Friday, 22 September 2017

Equifax staff direct customers to fake website. It gets even worse for the beleaguered company...

Credit rating firm Equifax has apologised after it mistakenly directed some customers to an imposter website via its Twitter page.

The firm recently disclosed a data breach affecting more than 143 million people, and set up a new website to share information with customers.

But it mistakenly tweeted the wrong web address several times, leading some customers to a fake website.

One security researcher told the BBC it was a "massive faux-pas".

Thursday, 21 September 2017

CCleaner malware appears to actually be targeted espionage against at least 20 tech firms

Hundreds of thousands of computers getting penetrated by a corrupted version of an ultra-common piece of security software was never going to end well. But now it's becoming clear exactly how bad the results of the recent CCleaner malware outbreak may be. Researchers now believe that the hackers behind it were bent not only on mass infections, but on targeted espionage that tried to gain access to the networks of at least 20 tech firms.

Earlier this week, security firms Morphisec and Cisco revealed that CCleaner, a piece of security software distributed by Czech company Avast, had been hijacked by hackers and loaded with a backdoor that evaded the company's security checks. It wound up installed on more than 700,000 computers. On Wednesday, researchers at Cisco's Talos security division revealed that they've now analyzed the hackers' "command-and-control" server to which those malicious versions of CCleaner connected... (Read more).

Wednesday, 20 September 2017

Some people need to be told not to eat raw chicken

Chicken sashimi (AKA raw chicken, AKA a Japanese delicacy, AKA potential salmonella poisoning) is growing in popularity - so much so that the UK Food Standards Agency (FSA) has issued a warning reminding people it’s not safe to eat the uncooked bird.

The dish has been served throughout Japan as a delicacy for years, but overseas popularity has recently been growing, with a number of US restaurants adding the dish to their menus. As a result, the #chickensashimi Instagram feed now numbers over 1,000 uploads.

The FSA has felt the need to wade into the debate with the following statement:
“Raw chicken is not safe to eat – it could lead to food poisoning. Chicken should always be cooked thoroughly so that it is steaming hot all the way through before serving.
“To check, cut into the thickest part of the meat and ensure that it is steaming hot with no pink meat and that the juices run clear.
“Consuming raw chicken can lead to illness from campylobacter, salmonella and E. coli. Symptoms include abdominal pain, diarrhoea, vomiting, and fever. In some cases, these bugs can lead to serious conditions.”

If, I might have my 2p worth... PLEASE do not eat this. About 25 years ago I spent a week in hospital with campylobacter poisoning from undercooked chicken. Very serious - and very unpleasant! Not worried enough? How about the risk of death? Raw chicken - just say no!

Tuesday, 19 September 2017

Celebrating the 4 Millionth British built Vauxhall Astra

As the home of the Vauxhall Astra, Ellesmere Port has been making the British built car for almost 40 years.

And today, proud employees marked the landmark moment the 4 millionth car rolled off the production line, with a choreographed display of 236 Astra Sport Tourers to spell out the feat.

Making the iconic British car since 1981, the plant has provided employment for generations of local families, ploughing millions into the local economy.

The celebratory image (above), which took 12-hours, 57 red and 179 white cars to assemble, spelled out the achievement in Astra’s trademark red, honoring the thousands of employees who have contributed to the momentous milestone.

Ellesmere Port has produced all seven generations of the famous Astra, exporting over two million vehicles to 25 European markets and even Australia in the early years. Today it employs nearly 2,000 people and many more depend on it in the supply chain, as it builds approximately 680 Astras a day.

All of my personal cars for the last 15+ years have been Astras:
Astra SRi 1.4 Turbo 150bhp. White (Mk7 / Model K).
Astra SRi 2.0 CDTI 160bhp. Silver (Mk6 / Model J).
Astra SRi 1.9 CDTI. 150bhp. Silver (Mk5 / Model H).
Astra SRi 1.8i Petrol. 123bhp. 5 Door Hatchback. Silver (Mk4 / Model G).
Astra 1.4 GLSi 5 Door Hatchback. Maroon (Mk3 / Model F).

Monday, 18 September 2017

CCleaner 5.33 infected with Malware!

Version 5.33 of the CCleaner app offered for download between August 15 and September 12 was modified to include the Floxif malware, according to a report published by Cisco Talos.

