Father of Bitcoin?

Australian Chris Wright has claimed to be Satoshi Nakamoto — the creator of Bitcoin. If true, this puts an end to one of the biggest cyber mysteries of the 21st century.

http://www.economist.com/news/briefings/21698061-craig-steven-wright-claims-be-satoshi-nakamoto-bitcoin

The Bitcoin faithful will spend the next year on conspiracy theories, but I’m guessing the Economist and BBC did their homework before publishing.

If Chris Wright is Satoshi, then I’d love to hear his take on Bitcoin being the payment method of choice for illegal activity like ransomeware and money laundering.

Three Lessons from the NFL Draft

It should have been a great night for Laremy Tunsil, the offensive lineman from Ole Miss. He was drafted #13 by the Miami Dolphins in the 2016 NFL Draft.

Unfortunately, his Twitter and Instagram accounts where “hacked”.  Looks to me like somebody got access to his iPhone. Three possible lessons from an information security perspective:

  1. Make sure you have a passcode or biometric security on your phone. Nobody should know your code; not your best friend, not your girlfriend, not your kids, maybe your spouse.
  2. Strong, unique passwords and two factor authentication can prevent somebody who discovers one password (like Twitter), from logging into other accounts (like Instagram). Of course this doesn’t matter if a mean person has your unlocked phone.
  3. Never post anything to social media unless you’d be happy to see it on the front page of the NY Daily News.

http://www.nydailynews.com/sports/football/laremy-tunsil-twitter-shows-man-smoking-bong-nfl-draft-article-1.2618248

There are lots of other lessons to be gleaned from this incident. I’ll leave that to the sports writers.  However, I hope the media shines a spotlight on the system and not just a kid who accidentally disclosed the realities of high stakes college athletics.

Two Factor Auth is Necessary

I just read that Facebook employees can login to their internal systems with only a username and password.  See:

http://www.mirror.co.uk/tech/facebook-hacked-security-researcher-stumbles-7829312

Cyber criminals have so many tools that we need an additional layer of protection.  If Facebook can have hackers lurking inside their network for months, what makes you so sure your network is safe?

I’m advising all my clients and companies to enable 2-Factor Authentication on all systems.  This and strong unique passwords gives me piece of mind that a compromise of my username and password does not expose me to cascading risks in other systems.

Free Security Training

I just got an announcement from Heimdahl Security that they are offering a 7 week, FREE information security course for small businesses. Read more about it here:

Just Launched: Cyber Security for Small Business Owners in Partnership with the London Digital Security Centre

I’ve been following these guys for a while and it seems like they are doing a really good job. I don’t use their products, but the information they provide has been useful.

CryptXXX Ransomware – scary stuff

I’m always watching the boards and blogs for news about new security threats. Today, I read about CryptXXX and it is really scary. This ransomeware is transmitted by drive-by-download but look for phishing scams soon.

Here are the highlights: CryptXXX infects your computer, steals information (potentially BitCoins too), and starts doing industrial strength encryption of your local files AND mounted network shares.

Recommendations:

  1. Have backups and don’t keep them mounted all the time. It would suck to have both your machine and the backups encrypted by ransomware.
  2. Keep everything patched. Disable Flash if you can stand it.
  3. Use an ad blocker to prevent infection from Malvertisting.

See more about CryptXXX here:

https://blog.knowbe4.com/scary-new-cryptxxx-ransomware-also-steals-your-bitcoins

 

OSX Mavericks All Systems Go

I upgraded my MacBook Air 2012 last night and everything went smoothly.  I left my Thunderbolt displayed plugged in but didn’t have any ill side effects.

Initial observations using OSX Mavericks:

  • Everything feels a little faster, starting apps, Finder
  • Everything works – exception being the WP editor in v3.6 – no bullets
  • Parallels 9 and Parallels Access is fine
  • RoboForm is still fine
  • PyCharm needed to install Java 6 SE to start
  • Office 2011 (mac) runs fine

Wonder what it would have cost to have Apple do the ACA website rollout?

 

PyCharm Database View and Google Cloud SQL

PyCharm has really improved my developer productivity.  It has great integration with the Google Apps SDK and with a little tweaking, can support multiple Google Cloud SQL database logins.

The tricky part is managing the stored credentials behind the scenes. Seems like the Google SQL Command Line Tool only supports 1 login at a time. If you are like me and do projects for multiple clients, then you need multiple Google Account logins.

What works pretty easily is swapping out the credential file behind the scenes. Take a look here to find where the Command Line Tool is storing it’s credential:

https://developers.google.com/cloud-sql/docs/commandline#revokeaccess

You can setup the Command Line Tool using your first account, then rename the resulting credential File (or Registry Key in Windows. Setup the Command Line Tool again using your next account, then rename the credential file/key to something else.  Now you can swap your active credential by swapping in the right file/key.  Symbolic links work in Mac/Linux, .reg files to set the right key should work in Windows.

Once you have the right Credential in place, tell PyCharm about the Google Command Line Tool .jar database connector file and you are good to go.  Here’s a picture of my setup.

Setup PyCharm with Google Cloud SQL

Rule in School

I’ve got one son heading off to Wayland Middle School, the other starting Cambridge School of Weston.  Both boys are tech savvy, so what are the right devices to support their educational experience?

Wayland High School is giving every kid a Macbook Air.  My high schooler, thinks that’s a great idea.  But recently he was interacting with his school portal and everything posted there was an Excel file.  He’s also into having “different” stuff than everyone else.  Could it be that a Microsoft Surface RT tablet makes sense for High School?

The middle schooler just want’s a Nexus 7 tablet so he can read and play tablet games.  So that one is easy.  Nexus 7’s are about the most reasonably priced devices on the market.

You might be thinking that these tablet devices are not powerful enough for real gaming (and that’s what kids really want computers for these days).  Right-O.  They’ve both already got PCs loaded with games and other distractions.  The idea of a device for school is something that can do email, writing, basic web searches, play music, and not much else.

 

Macbook Air vs Pro

I’ve been using a Macbook Air from 2012 for the last year and love it in general. Our Wayland High School is “loaning” them to every high school student as part of a 1-1 program. It is a sweet machine, but I’m learning it does have it’s limits.

The big limitation I’ve hit with my Air is fan noise when doing anything with video or screensharing. GotoMeeting, WebEx, Skype, all of these get the CPU fan spinning to maximum. While this isn’t technically a problem, it is lowering my satisfaction with my Air being my only computer. And for reference, I’ve got the Core i7 version w/ 8gb RAM.

I’m hoping the next generation of Macbook Pros with Haswell internals will be powerful and have great battery life. I’ll probably upgrade and pawn off my Air on one of my kids. Don’t tell them I said that.