Apr 25, 2018

Verge And PornHub MAKE HISTORY!



It finally happened. Verge talked a big game, claiming to announce the biggest partnership in the history of cryptocurrency. A lot of the haters and doubters scoffed, but XVG truly meant business. Now that this crypto is joining forces with PornHub, they are truly an unstoppable force, inevitably poised to surpass even Bitcoin. What a time to be alive.

Apr 24, 2018

How Can Blockchain Prevent Fraud in Payment-Processing Services?

What Is Payment Fraud?

With the growing popularity of online marketing and business, we are unfortunately facing new types of fraud. Fraud in payment-processing services is one of the most significant threats to all e-commerce markets, as its main working principles are based upon online transactions. It involves identity and private property theft, or illegal takeover of an individual’s payment information to make purchases or remove funds. To eliminate it, companies are setting up fraud detection using blockchain technologies.

In 2017, the global fraud detection prevention market was valued at $16.8 billion U.S. Areas in which fraud detection and prevention are applied include insurance claims, money laundering, electronic payments, and banking transactions, both online and offline.


When discussing deceitful schemes in payment processing, we should stress that the most common type of scam involves credit cards. As stated above, criminals use a stolen card or card details to commit illegal purchases or transfer money. The customer whose data is stolen may file a report, and, after numerous transactions, receive the money back. In the case of an illegal purchase, a retailer or business is penalized, and loses its money. Therefore, it is crucial to take action to protect your commerce from these types of losses.

Use Blockchain to Prevent and Detect Fraud

The principles of blockchain technology allow people to keep an open, transparent, cryptographically encrypted record of all kinds of transactions committed between two pseudo-anonymous parties. As this record is maintained in an absolutely decentralized manner, it is independent of local authorities and banks. Therefore, it is difficult to tamper with. Actions like double spending, a common problem in digital money transactions, are difficult to commit due to a consensus protocol that provides trust. Because the permanency of blockchain technology stores information privately between parties, it provides better security. And in case you need better security for your company, the Applicature team of experts can help you set up blockchain technology for fraud detection.

Blockchain offers a wide range of opportunities, and a great number of companies use it to gain financial security. According to Statista surveys, 23% of companies are using this technology to prevent scams, and for security clearance. This percentage comes in second to those who use it for international money transfers.


Advantages of Blockchain Technology in the Prevention of Payment Fraud


It is possible to detect and prevent illegal activities in payment processing without people’s involvement by using the following features that stop fraud with blockchain:

  • Permanence. It is impossible to disable the system, as it functions on various devices worldwide at the same time. All of the gadgets storing the complete history of transactions cannot be hacked at once. 
  • Transparency. As a chain with distinct blocks, the system keeps a record of all transactions in each of these blocks. If any corrections or additions occur in these records, they are to be verified and checked in the whole system of block validators, which are machines with strict rules that must be complied with. Any illegal interference will be noticed promptly, and the involved parties will be disabled from making such transactions. 
  • Immutability. Blockchain provides significant benefits for fraud detection. As soon as a record is entered into the system, it cannot be deleted or forged. 
  • Cryptography. Blockchain technology employs widely-adopted cryptography protocols that protect users’ identity. Validation and confirmation are possible only with unique digital signatures. This information cannot be tampered with or recreated by anyone due to the random nature of its creation. 
  • Postponed payments and multisignatures. If you need to pay for a certain product but do not trust the seller, Blockchain allows you to use multi-signature transactions for postponed payments. In this case, the seller receives money only when the buyer gets his goods. Delivery service (or any other trusted party) can act as an additional level of arbitration that assures the buyer has the funds and the seller sends the goods.

Though blockchain technology provides better security, it cannot protect against hacking into your digital wallet or identity theft on its own. It should be stressed that in order to increase protection, blockchains use the additional help of machine-learning capabilities. This technology works like an additional layer, analyzing the algorithms and models of users’ behaviour. For instance, personal data might be stolen or used, but no one can copy someone’s personal behaviour pattern fraudulently, as it is absolutely unique.

Blockchain fraud detection uses startups like Feedzai to provide safety solutions in the cryptocurrency community. Feedzai uses machine-learning technologies and information science to keep commerce safe.


So, if you want to secure your digital identity and prevent it from being tampered with, blockchain technology will protect against fraud cases like these. To sum up, your personal information should be placed in a blockchain framework accessed only by authorized participants who can verify and ensure its validity. Though thefts in payment processing still occur, it is very important to use special blockchains designed for businesses and users working with machine-learning software. Such technologies are designed to be resistant to vulnerabilities, and grant you greater security.

Apr 23, 2018

How to transfer files faster than 10Mbps in Windows

At my day job we have a disaster recovery (DR) site a few thousand miles away. Between our main data center and our DR site, we have a 100Mbps dedicated transport link. It's used to transfer files, and be the path for database mirroring etc.

One problem that we noticed was that when we needed to copy large files, it would take forever. We would use your typical SMB/CIFS share and copy files. What we noticed was that although the transport link was 100Mbps, our NICs were 1Gbps and our local switches are 1Gbps switches, we would still only see file transfers at around 10Mbps.

That's just not good enough. Especially when you have a lot of large files you need to copy relatively quickly. I'm talking hours not days here anyway.

Well to solve this problem, I remembered the good old fashioned Robocopy! In fact, the latest versions of Robocopy, that now comes pre-installed in Windows servers by the way, has a multi-thread feature!

To max out our 100Mbps transport link, I set the threads with my Robocopy to 20 and BAM! We were sending files at close to 100Mbps!

The command I ran was:

robocopy "C:\Source" "\\DestinationServer\Destination" /mt:20 /E /V /ETA /R:2 /W:5 /R:10

Pretty simple right? The /mt switch is where you can adjust the threads used.