Floxif is a malware downloader that gathers information about infected systems and sends it back to its C&C server. The malware also had the ability to download and run other binaries, but at the time of writing, there is no evidence that Floxif downloaded additional second-stage payloads on infected hosts.

What's the best Schuberth flip-lid (for me)?

For years now, the Schuberth C3 Pro has been the "go-to" flip-lid motorcycle helmet. It’s a top quality bit of kit that works. Bits don’t fall off, and it will stand up to the rigours of the daily commute. It’s technically the quietest helmet on the market, and Schuberth has always been ahead of the game when it comes to comms.

But earlier this year, Schuberth released a new helmet called the C4. So where does it fit? Will it replace the C3 Pro, or sit alongside it? And what about the original C3 that is now called the C3 Basic?

I can usually make a good quick decision on most things, but this one has me stumped! This is really not as simple one is better than the other: more like an "apples vs oranges" scenario - both great, just very different!
I'm off to Infinity Southampton later this week to find out more: watch this space!

Further reading / watching:

SpaceX on how not to land a rocket booster...

SpaceX showed some tongue in cheek humility today as it released a "blooper" video of the series of crashes and explosions leading up to the first successful landing of the Falcon 9 first stage booster. The two-minute compilation, titled "How Not to Land an Orbital Rocket Booster," shows the many ways that things can go wrong during a landing, and that – like true love – the course of rocketry never did run smooth.

However, SpaceX appears to have now nailed the launch & recovery of their boosters - so well done them!

POWDER checks for your motorbike - maintenance & safety

P.O.W.D.E.R stands for Petrol Oil Water Damage Electrics Rubber. 
I will now explain further how to use P.O.W.D.E.R as your pre-flight checks. 
Trust me it will soon become second nature to you.

Petrol. Not only check if you have enough fuel for your journey but also consider the following. If you decide to lay your bike up for a long period of time, “brim” your tank to the top with fuel. Petrol unlike other fuels is extremely cold; when it sits in a metal container (your tank) it will generate condensation which in turn will mix with the petrol. As everyone knows water mixed with petrol is a very bad thing and will seriously damage your engine. A lot of people lay up their bikes over the winter period in a cold garage and leave just a small amount of fuel in the bike’s tank, a very bad thing to do.

Oil. Check the oil level to make sure it is at the correct height either by a dipstick or a spy glass in the side of the engine casing. Remember to have the bike on its centre stand, use a paddock stand or get someone to sit on the bike to keep it vertical. Remember over filling an engine with oil is much worse than letting the level drop below the minimum mark. An over filled engine will blow oil seals everywhere around the engine and will cost loads to rectify.

Water. If you have a water cooled engine check the level of the coolant again with the bike on its centre stand or with the bike totally vertical. If the level is low remember not to use tap water. Always top up with a mix of distilled water and antifreeze. Antifreeze not only keeps the coolant from freezing in the winter but also helps to stop your bike from over heating in the summer. Don’t only check the water level but also check the antifreeze mix. You can buy a handy little tester from Halfords that measures the amount of antifreeze present in the coolant mix; the gadget only costs a few pounds. I have attached a picture and price of the coolant tester at the end of this topic.

Damage. Check over your bike totally for damage not only to fairings but also light lenses, brake and coolant hoses, cracks to the bike’s frame, missing fairing bolts, dents to the wheel rims from pot holes, loose brake calliper bolts from vibration, cuts or brakes to the wiring harness and most importantly damage to your crash helmet. If you accidently drop your lid or if it falls off your seat then don’t wear it until you have a specialist examine the helmet. Most bike clothing retailers will examine your crash helmet for you. I know for a fact Shoei will examine their helmets for a small fee. Whilst focusing on helmet security, always try and take your lid with you when away from your bike, you never know what can happen to it! A few years back before joining the Police, I smeared the whole interior of my mate’s crash helmet with black boot polish. When we returned from our ride out and my friend took his lid off, he looked like a coalminer, what a hoot! When you do leave your helmet with your bike place it between the clip on handle bars, it won’t roll of the bike and the bike’s screen will protect it from the rain. The other option is to place your gloves on the floor with the palms facing down and put the helmet on top, that’s the way I was taught during my advanced Police course.

