Logbook: revisit
From the I told you so files. AI Coffeepots Strikes back.
It would seem my want of a good Non-AI coffeepot has been reinforced yet again. The IoT coffeepot has been caught spying.
A cluster of seemingly unrelated incidents ranging from exposed enterprise AI tools to a breached coffee machine has revealed the daunting reality that modern cyber risk is no longer confined to servers, endpoints or even employees. It now increasingly spans ecosystems, vendors and even the delivery mechanisms for the very tools designed to drive organizational productivity.
The problem with AI is it is veiled in a ton of secrecy that is no good for anyone. Because once the bad agents start figuring it out. We are in deep trouble. The convenience of the AI coffee pot might be nice but it comes with a ton of drawbacks most people don’t account for .
A digital forensics investigator, identified only as TR, was called in when a client suspected a rival had infiltrated their systems after a data breach. Instead of finding malicious software, TR discovered that an internet-enabled espresso machine, equipped with a default password, an outdated operating system, and no firewall, was the source of the leak. Threat actors exploited this device, which was connected to the client’s secure network, to exfiltrate sensitive data. The machine was sending packets internationally every time someone brewed a cup, bypassing all the client’s advanced security measures.
This does present the facts of IoT machines need just as much vetting as computers on a network, if your IT guy doesn’t find every IoT devices on the network he is creating a leak, and the corporate moto of just buy the cheapest thing is normally a recipe for disaster.
Firstly, Keep all of your IoT shit on its own network, If you have a store named BOBcorp, Put all IoT devices on BioT29384 network that is isolated from the main network. Second, You want a network monitor IoT devices are chatty in nature but if your network traffic jumps sniff it out and make sure its sanitized. IoT companies should give a master list of where their devices connect to. That way if your AI coffeepot is connecting to Nigeria you know something is wrong. Either that give google, Apple, Amazon, and other Hub Devices a choice to go through a master server on the devices Hub of choice, That way if all of the corps go through the hub device the IT staff have an easy way to poke at what the IoT stuff is doing.
By having a master hub list of devices if a device starts misbehaving or an attack vector is found. They can deauth the device. It stops companies from just vomiting out “smart” everything devices, That way if they lose there auth they will act fast to restore the trust in the devices.
Another thought here is with security layers is, that most IoT have BLE enabled by default, After pairing there should be a dipswitch to turn off the BLE until its needed for repairing to the network. BLE is notorious for sniffing what is around it .
FirstNet Trusted™ Could really do something to come out on top here. Because of corporate laziness of “just buy the cheapest thing” leads to the problem in the first place. since they are part of AT&T and there network knowhow.
Even passed that Cellphones on the corp networks need to be on their own network, Workers who place IoT or cellphones on the larger corp networks need to be taken off and the employee trained for network safety, it would create a top down security that would even extend to the workers home after. Rather than finding out too late that there beloved AI coffeepot has been stealing secrets for Months.
In the end, You are better off with a Coffeepot with a switch , and if you need it smart. Add a smart plug to it and than you can control it from afar without having so much bloatware you never know what it is connecting to.
Anyways, back to my non smart non AI coffee….
Attributions from:
The Cybersecurity Hit List: From Enterprise AI to Compromised Coffee Machines -pymnts.com
We need to talk about “smart” devices… -Coffeecommander.net
Internet-connected coffee machine reportedly led to data breach -Scworld.com
FirstNet Trusted™ FirstNet Trusted™by AT&T
Googles Internet of things – By Google
Teva Shoes the revisit.
A shoe post! It has been ages since i’ve posted anything about shoes , the last time I did was due to a problem to which Teva/Decker shoe company where absolutely incredible helping me out with getting my shoes replaced. Since then I’ve stuck with the company and their shoes due to there reliability, My most recent pair of shoes was a pair of the TEVA Churn Watershoe.
Although most sites list these as a watershoe I can not say that they are since I’ve never tested them in water, they have been my day to day shoes for the entire summer. as far as fit , they are a seemingly good fit and remind me of the Teva X-1 Control shoe. 