I've seen lots of forums and posts with people talking about copying over Windows shares being limited to 10Mbps. Using Robocopy is certainly one effective workaround!

Do you know of a different way to maximize throughput when copying files in Windows? Let us know in the comments!

Apr 18, 2018

6 Ways How Business Can Use a Live Video Streaming App

Video is the content people are ready to consume for hours and hours. You and your business can definitely benefit from it, and in this article we will tell you, what you can use video for.

Already, big social networks and video services acknowledged its power. Netflix shows the extreme boost, and social networks get their users addicted to live streaming apps. Facebook, Instagram and other have also successfully onboarded this wave by opening their own streaming capabilities to the world, and saw the rapid growth immediately.

Some businesses create a video streaming app and use it as a marketing tool. 

Here are some numbers:

  • The views of branded content has increased 99% on YouTube… And 258% on Facebook! 
  • By 2019 80% of all internet traffic will be associated with videos.

As you see, promotion with the help of videos is very effective and will make your current and potential customers care for what you have to offer. However, in this article we will talk specifically about live video streaming. Why?

The main reason is that live streaming is even more effective. According to Tubular Insights, people spend 8 times more on live streams than on regular on-demand videos.

You may wonder, why is it so? From the first sight, it may seem that on-demand videos must be more popular, as people can see them whenever they have time. Live streams, on the other hand, are available only when they are being recorded, and some life issues can come in way.

However, live streams are really more engaging, because they are exclusive and they allow to talk with the viewers in real time via comments.

Here we’ll talk about the ways you can use live streaming for your business, and the best practices of connecting to your customers via broadcasting.

1. Host Webinars




Webinars are always popular. Share your knowledge with people and thus prove yourself an expert, and make your customers more loyal to what you do. Webinars can be either paid or free. The best practice is to host free ones, if your business hasn’t gained fame and reputation yet: this way you’ll be able to get more customers to watch you.


Paid webinars are a great option for companies that are already rather famous in their sphere, and customers already know something about them.

2. Host Q&A Sessions




Q&A sessions are the best way to add some personal touch to your business, to show that behind your logo and a website there are humans that are ready to help. Q&A sessions are great to reply to some concerns your clients might have, to educate them and to show how you work.

You can prepare to such session and gather all frequently asked questions. Another way to do it is to answer questions from comments or tweets with a hashtag in real time.

3. Stream Live Events



A conference or some other important events in your company are a great reason to take your smartphone and launch a live streaming app. Go ahead and show your customers how your company evolves and how your employees gain new experience. 

Live events are a great reason to stream them, whether it’s a presentation of a new products somewhere at the conference or a meeting with celebrities. Make your viewers feel like they are present there, don’t forget to react to their comments and show the best moments of the event.

4. Host an Interview




Interviews with experts and influencers are the best way to get viewer attention, as they will enjoy seeing someone they already know. The main thing when you host an interview is to make it lively and interesting. You really need to work on those questions you’re going to ask, and switch between topics frequently enough to avoid boredom and repetitiveness.

5. Show what’s behind the curtains




Don’t let your customers see only what you would normally show. It is important that you keep your broadcasts informal. Show how your business works on the inside, let customers meet those people who work for them every day to deliver the best service.

You can also show some details of your product creation process. People may enjoy what they get, but what really makes you unique in their heads, is your story. Make your brand personal and alive, and people will appreciate it.

6. Share Important News




Today people will prefer to watch a branded video or enjoy a live stream from a company than read a text, so the best way to tell your customers about any changes or new products in your company is to host a live broadcast and then make it available for later.

These are six ways you can make your business more memorable for customers with the help of live streaming.

Final Thoughts


The greatest thing about using live video streaming app for business is that you don’t need a production team and a big marketing budget to broadcast - just grab your Android or iOS device and think about things you’re going to share. Live streaming doesn’t have to be official or perfect - the most important thing about it is your open attitude and a genuine wish to share something awesome.

You can use any platform or social media on your phone to share live streams, but if you already have your own mobile app, you can add live streaming functionality to it. A mobile development company like Mobindustry can help you with that.

If it corresponds to your business model, you can also create an additional source of income by providing paid webinars with useful information that will educate the viewers.

Find your own creative ways to benefit from live broadcasting: it is definitely worth a shot!


Apr 17, 2018

Learning computer coding opens up 'endless world' for these kids



In this episode of PBS News Hour a nationwide computer science immersion program sets up shop at a couple Virginia elementary schools. The program is called Code To The Future.


Apr 16, 2018

Ransomware Detection Methods

Ransomware is undoubtedly the biggest threat among modern day malware. Since the advent of CyrptoLocker in 2013, the number of yearly attacks has been constantly on the rise. The first quarter of the previous year has seen two biggest ransomware attacks ever in the face of WannaCry and NotPetya.

According to data, presented by eSecurity Planet, the number of ransomware attacks for the first quarter of 2017 has increased on 62% as compared to 2016. The number of detected ransomware has increased on 2000% in 2017, as compared to 2015.

According to Barkly, roughly 60% of all malicious payloads detected in the first quarter of 2017 have been ransomware.

The number of mobile ransomware has also increased dramatically over the past year. According to Kaspersky, in the Q1 of 2017 218,265 new types of mobile ransomware have been discovered. Ransomware have also been exploding on the dark web, with new strains constantly being created for sale. The new model, called ransomware-as-a-service has become popular, where all you need to do is simply pay, and you will get a ready-to-use ransomware that you can start distributing via a botnet in a couple of clicks.

