Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

C2 provides technology services and consultation to businesses and individuals.

T (818) 584 6021
Email: [email protected]

C2 Technology Partners, Inc.
26500 Agoura Rd, Ste 102-576, Calabasas, CA 91302

Open in Google Maps
QUESTIONS? CALL: 818-584-6021
  • HOME
  • BLOG
  • SERVICES
    • Encryption
    • Backups
  • ABOUT
    • SMS Opt-In Form
    • Terms and Conditions
    • Privacy Policy
FREECONSULT

Hey! Your browser needs to be restarted too!

  • 0
Christopher Woo
Tuesday, 08 March 2022 / Published in Woo on Tech
Get Patched

After what felt like a golden age of Windows stability (ahh those glorious Windows 7 years!) we are back to Windows computers needing to be rebooted on a regular basis just to keep running smoothly. We can chalk that up to the frequent updates and patches that Microsoft is pumping out to try to keep us safe and running effectively. The unfortunate knock-on effect of this is everything else on your computer is also on this forced march of patches and updates, which means there’s at least one more indicator you have to watch. And if you are like most of us, it’s easy to miss that warning light!

What this means for you

Mozilla recently had to issue an out-of-band (meaning an unscheduled) patch this week for its Firefox browser to plug some security holes it said were already being exploited in the wild. To apply the update, you merely need to close and relaunch Firefox. The same goes for the other browsers – apply updates by closing and relaunching the app. If you are like 99% of web surfers, it’s highly likely your browser has been open and running since you booted up your computer, which also might also be long overdue for a reboot. Some of you are just focused on your work, and some of you have been burned often enough by long updates to carefully ration out the reboots to when you can afford to step away from the PC for what might be an extended bit of down time. Also, all the major browsers are fairly unobtrusive in alerting you about the waiting updates – it’s usually a small flag or dot in the upper right corner of your browser window, and let’s face it, you ain’t looking over there all that often, right?

Do yourself a favor and check to make sure your browser isn’t due for an update. If you are experiencing odd issues with web pages, or the computer is just running poorly, restarting your browser even when there isn’t an update waiting may free up some resources that will smooth out your computing experience. While it has gotten better over time, Google Chrome (and Gmail’s web interface) are notorious RAM hogs that will slowly soak up all available RAM the longer it runs. Microsoft’s Edge uses the same engine as Chrome, and while it seems to be a better steward of resources, it can still consume large quantities of RAM if you have many tabs open. And we all know you have many, many tabs open.

AirTags opened a Pandora’s Box of privacy problems

  • 0
Christopher Woo
Tuesday, 22 February 2022 / Published in Woo on Tech
Eye looking through keyhole

If there is one thing that is certain, if there is a useful technology invented that is supposed to benefit us, there is a corresponding negative usage that can and will be exploited. After the initial dopamine rush had worn off around Apple’s AirTags, people started waking up to the negative implications of a small, easy-to-conceal, wireless tracking device that utilizes one of the largest global networks in the world. Apple’s “Find My…” network is too useful to not be exploited, and the less ethical are already doing so.

What this means for you

Apple’s AirTags were initially created to track items that could be easily lost or stolen and ostensibly were made inconspicuous so that they weren’t unsightly and so thieves couldn’t easily find and discard the trackers. Once reports started flowing in of the “less orthodox” usage of AirTags, Apple immediately tried to get out in front of the problem by letting everyone know that AirTags themselves have unique, embedded serial numbers and their usage is tied to an Apple account – information they will surrender to law enforcement in a criminal investigation. But they glossed over something that more inventive hackers latched onto – what’s to stop someone from creating a “cloned” AirTag that simply bypasses Apple’s security measures? At the moment, nothing. Someone has already done so, and you can assume that Pandora’s box is not going to be closed any time soon without significant intervention from Apple.

