Logbook: Phone accessories

From the I told you so files. AI Coffeepots Strikes back.

by

It would seem my want of a good Non-AI coffeepot has been reinforced yet again. The IoT coffeepot has been caught spying.

A cluster of seemingly unrelated incidents ranging from exposed enterprise AI tools to a breached coffee machine has revealed the daunting reality that modern cyber risk is no longer confined to servers, endpoints or even employees. It now increasingly spans ecosystems, vendors and even the delivery mechanisms for the very tools designed to drive organizational productivity.

The problem with AI is it is veiled in a ton of secrecy that is no good for anyone. Because once the bad agents start figuring it out. We are in deep trouble. The convenience of the AI coffee pot might be nice but it comes with a ton of drawbacks most people don’t account for .

A digital forensics investigator, identified only as TR, was called in when a client suspected a rival had infiltrated their systems after a data breach. Instead of finding malicious software, TR discovered that an internet-enabled espresso machine, equipped with a default password, an outdated operating system, and no firewall, was the source of the leak. Threat actors exploited this device, which was connected to the client’s secure network, to exfiltrate sensitive data. The machine was sending packets internationally every time someone brewed a cup, bypassing all the client’s advanced security measures.

This does present the facts of IoT machines need just as much vetting as computers on a network, if your IT guy doesn’t find every IoT devices on the network he is creating a leak, and the corporate moto of just buy the cheapest thing is normally a recipe for disaster.

Firstly, Keep all of your IoT shit on its own network, If you have a store named BOBcorp, Put all IoT devices on BioT29384 network that is isolated from the main network. Second, You want a network monitor IoT devices are chatty in nature but if your network traffic jumps sniff it out and make sure its sanitized. IoT companies should give a master list of where their devices connect to. That way if your AI coffeepot is connecting to Nigeria you know something is wrong. Either that give google, Apple, Amazon, and other Hub Devices a choice to go through a master server on the devices Hub of choice, That way if all of the corps go through the hub device the IT staff have an easy way to poke at what the IoT stuff is doing.

By having a master hub list of devices if a device starts misbehaving or an attack vector is found. They can deauth the device. It stops companies from just vomiting out “smart” everything devices, That way if they lose there auth they will act fast to restore the trust in the devices.

Another thought here is with security layers is, that most IoT have BLE enabled by default, After pairing there should be a dipswitch to turn off the BLE until its needed for repairing to the network. BLE is notorious for sniffing what is around it .

FirstNet Trusted™ Could really do something to come out on top here. Because of corporate laziness of “just buy the cheapest thing” leads to the problem in the first place. since they are part of AT&T and there network knowhow.

Even passed that Cellphones on the corp networks need to be on their own network, Workers who place IoT or cellphones on the larger corp networks need to be taken off and the employee trained for network safety, it would create a top down security that would even extend to the workers home after. Rather than finding out too late that there beloved AI coffeepot has been stealing secrets for Months.

In the end, You are better off with a Coffeepot with a switch , and if you need it smart. Add a smart plug to it and than you can control it from afar without having so much bloatware you never know what it is connecting to.

Anyways, back to my non smart non AI coffee….

Attributions from:
The Cybersecurity Hit List: From Enterprise AI to Compromised Coffee Machines -pymnts.com
We need to talk about “smart” devices… -Coffeecommander.net
Internet-connected coffee machine reportedly led to data breach -Scworld.com
FirstNet Trusted™ FirstNet Trusted™by AT&T
Googles Internet of things – By Google

We need to talk about the Pixel Watch 4 LTE

by

The Pixel watch is a really good watch, it has the hardware to last through a day of work. It can make calls, it can connect to your calendar. It CAN NOT text on its own? What .. the .. hell google? This hit me when I was stuck without my phone in a snowstorm. I tried to text my friend and The text could not send. Again, WHAT THE HELL? You have a watch that will tell me when i have fallen if my heart stops. But it won’t protect me in an emergency that does not require 911? Given that i was in a situation that I could make a phone call, I called my friend. Overall it was a situation better handled by text.

Now there are situations you would think a safety oriented watch would think of these things. If you are in a situation where verbal dialog is not possible. Bad Dates, you have fallen, You are lost but your friends are near , worst case is domestic violence. No one is going to bat an eye if you are fooling with your watch. If you are in a situation where your phone dies or your phone is smashed. An attacker might see a phone as a weapon of communication. a smart watch might be seen as a time piece or a toy. But Can you quietly Discretely reach out ? No. but is there a work around?? Possibly:

If you use if you use WhatsApp or Telegram you are safe. However if you don’t use that you are kind of screwed. Using WhatsApp/Telegram exposes you to giving out personal information to companies. In some cases you may not care to use another third party app.

