WARNING: Heartbleed is a Silent Stalker

HeartbleedThe Internet has been reeling for the past couple of days after a very serious and widespread vulnerability called Heartbleed reared its ugly head. The Heartbleed threat might finally be all over the news tonight, as this security threat bursts out of IT backrooms and becomes public knowledge that could possibly impact millions. But most organizations have been flying under the radar, rather than warning their users to stay clear of their login pages.

TL;DR Skip straight to the bottom to see what you should do to protect yourself. Rule #1, stay logged out of sensitive sites until you see a clear advisory that the site’s been secured.

Heartbleed is an SSL exploit that could be potentially have already affected up to 2/3rds of web servers, and an undetermined number of mailservers. The result is that financial transactions, medical info, personal data, pictures, passwords, attachments, chats and pretty much everything the world has entrusted to the OpenSSL encryption library (ie. those HTTP:// URLS) has been vulnerable for almost 2 years on many servers.

Unfortunately the standard practices for corporate secrecy and IT security can also impact consumer awareness and security as well. Since people’s first instinct is to login and reset their passwords…Regardless of whether the organization has made public disclosure, and announced that their sites have been properly patched.

The first thing you need to know about Heartbleed is that any server that uses vulnerable versions of OpenSSL to secure its connections (via the https:// protocol) have been vulnerable, for up to the last two years! Some people are starting to suspect that this back-door was placed on purpose to enable government agency spying. We can decide for ourselves if this theory is plausible based on prior actions.

The second thing to know is that you should NOT reset any passwords on any suspected sites until you can be fully assured that their systems have been properly updated and re-secured. This means that the standard approach to such security issues, where everything is on a need to know basis, will need to be broken-open to the public so that we can all be assured that our passwords can be safely reset on any site that has been vulnerable.

This kind of open disclosure of potential risk is often very difficult for many types of organizations, and that’s the real problem here. Since the standard operating procedure stands in the way of real damage control, and instead favours  the “reputation management” need that can supersede the real security risks to Consumers. Many organizations would prefer to respond to issues on a reactive basis, rather than throw the floodgates open to admitting fallibility.

Continue reading


BlackBerry surge shows how media can pump price – as FP Editors suggest that the Pentagon made a massive commitment to company’s devices?

BlackBerry's Back

Bloomberg’s got BlackBerry’s back. It’s nice to see the Financial Post getting behind beleaguered BlackBerry Ltd. However they seem to have missed a some key details in their desire to get on the bandwagon…

Their story (from Bloomberg) conveniently avoided several key points of information, in order to present a positive spin on some news that barely even related to BlackBerry.

First, the new DoD DISA system was built by Fixmo (and is NOT based in BES/BB10 features) and it’s been designed to support 300,000 devices. (not just the current 81,200 indicated).

It also doesn’t state that this system is NOT being built around BlackBerry’s BES network either.

In fact, this system is being built around Fixmo’s MDM solutions, and is clearly open to new Android or Apple devices as well!

So the only bone fide BB angle in all this news is that the existing 80,000 BB’s in the DoD will also be allowed onto the new system…ALONG WITH Android & IOS devices !

Evidently, this is why there’s NO ACTUAL MENTION of BB10 devices in the Bloomberg and Financial Post articles, and the included picture is of an older phone? This is clearly a pump-piece from Bloomberg, that FP also ran with.

The impressive 98% figure being bandied in the lede is also QUITE mis-representative, since it only applied to the current ratio of (80,000) BB devices in the launch phase, where well over 2/3rds of the forthcoming devices aren’t accounted for yet.

So at what point can we call journalism, that depends on highly selective reporting and slanted intent what it really is?

Anybody who knew the full story around this DoD news could tell that this Bloomberg piece was yellow.
Surprisingly the editors at FP didn’t question the slanted motives either.

Perhaps due diligence only applies to basic fact checking, of the surface numbers, and not what they appear to represent. Or maybe FP simply defers to Bloomberg on that basic principal of journalism as well?

Financial Post | Business

BlackBerry Ltd. shares surged as the U.S. Defense Department said its smartphones will be the primary device supported on a new network, showing that rivals are finding it difficult to unseat the longtime government supplier.

About 80,000 BlackBerrys will start being hooked up to the department’s management system at the end of this month, the Defense Information Systems Agency said in a statement last week. The network will also include 1,800 phones and tablets based on Apple Inc.’s iOS software and Google Inc.’s Android operating system.