Electrics. Complete a full lights check before a ride remember to check both the foot and hand brake switches. Give the horn a quick blip and if you are planning to lay the bike up for a while, it’ll be worth buying a trickle charger.

Rubber. Your hoops keep you in contact with the road so make sure you look after them. Check the tyre pressures when the tyres are cold because the pressure will read higher when the tyres are hot. Also place a bit of spit on your finger and smear it into the valve to ensure the valve is not leaking air bubbles. Obviously check the tread depth of both tyres and clear out any small stones from between the tread pattern. The minimum tread depth for motorcycle tyres in the UK is 1.0mm. Visually check both walls of each tyre to make sure there are no cracks starting to form due to lack of use or age. If you are going to lay the bike up for more than a month on a cold concrete floor, place a piece of carpet under both tyres because cold concrete with draw silica oil out of the rubber of the tyres and reduce the performance on the tyre.

Equifax UK admits: 400,000 Brits caught up in mega-breach

As part of its investigation, Equifax has identified unauthorised access to limited personal information for certain UK consumers:

Regrettably, the investigation shows that a file containing UK consumer information may potentially have been accessed. This was due to a process failure, corrected in 2016, which led to a limited amount of UK data being stored in the US between 2011 and 2016.
The information was restricted to: Name, date of birth, email address and a telephone number, and Equifax can confirm that the data does not include any residential address information, password information or financial data.

Friday, 15 September 2017

Don't forget that computers are tools. Use them, put them down, then go live your life!

You Are Already Living Inside a Computer. Futurists predict a rapture of machines, but reality beat them to it by turning computing into a way of life.

Suddenly, everything is a computer. Phones, of course, and televisions. Also toasters and door locks, baby monitors and juicers, doorbells and gas grills. Even faucets. Even garden hoses. Even fidget spinners. Supposedly “smart” gadgets are everywhere, spreading the gospel of computation to everyday objects.

Nowadays, people often don’t seek out computers in order to get things done; they do the things that let them use computers.

Computers are a tool.
Use them to get the job done, then go & do something more interesting instead!
 Anyway, when did the gadgets get smart, and the people become dumb?

Thursday, 14 September 2017

Reading for today: The Soul, and God's love

This signature on each soul may be a product of heredity and environment, but that only means that heredity and environment are among the instruments whereby God creates a soul. I am considering not how, but why, He makes each soul unique. If He had no use for all these differences, I do not see why He should have created more souls than one. Be sure that the ins and outs of your individuality are no mystery to Him; and one day they will no longer be a mystery to you. 

The mould in which a key is made would be a strange thing, if you had never seen a key: and the key itself a strange thing if you had never seen a lock. Your soul has a curious shape because it is a hollow made to fit a particular swelling in the infinite contours of the Divine substance, or a key to unlock one of the doors in the house with many mansions

For it is not humanity in the abstract that is to be saved, but you—you, the individual reader, John Stubbs or Janet Smith. Blessed and fortunate creature, your eyes shall behold Him and not another’s. All that you are, sins apart, is destined, if you will let God have His good way, to utter satisfaction. The Brocken spectre ‘looked to every man like his first love’, because she was a cheat. But God will look to every soul like its first love because He is its first love. Your place in heaven will seem to be made for you and you alone, because you were made for it—made for it stitch by stitch as a glove is made for a hand.

Visordown reviews: Honda CB1100 RS/EX & CMX500 Rebel

Visordown have ridden three new Honda retros: the CB100 EX and higher-spec CB1100 RS, plus the slightly more sedate CMX500 Rebel

My verdict is I love the CB1100 RS!
If the Mrs wasn't paying such close attention, I would try to sneak one into our garage! ;0)

Important Microsoft patches just released: PATCH NOW!

Microsoft has just released a batch of essential security updates for users of its software. In this Patch Tuesday release, Microsoft addressed 81 new vulnerabilities – of which 27 have been given the highest rating of “critical”.

One of the flaws (CVE-2017-8759) addressed by Microsoft’s patches is a previously unknown vulnerability in the .Net framework. The zero-day vulnerability was being actively exploited in attacks which targeted Russian-speaking users with poisoned Word documents that served up a version of the FinFisher spyware.

Also of note is that Microsoft has revealed it has pushed out a fix for the newly-announced BlueBorne exploits (CVE-2017-8628), which could allow an attacker to initiate a Bluetooth connection to a targeted device without the user’s knowledge, and open opportunities for man-in-the-middle (MITM) attacks.