Ransomware has also been increasingly targeting more and more businesses as of late as opposed to individuals. The question then is what can be done about it? When ransomware initially appeared, there was no good way to combat it. CryptoLocker public-key encryption was basically impossible to break, and beyond just regular backups there was little you could do. But even if infection meant that operations within your company were halted only for a couple of hours, it still could mean huge lost profits. Ideal scenario – is to detect ransomware attack early and stop it completely

What is ransomware

Ransomware is generally defined as malicious software, designed to extract ransom from users based on restricting their access to their own data. The most popular way to restrict access to user data is to encrypt it, and thus, ransomware that uses encryption techniques is called Crypto ransomware. Such ransomware usually employs sophisticated public-key cryptography that is impossible to crack and goes for certain types of files that is supposed to be the most valuable to the user, such as text documents, images and specialized formats.

However, encryption-based ransomware is not the only type of ransomware there is. Other types also exist, called:

  • Locker ransomware – this type is designed to block user’s access to the system or certain specific applications. Ransomware like that either replaces the desktop with a custom one, making it unavailable, or targets popular apps like browsers by modifying certain files.
  • Scareware – ransomware that uses scare tactics in order to force users into paying ransom. Often uses social engineering and other similar tactics in order to make users pay. One of the most common tactics is to display a message from supposedly law enforcement that includes personal information such as location and name of the ISP provider, making the message more believable. The message will demand a “fine” for certain made-up offense, such as copyright infringement or watching child pornography, and threatens user that if they refuse to pay they will be jailed.
  • Fake ransomware – many modern ransomware strains don’t even bother encrypting user’s data. Instead, they just delete it right away, creating a bunch of dummy files in order to fool the user into thinking that their data is still recoverable. Since it is impossible to distinguish fake and paid ransomware, it is always best to never pay ransom, unless the situation is actually critical.

How ransomware works

There are several ways that ransomware uses to get into your system. The most popular one is using infected spam emails, that are usually distributed by vast networks of botnets. Such an email will usually contain a message that uses social engineering techniques in order to prompt the user to click on an infected link or download the malicious attachment.

Another similar method of spreading ransomware is infected adverts on the net. Once the user clicks on the advert, a malicious JawaScripts starts running, downloading a payload on the user’s PC. Beyond that, ransomware can also be spread on removable drives, or self-propagate via a network by searching for open ports and unprotected connections.

Perpetrators will also use exploit kits in order to leverage known vulnerabilities and get ransomware into your system. Once there, it will phone back (usually, without encrypting network traffic), and then start looking for certain types of data to encrypt. After the data has been encrypted, a ransom note is displayed.

Ransomware uses various techniques in order to protect yourself from being detected or analyzed, including obfuscation and system mapping, designed to distinguish between real system and a honeypot.

How to detect ransomware

While there are ways to mitigate or even prevent some ransomware infection (making regular backups and keeping your system updated), it is always best to have capabilities to detect infection as it happens and be able to prevent any damage.

Traditional malware detection methods rely on known signatures, proving extremely effective against known malware, but almost completely useless against unknown strains. Considering the number of ransomware variants that pop up every day, it becomes clear that signature-based detection is not enough to establish reliable protecting.

Thus, behavior-based detection is often used, aimed at detecting not the malicious file itself, but rather certain attributes and behavioral indicators, that can point to a specific file as being malicious. Such behavior-based detection is supported by advanced data mining and analysis technologies, including machine learning algorithms able to go through large quantities of data and detect anomalies in real time.

When it comes to ransomware, key behavioral indicators include:

  • Encryption API – the majority of ransomware skips reinventing the wheel and just uses already available encryption APIs for encrypting user data. Often times, standard Windows functions, such as CryptEncrypt are used. And while the use of said function can’t reliably point to a ransomware by itself, it can be combined with other indicators to make detection more reliable
  • File type change detection – data within each file can be described via a specific signature. Mass changes in file signatures can be used to detect mass file type changes, which can be taken as an indicator of malicious mass file encryption.  
  • Comparing similarities between different versions of the file – another indicator of the file being encrypted is when there are significant differences between the new and old version of the file. If significant differences in hash functions of many files have been detected over a short period of time, they can indicate ransomware infection.
  • Moving, renaming or deleting files – monitoring changes to Master File Table can lead to the discovery of ransomware. When encrypting files, ransomware often changes the flag of the original file in the table, thus deleting it and overwriting with the encrypted version. Mass changes to the status of many files on the table can be indicative of ransomware infection.
  • System mapping activity – ransomware will check certain system parameters in order to make sure that the targeted endpoint is valid. It can be something as simple as checking a location and language settings and searching for certain file types, or full system mapping. Any such activity can serve as an indication of ransomware.

These are only some indicators that can be used in ransomware detection. Depending on the ransomware type, you may need to detect system locking activity, such as creating a new persistent desktop, rather than any file operations. Also, ransomware files can be scanned for things like ransom note text, while network communications can be checked for an attempt of ransomware to connect to the server.

However, it is worth remembering that any single one indicator cannot be reliably used for detecting ransomware. It’s only when several indicators are detected together that the behavior analysis system can reliably pinpoint malware.

Behavior analysis systems like this have become the backbone of next-generation anti-viruses and other anti-malware systems, aimed at catching not only ransomware but also other elusive threats, such as compromised accounts, fileless malware, insider threats and fraudulent activity, etc.

Protecting yourself from ransomware

Ransomware protection is not something that you can set and forget. Instead, it’s a layered, continuous process, that involves multiple different types of controls. Having a reliable detection tool is great, but it can only get you so far. Beyond that, you also need to make sure that your software is always up to date and that you always have backups ready in case attack wasn’t caught early.

Filter network traffic, block ads in corporate browsers, and prohibit email attachments in order to minimize the possibility of getting infected. Also, you should make sure that your employees are educated on the dangers of spam emails, social engineering, and compromised accounts, and that they thoroughly follow all security policies that are enacted in your company.

Remember, while combating ransomware initially looks hard, it will allow you to strengthen your general security posture, and it will immensely help you when it counts the most – when your data is under threat.

