Friend Request Hoax

A legitimate message expressing concern about your impersonation account would:

  1. Ask if you created another account.
  2. Provide the address to the new account so you can go to the profile, click the three dots on the cover photo, select Report, and follow the instructions for impersonation.

Instead, the hot hoax right now says:

Hi….I actually got another friend request from you which I ignored so you may want to check your account. Hold your finger on the message until the forward button appears…then hit forward and all the people you want to forward too….PLEASE DO NOT ACCEPT A NEW friendship FROM ME AT THIS TIME.

Let’s break this down.

First, we have the preying on a fear we all have about our Facebook accounts getting hacked. Worse, this “hacker” is now going after friends.

But, the recommendation makes no sense at all. “Hold your finger on the message until the forward button appears…then hit forward and all the people you want to forward too…

Forwarding the message to others is how chainletters operate. You are being played by forwarding it. You are spreading fear. You are not helping.

Carrier Phish

Got a phone call from my own cell phone to itself. That was pretty interesting the first time, but I declined the call because I was certainly not calling myself. A day later, I got another call.

This one I answered. It was an interesting call informing me my account with the cellphone carrier was locked. I would need to go through the automated process to unlock it. Press 1 to continue; enter my zip code…

At that point, I hung up, went to my carrier’s website and checked I could in fact login. I didn’t get far enough into the process to identify my account, so I think I am safe. But, yeah, it seems like a good number of people could fall for this scam.

Freelove != Free Love

Got an email from Academia.edu saying,

Dear Ezra,

Alessandra Carneiro uploaded a PDF that mentions the name “Ezra Freelove”.

They have a premium service where you can buy access to mentions of your name. I know of only one mention in a VSU paper as a thank you for my work there in IT in helping them. So, I was curious about a second. I wasn’t going to spend $99 for it, so I looked up the name of the author. Only one person with that name has papers uploaded, so it was easy to just browse them.

Searching for “freelove” in all 8 led to no results. Then, I noticed “free love” one title. It was also the most recent. My actual last name is nowhere in the article. This website’s search must be ignoring the spaces in the four mentions.

Not the first nor the last time people conflate my surname with the term.

WiFi Management for Parenting

I’ve been futzing for what feels like a year with the WiFi trying out various things. Basically, instead of the wife turning off all the WiFi and none of us having it, I’ve been playing with a few things to bring some sanity.

  1. The first approach was the wife disconnected the wifi router. That meant all of our devices were dead in the water too. No streaming devices. No laptops. Phones were using up data.
  2. Technically, I have a couple routers. One from the ISP and another I bought. So, I moved the devices to use the ISP router. However, I only want the devices on it, so I have not provided anyone else access to it. That still left the problem of the wife yanking the router all the humans are using for their phones.
  3. So, next, I replaced the router with a newer one that included a guest network feature. I built this router so that we connect to a new name and the teen connects to the old name which is the guest network. The nice thing about it was I the ability to schedule when it was available. We tried various settings to deal with different issues. For example, it doesn’t come on until 8am after the bus comes because when it was coming on at 7am, the bus would be missed a couple times a week due to watching videos while getting ready to lose track of time. We have not really settled on a shutoff time in trying to figure out what is appropriate for getting homework done while not enabling playing video games.
  4. I could manage access to the video games through router, but it is one of those things where you block one thing and the activity just moves on to the next thing. (Youtube, Netflix, etc.) So, it is a game of whack-a-mole where I want a sledgehammer.
  5. He complained about the WiFi being unstable. He described sudden extraordinarily high ping rates, a pattern of issues in the hour before cutoff, and other stuff. Part of that problem is he is in the basement while the router is a floor up, 25 feet away, with a staircase, ductwork, pipes, and stairs in the way.
  6. So, I rebuilt the guest network on an extender. Now, in theory, the WiFi router talks to the extender down the hallway. The extender sits directly overhead. It still might have to deal with some ductwork and pipes, but it should be significantly better.
  7. Also, I have Smart outlet that will turn it off when we need to cut him off. I set it on a schedule which is nicer because I can say an earlier time Sun-Thu and later Fri & Sat. Also, it can also be managed through an app which is easier than an obscure webpage URL and desktop designed web page.

I Miss Google Reader

The Google+ shut down reminded me that I still miss Google Reader. Google also shut it down about 5 years ago.

I use Inoreader now, but I do not spend nearly the amount of time reading through it that I did GR. I could spend hours a day browsing through articles and mulling the content. Now, I spend about the same amount of time on Twitter instead.

Some old GR posts.

Buh Bye Google+

After a security lapse with the now dashed hopes for a Facebook killer social media site in Google+, it is now going to be shut down for most users. They apparently want to keep it around as a competitor to Slack? LOLz.

Google says Google+ currently has “low usage and engagement” and that 90 percent of Google+ user sessions last less than five seconds. Still, the company plans to keep the service alive for enterprise customers who use it to facilitate conversation among co-workers. New features will be rolled out for that use case, the company says. Google is focusing on a “secure corporate social network,” which is odd considering this announcement comes alongside news that the company left profile details unprotected.

Funnily enough, this post is going to go to Google+. See, I have WordPress Sharing set to post to Google+. I rarely go to Google+ anymore, but I have two users who +1s my posts there. Go figure.

USB Drives to Move Election Malware

From “Can Georgia’s electronic voting machines be trusted?“:

Though voting machines aren’t directly connected to the internet, witnesses testified last week that USB drives are used to transfer election data from internet-connected computers to election servers.

So, computers that are connected to the Internet are used to move data to the election servers. Malware can be used to reach those computers. The theory here is the election servers by not being on the Internet are more secure because they are “air-gapped.” However, Stuxnet eight years ago taught us: Not as much as once thought.

Stuxnet was never intended to spread beyond the Iranian nuclear facility at Natanz. The facility was air-gapped and not connected to the internet. That meant that it had to be infected via USB sticks transported inside by intelligence agents or unwilling dupes, but also meant the infection should have been easy to contain.

USB drives are the prime vector to contaminate air-gapped computers. It sounds like the election officials are aware because they added this claim to the article:

Election officials say security precautions protect voting machines from tampering. For example, a USB drive is reformatted every time before it’s plugged into an election server.

I find it unlikely they download data onto a USB drive, delete that data by formatting the USB drive, and only then insert the blank USB drive into an election server. It would be easier just to not use a USB drive at all. They probably mean they format the USB drive while it is in the potentially infected Internet-connected computer, which would not prevent malware from inserting itself onto the USB drive at the time the GEMs data is copied onto the USB drive.

 

18th Anniversary of Blogging

Here is my first blog post from 18 years ago, which makes it as old as a legal adult. Wow…

Two Footballs

I got started at a place called Diaryland. A friend, Lacey, had started using it. Back in those days, I was up for trying pretty much anything geeky friends were doing. Blogging was a natural place for me to go.

Diaryland became Pitas and the site there was the first Rants, Raves, and Rhetoric. As other platforms became available, I tried them all:

My activity is far less now than it was back in 2000, but as I understand, most people active back then primarily post on Facebook or Twitter.