As always: make sure your computing devices are fully patched up to date.

Don't buy Bitcoin, it's a 'fraud' and heading for a crash says JPMorgan CEO

Since the beginning of 2017, the price of Bitcoin has increased by a huge 320%, from $997 (£751) on 1 January to $4,148 (£3,126) on Tuesday’s close. The price reached an all-time high on 1 September. While the price has been gradually falling since then, the trajectory it has been on this year is almost continuously in the upwards direction.

But the long-term prospect of the cryptocurrency is not strong, according to Jamie Dimon, CEO of JPMorgan. Speaking at a conference, Dimon called Bitcoin a fraud worse than "tulip bulbs". This alludes to a market bubble that appeared in the Netherlands in the 1600s, which, at its height, saw the rarest bulbs priced at six times the average person’s salary.

I'm amazed that people put their hard earned money into Bitcoin. 
If/when it all goes wrong, they will be left with nothing at all.

It reminds me of the Dot-com bubble: people seeing all this high-tech "stuff" & thought they'd better have a bit of that. At the time (& as a techie): it didn't make a bit of sense to me!
From a business perspective I could see people pouring huge amounts of DO$H into hare-brained schemes that were clearly doomed to fail - just because they had a website attached to them.
Moral of this story: engage brain before putting do$h into gear!

Wednesday, 13 September 2017

Office 2007 End of Life: 10th October 2017

Office 2007, like almost all Microsoft products, has a support lifecycle during which we provide new features, bug fixes, security fixes, and so on. This lifecycle typically lasts for 10 years from the date of the product’s initial release, and the end of this lifecycle is known as the product’s End of Life. When Office 2007 reaches its End of Life on October 10, 2017, Microsoft will no longer provide:

  • Technical support for issues
  • Bug fixes for issues that are discovered
  • Security fixes for vulnerabilities that are discovered

In addition, as of October 31, 2017, Outlook 2007 will be unable to connect to Office 365 mailboxes, which means Outlook 2007 clients using Office 365 will not be able to receive and send mail. For more information, see RPC over HTTP deprecated in Office 365 on October 31, 2017.

Because of the changes listed above, we strongly recommend that you upgrade as soon as possible.

If you need assistance with this, contact Donline ASAP.

Google details plan to distrust Symantec Digital Certificates

After a series of incidents involving Symantec and its wrongfully issued certificates, Google eventually decided to distrust Symantec’s certificates in March. The company is now releasing a more detailed plan for how that process will go.

The plan was first discussed on the Blink (Chrome’s rendering engine) development mailing list with the community, and it started taking shape by the end of July of this year.

On January 19, after the incidents between Symantec and Google, a public posting to the newsgroup drew attention to some questionable website certificates issued by Symantec that did not comply with the CA/Browser Forum Baseline Requirements. Symantec’s Corporate Public Key Infrastructure (PKI) operates a series of certificate authorities under the brand names Thawte, VeriSign, Equifax, GeoTrust, and RapidSSL.

In the follow-up investigation, it was revealed that Symantec had entrusted several organizations with the ability to issue certificates without the appropriate or necessary oversight. Google also claimed that Symantec had been aware of the security deficiencies of these organizations for some time, but took little or no action to fix them.

This was just one more of the several incidents that made the Chrome engineers lose trust in Symantec’s certificate infrastructure and all the certificates that could be issued by it. After Google announced its plan to distrust Symantec’s certificates, Symantec decided to sell its certificate business to DigiCert, a competitor, which would also have to rebuild the Symantec infrastructure to be more trustworthy. 

Monday, 11 September 2017

The Foo Fighters pub - for one week only!

The Foo Fighters have announced they’re opening a pub in London for one week only.

After an invite-only launch party on Thursday (14th September), The Foo Fighters Arms will open its doors to the public on Friday to celebrate the release of Foo Fighters’ ninth studio album ‘Concrete & Gold’ that day.

The pub – essentially a rebrand of the existing boozer The Dundee Arms at 339 Cambridge Heath Road in Bethnal Green - will be selling exclusive merchandise throughout the week and will host a Foo Fighters themed quiz next Monday before it closes on Wednesday (20th September).  

Will you be buying the new iPhone? Lets see what the techies think...

