

The top cloud and infrastructure conferences of 2017

Want to open up your eyes, expand your horizons, and learn from really smart people? Attend a conference or trade show. Get out there. Meet people. Have conversations. Network. Be inspired by keynotes. Take notes in classes that are delivering…
,

A hit-and-run accident — literally

It was our first-ever perp walk! My wife and I were on the way home from a quick grocery errand, and we were witnesses to and first responders to a nasty car crash. A car ran a red light and hit a turning vehicle head-on. As we pulled over…
, ,

How to take existing enterprise code to Microsoft Azure or Google Cloud Platform

The best way to have a butt-kicking cloud-native application is to write one from scratch. Leverage the languages, APIs, and architecture of the chosen cloud platform before exploiting its databases, analytics engines, and storage. As I wrote…