Until that happens, you should get caught up on Apple’s lengthy advice on detecting and finding unwanted trackers. The article goes into great detail for Apple device users, so if you are an iPhone user, finding an unwanted Apple-made AirTag should be pretty straightforward (if not a wee bit unsettling). For the rest of us using Android devices, Apple has released an app called Tracker Detect (watch out for copy-cat apps!) that has to be activated manually. Not nearly as useful as its iOS counterpart, but at least they tried. If you’d like something a bit more robust and not funded by Apple, you can try AirGuard which was developed by a research team out of German university TU Darmstadt. I’ve tried both apps and while they appear to do no harm (other than possibly drain my battery faster), I can’t really verify that they work, as I apparently don’t have any unwanted trackers near me. Yay? Either way, if you suspect you are being digitally stalked, make sure you share your suspicions with your loved ones and authorities and get familiar with this site and its resources immediately!

Image by Thomas Wolter from Pixabay

airtagAppleprivacysecuritystalking

Security requires savvy

  • 0
Christopher Woo
Tuesday, 08 February 2022 / Published in Woo on Tech

It seems like common sense, doesn’t it? While accidents and mechanical failures do happen, getting hurt while using a chainsaw usually comes from not understanding what the tool is capable of, or how it works. Fire is hot and teaches a clear lesson in an instant, but Technology, despite having an almost unlimited potential to do harm, isn’t always so obviously dangerous like a chainsaw or stove burner. For certain, if you’ve been personally attacked or hacked via technology, you might be a bit more cautious with certain things than someone who hasn’t been “burned”, but unlike fire, technology is constantly changing, and consequently, requires constant lesson-learning. But it also requires a certain level of respect for its sharp edges which most ignore or forget.

What this means to you

As some of you might already know, being book-smart is different from being street-smart, and knowing how to use a piece of technology is a long way from being savvy about that same piece of technology. As an example, most of us know what email is and how to use it, but many still make poor decisions on using or sharing passwords because they don’t truly understand the consequences of doing so. I still regularly meet with clients who don’t understand why their email account getting hacked could have long-reaching financial impact on themselves, their employer and their customers. Not because they are dumb or foolish, but because they haven’t been trained, and our culture deemphasizes it in favor of shiny bells and whistles. Security is rarely featured in marketing and advertising to consumers – advertisers know that security is not sexy, and increased security is often equated with inconvenience or viewed as a necessary evil like warning labels. Similar to the way the mask mandate fight is colored as an issue of freedom instead of safety and compassion, considering security when making decisions about technology is fighting an uphill, cultural inculcation that has been around ever since seat belts were first invented. Humans aren’t always good judges of what keeps them safe – it’s something that has to be learned, and as an employer or leader, you will want to keep this top of mind when considering how to keep your organization and your people safe, technology or otherwise.

Image by Peggy und Marco Lachmann-Anke from Pixabay

security

Social Media Fraud gets scammers big money

  • 0
Christopher Woo
Tuesday, 01 February 2022 / Published in Woo on Tech
Scam

As if there weren’t enough points piling up in the negative column for social media, the Federal Trade Commission has recently released a report revealing that scams run through social media platforms are netting big money for fraudsters. According to the FTC, social media con jobs cost Americans three-quarters of a billion dollars in 2021 ($770M) and accounted for over a quarter of the total fraud claims made that year. This is a 17-fold increase since 2017, and double what was reported in 2020. The top 2 money-makers? Investment scams and online romance swindles.

What this means for you.

For a very large percentage of our population, social media has become a staple of their daily lives, even more so during the pandemic and the various stages of lockdown that have washed over the country. It is well documented how platforms like Facebook are designed to create and reinforce echo chambers and information bias, which in effect creates an audience that is predisposed to unreasonably trust any content that appears in their “bubble”. While it may seem blasphemous to think of them as clever or learned, you can bet that scammers are reading these same papers to use this knowledge to their advantage

As a savvy business professional, you probably already know well enough to distrust investment knowledge received from someone in your Facebook feed who isn’t a known and licensed financial advisor (Right? RIGHT?!?), but in the day and age of social distancing and Zoom Cocktail Parties finding romance online doesn’t seem so farfetched, especially since online dating has been around for decades now. Both are huge moneymakers for scammers, and platforms like Facebook and Instagram are ripe hunting grounds with a never-ending supply of targets.

Unfortunately, given how easy it is to create a fake social media account, or to hijack a legitimate one, the truly savvy online traveler will have to wander the social media lands with eyes wide open, wallet in a zipped-up pocket, and a guarded heart. These are not apocryphal stories or urban legends. I have personally counseled at least half a dozen very intelligent and savvy adults through social media scams purely because the platforms are designed to lull people into a false sense of security, primarily so that they never consider leaving. As with anything consumed without moderation, this can lead to harm: financial, emotional and sometimes even physical.

