Saturday, June 3, 2017

Tesla solar roof too expensive if it ever gets here

If you are to believe the mainstream media, then Tesla’s solar roof tiles are apparently the savior to Australia’s energy crisis, as if we did not have our own solutions in place.

It seems that you can put down a deposit on Elon Musk’s solar roof tiles, but you won’t know;

  • when you will get them,
  •  when and if the product will get Australia Standards certification,
  •  if it will support Australian houses which have a totally different title structure from American homes.

Apparently the warranty is ‘infinite’ but only on the glass roof tile and not the product generating electricity.

It sounds like you may want to get a wind turbine in the meantime to generate a lot of electricity from the hot air coming from the factory of overpriced products, and the annals of the mainstream media.



You can read what the mainstream media writes about the product at:


Then compare it to someone who apparently has some technical qualifications on the matter at:

Friday, June 2, 2017

NBN to be compulsory - Life in a penal colony




Apparently 'customers' are supposed to have a choice.

When you have the 'freedom' of choice taken from you, you are enslaved.

So what's happening in the penal colony of Australia of late?

Avid readers of the blog Corporate Australia will note that on the 12 of May 2017 the blog reported that the good people of Australia will be subjected to compulsory purchase of the technological disaster called NBN contained within the link;


Approximately 2 weeks later the mainstream media states the same, in an article of the headline;

6 Million Australians Are About To Get A Rude Shock When They Find Out The NBN Is Compulsory


Just another action by the "corporation" telling the slaves there is nothing they can do about it.
 

Thursday, June 1, 2017

Criminals exploit SS7 vulnerabilities, prompting concerns about 2FA



Cybersecurity researchers warned us that this would happen, eventually.

Earlier this year, hackers were able to remotely pilfer German bank accounts by taking advantage of vulnerabilities evident in an important yet outdated communications protocol known as Signaling System 7, or SS7, which enables global cellular networks to communicate with one another.

The high-tech robbery, initially reported last week by German newspaper Süddeutsche Zeitung, represents the first known, real-world case of thieves exploiting SS7 to intercept confirmation codes that are typically sent by banks to validate actions taken by online banking customers. Recently disclosed intrusions showcase a unique and sophisticated hacking operation that leveraged a combination of both targeted phishing emails and SS7 exploits to essentially bypass two-factor authentication, or 2FA, protection.
Telecommunications giant O2-Telefonica confirmed details of the SS7-based cyberattacks to Süddeutsche Zeitung.

The multi-stage cybercrime campaign required that the hackers steal user credentials to access individual bank accounts in order to transfer money into dummy funds. After stealing the necessary login details via phishing emails, the perpetrators intercepted the associated authentication codes sent to the victims — messages notifying them of account activity — to validate the transactions and remain hidden, investigators say.
News of the incident prompted widespread concern online, as security advocates railed against the popular and continuous use of text messages to authenticate account information while a mountain of growing evidence now exists proving SS7 is unsafe to deliver such data.
Security experts say that the same SS7-centric hacking techniques used against German banks will become increasingly prevalent in the future, forcing organizations to reconsider how they authenticate user activity.

“While this is not the end of 2FA, it may be the end of 2FA over SS7, which comprises a majority of 2FA systems,” said Cris Thomas, a strategist at Tenable Network Security. “Vulnerabilities in SS7 and other cellular protocols aren’t new. They have been presented at security conferences for years … there are other more secure protocols available now that systems can switch to as attacks on SS7 become increasingly common.”

Cybersecurity researchers first began warning the public and private sector in late 2014 about dangerous flaws in SS7 that allow hackers to, among other things, track a phone’s GPS location, listen to calls and read or redirect SMS messages.

“This latest attack serves as a warning to the mobile community about what is at stake if these loopholes aren’t closed, and provides a rallying-cry to mobile carriers to act fast and work with vendors to protect their customers and their networks,” said Mark Windle, director of Mavenir, a Texas-based network partner for major telecommunications service providers.

“The industry at large needs to go beyond simple measures such as two-factor authentication, to protect mobile users and their data, and invest in more sophisticated mobile security,” Windle added.

While the Washington Post and Forbes magazine previously reported that intelligent agencies and defense contractors are known to boast related capabilities, the widespread adoption of SS7 exploitation by the cybercriminal underground remains to be seen.

“We have known about this issue for sometime but despite warnings, institutions have adopted text messages for 2FA because its cheap. Its another chapter in the same saga when there is a choice of free/cheap and spending a little more and protecting users, free/cheap wins all the time,” said John Bambenek, a threat intelligence manager at Fidelis Cybersecurity. “The reality is that its 2017, we are even more dependent on our technology, mobiles devices, and tablets and we simply have not taken the time to figure out and implement a way to have effective authentication online.”

In March, just two months ago, Oregon Sen. Ron Wyden and California Rep. Ted Lieu sent a letter to Homeland Security Secretary John Kelly requesting that DHS investigate and provide information regarding the impact of SS7 vulnerabilities to U.S. companies and governmental agencies.

Kelly has not responded to the letter from the two Democrats, a spokesperson for Wyden told CyberScoop.

 cyberscoop.com 8 May 2017

Monday, May 29, 2017

Stories that make you laugh




While the U.K's politicians may have a hard time implementing (proposed?) laws to dish out a death sentence to suicide bombers, in Australia the laws of nature are sometimes more effective ...