Tag Archives: simple

Google location tracking continues even when turned off

Turning off Google location tracking may not be as simple as changing one setting to “off,” according to new research.

The unexpected Google location tracking behavior on Android and iOS devices was revealed by an Associated Press (AP) investigation and confirmed by computer science researchers at Princeton University. The issue was first raised in a blog post by K. Shankari, a graduate researcher at UC Berkley, in May 2018. Shankari kept note of prompts sent by Google to rate places or submit pictures to Google Maps, even though Google Location History was turned off on her device.

The AP investigation found that even with Google location tracking turned off, certain apps will take a timestamped snapshot of the user’s location and store that data when the user performs a search, opens Google Maps, or checks the weather.

The confusion stems from the different ways users have to control Google location tracking services. The Google Location History support page claims, “With Location History off, the places you go are no longer stored.” However, when turning off the Location History setting via a user’s Google My Activity page, a pop-up notes, “This setting does not affect other location services on your device, like Google Location Services and Find My Device. Some location data may be saved as part of your activity on other Google services, like Search and Maps.”

Turning off Google Location Services on a mobile device can cause apps to misbehave, so Google told the AP that the real fix for users would be to also turn off location tracking in Google’s “Web and App Activity” settings.

“Location History is a Google product that is entirely opt in, and users have the controls to edit, delete, or turn it off at any time. As the story notes, we make sure Location History users know that when they disable the product, we continue to use location to improve the Google experience when they do things like perform a Google search or use Google for driving directions,” a Google spokesperson wrote in an email.

Tim Mackey, technology evangelist at Synopsys, said this was an issue akin to saying “if my mother can’t figure out what it does, or how to turn it off, it’s too complicated.”

“The expectation of the consumer for an off switch is what matters most. Users wish their location be kept private indicate this preference through the Location History setting. That any given application might have independent settings for location related data is how an application developer or vendor approaches the problem,” Mackey wrote via email. “When we recognize that our digital footprint is effectively a personally identifying attribute, access to that attribute becomes more valuable. This is true for malicious actors who can use location information to determine not only patterns of behavior for their targets, but know when to best commit their crime. This is also true for law enforcement seeking to identify suspects following the commission of a crime. In each of these examples, the same location and identity data can be used for good or for ill to identify an individual.”

Web cache poisoning attacks demonstrated on major websites, platforms

Major websites and platforms may be vulnerable to simple yet devastating web cache poisoning attacks, which could put millions of users in jeopardy.

James Kettle, head of research at PortSwigger Web Security, Ltd., a cybersecurity tool publisher headquartered near Manchester, U.K., demonstrated several such attacks during his Black Hat 2018 session titled “Practical Web Cache Poisoning: Redefining ‘Unexploitable.'” Kettle first unveiled his web cache poisoning hacks in May, but in the Black Hat session he detailed his techniques and showed how major weaknesses in HTTPS response headers allowed him to compromise popular websites and manipulate platforms such as Drupal and Mozilla’s Firefox browser.

“Web cache poisoning is about using caches to save malicious payloads so those payloads get served up to other users,” he said. “Practical web cache poisoning is not theoretical. Every example I use in this entire presentation is based on a real system that I’ve proven can be exploited using this technique.”

As an example, Kettle showed how he was able to use a simple technique to compromise the home page of Linux distributor Red Hat. He created an open source extension for PortSwigger’s Burp Suite Scanner called Param Miner, which detected unkeyed inputs in the home page. From there, Kettle was able to change the X-Forwarded-Host header and load a cross-site scripting payload to the site’s cache and then craft responses that would deliver the malicious payload to whoever visited the site. “We just got full control over the home page of RedHat.com, and it wasn’t very difficult,” he said.

In another test case, Kettle used web cache poisoning on the infrastructure for Mozilla’s Firefox Shield, which gives users the ability to push application and plug-in updates. When the Firefox browser initially loads, it contacts Shield for updates and other information such as “recipes” for installing extensions. During a different test case on a Data.gov site, he found an “origin: null” header from Mozilla and discovered he could manipulate the “X-Forwarded-Host” header to trick the system so that instead of going to Firefox Shield to fetch recipes, Firefox would instead be directed to a domain Kettle controlled.