The FTC has assembled guidelines for protecting yourself in social media (at the bottom of the short article). Perhaps some of these look familiar:

  • Limit who can see your posts and information on social media. All platforms collect information about you from your activities on social media, but visit your privacy settings to set some restrictions.
  • Check if you can opt out of targeted advertising. Some platforms let you do that.
  • If you get a message from a friend about an opportunity or an urgent need for money, call them. Their account may have been hacked – especially if they ask you to pay by cryptocurrency, gift card, or wire transfer. That’s how scammers ask you to pay.
  • If someone appears on your social media and rushes you to start a friendship or romance, slow down. Read about romance scams. And never send money to someone you haven’t met in person.
  • Before you buy, check out the company. Search online for its name plus “scam” or “complaint.”

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

facebookfraudinstagramscamsocial media

How does your tech measure up to 2022?

  • 0
Christopher Woo
Tuesday, 18 January 2022 / Published in Woo on Tech

Last week we discussed what a properly equipped home office might look like, but another component that is just as important is the technology infrastructure of the company itself. Thanks to the unstoppable force that is the Internet, small and medium-sized businesses now have access to technology platforms and services that were previously the exclusive purview of larger companies with dedicated IT staff, without the associated enterprise-grade price tag. It’s 2022 – is your company still running on technology from the 90’s?

What we consider to be the standards for SMB infrastructure

If you are a decision maker or manager of organization that has survived and possibly thrived during the pandemic, you probably already understand the fundamentals of a successful business, and possibly grasped the core technology concepts that were a part of keeping your business a going concern while we struggle with Covid. Make no mistake, good people are at the root of your success, but so is making sure your technology is secure, readily accessible, and reliable. To make sure they are all these things, we make the following recommendations to all our clients:

  1. Hosted Email – For reliability, extensibility and widespread familiarity, your email should be hosted with either Microsoft on the 365 platform, or Google Workspaces. There are other providers out there, but from a support point of view, they are distant, distant thirds to the two giants in the industry. While the primary functionality of email will appear mostly the same to the typical end-user, hosting it on a fully modern and robust platform provides you with better expansion and management, and most importantly, security and the ability to implement multi-factor authentication, something that most simple POP/IMAP services don’t offer. And you should definitely not be running it on a free-mail service.
  2. Cloud File Sharing – Up until recently, we were staunch advocates of premised-based fileservers. They are fast, secure (if maintained properly) and relatively inexpensive to operate. Then Covid came along and rocked the modern office’s world and suddenly premise fileservers became an obstacle to working from home effectively. Just like Zoom swooping in to fill the meeting gap, platforms like DropBox, Google Drive and OneDrive stepped up to allow geographically dispersed teams to collaborate, just like they did in the office, if a little slower and, of course, much more dependent on the Internet not being down.
  3. Cloud Collaboration/Communication – Everyone’s fairly familar with Zoom, and while we may be heartily sick of it some days, it’s keeping us safe(r) and connected in the “new normal” working world. There are other tools that allow your scattered workforce to collaborate in robust ways, group chat apps like Slack and Teams are great for staying in touch with (and keeping a gentle hand on) everyone in your organization, as well as offering addons to manage projects or tie-ins to your ERP and CRM systems. Just because they are in isolation does not mean they have to be isolated from their co-workers or critical information. Cloud-based VOIP phone systems can also bring some old-school feel to a completely virtual office, while still providing modern, must-have features like SMS messaging, voicemail to email transcriptions, and fully-automated auto-attendants that can deliver office calls to cellphones, mobile apps and softphones on your home office computer. You can also have a desk phone in your home office that uses your internet to make and take calls, just like you were sitting at headquarters.
  4. Remote Access and VPNs – For those organizations that cannot (or do not want to) get away from premise-based fileservers, you need to put in better, faster internet (if it’s available, not always a guarantee still in 2022!) and provide centrally managed means for your remote workers to access the premise-bound services. While it’s possible for folks to get access to “free” remote access platforms, using one that is “blessed” by the company and their designated technology support will provide much better security and supportability.
  5. Malware and Network Protection – Regularly updated and centrally managed malware protection and network firewalls are crucial to keeping all of your technology and services secure. We don’t recommend self-managed solutions for any size organization primarily because your focus should be on your business, not staying abreast of the numerous changes and updates in the cybersecurity world. Not only do we recommend this for all workstations and servers, home and office networks, we also recommend additional filtering services for your cloud-based email, above and beyond the default offerings that are provided. Think of it as a firewall for your email.
  6. Cloud-based/Remote Backups – your data is the lifeblood of your organization, regardless of the industry. On premise backups are better than nothing, but for improved peace-of-mind and significantly improved continuity and recovery prospects in the event of a catastrophic event (either natural or digital), having your most important data stored somewhere else, encrypted and safe is a must-implement standard. Also consider email and cloud sharing platform backups. Yes they are in the cloud already, but that doesn’t prevent them from being deleted accidentally or even on purpose. Even services like Microsoft 365 only offer a limited roll-back period, whereas managed backups can literally go back to Day 1 (of the backups).
  7. Regular Security Trainings & Checks – This is something we don’t see very often, even in the most technically-savvy organizations. Your weakest link in technology security is always human. Sometimes its a software developer over whom you have no control, but most often it’s your own employees or vendors. Thankfully there are platforms that can assist with keeping your people current with the most important security fundamentals without taking a lot of their time, or forcing them to sit through boring PowerPoint presentations. Keeping your people vigilant and well-informed will reap huge, long-term security benefits that can’t be realized with hardware and software alone.
securitystandards