Will you be buying the next iPhone (announced on Sept 12)?

I'm not an Apple fan. I do however support many clients who use Apple tech (iPod, iPad, iPhone, iMac, MacBook, etc). It's well designed, nicely made kit. 

However, for the vast majority of Donline clients, on a bang-for-buck basis, I don't & wouldn't recommend it. 
Donline uses, & supplies Toshiba & Fujitsu personal computers to my clients.

There is a small subset of computer users (high end production of Video, Music, Design) where Apple kit may (debatable!) be an appropriate solution: the correct tool for the job.

Generally though, using any metric you care to look at: compatibility, supportability, ease of use, longevity, security, price - I can offer a Wintel solution which will do the job better, faster, cheaper.

Regarding mobiles, generally I recommend Android.
For example: over the last two years I have been using Sony Xperia Z3 Compact phones in the business. I just upgraded the Donline phones last week, & was so happy with the Z3s, I have switched to Sony Xperia X Compact phones. These new devices are even better & I'm very happy to recommend them if you are looking for a new mobile phone.

Virtually none of the techies that I know, use or recommend Apple kit.
Hmmm, what is the moral of this story...

Motorcycles fit for royalty

They could probably have any bike they choose, and Princes William and Harry have chosen a few over the years. What better endorsement for a motorcycle than Royal appointment? These are the machines to have earned the accolade.

I wonder where they get it from?
Queen Elizabeth II on a BSA C10

Friday, 8 September 2017

Southsea to Ryde hovercraft taken out of service.

Two hovercraft costing £10m have been withdrawn from service until further notice after suffering numerous faults.

The Island Flyer and Solent Flyer hovercraft began running between Southsea and Ryde last summer.

They have had ongoing technical issues since their launch with Island Flyer recently suffering an engine breakdown.

Hovertravel said its Island Express craft and Freedom 90 craft which are nearly 30 years old had been brought back into service to operate the route.

Looks like the Summer of 2017 hasn't been a good one for travel over water to & on the IOW: following the Cowes "floating bridge" debacle.

Used Equifax before? Better read this urgently

Equifax has announced that it has been hacked, and approximately 143 million US consumers may have had their names, social security numbers, dates of birth, addresses accessed by criminals. In some instances, driver license numbers have also been accessed.

143 million? That's just under half the population of the United States.

Approximately 209,000 US consumers have also had their credit card numbers exposed, and about 182,000 other US consumers have had other personal identifying information accessed.

An unstated number of UK and Canadian residents have also been put at risk.

Thursday, 7 September 2017

SpaceX does it AGAIN! It's only rocket science...


On Thursday, 7th September 2017 at 10:00 am EDT, SpaceX successfully launched the Orbital Test Vehicle 5 (OTV-5) payload from Launch Complex 39A (LC-39A) at NASA’s Kennedy Space Center in Florida.

Following stage separation, Falcon 9’s first stage successfully landed at SpaceX’s Landing Zone 1 (LZ-1) at Cape Canaveral Air Force Station, Florida. 

The downside of Broadband? Loss of view, would you believe?

A group of pensioners are in dispute with Virgin Media after the firm installed broadband cabinets in front of their homes in East Renfrewshire.

Donald, 88, and Rosemary Ferguson, 82, and their neighbour Betty McGrath, 83, claim the 5ft-tall boxes stop light from coming through their windows.

The cabinets were put in the street beside the Barrhead flats in January.

A Virgin Media spokeswoman said correct procedures were followed prior to installation.

Mrs Ferguson, who has lived at the address for seven years, said they were never informed the boxes would be placed directly outside their home.

She said: "This has really affected our homes. "It completely blocks out any light from coming into the house, and we now have no outlook at all.

Virgin Wines - a great selection of wines, zero risk!

Part of the Virgin family. You know, the guys who fly planes, put on music festivals, fly balloons... even send people to space! All that good stuff.

Since we started we've sold 80 million bottles and we're pretty awesome at it. In fact, we've just won the Online Drinks Retailer of the Year award... so now it's official!

Simply put, we think life should be fun. And wine should be no different!

It's not easy finding that perfect bottle, especially when you're faced with unfathomable restaurant lists, obscure wine labels and plonk-filled supermarket shelves. So we're on a mission to cut through the confusion, tell it straight, and take you to the good stuff.