Kettle found that Mozilla signed the recipes, so he couldn’t simply make a malicious extension and install it on 50 million computers. But he discovered he could replay old recipes, specifically one for an extension with a known vulnerability; he could then compromise that extension and forcibly inflict that vulnerable extension on every Firefox browser in the world.

“The end effect was I could make every Firefox browser on the planet connect to my system to fetch this recipe, which specified what extensions to install,” he said. “So that’s pretty cool because that’s 50 million browsers or something like that.”

Kettle noted in his research that when he informed Mozilla of the technique, they patched it within 24 hours; but, he wrote, “there was some disagreement about the severity so it was only rewarded with a $1,000 bounty.”

Kettle also demonstrated techniques that allowed him to compromise GoodHire.com, blog.Cloudflare.com and several sites that use Drupal’s content management platform. While the web cache poisoning attacks he demonstrated were potentially devastating, Kettle said they could be mitigated with a few simple steps. First, he said, organizations should “cache with caution” and if possible, disable it completely.

However, Kettle acknowledged that may not be realistic for larger enterprises, so in those cases he recommended diligently scanning for unkeyed inputs. “Avoid taking input from HTTP headers and cookies as much as possible,” he said, “and also audit your applications with Para Miner to see if you can find any unkeyed inputs that your framework has snuck in support for.”

Simple Mini-ITX PC tower case

Simple, compact, black PC Mini-ITX tower case
USB3 header cable in place
All original wiring in place
Space for PSU
Minor scratching to top and side (barely noticeable)
Very good condition. Dust/smoke free environment.

Size: (H) 34cm x (D) 30cm x (W) 16cm
View attachment 1014416

View attachment 1014415

Price and currency: £22
Delivery: Delivery cost is included within my country
Payment method: Paypal FF, BACS
Location: Ealing, UK
Advertised…

Simple Mini-ITX PC tower case

Simple Mini-ITX PC tower case

Simple, compact, black PC Mini-ITX tower case
USB3 header cable in place
All original wiring in place
Space for PSU
Minor scratching to top and side (barely noticeable)
Very good condition. Dust/smoke free environment.

Size: (H) 34cm x (D) 30cm x (W) 16cm
View attachment 1014416

View attachment 1014415

Price and currency: £22
Delivery: Delivery cost is included within my country
Payment method: Paypal FF, BACS
Location: Ealing, UK
Advertised…

Simple Mini-ITX PC tower case

Simple Mini-ITX PC tower case

Simple, compact, black PC Mini-ITX tower case
USB3 header cable in place
All original wiring in place
Space for PSU
Minor scratching to top and side (barely noticeable)
Very good condition. Dust/smoke free environment.

Size: (H) 34cm x (D) 30cm x (W) 16cm
View attachment 1014416

View attachment 1014415

Price and currency: £22
Delivery: Delivery cost is included within my country
Payment method: Paypal FF, BACS
Location: Ealing, UK
Advertised…

Simple Mini-ITX PC tower case

Data protection news 2017: Security issues make headlines

Backup and data security became intertwined in 2017.

WannaCry ransomware and Amazon Simple Storage Service (S3) bucket leaks highlighted data protection news, forcing users and vendors to find new ways to protect data. Other data protection news showed shifts in technology and corporate strategy, such as two old-school backup vendors rolling out converged appliances, a billion-dollar-plus private equity transaction and a maturing vendor’s decision to split its CEO job in two.

WannaCry shines a light on ransomware, data recovery

The WannaCry attack that hit more than 100,000 organizations in 150 countries in May brought ransomware into the public conscience, and it also highlighted the need for proper data protection. As a result, backup vendors now routinely include features designed to help combat ransomware attacks.

That hasn’t stopped the attacks, though. Experts noted that ransomware attacks have become stealthier, and protection against ransomware is now more complicated. That means recovering data from such attacks is getting trickier.

