Tag: Modern Problems

Posted on

That’s interesting! Since the global CrowdStrike meltdown I havent received SPAM emails

Digital manufacturing.Coincidence? 

It’s probably something like bunch of compromised servers were acting as routing agents and now that those links have been broken.

The IT professionals are looking closely at their systems and questioning all the excessive traffic. They’ve probably throttled it and are waiting to see who complains.

Since so many corporate desktop computers were affected, I’d bet a lot of the worm/phishing/bot software lurking on them has been purged as part of the cleanup.

CrowdStrike was supposed to be protecting corporate computer systems. Maybe this screwup has uncovered that CrowdStrike wasn’t performing exactly as advertised.

It wouldn’t be the first time vaporware was sold to Corporate America. Remember the DOT Com boom/bust? With few exceptions, there was nothing real, but venture capitalists spent billions on smoke & mirrors.

Maybe Corporate America and IT professionals should re-examine CrowdStrike and not be so single sourced? They’ll never listen to someone like me.

I don’t have 100K in student debt forgiven by President Poopy Pants. I also don’t have the right letters after my name, I could say, “The sky is blue,” and they’d dispute or ignore my observation.

A week later one of them would publish a paper on the likelihood that the sky is definitively blue. The byline would have the requisite A.A. B.S. Phd. Maybe there’d be an “et al” too.

For SPAM to drop 99% like it has in my case, suggests something other than CrowdStrike failing. Sure CrowdStrike is the overarching issue and the cleanup is long and tedious.

The question is, will enough people in the right positions ask questions about other functions that have suddenly changed? If SPAM/Phishing emails are being routed by corporate servers then the questions becomes how much of the corporation equipment and bandwidth is being consumed and effectively used for free?

The monetization of SPAM / Phishing is akin to Mining Bitcoin.

No corporation would allow their servers or systems to be used for Bitcoin mining for free. I’ve worked at companies that denied SETI’s distributed computing application from running on their equipment.

The SETI software was at one time a benign screen saver application that used idle computer resources for analysis of radio signals from space. The application itself was slick. It got out of your way when you needed to work. But if you were in a meeting, or at lunch, or home with your family, the system used your desktop CPU cycles to do work that SETI didn’t have the computing resources to do themselves. 

The result: SETI analyzed way more of the sky than they would have been able to in a reasonably short time. Signals of interest got to the right people and sophisticated analysis programs in weeks rather than being buried for years. All it cost was nothing more than leaving computers on, which Corporate America does so that the machines can be updated 24/7 anyway.

But some corporations wouldn’t give SETI anything for “Free”.

So why are these corporations giving SPAMMERS valuable resources for free?

The IT folks don’t pay attention to anything that is “working”. It’s a human trait, “if it works, don’t fix it.”  But that doesn’t mean you’re not supposed to be monitoring the systems, specifically network traffic.

The math is pretty straight forward. How much email is sent within the company. It’s logical to assume most corporate email would be internal. If you notice that your external mail packets are greater than your internal email packets and you’re not engaged in sending customer contact and retention emails then you probably need to track down who’s sending all that mail.

Sometimes it’s an employee, making a few extra bucks on the side. I busted some guys who were looking at and sending/selling porn from my testing lab network. I saw a weird spike in traffic and it was regular enough that I got curious.

Sometimes, the network traffic can’t be tracked to a specific computer or lab. Then you’ve got a more serious problem. 

I’m hoping that the IT folks worldwide, in the process of fixing the CrowdStrike problem are also fixing the SPAM problem.

In the mean time I’m going to enjoy my SPAM free life. I’ll be expecting my SPAM filters to blow up as soon as the CrowdStrike problem is resolved and everyone goes back to business as usual.

Later that day…

Ahhh, there we go, the SPAM is restarting. I’m sure it will be up to its normally annoying level in no time. Oh well it was really nice while it lasted.

Posted on

Down a different kind of rabbit hole

Don’t worry, this one is kind of fun and interesting.

I’ve been getting a Passwords Compromised notice in my browser for months. I’ve ignored it, as I suspect most people do.