Why Teva ever stopped making these shoes is beyond me… If anyone out there from Teva is watching , Please bring back these shoes, those were about the best shoes I’ve owned and I had 2 pairs of those, They weighed next to nothing and were extremely comfortable, The Churn though could be regarded as the cousin to these, while not as rugged as the X-1’s the style of the shoe is based on alike construction and weight although the major differences are in the treads of the shoes the Churns are more like road wear while the X-1 were trail wear. But both shoes are very alike in construction and weight , they are almost like wearing socks treads . If you are on your feet all day these will stand up to the test of the day , I’ve worn shoes that you want to light on fire just to feel a bit more comfortable because the heel or other parts of your foot are in agony .
For the churns I’ve done a ton of walking in them and they do not wear as easy as the X-1s, If you do alot of road walking or walking in building these are the shoes for you, the no lace thing is also very nice due to the fact you can throw them on in a hurry if you are going out.
So my opinion for the shoes.. Awesome!
*Yes! I get to use the shoe tag!
Phone fun ∞+1 Just because its been awhile.
So, As we left off way back when in phone fun MMXXIV I ended up with the Nexus S 4g, Since I’ve had that phone it was pretty smooth sailing as far as a phone goes. The phone was durable to the point of being thrown into a wall multiple times.
This edition of phone fun has ended up with a mostly positive review of things since I decided to upgrade to the Galaxy Nexus , this phone is step above the nexus s and has more bells and whistles .. namely a FUCKING NOTIFICATION LIGHT!!!!.. Holy hell do you miss those when you don’t have one.
If is there is one thing a phone must be with it has to be a notification light because you become obsessive with checking if you have missed any messages.
There are a few complaints about the Galaxy nexus….
They are minor, Yet annoying..
The back battery cover feels like you’re going to break the thing when you try to access the battery, Also with the battery is its life , You feel like you need to carry around a small nuclear power station in order not to run the battery down. Phones are progressing at an amazing rate, but the technology for batteries are not. Going 24 Hours is the high bar for newer phones, if you lock yourself in a room for a day and ignore every phone call , You might get over one day. Even with batteries progressing at a slow rate why don’t companies at least mitigate with a small change to the the phone that would go many miles by simply putting a solar cell on the back cover. Sure it doesn’t solve anything if you live in a cave but what the hell .. Its a start.
The other minor issue is getting Google voice to work with the phone when transferring from one phone to the next, which seemingly has a strange fix. If you update your phone to the most recent version of Google voice you will have errors and the phone will never sync to it. The way around it seems to be using the stock version of Google voice which works out.
but so far this phone seems to be a win .
Phone Fun IV: A New hope.
In our last episode of phone fun I had got an HTC TOUCH , Well…… That didn’t work out so well. Exactly 360 or so days the HTC touch Starting having issues with the screen and Calls. Now, from trials and tribulations with sprint I learned the last thing you want to do is call *2 on your phone. Doing that is like crank calling the deathstar while its in orbit around your planet. Sprint Over the phone support basically told me I had to buy a new phone. Which I don’t have money I can magically pull out of my ass. So I did the next best thing, I headed down to a sprint corporate store. Since I pay my phone bill locally by walking into these stores I figured I’d get a better idea of what to do. After a short talk they sent us down to Boxboro Massachusetts. They have a repair depot up that way, anyways after a 30minute drive and a 30 minute wait they told me the phone was shot(radio was damaged). After a short wait they sent me on the way with another HTC Touch(#2), After getting that home with-in a few hours the audio on that phone sounded like a cat barfing in your ear. Called *2 and sprint offered to send out yet another HTC touch(#3). They shipped it overnight which was very nice and it arrived on monday.
I had that phone no more than 48hours when the phone would just lock and gave a screen of death, Now I am fairly careful with phones and use screen protectors and such. After wasting 3 of them I was not exactly happy. That Phone went back to sprint. To make a long story short, I’ve gone through alot of HTC touches and as Far as my last post about this phone in 2008 . How does the phone rate up?
