Category Archives: Security

Equifax Hit With £500,000 Fine



The UK’s Information Commissioner’s Office (ICO) has hit credit reference agency Equifax with a GB£500,000 fine for the 2017 data breach.  Equivalent to US$660,000, the fine is the largest ever imposed by the ICO and is the maximum permitted under the legislation in force at the time. Under the newer GDPR laws, the fine could’ve been as high as $20 million.

The Equifax data breach involved the records of 146 million people, with nearly 15 mlllion being UK nationals. The ICO was scathing in its comments about Equifax, saying, “The ICO found that measures that should have been in place to manage the personal information were inadequate and ineffective. Investigators found significant problems with data retention, IT system patching, and audit procedures. Our investigation also found that the US Department of Homeland Security had warned Equifax Inc about a critical vulnerability as far back as March 2017. Sufficient steps to address the vulnerability were not taken meaning a consumer facing portal was not appropriately patched.”

During the cyber attack last year, a range of personal information was taking including, names, dates of birth, addresses, passwords, driving licences and financial data.

The Information Commissioner herself, Elizabeth Denham, went on to say, “The loss of personal information, particularly where there is the potential for financial fraud, is not only upsetting to customers, it undermines consumer trust in digital commerce. This is compounded when the company is a global firm whose business relies on personal data.”

Equifax’s approach to data protection and the care of our personal data was negligent, and frankly, I don’t think they deserve to be in business. The full judgement is here pdf.

Money photo by Sharon McCutcheon on Unsplash.


Business Values Our Data. Why Don’t We?



Organisations love information about you. Everywhere you go, it’s sign up here, tell us about this and what do you think about that? Trust me, businesses aren’t interested in you for altruistic reasons: they either want to sell you stuff, or sell your information to other businesses who want to sell you stuff. Your information has value to them and they want it.

An email from a major UK hotel chain arrived in my inbox the other day, offering me an annual birthday gift in exchange for updating my profile with my date of birth. I imagine the gift will be a discount on a hotel stay around the time of my birthday but the email didn’t say. Perhaps not to be sniffed at but birth dates are often used as part of security procedures around bank accounts so it’s worth being cautious.

I think we’ve all become aware over the past few years how easily it is for big names to be hit with a data breach – Equifax, Yahoo, British Airways – and a hotel chain seems like a juicy target too. Wouldn’t be the first either. Lots of lovely customer information with credit card numbers.

Consider too that factual personal information like dates of birth can’t be changed. If a password is stolen as part of a data breach, the solution is to change the password. Credit card number lifted? A new credit card arrives in the post. There’s nothing you can do if your date of birth is taken. It’s on your birth certificate.

It’s not worth it. If the hotel chain wants my age band and month of birth, I’ll happily give it up for a discount, but when it comes to day, month and year, I think I’ll pass. You should too.

Photo by Rene Böhmer on Unsplash.


Robocalls are Interfering with my Business



Robocalls are at a point where they are now interfering with my business largely because my team is on cell phones. Yesterday I received 14 business calls and 32 Robocalls and the volume is only increasing. My blocked number list has now grown to an ungodly size and due to number spoofing, they just spoof a new number. I can now detect a robocall with seconds of answering my phone. The high majority of these calls originate overseas and they always have some service to sell my business.

I have to watch myself as I answer the phone because when I pick it up I am assuming its a robocall and not a new or existing customer. With the ability of these marketers to spoof a telephone number it is nearly impossible to screen for them. When a call comes in from +100000000000 you know its a robocall, but when the number comes in from a normal number it’s really hard. With people refusing to leave a voicemail these days I have no choice but to answer every call.

It’s really driving me crazy because we have a distributed work-force the high majority of my team are on cellphones. It gets worse the marketers are now even targeting our 800 number which gets a handful of these calls a day. I am not alone, talking with other business owners their frustration has grown as well. Today I looked at the iOS App Store and of course, all the Robo blockers are premium. Makes you wonder if they are not in cahoots.  In a future article, I will discuss whether the app I found and am paying for has helped or not. The only way to fight fire is with fire using the tech at our disposal to try and get the upper hand on these bad characters.

The National do not call list only really works on legitimate companies that are following the rules. The bigger issue is the off-shore folks that have 1000’s of people in phone centers who are trying to get you on the line long enough to do their pitch. I am sure it’s a numbers game to them but it sure drives me insane.


Encrypted Storage with SecureDrive at CES 2018



Encrypted external hard drives and USB memory sticks have been around for at least a decade, but most of the time it’s either locked or unlocked: if you have the password, you’re in. Sergey from SecureDrive shows Scott their security solution to this common problem.

SecureDrive specialise in hardware encrypted data storage. They’ve three product ranges with varying capacity (1 – 5 TB) to address different security and storage requirements.
– SecureDrive BT, which uses Bluetooth and an app for authentication
– SecureDrive KP, which uses keypad authentication
– BackupDrive, which backs up files and encrypts them with built-in anti-malware
For the rapid transfer of large files, all the devices use USB 3.0, and for security, it’s pending FIPS 140-2 level 3. That’s pretty secure.