Let’s face it, with every website demanding that you create an account, and so many of those websites being hacked almost instantly, you just stop paying attention.

For some reason, perhaps it’s that I’m cranky, this morning I decided to explore the websites that were compromised and change passwords or delete accounts.

I’m heavily favoring the latter over the former.

Anyhoo… 

I was surprised to note that on a lot of the “compromised websites”, my passwords were obscenities.

I know how most of these obscenities came to be my passwords. It’s about frustration and annoyance. In most situations, I was trying to take care of something completely unrelated to passwords and the website in question decided to force a password change.

Thus derailing my intent and turning what should have been a 90 second interaction into a tour de force of guessing what combination of letter, symbols, number, and special characters would please the website, allowing me to do what I’d accessed the website to do to begin with. That is, if I remembered what I’d gone to the site for in the first place.

Apparently “FuckYou96&yourmother^$#” Is commonly used. Who Knew?

BlowMECocksuckers!-2021” and “LickMyFilthyhole-Asshole!9000” are also common.

This suggests that I’m not the only person who has become sick and tired of Websites, Their demanding that accounts be created, and “Secure” passwords.

Of the 36 websites whose passwords were compromised in various data leaks, I now have 16 left.

I’ve deleted the others. Honestly, do I really need a password and an account to confirm a haircut appointment? Uh, NOPE!

Since I canceled Amazon Prime, Netflix, and Hulu. There was no need for their residual threads to be stored in my browser, so I deleted them. The same with T-Mobile.

I was looking at a credit card login that used to work really well, then the rights to the card were purchased by another company and the new company website has never worked.

There’s no reason for me to maintain that login… Or that credit card account for that matter. I haven’t closed the account yet, but that day is coming and I’m looking forward to it.

The last stored password for that website is embarrassingly filthy! Which speaks to my frustration with the site, the creditor, and their offshore “customer service”.

Oh, that embarrassingly filthy password? It’s on the list of passwords that have appeared in various data breaches. Again, apparently I’m not alone in losing my temper trying to reset passwords.

Then there are those passwords that have been “Reused”. Except they’re not. Some of the banking sites are a conglomeration of websites with different domain names but who all use the same initial login.

These poorly designed banking sites trip the security settings because you have no choice but to reuse passwords due to the way the sites work. 

I would argue that these sites create a laissez-faire attitude because they cause end users to be endlessly warned about something they have no control over. Which results in the users being far more likely to ignore all warnings about passwords that their browser may present.

This is how someone like me ends up with 36 warnings that have gone ignored for months, years, decades?

Don’t get me started about cookies. More precisely, don’t get me started about the cookie notifications or the sites that feel it’s necessary to give you cookie notifications daily, monthly or anytime something changes on the site. (Yes, I know this site does that. Thank the EU!)

It looks like I’m not going to be able to delete these other sites for a while, so I’ll have to continue ignoring the warnings, or actually waste a ton of time changing the passwords. Ugh! That means I’ll be using the automatic password generator a lot.

You’d think that would make it easier but it doesn’t because it seems that the website designers create obstacles designed to prevent password generators from working.

I suppose I need to decide if I’m cranky enough that I don’t want to do anything else but mess with websites and passwords, or ignore the whole mess and do something else that I’d prefer to do.

Posted on

I really used to like Nest Products. Then came the Google…

Nest Learning Thermostat 3rd Generation product.Google I might add hasn’t substantially changed, improved, or added, to the Nest line of products since they took over. 

Google has however used the Nest products that I own as a gateway to insinuating themselves into my life. (For my own good, of course…)

It’s been hotter than Hell up in my little mountain town for the past week or so, and it will continue to be hotter than Hell for the next week or so. This heat wave isn’t abnormal except that it’s about 2 months early.

This means that I’m running the A/C and while I hate to use A/C I’m not opposed to turning it on when we get above 90°

Google logo hd.Every single year, when I start running the A/C and again when I start running the Heat, Google in their infinite wisdom dicks with my settings.