There is always option B:

Create and send an email to your friends and just have them reply to you , use that email in a folder called “work” if you need help you can hit “reply” and send a message Via email. While you are not able to append your GPS location over the watch you can definitely give a shortened message to get the point across while “checking your watch” .

This is seriously a big miss by google, if you are in a domestic situation if you grab your phone the aggressor is going to break that. They are far likely less to react to a tiny watch when you make a bit of time because you have to use the bathroom and send an email over your watch. If you are on a bad date, You can reply to an email quickly and lie to the person saying sorry I have a work email to deal with. When you are really emailing to say “Come to soandso and meet me” . Especially if you have your friends knowing that this work email is your “angel shot” , its super discreet and not likely to be noticed because you look like you are just emailing your “boss”.

But in all, for a watch that is supposed to be used independent of the device it is still forced to be slaved to the phone device. Google really dropped the ball on this…

Phone Fun the spinoff! Bose Quiet comfort ultra(earbuds)

by

Sure, phone reviews aren’t as common these days, but that doesn’t mean smartphones are any less important or complex. Actually, they’re way more than just phones now. Think of them as these smart hubs we carry around that control all sorts of things in our lives. They link up with everything from our smartwatches and earbuds to even our coffee makers and ceiling fans. Basically, phones are central to how we live and interact with technology every day.

tA Bluetooth coffee maker? Fucking seriously? If I had the money, I’d buy that ridiculous thing just out of morbid curiosity. I mean, Fucking come on, are we really incapable of pressing a button to brew coffee ourselves? I think humanity still has that much dexterity left in our fingers.

Anyways. However a distraction this coffeemaker is not the phone fun spinoff we need to talk about. The thing is when you are out and about having your phone in your hand is kind of a distraction.. I purchased Bluetooth earbuds with both noise cancellation and passthrough audio features to meet my specific needs. if you are on the road and you are a target like me you need passthrough audio in order not to be hit by a car or other things.  

I  purchased a Bose Quiet comfort ultra. They have a case where they look unique. I hate it when people copy Apple’s airpod shit and act like they are the best thing since sliced pizza. Honestly, though, I get annoyed when other brands just copy Apple’s AirPods and then try to sell it like it’s something totally new and different.

The sound quality is pretty good, though the standard settings are the bose special, enough bass to blow your tits off if you accidentally turn it too far up. You can set different audio profiles to your sound likings.  These earbuds stay in your ears and do not fall out. I’ve had earbuds that if you farted hard enough they would fall out.. Here’s looking at your plantronics. 

The Bose QuietComfort Ultra headphones feature a passthrough audio mode called “Aware.” While it functions, the “Aware” mode doesn’t allow a sufficient amount of external sound to enter. i was almost hit by a car i did not hear behind me. It feels like it lets in a range of audio that is around you but you get  blind deaf spots. THis is likely a fault that can not be addressed by firmware. But companies should take notice and develop something that has a passive awareness that can warn you of things in your environment. 

Moving to the inside world the noise cancellation is divine. At night if you can’t sleep because your partner is snoring, just shove the quiet comfort ultras in your ears and snoring mosty is gone. I have tested in environments that are loud and basically the noise cancelation gets rid of unwanted noise.

One thing that pisses me off about these earbud is the left earbud can be flaky on connecting. nothing like trying to get some sleep and when you put in the left earbud and the connection fails. No prompt no nothing, You need to take the earbud out and put it back in.

Overall i would say these are a pretty good set of earbuds with a few caveats, I’ve had problems with cases, in the pocket the cases seem to make the USB C Connector fuck up. I’ve had two cases fail and not be able to charge them.

Overall though i would recommend these earbuds.

On sound I’d give these an easy 8/10
on ease of use: 5/10 (left earbud issues found through multiple pairs)
Noise cancelation: 9.5/10
Battery: give or take they can last all day 8/10
Durability: 6.5/10 (the fucking case.)
Price: 4/10 ( they are expensive.)

Rating Average:6.8 (average of ratings)
The coffeecommander Rating: 8.0(personal feel ratings)