A bit of a learning curve which kind of surprized me but none the less I like it so far. As far as my requirements for a phone
Requirements for a Phone
- to make calls
- The Phone is configurable
- good battery life
- add/make ringtones
- Applications that don’t cost a years pay for a small 3rd world country
- Durable
Well… After a year with one phone and 1 to 2 months on 4 others.
1 The phone defiantly passes on. For a refurbished HTC-Touch that is debatable.
2. Again you can’t knock the touch on this, its extremely configurable once you figure out the interface.
3. battery life… That is actually pretty good. Although using the GPS Or other intensive options I would recommend a car-charger.
4. You can make ringtones till you puke with this thing rather than jumping through hoops trying to convert soundfiles into strange formats.
5. As Far as applications go, you can find most of the common apps you need on the phone although I’d recommend downloading Google maps. With enough looking you can find pretty much any app you want for the phone but, this is where i’d give the Iphone or palm pre a small advantage with an “app store” for centralized buying of applications although the Iphone is more like Locked into the app store which I believe you can not install any 3rd party apps w/o jailbreaking the phone.
6. Lastly durability I seriously question, as the phone did make it One year. as Far as the refurbished HTC-Touches.. Those sucked ass.. there’s not enough swears in the English language to say what shit the HTC Touch Refurbs are. I may of run into a bad line of them but that is hard to believe that i’d of gone through that many phones.
as far as my current phone, Sprint has offered me a HTC Diamond, Again i leave this post open till the next time I come back to phones.
As far as sprint is concerned – It seems they are OK as far as support as long as you get the right person.
MovieStop gets stranger.. (possible employee reply)
While sitting here and realizing i’ve not updated in ages , I decided to check my comments sections, It was kind of funny . I noticed a Comment sitting in moderation for my moviestop post that I had posted over a year ago. I had an problem with MovieStop, and after a few emails the situation was corrected, I thought it was spam until I decided to read it.
Policy is, if you reserve a movie they match the lowest “ADVERTISED” price. This means there has to be an in store advertisement stating the lower price. They do not match every price because they sell used movies which are always lower than any other store’s new prices. Sounds to me like you are one of those customers that all retail employees hate to have to service. You think that you should get the best deal even though the policy is different than what you want. Maybe step down from your high horse and come join the rest of us on planet earth.
Maybe I’m on a High horse maybe I’m not, but this comment is basically an attack, let me break this one down.
- Policy is, if you reserve a movie they match the lowest “ADVERTISED” price.
From my previous post: Before Leaving the Moviestop lot I had checked the window to see that there was a Large sign in yellow with black large letters “GUARANTEED LOWEST ADVERTISED PRICES”. When i had asked regarding this sign in the front of the store windows the person claimed that there was an asterisk in the sign on the front of the store. Checking the sign again there was No asterisk no Limitation no claim to see in store for details Nothing noting of any policy of what this person had spoke of.This item was new, and the price I saw was ADVERTISED, It was in the best buy flier for the same week.
- This means there has to be an in store advertisement stating the lower price.
See above
- They do not match every price because they sell used movies which are always lower than any other store’s new prices.
That’s a given but, I purchased this product new. generally used products fall under different rules which are printed in stores (Or at least gamestops that I’ve been too).
- Sounds to me like you are one of those customers that all retail employees hate to have to service. You think that you should get the best deal even though the policy is different than what you want.
Now your getting a little snippy here, As far as being hated by retail employees, I don’t think so, Now i’ve been nice up to this point. I’m sure a lot of gamestop/moviestop employees are not like you, Hell I know my gamestop/moviestop managers and they know me but,you are a gamestop/moviestop employee In richmond, VA area, who has no clue what went on and are assuming the customer is always wrong, I never believe the customer is always “right” but, there is a happy medium. That right there is the first sign of bad customer service, Secondly I pointed out the sign issue, most states have laws saying they are bound by what the sign says unless its a grievously bad error, also by the federal trade commision .