All delivered straight to your door, with a money back guarantee we take very seriously.

High frequency (inaudible) voice commands can hack Siri, Alexa, Cortana, etc

Chinese researchers have discovered a worrying vulnerability in voice assistants from Apple, Google, Amazon, Microsoft, Samsung, and Huawei. It affects every iPhone and Macbook running Siri, any Galaxy phone, any PC running Windows 10, and even Amazon’s Alexa assistant.

Using a technique called the DolphinAttack, a team from Zhejiang University translated typical vocal commands into ultrasonic frequencies that are too high for the human ear to hear, but perfectly decipherable by the microphones and software powering our always-on voice assistants. This relatively simple translation process lets them take control of gadgets with just a few words uttered in frequencies none of us can hear.

The researchers didn’t just activate basic commands like “Hey Siri” or “Okay Google,” though. They could also tell an iPhone to “call 1234567890” or tell an iPad to FaceTime the number. They could force a Macbook or a Nexus 7 to open a malicious website. They could order an Amazon Echo to “open the backdoor.” Even an Audi Q3 could have its navigation system redirected to a new location. “Inaudible voice commands question the common design assumption that adversaries may at most try to manipulate a [voice assistant] vocally and can be detected by an alert user,” the research team writes in a paper just accepted to the ACM Conference on Computer and Communications Security.

First glimpse at Kawasaki's Z900RS. Kwak are still playing their cards close to their chest though!

It might just be a glimpse, but this video is our first look at Kawasaki's imminent new retro model, the 1970s Z1-aping Z900RS

Don't get too excited too quickly. The bike shown clearly at two seconds in is in fact a 1970s 900cc Z1, immediately given away by its air-cooled engine, single front disc and, well, the fact that it's a Z1

It's later that we get a view of the the new bike, albeit mostly obscured by a roadside barrier (see above), followed by a close-up look at the headlight later in the vid

Wednesday, 6 September 2017

Using Renthal clip on handlebars on your bike? Better read this then - asap!

Renthal are initiating a voluntary product recall on all Gen 1 and Gen 2 Clip-On handlebars. The recall is due to a potential for product failure due to stress corrosion cracking.

What to do next? Follow the instructions HERE for identifying your model of Clip-On. If you have either of the effected models you should stop using them immediately and return them to us for a free replacement set.

Free of charge Return. To return your Clip-Ons we are providing free shipping. Simply fill out the Returning Clip-Ons form, you will then be emailed details of how to obtain the free shipping label. Once we receive your old Clip-Ons we will ship your new Clip-Ons.

For more information about this recall please checkout the FAQ.

Lenovo sold PCs loaded with adware 2014-2015. It's punishment: a slap on the wrist!

Lenovo on Tuesday settled charges that it compromised the security of its computers to fling ads onto desktops from August 2014 through early 2015.

The settlement with America's trade watchdog the FTC, plus 32 State Attorneys General, acknowledges no wrongdoing and imposes no financial penalty - other than a paltry $3.5m to those roughly three dozen states.

Instead, it forbids Lenovo from lying about the nature of software that injects ads or harvests data, if present on its computers, and obliges the company to get consent from customers before installing such software.

Furthermore, for the next 20 years, it requires the company to maintain a third-party audited risk assessment program for software on its computers.

Lenovo computers that may have been affected by SuperFish adware:
E Series:  E10-30
Edge Series:  Lenovo Edge 15
Flex Series:  Flex2 14, Flex2 15, Flex2 14D, Flex2 15D, Flex2 Pro, Flex 10
G Series:  G410, G510, G710, G40-30, G40-45, G40-70, G40-80, G50-30, G50-50, G50-45, G50-70, G50-80, G50-80Touch
Miix Series:  Miix2 – 8, Miix2 – 10, Miix2 – 11, Miix 3 - 1030
S Series :  S310, S410, S415, S415 Touch, S435, S20-30, S20-30 Touch, S40-70
U Series:  U330P, U430P, U330 Touch, U430 Touch, U530 Touch
Y Series:  Y430P, Y40-70, Y40-80, Y50-70, Y70-70
Yoga Series:  Yoga2-11, Yoga2-13, Yoga2Pro-13, Yoga3 Pro
Z Series:  Z40-70, Z40-75, Z50-70, Z50-75, Z70-80