Apr 13, 2018

How to brute force RDP, FTP, Telnet and HTTP With Hydra



In the above video (Sorry, it's one of those annoying ones with no commentary or sound) we see how someone could use the THC-Hydra utility built into Kali Linux to brute force RDP, FTP, Telnet and HTTP. The truth is, you can actually brute force all sorts of protocols with it, including SMTP.


Apr 12, 2018

How To Use Rufus To Create A Bootable USB Drive

Rufus is an "online" tool used on Windows systems to help create bootable USB drives.

The system has been created to give people the opportunity to put pre-compiled images (ISO files) onto a USB drive, making it bootable. Freely distributed, it's mostly used to put systems into USB format, including the likes of Windows 10 and various Linux variants.

The point of the system revolves around the bootable feature. Bootable USB drives require an EFI "partition" to be created on the drive in order for the "boot" to be recognized by Windows. Simply copy/pasting the ISO file's contents onto the drive will not do this. This has made the use of a tool such as Rufus is often regarded as essential in the modern computing landscape.

The way the system works is by combining two important elements - the ability to write / copy the contents of ISO files onto a USB, and the ability to format the drive to suit. The formatting part is vital because it means that you're able to essentially put any type of data onto it (regardless of the source); the ability to write/copy files is important because it allows you to add files from any location.

When you load up Rufus, you have a number of options. The most important is that you're able to select an ISO (or some other content) that you wish to put onto the drive. The most important thing to realize with this is that there are a number of "pre baked" solutions you can use, one of which being "FreeDOS".

FreeDOS is essentially a clone of MSDOS that was distributed for free. In the absence of any bootable media for you to put onto a USB, you can use FreeDOS to perform disk utilities (such as fdisk) - a good set of computing utilities that not many people are familiar with. On top of this, you're able to specify which file system the drive uses as well as whether it uses "quick" formatting or not etc.

The reason this is important is because it gives you the ability to manage the various underlying ways in which you're able to manage different hardware components a system may have. This also means that you're able to identify any potential issues that could be preventing a system from booting.

I most recently downloaded a version of Windows 10 (1709) as an ISO. This was around 4GB, which was too big for any DVD's - meaning I had to put it onto a USB drive that had the required capacity. Without any native support for this in the Windows I was using, I had to turn to Rufus - and it worked extremely well.

Apr 11, 2018

Comparision of SAAS, PAAS & IAAS

There are usually three concepts of cloud service, Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS). Whether it is IaaS, SaaS, and PaaS, each has its own intricacies, but today we're going to help you to differentiate SaaS, PaaS, and IaaS.

SaaS - Software-as-a-Service is generally charged depending upon the number of users and charges are recurring monthly or yearly. Companies have the choices to add or remove users at any time without additional costs. Some of the most well known SaaS solutions are Microsoft office365, SalesForce, Google Apps. It is a responsibility of SaaS provides to manage Server, Network, and Security related threat intern it supports organization to reduce the cost of software ownership by removing the need for technical staff to manage install, manage, and upgrade software, as well as reduce the cost of licensing software.

PaaS - Platform-as-a-Service, A cloud service, typically providing a platform on which software can be developed and deployed in short it provides a platform to the software developer.

PaaS decreases the amount of coding required, automates company policy and aids the migration of apps to hybrid clouds. With PaaS, users can better manage servers, storage, networking and operating systems in general. All apps built using PaaS include characteristics of the cloud, such as scalability, availability, and multi-tenancy. In addition, it is quicker and cheapens the process of creating, testing and launching apps.

PaaS is utilizing the infrastructure services and add software platform services to it. The basic idea is to help the application developer to his core strength and relive him from dealing with the application hosting platform. PaaS providers are more responsible for dealing with servers and their major role is to provide clients an environment in which the operating system and server software, as well as the server hardware and network infrastructure, are taken care of. This helps users to focus on the business side of scalability, and the application development of their product or service.

IaaS - Infrastructure-as-a-Service - A cloud service that enables users to get access to their own infrastructure - computers, networking resources, storage. These can be typically virtual resources but could be real, physical resources as well.

This is the most basic of the service offerings. The service provider has to take care of these devices or virtual machines including all their services they depend on, e.g. networking, hardware or operating system patches. This basic service is interesting for a number of uses especially for highly customized software which cannot work on PaaS or even cannot be fulfilled by SaaS. The disadvantage is that for this service the user must have appropriate experts for all lower level technologies like operating system and more. This kind of service offers a greater flexibility for any online software but also demands deeper a higher amount of technical skills in the different area.

Many IaaS providers now offer databases, messaging queues, and other services above the virtualization layer as well. Users get benefited with IaaS as they get bare metal infrastructure on top of which they can install any required platform.

With this article, we hope to outline what is Cloud computing, how we use it and how it can help our clients to get benefited from it.

Apr 10, 2018

Free Cloud Based WAF Up To 4GB Of Bandwidth

The other day I was looking at potential alternatives to Incapsula. I've been using them for quite some time, but I've had plenty of issues with them over the years. On top of that, they pretty much charge an arm and a leg if you are hosting multiple websites.

Well, I may have found a decent alternative. It's called CloudBric! Here is what they are offering per their feature page:
Web Application Firewall:  
Cloudbric blocks all kinds of web attacks accurately and quickly with the industry-leading logic based analysis detection technology, powered by Penta Security Systems. 
DDoS Protection: 
Cloudbric mitigates and blocks DDoS attacks which attempt to exhaust resources and make websites inaccessible. 
SSL Certificate: 
Besides detecting and blocking malicious traffic, Cloudbric also provides free SSL certificates that encrypt communication between all visitors and the web server.
They also recently announced a console upgrade that allows cloud load balancing. One thing that I don't see that they offer though is CDN/Caching abilities. If that's not important to you then I think it's worth checking out.