The Federal Trade Commission (FTC) is the main federal agency that enforces advertising laws and regulations. Under the Federal Trade Commission Act:
- Advertising must be truthful and non-deceptive;
- Advertisers must have evidence to back up their claims; and
- Advertisements cannot be unfair.
But to get this kind of treatment almost a year later is kind of low, I’ve been mostly nice through this post but if MovieStop employees really think they are god to obviously which you think you are, you need to really sit down and think! How do i want my store to be and how can I keep people coming back to my store. Not find a post on the internet and bash the person because what you believe is right, quite simply you need to educate your customers and educate your self and CORRECT problems when you see them, If you store has a sign that says
“GUARANTEED LOWEST ADVERTISED PRICES”.
But, the sign only refers to preorders, The sign is incorrect! You need to correct the sign because the sign says quite different from the actual given “policy”. A better sign would be
“GUARANTEED LOWEST ADVERTISED PRICES ON PRE-ORDERS: See inside for details”.
After this I think moviestop is on the shitlist again.
Console Gaming without a TV part IV (Samsung 2253BW monitor)
I’ve written in the past about not having a TV to play Console games on , And through many trials I settled on the VD-W2 Wii VGA cable. The cable definitely served its purpose, after trying many TV Cards that just could not hold up to console gaming I decided to try that cabled on a whim. Honestly it was one of the best things I bought to use with my monitor. So if you have a small room and do not want to deal with the annoyences of TV Card or having a TV and a Computer monitor in the same room with your console and PC, The Vdigi Wii VGA Cable is worth the buy!
well….
The cable earned its retirement after almost a year of faithful service, I had given away one of my monitors due to the fact we still had a monstrosity of a CRT monitor in the house, That given, It started me on a new quest.
To find a monitor to fit my needs….
Since I was using both the VGA and the DVI inputs that meant I needed a monitor to have at least 2 inputs. The last time I had purchased a monitor was 2007 and, I was not sure exactly sure how things have changed in that technology.
Well I took a little crash course.
(click more to read on)
Logitech G7 Hell.
A year with with my Wii………..and let the puns begin!
This month is comming up on me having the Wii console for 1 year.. How has the Wii stood up as time has progressed? After owning the wii this long, there have been a few thoughts i’ve had as far as how the system has matured, Honestly the system is still good but still needs to grow up a bit.
I Do Still pay with the wii, but Not nearly as often as I used to due to the fact of a lack of games with depth to them, Some games do come out with depth but, the issue is quantity. The fact that developers have shunned the Wii kind of makes for an interesting senario. Sure its taken the market by storm but, im seeing where the Wii’s weakness is, theres just not the title market out there. Forevery good game for the system theres a SHITLOAD of vomitware for the system and it shows, Goto gamestop and look on there used shelves and you will see TONS of craptastic games.
As far as price has gone, The wii is not the lowest man on the ladder due to the x-box 360’s agressive pricecuts but in the long run the Wii is cheaper due to the online component being cheaper (Free). The Wii’s online component severely is lacking still due to lack of interaction in games, If you play Mario Kart Wii , Theres just no feeling to it due to the lack of interaction between players. Sure you can see the asshat that just knocked you off the track as you swear your brains out at the screen but, does the person on the other side of the connection know your mad …. NO. They did add keyboard support awhile back but, its so unused the most it maybe used for is to put in a creditcard number for more Wii Points, Nintendo could highly benifit from at least adding chatroom or some other way to talk to players while using the system.
The system has been pretty faithful to me with one exception of having the send in the wii to Nintendo for service. But The repairs were extremely quick and had the system back within the span of one week.
While the Wii’s gaming library has some good games that come out every few months, I’ve never really been stuck in a situation of a choice to make over one game to another. Nintendo’s first party titles are pretty much unmatched in terms of gaming on the system theres a few noted exceptions such as Raving Rabbids, No More Heroes, Final Fantasy Fables, and Starwars the force unleashed but, The lack of quality 3rd party titles I think is my biggest mark against the system.
Given that fall us upon us maybe we will see the Wii mature a bit or maybe we will see the Wii not Mature. I said wii huh-huh-huh…