For example, this morning as the temperature crossed the 80° mark, I closed the doors and windows to the house and set the thermostat to “Cool”.

The Thermostat responded by telling me “Cooling set to 82°” uh nope! That’s not what you’re set to do They/Them Thermostat. (I figured I’d have some fun since my thermostat is now behaving like an asshole.) You’re set to Cool the house to 79° regardless of time, or day. 

I know this because I personally lobotomized your schedules the last time we did this dance, and I turned off your settings to accept changes to my schedules from Google. 

So I try to get to www.nest.com to verify that the web hasn’t pushed some kind of software change to the thermostat. Oh, but that URL now redirects me to a google shopping site and logs me in using a google account created to use Google voice, and does not present me with the website that allowed me to inspect and modify the schedules using a full screen and real keyboard.

Instead I’m presented with all the various google products that I can purchase, however Nest products are not listed prominently. They’re buried under smart home and because Google has logged me in using the Voice account, and I haven’t wanted to link, or create, or whatever other bullshit Google wanted me to do with my nice functional Nest.com login I can’t get to the UI that I want to get to.

One of the reasons I freaking HATE GOOGLE! I swear these people could Un-fuck a wet dream (yeah, think about that one…)

I shift over to the Nest app running on my phone. I’m able to see the schedule and indeed Google, in some software update, reset the switch that tells the thermostat “DO NOT ACCEPT GOOGLE INPUT” for schedules back to “off”.

Of course I want a multibillion dollar company monitoring my coming and going and controlling how I choose to spend my money on my local environment in my own home.

I’ll tell you what Google, when you start writing the checks for the mortgage and the utilities then you’ll have some input. Until then, in the words of Elon Musk, “Go Fuck Yourself!

After another frustrating half hour undoing their scheduling via the phone app, where at least 1/2 the buttons don’t work as expected and none of them light up, change color or give any indication that they’ve been pressed. Plus because the app is running on an iPhone instead of an android phone, Google refuses to have all of the controls on the visible screen.

Which is why I use, or rather, used to use, the nest.com interface.

Old Thermostat.The dog, sensing my frustration sat next to me and gently made me lower the arm I was holding the phone with. It was, in his opinion time for me to look up, and he was right.

5 or 10 minutes of cuddling and his laughing face did wonders for my outlook.

During the playtime I realized, this is probably the last time I’ll have to fight with Google altering the temperature schedule in my house.

This is a true statement because regardless of my keeping or selling this house the nest devices are due for replacement and they will not be replaced with more nest devices.

The nest protects will reach end of life next year and if I replace them with another manufacturers products there will be no need to keep the Nest Thermostat either.

Intelligent house.

Before Google bought Nest. I’d standardized on the Thermostat and Protect fire alarms because in the event of fire, the Protects can shut the air handler down via the thermostat to prevent the system from spreading smoke throughout the house.

I also like that the Protects have a nightlight feature and use color coded light signals to indicate their operational status. Mostly, I liked being able to shut them up if they warned they were about to go  off because of smoke from the kitchen.

Then Google bought Nest and honestly… they haven’t done shit to enhance the products.

I look forward to the day when I can reset the Nest Products and delete the Nest app from my phone. On that day I’ll delete any remaining Google logins and do my level best to never use their crap again.

Heck, I might go find myself an old Honeywell lever thermostat with mercury bulbs inside, and eschew all this smart home nonsense entirely.

I’ve tried it, I’ve got the T-Shirt and while there are a lot of aspects I really like, the level of complexity and flaky behavior might just outweigh the benefits.

I suspect if/when I sell this house, and while I’m living someplace I’m renting that I’ll be able to make a reasonable evaluation on the benefits of smart home versus dumb home. 

Maybe I’ll choose a “Low IQ” home. Where nothing important can be controlled by any outside force.

(Then my home and I would match. I’m apparently a Low IQ voter, since I didn’t vote for Hillary. I’ll probably be living in a flyover state too. From a marketing perspective, political parties, and in particular, the Democrat party really need to re-evaluate their merchandising to the masses. Just saying…)