The best part is that it is free for up to 4GB of bandwidth per month. Over that, and here are the prices:



If you are struggling with DDoS issues, but are constrained by budget, I certainly think CloudBric is worth looking into.

Apr 9, 2018

What it’s like to be a network engineer, translated into normal people speak

My friend Brendan sent this to me the other day on Facebook Messenger and I thought it was so hilarious and true that I had to share it here on Bauer-Power. I'm not sure who originally wrote this, but after having worked in IT for the last 13 years, I can say that without a doubt it is very accurate! Sadly, the accuracy is what makes this so funny and... well, sad at the same time!

Check it out:

  • User: I think we are having a major road issue.
  • Me: What? No, I just checked, the roads are fine. I was actually just on the roads.
  • User: No I’m pretty sure the roads are down because I’m not getting Pizzas.
  • Me: Everything else on the roads is fine. What do you mean you aren’t getting Pizzas.
  • User: I used to get Pizzas when I ordered them, now I’m not getting them. It has to be a road issue.
  • Me: As I said, the roads are fine. Where are you getting pizzas from?
  • User:…I’m not really sure. Can you check all places that deliver pizzas?
  • Me: No I’m not even sure all the places that deliver pizza. You need to narrow it down.
  • User: I think it’s Subway.
  • Me: Ok I’ll check…No I just looked and Subway doesn't deliver pizzas.
  • User: I’m pretty sure it is Subway. Can you just allow all food from Subway and we can see if Pizza shows up?
  • Me: Sigh, fine I’ve allowed all food from Subway, but I don’t think that is the issue.
  • User: Yeah I’m still not getting pizza. Can you check the roads?
  • Me: It’s not the roads, the roads are fine. I’m pretty sure Subway isn’t the place.
  • User: Ok I found it, its Papa Johns.
  • Me: Ok I looked and Papa Johns does deliver pizza. Is it the local papa johns or one in a different town?
  • User: I don’t know. Can you allow pizza from all Papa Johns to me?
  • Me: No I can’t do that. Can you get me an address for Papa Johns?
  • User: No, I only know it as Papa Johns. Can you get me all the addresses of all Papa Johns and I’ll tell you if one of them is correct?
  • Me: No I don’t have time for that. Ok I looked at the local one and it looks like they have sent you pizza in the past and they are currently allowed to send you pizzas. Try ordering a pizza while I watch.
  • User: Yeah still no pizza. I’m guessing they are getting blocked at the freeway. Can you check the freeway to make sure they can get through?
  • Me: NO this is a local delivery. They aren't even using the freeway.
  • User: Ok, well then it has to be a road issue.
  • Me: NO the roads are fine. OK I just drove from the papa johns to the address they have on file for you and there is nothing there.
  • User: Hmm, wait we did move recently.
  • Me: Did you give your new address to Papa johns?
  • User: no, I just thought they would be able to look me up by name.
  • Me: No they need your new address. What’s your new address?
  • User: I’m not really sure. Can you look it up?
  • Me: sigh, give me a second…Ok I found your address and gave it to Papa Johns. Try ordering a pizza now.
  • User: HEY PIZZA JUST SHOWED UP!
  • Me: Ok, good.
  • User to everyone else they know: I apologize for the delay in the pizza but there was a major road issue that was preventing the pizza from getting to me. The network engineer has fixed the roads and we are able to get pizza again.
  • Me: but it wasn’t the roads…whatever.
  • User: oh can you also check on an issue where Chinese food isn’t getting to me? I think it may be a road issue.
What do you think about this? Accurate or what? Let us know in the comments!

Apr 6, 2018

$89 Linux Based Notebook?

The other day I was browsing through YouTube and came across this video talking about the Pinebook, which is an extremely affordable notebook for only $89! Why so inexpensive you ask? Well, for one thing it comes with Linux!

Check out the video:



Now the Pinebook comes from a company called Pine64. Here is a description of from their page:
PINEBOOK is an 11.6″ or 14″ notebook powered by the same Quad-Core ARM Cortex A53 64-Bit Processor used in our popular PINE A64 Single Board Computer. It is lightweight and comes with a full size keyboard and large multi-touch touchpad for students and makers. 
As a new open source platform, Pinebook development is an ongoing process and represents a great opportunity to get involved with computing on a different level, to customize and personalize the portable computer experience, to understand what is going on beneath the surface. Your input can help shape and define what a Pinebook can be.

Here are the specs:

CPU : 1.2GHz 64-Bit Quad-Core ARM Cortex A53
RAM : 2 GB LPDDR3 RAM Memory
Flash: 16 GB eMMC 5.0 (upgradable up to 64GB)
Wireless : WiFi 802.11bgn + Bluetooth 4.0
USB 2.0 Port : 2
MicroSD Card Slot : 1
Mini HDMI : 1
Headphone Jack : 1
Microphone : Built-in
Keyboard : Full Size Keyboard
Touch-pad : Large Multi-Touch Touchpad
Power : Input: 100~240V, Output: 5V3A
Battery : Lithium Polymer Battery (10000mAH)
Display : 11.6" or 14" TN LCD (1366 x 768)
Front Camera : 0.3 Megapixels
Dimension : 11.6" : 299mm x 200mm x 12mm (WxDxH)
14" : 329mm x 220mm x 12mm (WxDxH)
Weight : 11.6" : 1.04 kg (2.30 lbs)
14" : 1.26 kg (2.78 lbs)
Warranty : 30 days

With only 2GB of RAM, and a 1.2Ghz processor, I can't imagine this thing being that "zippy" even if it is running on Linux. That being said, it does look pretty cool.

Either way, I'm curious what you think about it. Let us know in the comments!