News about WannaCry continued right until the end of the year, as well, when the White House in December officially blamed the North Korean government for the attacks.

See: WannaCry proves the importance of backups

U.S. blames North Korea for WannaCry

Cybersecurity experts expose leaky Amazon S3 buckets

Reports surfaced that corporations, small companies and government agencies have left terabytes of corporate and top-secret data exposed on the internet via misconfigured Amazon S3 storage buckets. Experts claim data was left vulnerable to hacking because access control lists were configured for public access, so any user with an Amazon account could get to the data simply by guessing the name of the bucket.

The list of firms affected by the data protection news included telecommunications giant Verizon, Dow Jones, consulting firm Accenture, World Wrestling Entertainment and U.S. government contractor Booz Allen Hamilton. Many in the IT industry blame end users for failing to click on the proper restricted access level on the buckets, but the publicity still prompted Amazon to build in new features to mitigate the cloud storage security problem.

Amazon added new S3 default encryption that mandates all objects in the bucket must be stored in an encrypted form. The vendor also added permission checks that display a prominent indicator next to each Amazon S3 bucket that is publicly accessible.

Still, reports of more sensitive data left exposed in unsecured storage buckets continued. In November, cybersecurity firm UpGuard reported it was able to access data in storage buckets belonging to the United States Army Intelligence and Security Command and the U.S. Central Command and Pacific Command.

See: Poorly configured Amazon S3 buckets exposed data

Don’t blame Amazon for S3 issues

Dell EMC, Commvault converge backup

Relative backup newcomers Cohesity and Rubrik had a great impact on data protection news in 2017, as stalwarts Dell EMC and Commvault moved down the converged backup path the upstarts have taken.

The Dell EMC Integrated Data Protection Appliance (IDPA) launched at Dell EMC World in May. The purpose-built, preintegrated system converges storage, software, search and analytics in one appliance, providing data protection across applications and platforms with a native, cloud-tiering capability for long-term retention. IDPA includes Data Domain data deduplication technology.

Commvault answered with its HyperScale appliance that puts the vendor’s HyperScale software on a scale-out storage system. The branded Commvault appliance marks a new direction for the vendor, which previously only sold software. Commvault has also partnered with Cisco, which rebrands HyperScale as ScaleProtect on the Cisco Unified Computing System. 

See: Dell EMC integrates backup technologies

Commvault hypes HyperScale

Barracuda becomes a private affair

In a deal that best represents data protection acquisitions in 2017, equity giant Thoma Bravo spent $1.6 billion to acquire publicly held Barracuda Networks and take it private. Barracuda is best known for its security products, but has steadily expanded its backup and disaster recovery platforms in recent years.

The Bravo-Barracuda data protection news highlighted a 2017 trend in the field’s acquisitions. Datto and Spanning also went the private-equity route during the year. Vista Equity Partners acquired Datto and merged it with Autotask, and Dell EMC sold off cloud-to-cloud backup pioneer Spanning to Insight Venture Partners.

See: Bravo takes Barracuda Networks private

Veeam tag-teams CEO role

Veeam Software has grown up so much it now takes two chief executives to run the company. Veeam split its CEO job in 2017, naming Peter McKay and founder Andrei Baronov co-CEOs. Baronov started Veeam in 2006 along with Ratmir Timashev, who served as CEO until 2016 and remains on its board. McKay came to Veeam in 2016 as COO and president.

The division of power calls for McKay to head Veeam’s “go-to-market,” finance and human resources functions, while Baronov handles research and development, market strategy and product management. William Largent, who held the CEO job for 11 months, is now chairman of Veeam’s finance and compensation committees.

See: Veeam shifts management, product strategy

Wanted – 2TB external HDD USB 3 or thunderbolt

Looking for a 2TB external HDD to use as a simple back up, for my backup on my Mac.

I can get one for £65 new off Amazon, but wanted to see if anyone has one going spare on here first.

Cash via BT waiting

Thanks

Location: Higher Walton, just outside of Preston

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Wanted – 2TB external HDD USB 3 or thunderbolt

Looking for a 2TB external HDD to use as a simple back up, for my backup on my Mac.