Assembling a proper WFH environment

  • 0
Christopher Woo
Tuesday, 11 January 2022 / Published in Woo on Tech

It’s 2022 and approaching the third(!) year of the pandemic. Your company is onboard with “telecommuting” and perhaps they’ve decided to lean into it for real, which means it’s time to take a hard look at that 8-year-old computer and rickety chair you bought at a local garage sale. Definitely replace the computer and that torture device you call an office chair, but if you’ve been granted any sort of budget or trying to determine what to ask approval for, here’s what we consider to be “must haves” for an effective, remote technology workstation.

  1. A solid, wired data connection. It’s 2022, and WIFI is good, but it’s still not nearly as reliable as a wired, gigabit Ethernet connection. I can hear you say, “But I never have problem streaming music and videos over my WIFI!” Yes, because those services are designed for the scattershot data delivery of WIFI, but if you are connecting to an office via the internet you have to eliminate as many variables as possible, and WIFI is still variable, no matter how much you spend or how close you sit to the router. If you are having connection troubles or frequent drops, WIFI is often a major factor. Figuring out how to get a wired connection to your workstation will be worth it.
  2. Broadband, high-speed internet. If you are still on DSL and you have access to faster options, you are doing yourself a disservice, even if the cost is higher. Everything is internet connected – you are limiting your capabilities and your usefulness to your company.
  3. A late-model computer, with a big screen. Treat yourself to at least a 24″ monitor if you spend more than a couple hours staring at a screen. And your computer should be at least a 9th generation Intel or AMD Ryzen generation CPU with a minimum of 8GB of RAM. If you can swing 16GB, you will be sitting pretty. Don’t even consider a computer without an SSD if you are shopping – the Windows 10 and 11 operating systems seem to be optimized for SSDs, and spinning drives (HDD) are now better suited for large data storage needs (file servers, video editing, photography, graphic design) and backups.
  4. A proper, ergonomic desk and chair. If you are sitting for 6+ hours a day, most importantly make sure you are taking regular breaks, but also make sure you are working at a desk and chair that is properly sized and aligned for typing and viewing. This means your keyboard and mouse should be placed so that your forearms and wrists are (at most) at a flat, 90-degree angle to your upper arms and body, your monitor directly in front of your body with the top of the screen no higher than a straight line to your eyes while sitting up straight. Feet should both be flat on the floor, with thighs flat and calves again at 90-degrees to your thighs. Get a footrest if you are short or your desk is a bit taller than usual, but don’t compromise on the angles. Trust me. I’ve been doing this for 30 years – you don’t want wrist, back or hip problems.
  5. A good headset and webcam. If you spend any time on the phone, whether it be a VOIP, soft or cell phone get something comfortable with a dedicated mic. Your callers will notice the difference. Your ears will thank you, and your housemates (if you are in a shared office) will appreciate it. If you prefer “speakerphone” mode and can do so without disturbing the peace, getting a webcam with a good mic will be a step-up, especially if you are using any sort of amplified speaker for audio. The $30 webcams we purchased in the early pandemic rarely had decent mics, and if videoconferences will be a regular part of your day-to-day, upgrading to a more expensive webcam will be noticeable to you and your fellow attendees.
  6. Proper, up-to-date software. Regardless of whether your workstation is just a means to remote into a workstation in an office, or your primary device, it should be protected by up-to-date malware protection, an active firewall, and if you store any important data (personal or work) some form of cloud backups. If data is processed on the computer in front of you, it should have the latest version of software being used, and that software should be kept up to date, or at least in line with your company’s expectations. It should be managed no differently than an office machine, regardless of who owns it.