Apr 5, 2018

New Acorns Chrome Extension Helps You Earn "Found Money" Easier

For those of you out there that follow Bauer-Power fairly regularly, you know that I'm a personal fan of the Acorns investing app. I use it in conjunction with the Dave Ramsey "baby steps" and I think it's the easiest way to save money. Period!

I've also mentioned in the past their "Found Money" feature. Basically, if you shop at certain online retailers (Like you would be doing anyway) a small percentage of your purchase gets re-invested in your Acorns account! It's pretty awesome if you ask me!

Well, Acorns just released a Chrome extension to make earning "Found Money" even easier! It's the Acorns Found Money extension! From the extension page:
Found Money by Acorns allows you to earn money for your future from 50+ brands automatically! Just activate an offer through our free Chrome extension or shop directly from the Acorns app, and our partners will automatically invest in your Acorns account.  
To date, our Found Money partners have invested over $2 million in Acorns customers automatically!


Once the extension is installed, you just need to make sure you are logged into your Acorns account when you shop at the authorized online stores. That's it! Simple!

Are you an Acorns user? Let us know what you think about this in the comments!



Apr 4, 2018

10 Awful "Dad Jokes" About Computers

Oh boy do I love a good "Dad Joke"! In fact, for those people who are friends with my on Facebook, they see me posting stupid jokes every night when I have my kids. That's because I like to write silly jokes on note cards and pack them in my kids lunches so they can read them at lunch the next day at school. It's my little way of saying I love them I guess.

Anyway, I thought I'd put together a list of 10 really bad jokes about computers! Hey, maybe you'll think they are funny enough to share with your friends! Or, better yet, maybe you are a dad too and want to share these with your kids! Either way, I hope you enjoy them!











Well, those were certainly awful weren't they?!

Still though, I hope you enjoyed them! Feel free to share them individually or better yet just share this whole page with your nerdy computer dad friends out there!

Apr 3, 2018

Bauer-Power now has SSL/TLS Support

You may have noticed recently that Bauer-Power is now encrypted! That's right, Blogger, the platform we've been using since we started has finally started supporting SSL/TLS for sites that use custom domain names!

If you have a Blogger site, you can turn this on yourself under Settings > Basic:


The SSL certificate that gets generated come from the free certificate authority, Let's Encrypt!


So how is Blogger's SSL implementation? It's not too bad actually. After enabling SSL, I ran a scan using SSLLabs.com and they gave the setup an "A" rating.


One thing to note, after you enable SSL you may have to go through the code of your template, and replace anything with http to https in order for your site to be fully secured with your new certificate!

What do you think about this new feature? Let us know in the comments!

Apr 2, 2018

Top Rated App Tracks and Monitors Your Sleep in Bed

Sleep is a big part of lives; we spend about a third of our time doing it. Well, at least that is the recommended dosage according to sleep experts. Counting ZZZ’s forms a part of our everyday routine and is the cornerstone of a healthy and balanced lifestyle. Getting the right amount and quality shuteye ensures for better memory, higher fertility rates among men, improved concentration and memory and healthy relationships with our families and friends.

Before bedtime, most of us tend to favor watching TV or using our smartphones to unwind. But this is the wrong thing to do. First of all, the artificial light emitted from screens tricks our bodies into thinking it is daytime, disrupting the circadian rhythm that acts as our internal clock, distinguishing between day and night time.

The above was enough incentive for me to seek out some of the best methods to safeguard better shuteye. And what better way to that than to identify what it is that affects quality sleep. I needed to find out what amount of sleep constituted the optimal work-life balance, enhancing my performance.

For one, I discovered that a good mattress is the starting point. I needed the right surface to make sure that my shuteye remained unbiased by a lumpy bed. www.MatressMatchers.com helped me out with that. The other thing that I found was that there are a lot of really cool apps out there that will help you monitor your sleep. And I want to share a few of them with you. 


1. Awaken     

This app is user-friendly and has a simple design. The app aims to improve your sleeping habits as well as give you an edge in attaining better health and a more balanced lifestyle. Awaken is a sleep aid that induces you to sleep with soothing music and wakes you in the same style. Also, there is a meditation option to help distract your mind from the daily bustle and detract most people’s dependence on constant stimulation. Available for both Apple and Android devices 

2. Pillow

This is another app that caught my attention. Pillow only works on Apple devices and connects with Apple Health to track your sleep. This app tracks the sounds you make and your movements when asleep. Also, if you want to know whether you are a morning or a night person, Pillow will help you find out. 

3. Sleep Genius

Here’s a testimonial for you. NASA astronauts use Sleep Genius as the app of choice to monitor snoozing health. Not only that! Neuroscientists developed it into one of the best apps for sleep tracking. Available on both Apple and Android devices, it concentrates on providing you with the ideal amount of sleep and guides you through the much-praised catnap.   

4. Sleep Time +

If you want to wake up in the morning and find a ‘better you’ staring back at you in the mirror, give this one a shot. Download the app on either iTunes or Google Play and place your smartphone next to your bed and let the app do the rest. While you are asleep, Sleep Time + will analyze your sleep cycle, and the smart alarm clock will identify when your slumber is at its lightest, ensuring the optimal wake-up time.   

5. Pzizz 

The primary objective of this app is to relax you by playing pleasant sounds and music. Pzizz aims to solve insomnia by reducing stress and helping you unwind. Also a sleep cycle tracker and power nap planner, you can get this one for both Apple and Android smartphones.

Mar 30, 2018

Who accepts #Bitcoin? (Infographic)

Many people who are new to bitcoin, and cryptocurrencies in general only see the value of bitcoin as a store of value, or investment opportunity. No doubt this is due to the amazing bull run that bitcoin saw in 2017.