I can get one for £65 new off Amazon, but wanted to see if anyone has one going spare on here first.

Cash via BT waiting

Thanks

Location: Higher Walton, just outside of Preston

______________________________________________________
This message is automatically inserted in all classifieds forum threads.
By replying to this thread you agree to abide by the trading rules detailed here.
Please be advised, all buyers and sellers should satisfy themselves that the other party is genuine by providing the following via private conversation to each other after negotiations are complete and prior to dispatching goods and making payment:

  • Landline telephone number. Make a call to check out the area code and number are correct, too
  • Name and address including postcode
  • Valid e-mail address

DO NOT proceed with a deal until you are completely satisfied with all details being correct. It’s in your best interest to check out these details yourself.

Windows file server migration tool eases data transfer dread

websites. They’re just objects stored on a file system. So, why is it rarely simple to transfer a bunch of them?

A Windows file server migration should be straightforward. Windows admins have the xcopy disk operating system command, robocopy and the Copy-Item PowerShell cmdlet at their disposal, with a source, destination and even a Recurse parameter to find every item in all subfolders. But unforeseen issues always seem to foul up large file migrations.

IT professionals typically overlook two topics before they perform a large Windows file server migration: Microsoft’s New Technology File System (NTFS)/share permissions and open file handles. A typical scenario illustrates these concepts.

Say you’ve got a 500 GB file server with each employee’s home folder stored on the \FILESRVUsers file share. The IT department plans to map the folder as a network drive, via Group Policy Objects, on every user’s desktop. But when it’s time to move those home folders, things go wrong. It could be that the disk that stores the home folders is direct-attached. In that case, the admins must migrate it to a storage area network or transfer the data to a different logical unit number. All of that important data must move.

In this scenario, data isn’t just cold storage — this data changes every day. It also has a specific permission structure setup: Employees have full rights to their folders, managers have access to their employees’ folders and other miscellaneous NTFS permissions are scattered about. The organization depends on 24/7 availability for this data.

Commercial tools are available to aid in a large Windows server file migration, including Quest’s Secure Copy and Swimage. Microsoft offers the free File Server Migration Toolkit (FSMT), which recreates shares. FSMT is a great alternative to fiddling the switches in robocopy.

Use FSMT for file transfers

FSMT is a Windows feature, so the user installs it via PowerShell on the destination server:

Install-WindowsFeature Migration –ComputerName DESTINATIONSRV

Once FSMT installs, stay on the destination server, and use the SmigDeploy utility to create the deployment shares. The SmigDeploy tool makes the share on the destination server and performs the required setup on the source server. The syntax below assumes that the source server runs Windows Server 2012 and has an AMD64 architecture, while the share to migrate the profiles to is at E:Users.

Microsoft offers the free File Server Migration Toolkit, which recreates shares.

smigdeploy.exe /package /architecture amd64 /os WS12 /path E:Users

Use a similar command if the source server runs an earlier version of Windows Server.

Once this script generates the E:Users folder, create a share for it:

New-SmbShare -Path D:Users -Name Users

Next, copy the deployment folder from the destination server to the source server:

Copy-Item -Path \DESTINATIONSRVUsers -Destination \SOURCESRVc$ -Recurse

Register FSMT on the source server to continue. From the source server, change to the C:UsersSMT_ws12_amd64 folder, and issue the command SmigDeploy.exe to make FSMT ready for use.

To perform the Windows file server migration, go to the destination server, and import the PowerShell snap-in that the feature installed:

Add-Pssnapin microsoft.windows.servermanager.migration

Once the snap-in loads, type Receive-SmigServerData. This sets up the destination server to receive data from the source server once it’s initiated. Go to the source server, and send all of the data to the destination:

Send-SmigServerData -ComputerName DESTINATIONSRV -SourcePath D:Users -DestinationPath C:Users -include all -Recurse

Enter the administrator password if prompted, then watch as the files and folders flow over to the destination server. This FSMT process copies the data and keeps permissions in place during the Windows file server migration.