Give yourself the gift of better security

  • 0
Christopher Woo
Tuesday, 07 December 2021 / Published in Woo on Tech

If there is one thing that the holiday seasons are known for, it’s the broken-record playlists we are subjected to wherever fine background music is played, but rather than torturing your ears with “All I want for Christmas” for the 50th time today, I’ll sing another familiar tune that starts like this, “Protect yourself before you wreck yourself.” Not quite as catchy as Mariah, and definitely not as earwormy, but you probably already know the words, because I sing this song all year long. Digital crime is up, and more and more people are falling victim to scams and the scumbags who run them.

Here’s your list, you should check it twice

  1. Back up your data. Preferably to a cloud-based platform that you don’t even have to remember to run. Most self-managed services come as little as $7 a month. Some of us spend more than that on coffee in a single day. Don’t want the cloud? Grab a small, portable hard drive in the multi-terabyte range and set up backups to that device. Most come with a free, downloadable backup app that will handle rudimentary backups. Not as good as cloud-based automatic backups, but better than nothing.
  2. Turn on 2-factor authentication for your email. This probably won’t cost you anything – even most of the free email platforms offer some form of multi-factor authentication. Yes, having multi-factor is a pain, but you know what hurts even more? Having your email account hacked and used to con friends, family and clients. Don’t be that Grinch this season!
  3. Keep your work and personal stuff separate. Thanks to Covid, everything is all mixed together. Working from home is great if you are fortunate enough to have that “privilege”, but it also means that it’s harder to keep the two worlds from colliding constantly, especially from a security standpoint. If it looks like you are going to be working from home for the long run, perhaps it’s time to make sure the computer and devices you use for work are dedicated to just that, and not moonlighting as a homework/videogaming platform after hours. Working parents, you know what I’m talking about!
  4. Keep track of those pesky passwords. Let’s face it, Santa ain’t bringing us the gift of freedom from passwords this year, so treat yourself to a real password manager. Again, the good ones aren’t that expensive, as little as $3 a month! You can even get a family plan that allows you to share passwords – might be useful for multi-generational households and the multitude of streaming services they are guaranteed to be watching!
  5. Get a “mask” for your computer. Let’s face it, long before the pandemic darkened our doorways, the internet was polluted enough that the smart computer users were masking up with malware protection. The pollution has gotten worse, and shows no signs of abating. Having your computer go out in public without a mask is just asking for an infection and unfortunately monoclonal antibodies won’t save your data.

Image by Arek Socha from Pixabay

holidayssecurityshopping list

Feds able to snoop on popular “secure” messaging platforms

  • 0
Christopher Woo
Tuesday, 30 November 2021 / Published in Woo on Tech
ID-10067190.jpg

At this point it should come as no surprise to anyone that regardless of what Facebook says about security and privacy, you can almost guarantee they will be caught in a lie, or at the very least, avoiding the truth. The latest boondoggle comes courtesy of a Freedom of Information Act finding made by an organization called Property of the People, a non-profit transparency group who has shared a document from the Federal Bureau of Investigation that details “Lawful Access” to your supposedly private and secure messaging on Facebook’s WhatsApp and Apple’s iMessage platforms, as well as several others.