Those who have been in the space a lot longer remember a time when bitcoin was also used as a means of exchange. To tell the truth, it still is, although high network fees have turned people onto other means of exchange in the cryptocurrency space. Coins such as Litecoin, or Bitcoin Cash have faster transactions, and lower fees.

That being said, there are still quite a few organizations that accept payment via bitcoin. Here is a handy infographic that shows who accepts bitcoin!



[Via 16Best]

Mar 29, 2018

Top 10 Most Secret Data Breaches in the Cloud

Cloud systems are considered a safer place than on-premises models, but you still can’t be completely sure of the integrity of your data. Microsoft’s Security and Intelligence report revealed that the number of cyberattacks on clouds increased by 300% in 2017. When companies move their business to the cloud, they are at risk of compromising their sensitive data and losing their customer’s loyalty and business reputation. That’s why so many companies would like to hide the cases of data breaches in the cloud during many years after incidents occurred.
Here is a list of most secret data breaches that evidently shows the importance of protecting clouds against cyber attacks.

1. FedEx

In February this year, Kromtech Security Center disclosed data breach of FedEx, an American delivery company. FedEx stored personal data of their clients on an unsecured Amazon S3 virtual server. There were more than 100,000 scanned documents that included driver licenses, passports, and security IDs of the company’s clients. The unsecured server was previously owned by Bongo International, but FedEx acquired the company in 2014 and rebranded as FedEx Crossborder. After Kromtech’s disclosure, FedEx removed the server from public access ensuring that no data was compromised.

2. Microsoft

Data breach occurred with customers of Business Productivity Online Suite in 2010 wasn’t caused by malicious activity. It was a result of a configuration problem in Microsoft’s data centers. The problem allowed any users of the cloud service download the Offline Address Book with contacts of BPOS clients. Microsoft apologized and reported that they fixed the issue within two hours and asked illegitimate users to remove the files.

3. Salesforce

Salesforce.com, an American cloud computing company, was also appeared to be vulnerable to cyber attacks. In 2007, one of Salesforce employees became a victim of a phishing attack that resulted in disclosing their company credentials. After getting access to Salesforce’s client list, hackers arranged a highly targeted phishing scam by sending emails with fake invoices. In 2014, the company also detected a malware injection attack on its end-users aimed to steal their bank credentials.

4. Deloitte


In 2016, Deloitte, one of the largest accountancy companies, became a victim of hacker’s attack on the firm’s global email server stored in the Microsoft Azure cloud service. The hackers compromised the email base of 244,000 company employees through a privileged account that required only password-based authentication. As a result, attackers got unlimited access to the confidential data of more than 350 VIP clients.

5. LinkedIn

LinkedIn, the largest business-networking website, suffered from one of the greatest data breaches in 2012. The company disclosed that attackers compromised 165 million accounts. Nearly 6.5 million hashed passwords were posted on a Russian forum when LinkedIn forced their users to change passwords. However, there was no further investigation of the breach that also affected more than 100 million users with unsalted passwords by 2016.

6. Zappos

In 2012, Zappos.com, an online retailer belonged to Amazon, revealed details about its massive data breach that affected 24 million of customers. The hackers got unauthorized access to the company’s data center located in Kentucky. The compromised data included personal information, credit card numbers, and encrypted account credentials. One of the website customers even filled a lawsuit for the potential personal and financial harm.

7. Dropbox

In 2012, Dropbox accounts were compromised as a result of a spam attack. After hijacking usernames and passwords from other accounts, attackers used them to sign in to Dropbox accounts. Hackers also used stolen credentials to access an employee Dropbox account with the company’s client’s emails. Dropbox informed their users about the data breach and recommended to select new passwords. However, the consequences of this breach appeared in 2016 when hackers offered video-news site Vocative to buy 68 million Dropbox passwords for $1,100.

8. Apple iCloud

When in 2014, the nude photos of Kate Upton and Jennifer Lawrence spread over the Internet, celebrities thought that their phones were hacked. However, the source of data appeared to be the iCloud servers that backed up users images. The company conducted an investigation and revealed that the cloud servers were not compromised. Apple recommended its customers to use more secure passwords. Lately, a Chinese web monitoring group discovered that hackers arranged a man-in-the-middle attack to steal user credentials, messages, and photos.

9. Sony PlayStation Network

Sony data breach was one of the largest in the history as of 2008. Arranging a successful SQL injection attack on the company’s website, hackers gained unauthorized access to the subscriber’s personal information. Another attack on PlayStation Network and Qriocity services was arranged in 2011, but the company informed their subscribers about it only in a week after it abruptly cut access to its services. The company had a 77 million global subscriber database that included information about account credentials, home addresses, birth dates, and credit card data.

10. Yahoo

In 2017, Yahoo was revealed of becoming a victim of a massive cyber attack that compromised nearly three billion accounts with data about user’s names, telephone numbers, emails, and dates of birth. The breach occurred in 2013 and was allegedly arranged by an “unauthorized third party.” Another security incident with Yahoo was in 2014 when a “state-sponsored actor” stolen credentials of more than 500 million accounts. However, most of the passwords were encrypted and hashed with irreversible mathematical algorithms.

Conclusion

Cloud technologies can benefit businesses with optimized performance and costs, but the cloud security is now the biggest challenges in IT industry. While cloud providers constantly release security patches, cloud systems are still susceptible to attacks on web applications, account hijacking, and malware injection. Therefore, cloud users and cloud service providers should also think about taking security measures for the cloud. Only a shared responsibility for security in the cloud can help us take the full advantage of cloud opportunities.

By: Marcell Gogan

Mar 28, 2018

How to turn off Focused Inbox in Outlook

My company uses Office365, and I absolutely love it. I've managed in-house Exchange servers in my previous jobs, and having done that and having used Office365, I don't know if I could ever go back.