BlackBerry rose as much as 12%. It was trading 8.1% higher at $9.82 at 11:35 a.m. in New York. The company’s Canadian shares had already jumped 8.2% yesterday in Toronto while U.S. exchanges were closed for Martin Luther King Jr. Day. After tumbling 37% last year, the U.S. shares had gained 22% this year through Jan. 17.

[related_links /]

The Waterloo, Ontario-based company is…

View original post 327 more words

RSS is Dead…Long Live RSS!

What are we talking about when we talk about RSS?
RSS was once a bright and promising young star of internet protocols, which still serves a dwindling yet devoted audience even now over 15 years later. Yet as the geek-index of the average internet user has slowly dropped to the levels of the general consumer, so has the interest in managing one’s own syndicated content feed. Or has it?

What if it’s just the the RSS protocol itself that’s fallen out of fashion, not the supporting idea of aggregating content into your own info-tainment concierge (so to speak).

We’ve previously talked about how the average consumer is going to soon become increasingly confused by the iconography behind tap-able NFC tags and devices, and how the tap-to pass payment systems (ie GoogleWallet, ) are blurring the lines with other NFC-based services (like Samsung Wave, etc). In the end creating enough confusing that the NFC services might falter in NorthAmerca if people start to beleive that they will be charged for something every time they tap a wavey icon.

Luckily the payment systems have started to standardize around the 4-wave symbols, leaving the 3-waves (and a dot!) iconographers to map out a future between NFC, WiFi, and any lingering users fo RSS.

What’s also fortunate is that WiFi hotspots have become more recognizable for their standard signage, in bland/boring blue and using the 3-waves and a dot icon. This leaves only RSS and the myriad of other NFC services to sort themselves out with what’s arguably the best most effective icon out there.

There are many signs that NFC and payments standards are also competing for the much more visible yellow and orange-ish colours that will help them stand out on signage. Which makes it all the more important for NFC to seize the dot, and standardize around the smaller 2-wave icon.

So rather than clamour in confusion, and risk being lost in a washed out ambiguous lookign variety of icons, NFC services should pick up where RSS left off, adn simply offer a wireless-way to tap yoru way into a new form of subscription and even syndicated content. abandon
inessential.com: What we talk about when we talk about RSS

inessential.com: What we talk about when we talk about RSS.

MatchApp: Next Generation Disaster Response App? | iRevolution

When it comes to disaster response, the word “resilience’ comes up alot as a pre-emptive measure that needs to be developed both at the administrative and grass-roots level. Developing Community resilience is becoming an area of great interest because of how it can leverage the resources and organizations already available in the community level, while enabling better communications and reactions from First Responders as well

As some people become more concerned about doomsday scenarios, and structural failures in society, others know that the choice before us, is either paralysis, or proactive survival…before the moment of truth arrives.

Here’s some  info on solutions being developed for our smartphones.

MatchApp: Next Generation Disaster Response App? | iRevolution.

Watching the Mobile Race for 3rd…

Watching the race for 3rd place in the MobileSpace is starting to get more interesting…While the initial splash from (BB’s) BlackBerry’s Z10 begins to settle, we see steady signs of new life in the WindowsPhone (WP) space, led by the magnificent Lumia 920 from Nokia.

If (big if!) the landscape for mobile security remains relatively undisturbed, we should begin to see more stories about the enterprise applications and the end-user experience (UX) rising to the forefront.  Hopefully these will include inspirational ideas about how productivity (primarily via SkyDrive-enabled Office apps) and media production capabilities can drive new ideas and innovative usage patterns via our mobile devices.

Maybe someday Samsung and Apple will be trying to catch up with WP and/or BB users when it comes to getting stuff done, and showing the world how they’re doing it!



Nokia today announced that Mall of America, the United States’ largest retail and entertainment complex, is switching from BlackBerry to the Nokia Lumia 920 because of the tight integration with Microsoft services and built-in Microsoft Office suite, offering Mall of America management team members greater productivity and flexibility in a very dynamic workplace.

The Nokia Lumia 920 is built on the Microsoft Windows Phone 8 platform, which allows out-of-the-box access to Microsoft apps and services, including Outlook, Word, Excel, PowerPoint, OneNote and SkyDrive, all brought to life on the smartphone’s large PureMotion HD+ super sensitive touch screen. These apps integrate with the mall’s existing Microsoft services, enabling Mall of America management team members to review and edit Outlook emails and Microsoft Office documents on their smartphones, wherever they happen to be.

“Switching to the Nokia Lumia 920 has increased productivity for key team members. The combination of a great smartphone…

View original post 307 more words