What this means to you

In a nutshell, the document does indicate that in all cases, Facebook and Apple are true to their word that your conversations – as they happen – are encrypted, and the FBI cannot read them. What’s telling is what Apple and Facebook omitted in all of their marketing and soapboxing about privacy and security. According to the FBI document, which appears to be designed more as an executive summary, WhatsApp seems to be designed to give near real-time access to everything but the content of the user’s messages if they are served with a search warrant. Though not nearly as transparent in real time as WhatsApp, Apple’s iMessage will provide metadata surrounding a targeted user’s messages for up to 25 days.

The real cherry-on-top of this privacy-nightmare sundae is actually Apple’s to own: If the targeted user happens to be backing up their messages (both iMessage and WhatsApp apparently) to iCloud, a search warrant can also return the encryption keys to that supposed secure backup, which will allow authorities to decrypt and reveal the actual contents of the messages.

Of course, if you aren’t doing anything wrong, you should have nothing to worry about if the Feds are reading your messages, right? Let me point you to an article written in 2013 and published by the ACLU:

You May Have ‘Nothing to Hide’ But You Still Have Something to Fear | American Civil Liberties Union (aclu.org)

On top of the privacy issues this latest surprise reveals, I also want to make sure you note my other point: regardless of how much Apple and Facebook preach from their bully pulpits about protecting your privacy, it should be painfully clear this is more marketing ploy than protection of your rights. If a company is for profit, they are not looking out for you, they are looking out for their shareholders whose top priority is staying in business and cooperating with the authorities to make sure those dollars don’t stop. In the end it’s your choice whether you use these platforms, but don’t fool yourself into thinking you are choosing a “secure” platform that “protects your privacy.” At best, Facebook and Apple are being disingenuous about their privacy stances while behind the scenes they are laying the foundations for an Orwellian Nightmare.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

ApplefacebookFBIimessageprivacy

Really Black Friday

  • 0
Christopher Woo
Tuesday, 16 November 2021 / Published in Woo on Tech

I’ve mentioned it before but it bears repeating – the chip shortage will not wrap up anytime soon, with all major players like Nvidia, Intel and Toshiba predicting shortages lasting well into 2022 if not into 2023. Seeing as semiconductors are in everything from autos to Zambonis and everything between, production has slowed if not halted in most major industries on manufacturing and delivering goods. Couple this with the major supply chain issues we are also facing world-wide and it’s a safe bet that your holiday shopping (or end-of-year budget spend-down) may be pinched by a Grinch that won’t be stopped by seasonal vibes.

What this means for you

All the more reason to get out there on Black Friday or Cyber Monday to do some shopping now, right? Don’t think it Scrooge-ish of me if I offer some words of caution when you brave the crowds (or virtual queues) in search of technology deals. I’m certain there will be good deals to be found on both fated days. Retailers are up against shortages, inflation and the pandemic – they will likely not pull any punches to wash the red out of their ledgers this year, but it’s not like the chip shortage or the pandemic is something new. The most sought-after holiday gifts are typically technology items, and things like the latest generation of video consoles have been notoriously hard to find since their launch, especially since the internet and online shopping has made scalping an extremely profitable side hustle. Retailers are barely able to keep stock on hand for the high-demand items, and even the less-popular stuff is selling because there is literally nothing else to buy. This goes for work technology items as well. Our wholesale sources are getting down into single-digit availability on the core workplace desktops, laptops and printers, and they are even selling out of the models we normally avoid recommending because of sub-par performance or quality issues.

This brings me to my warning: Beware of buying something – whether for entertainment or work – just because it’s available and “on sale”, especially If you haven’t done the research on it. We are in the most scarce technology market I’ve seen in my professional lifetime, but I don’t think we are at the point of choosing “any port in a storm” just yet. Do you really need a slightly bigger flat screen or slightly faster smartphone, or could you scrape a few more months out of a working device that is in your hands right now. If you need additional equipment because you are expanding or hiring, buying something on discount that you might not have normally purchased may not be optimal use of your resources. Definitely get into the spirit of the holidays, but don’t let FOMO of Black Friday impair your judgement! We’ve found that retailers know that people are in the buying mood, and the deals aren’t necessarily any better than what you might find throughout the year, and given that we know the good stuff is already in short supply, the deals might be more glitter than gold.