The unique part of the SecureDrive solution focuses on the BT model, which uses Bluetooth and an authentication app. Instead of the drive only being locked or unlocked, the solution allows additional controls for geo-fencing and time schedules. For example, the SecureDrive BT can be set to only unlock between 9-5 M-F or only if the unit is within company premises. In addition, there’s remote management so authorisations can be revoked and the drive remotely wiped.

The drives are assembled in Ohio, USA, and they’re available for purchase priced at  US$299-$499. The remote management feature is a subscription service.

Scott Ertz is a software developer and video producer at F5 Live: Refreshing Technology.

Become a GNC Insider today!

Support my CES 2018 Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Donate to the Show: Support this podcast

Need a Housesitter? Ask Kevin at CES 2018



It’s a sad statistic that around half of us in the Europe and US will experience a break-in or burglary during our lifetime and unfortunately, I’m one of those. Most burglaries are over in less than five minutes and by the time the police turn up, the criminals are long gone. Smart homes and security alarms only go so far and what you really want is to deter the burglars from breaking in at all. You need a housesitter and Mitipi have one called Kevin. Todd thought Kevin was a minion

Kevin is the first IoT device to simulate the presence of people in a room by emitting light, shadow effects, and sound, meaning burglars will think someone’s home, and won’t want to break in for fear of being confronted or even caught.

Kevin is extremely easy to use. Place the device in a main room with a window, say, the living room. Once set up, Kevin can be controlled via the buttons on the box, or through the companion app. To pretend someone is home, Kevin uses a smart logic that considers multiple factors such as location, language, weather and home type to produce a realistic simulation with light, sound and shadows.

Kevin is currently on Kickstarter and the best pledge is SFr249, which is around GB£190 or US$270. Delivery is expected in December 2018.

Todd Cochrane is the host of the twice-weekly Geek News Central Podcast at GeekNewsCentral.com.

Become a GNC Insider today!

Support my CES 2018 Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Donate to the Show: Support this podcast

Keep Porch Pirates at Bay with BoxLock at CES 2018



From a consumer’s point of view, internet shopping is great: huge choice and prices to fit every pocket. Sure it takes a day or two to come but that only increases the rush while you wait for the delivery…..only that’s the snag. Many of us are in work when the delivery comes to our empty homes and either the delivery service takes it back to their depot or you parcel lies at risk of theft until you get home. BoxLock have an ingenious solution and Todd unlocks its potential with Brad.

BoxLock is an internet-connected smart padlock with a built-in barcode scanner. To use BoxLock, you first get a secure container or bin which can be locked using a traditional padlock – it’s usually called a hasp – and put it out front. The BoxLock then goes on the bin instead of the padlock.

When the delivery driver arrives, he (or she) simply grabs the BoxLock and presses the button on the top to scan the tracking number on the package. The BoxLock checks online via wifi and only packages addressed to you and that are actually out for delivery that day will unlock the BoxLock. The driver opens the container, places your package safely inside and then closes it all up.

Your BoxLock smartphone app then notifies you which package was scanned and that your BoxLock is safely locked with your packages inside.

Several of the big delivery companies are on board including FedEx, UPS, USPS and Amazon, so it’s perfect for keeping those porch pirates and packet thieves at bay.

BoxLock is current InDemand on Indiegogo for pre-ordering at US$109 (the video says $129 retail) with deliveries expected in June 2018.

Todd Cochrane is the host of the twice-weekly Geek News Central Podcast at GeekNewsCentral.com.

Become a GNC Insider today!

Support my CES 2018 Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Donate to the Show: Support this podcast

BIO-Key Uses The Power of Touch at CES 2018



Fingerprint readers are well established in all but the lowest cost smartphones – look at the Moto G-series for phones priced around US$200 – and it’s a trusted solution. So it’s not surprising that fingerprint readers are now appearing in other devices such as padlocks and bike locks. BIO-key are fingerprint specialists and have a range of locks and readers that do away with keys and passwords. Todd unlocks the potential of his finger with Scott.

BIO-key’s locks can be opened by a range of technologies depending on the model. Most use fingerprints, but others also have Bluetooth capabilities and some use PIN codes. There are some real benefits in using a fingerprint for unlocking – no key to lose, no combination to remember.
Prices start at US$39.99 for the TouchLock Designer, and a TSA approved lock is $54.95.

BIO-key produce fingerprint readers for PCs too, so if you don’t want to type in your password, check out these USB devices.

Todd Cochrane is the host of the twice-weekly Geek News Central Podcast at GeekNewsCentral.com.

Become a GNC Insider today!

Support my CES 2018 Sponsor:
30% off on New GoDaddy Orders cjcgeek30
$.99 for a New or Transferred .com cjcgeek99 @ GoDaddy.com
$1.00 / mo Economy Hosting with a free domain. Promo Code: cjcgeek1h
$1.00 / mo Managed WordPress Hosting with free Domain. Promo Code: cjcgeek1w
Donate to the Show: Support this podcast