That being said, the other day I noticed that Office365 pushed out an update for my Outlook client that enabled what they call the Focused Inbox. If you are unfamiliar with that, here is a description from their support site:

Focused Inbox separates your inbox into two tabs—Focused and Other. Your most important emails are on the Focused tab while the rest remain easily accessible—but out of the way—on the Other tab.

My problem with this is that Outlook is the one determining what is important for me, and what isn't. I noticed that I wasn't seeing all of my emails, and that was kind of a pain in the butt for me. I decided to turn this feature off. The way Outlook was set before, you know pretty much since email was invented, works very well for me thank you very much!

To turn it off just do the following:

  • Click on the View tab in Outlook
  • Click on the button that says Show Focused Inbox

That's it. Now your inbox will be back in "old school" mode. You know, the mode that doesn't suck!

If users are complaining that they can't see all of their email, you might consider turning this off for them. Just a suggestion.

Mar 27, 2018

Office365: Your machine isn't set up for Information Rights Management (IRM)

The other day one of the executives at my day job sent out his monthly internal report via email. We have a rights protected message feature enabled when anyone puts a certain keyword in the subject line. Since these internal reports are confidential, the executive used the keyword.

Ever since setting this up, I haven't had any issues opening these files until the other day. I recently got a new laptop, so maybe that's the issue, but for some reason on this particular day when I went to open his email message I was greeted with the following error:


Your machine isn't set up for Information Rights Management (IRM). To set up IRM, sign in to Office, open and existing IRM protected message or document, or contact your help desk.

WTF man?!

Well, I was able to fix it, but I first had to close out of all Office365 applications (Skype, Outlook, etc) then open up Word, sign out of my Office365 account in the upper right hand corner, close out of Word, then open it up again and sign back into my Office365 account.

After that, opening the confidential email and document worked fine!

Did this help you out? If so, let us know in the comments!

Mar 26, 2018

Science with my son: Mentos and Soda Experiment



A few weekends ago my son and I decided to do the good ol' Mentos and Soda experiment for his weekly YouTube show, "The Adventures of Brizzle Fo' Shizzle"! It was a lot of fun, and we obviously made a huge mess out in the yard. If you've never dropped Mentos into a jug of cola, you are seriously missing out on life! Pro tip: It works best with diet cola according to "Myth Busters".


Mar 23, 2018

Corrupt OpenVAS PDF's in Ubuntu?

Yesterday I wrote about how I recently setup an OpenVAS/Greenbone server on Ubuntu, and how the guide I referenced for the install missed a few steps. Well, I found another one!

After getting reports to generate correctly, one thing I noticed was that exporting to PDF didn't work. I mean, I could download a file with a PDF extension, but when I opened it with my PDF reader, I got an error message saying it was corrupt!


What the hell man?

Well, searching around I did find this OpenVAS Wiki post talking about how to fix this, but it only gives examples of how to fix it in CentOS. Where's the Ubuntu love guys?

Well, to fix it in Ubuntu you just need to install the texlive-latex-extra package. You can do that by running:
  • sudo apt-get update && sudo apt-get install texlive-latex-extra -y
After that is finished, you can download and open PDF reports just fine!


Mar 22, 2018

OpenVAS/Greenbone Empty Reports in Ubuntu

The other day I stood up an OpenVAS server so I could run internal vulnerability testing in my environment. If you haven't heard of OpenVAS, here is a description from their page:
OpenVAS is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. The framework is part of Greenbone Networks' commercial vulnerability management solution from which developments are contributed to the Open Source community since 2009.
Well, I followed this tutorial on how to install OpenVAS in Ubuntu. However, after I was done and I ran some scans I noted that all of my reports were empty! Any of the reports I clicked on said the following:

0 results 
Empty reports can happen for the following reasons: 
The target hosts where regarded dead.
The filter does not match any result.
A very small or non-verbose scan configuration was applied
What the shit man? I knew the scans were working because my IDS was going batshit! Why no reports?

Well, it turns out the tutorial I followed missed a few steps. After installing OpenVAS, you need to run the following to update it's databases:
  • sudo openvas-nvt-sync
  • sudo openvas-scapdata-sync
  • sudo openvas-certdata-sync
Then you need to restart the scanner and manager:
  • service openvas-scanner restart
  • service openvas-manager restart
Now the critical part, and why my reports weren't showing up, you have to rebuild the OpenVAS database so the manager can access the NVT data:
  • sudo openvasmd --rebuild --progress
After doing that, I re-scanned my hosts and I now had the detailed reports I was looking for!

Mar 21, 2018

Free Utility To Analyze Blue Screens of Death (BSOD) in Windows

For some reason over the last month or so, my company has been experiencing a random string of Blue Screens of Death (BSODs). It turned out to be caused by a certain Microsoft update for Windows 10, but during the troubleshooting process my desktop tech mentioned a tool that I had never heard of before. It's called BlueScreenView!

From their page:
BlueScreenView scans all your minidump files created during 'blue screen of death' crashes, and displays the information about all crashes in one table. For each crash, BlueScreenView displays the minidump filename, the date/time of the crash, the basic crash information displayed in the blue screen (Bug Check Code and 4 parameters), and the details of the driver or module that possibly caused the crash (filename, product name, file description, and file version).  
For each crash displayed in the upper pane, you can view the details of the device drivers loaded during the crash in the lower pane. BlueScreenView also mark the drivers that their addresses found in the crash stack, so you can easily locate the suspected drivers that possibly caused the crash.
BlueScreenView is created by NirSoft, whose software I've written about in the past. I never knew about this particular tool until my desktop tech mentioned it though.

Here are some screenshots:



Pretty cool right? Hopefully this tool can help you figure out what's causing BSOD's in your environment!



Twitter Delicious Facebook Digg Stumbleupon Favorites More

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | stopping spam