Image by Tumisu from Pixabay

black fridayshoppingshortage

Network Vulnerabilities Discovered in Medical Devices

  • 0
Christopher Woo
Tuesday, 09 November 2021 / Published in Woo on Tech

In years leading up to the domination of the world by the Internet we used to make fun of organizations and industries that seemed to be dragging their feet on getting modernized – the Navy’s old DOS-based, air-gapped systems seemed so antiquated (even with the Wargames movie sounding very prescient, if simplistic alarms) or local mom-and-pops using mechanical registers, or hospitals and clipboard paper charts. Now that everything has a network connection and is sending and receiving data via the internet, it would seem the Monkey’s Paw curled up all fingers except one and that one is flipping us “the bird.” This latest facepalm comes in the form of devices built by or containing components built by Siemens that use an operating system known as Nucleus, an OS that was written for devices used in industries that require stringent safety and security controls, such as the medical, automotive and aviation controls. Clearly this would mean that the OS must be safer than the usual swiss cheese we see from OS’s like Windows, right? Researchers have found 13 vulnerabilities in the networks stack of Nucleus, an OS that is used in an estimated 3 billion devices.

What this means for you

I won’t go into the gory details of the vulnerabilities as that would only be entertaining for security geeks and I know they aren’t reading my blogs for that sort of fun. Suffice it to say, so far as the researchers know, these vulnerabilities haven’t been exploited in the wild yet and Siemens has supposedly addressed these holes with updates. So why am I spending precious minutes telling you about something that (a) you have no direct control over and (b) might already be taken care of? Precisely because of those things. It’s convenient and comfortable for us to go about our daily lives while ignoring just how much of our surroundings are managed, monitored and controlled by devices that we have zero understanding of how they work, let alone what master to which they report.

We can be sure of two things in this current crazy timeline: if a device can gather and report data, it will do so because data = profit, and if the device was built, programmed or configured by a human, you can be certain that it is less than perfect. Most of the time, we can deal with something that is less than perfect. In fact we are surrounded by imperfections that are suitable, usable and safe. Most of us understand that perfection is an ideal to strive for and not objectively obtainable. Unfortunately for internet security, small imperfections, even when rare or obscure, can lead to massive problems. At the moment, as with the parallel analogy of the ratio of air disasters to safe flights, it feels like security breaches and vulnerabilities are everywhere, when in fact they only make up a very small percentage of the amount of the vast amount of digital transactions that occur every single second. Unfortunately, like plane crashes, though their occurrences may be statistically rare (for the moment), they can be catastrophic when they happen. Engineers strive to reduce the chances that a plane will crash or that an operating system will be vulnerable to attack, but in the end, they are subject to human error. No technology is infallible.

It would be paralyzing to try to anticipate everything that could go wrong – this is the textbook definition of anxiety. However, I think it’s useful to carefully moderate your expectations when it comes to relying on technology to protect you or care for you perfectly. Don’t take your technology and security for granted, and you will be less surprised and better prepared for when it shows its human side.

Image by Bruno /Germany from Pixabay

elephant on the internetsecurity
  • 9
  • 10
  • 11
  • 12
  • 13

Recent Posts

  • mid year check-in

    Mid-Year IT Health Check: 10 Things Professional Services Firms Should Review Now

    Most firms set their technology priorities in J...
  • Cloud Migration for Professional Services: When It Makes Sense

    Cloud Migration for Professional Services: When It Makes Sense (And When It Doesn’t)

    Every vendor in the technology industry will te...
  • mid age man working on laptop while floating in the sea summer vacation

    Summer Vacation Security Checklist for Professional Services Firms

    Summer is the one time of year when professiona...
  • The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    The $300 Laptop vs. The $1,300 Laptop: A Technology Investment Guide

    I have had this conversation more times than I ...
  • Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote Work Technology Setup: What Matters for Professional Services Firms

    Remote work is no longer a temporary arrangemen...

Archives

  • GET SOCIAL
Get Tech Support Now - (818) 584-6021 - C2 Technology Partners, Inc.

© 2016 All rights reserved.

TOP