Computer News & Safety – Harry Waldron Rotating Header Image

February, 2018:

Leadership – Management Self-Assessment valuable quarterly process during 2018

The John Maxwell leadership training center shares an excellent article on use of Skill Assessment Tools for team members to discover their talents:

http://johnmaxwellcompany.com/blog/self-assessment-questions-leaders-should-ask-themselves

I challenge you to take some time this quarter to give the following self-assessment questions some serious, focused thought. The first four are meant to be reflective on the seasons in your past, while the final four are geared toward your future.

1. What have I accomplished? — This is a positive exercise, so let’s start with a positive question. This inquiry should get to the root of what is working in your career. It also gives you an opportunity to reflect.

2. What have I learned? — Having some time to step back from both achievements and failures Is key to holistic understanding. Giving yourself this kind of space can open your eyes to what you truly learned along the way.

3. Who did I lead? — The mark of an influencer is not in the number of followers, but rather in the number of leaders he or she has produced. Think leader replication.

4. What held me back? — Chances are you fell short on achieving all of your goals last year, last quarter or even last week. That’s OK. But let’s look closely at what caused these diminished returns.

5. Do I still love what I do? — There are certainly parts of the job that I don’t like. Our ability to be effective is directly tied to our ability to be passionate about what we’re doing.

6. Am I willing to pay the price again? — John says, “Everything worthwhile in life is uphill all the way.” We must figure out if the journey is worth the ascent.

7. What are my priorities? — The key to overcoming this barrier is by choosing your priorities. If you have too many priorities, then you have no priorities. Ask yourself this question to identify, assess and ignore these damaging diversions.

8. What habit change will aid me most? — We all know that there are some habits that hinder our progress as intentional leaders. The first step to overcoming these habits is realizing they exist and being self-aware enough to identify them as impediments.

9. What is my focus word? — Choose a word that defines what you’re hoping to achieve, and then take this word into battle with you every single day. Great words to consider include, “intentional,” “influence” or “collaborate.”

Facebook – How to turn off Face Recognition capabilities

Facebook is continuing to improve and expand Face Recognition capabilities. They are promoting awareness and the capability for users to opt out as desired.

https://www.wired.com/story/how-to-turn-off-facebook-face-recognition-features/

More Facebook users started seeing a notification about how the social network uses its facial recognition technology. When Facebook first implemented the tech in 2013, it limited its use to suggesting tags in photos. In December, though, the company announced that it would expand face recognition’s scope to notify you when someone added a photo you were in, whether it was tagged or not. If that sounds like something you’d rather Facebook not do, it’s easy enough to stop.

If you’re not comfortable with Facebook’s new face recognition tools, you can head to Settings > Face Recognition, then select yes or no at the question Do you want Facebook to be able to recognize you in photos and videos? And while Facebook says that it isn’t opting everyone in, you may be surprised to find the feature already on.

Leadership – Skill Assessment Tools Help Good Employees Grow

The John Maxwell leadership training center shares an excellent article on use of Skill Assessment Tools for team members to discover their talents:

http://johnmaxwellcompany.com/blog/using-employee-development-to-turn-good-employees-into-great-leaders

It costs a lot to replace a good employee—some estimates put the cost at equal to or greater than the annual salary of the employee.  Yet more than ever, employees want growth opportunities and paths for personal development to stay at a company. By helping good employees become great leaders, you not only position your company for success, you increase employee retention in the process.

Employees are often so focused on production—what do I have to do and achieve—that many have an unexplored world within. The discovery process requires times of personal reflection—a rarity in most workplaces—to ask probing questions about themselves:

* Who am I?
* What do I truly love?
* What am I good at?
* When am I happiest?
* What matters most?
* What gets me going?
* What holds me back?
* What do I want for my life?

Use Assessment Tools to Help Good Employees Grow — Your leaders can help good employees engage that discovery process by encouraging employees to take and apply personal development assessments. Your teams can choose a different assessment, of course, but we find the combination of RightPath 4 and RightPath 6 assessments to be powerful. The first gives a snapshot—more like an X-ray, while the second takes a deeper dive—more like an MRI. The key advantage to the tool is its simplicity. It provides a powerful learning platform, enabling employees to easily apply what they learn about their natural tendencies.

FBI warning – Targeted W2 phishing attacks increase during 2018

The FBI and IRS are reporting an increase in W2 phishing attacks during 2018.  These targeted attacks often appear to be coming from a legitimate Human Resource (HR) professional seeking updates. Users should question the HR department before submitting sensitive data, when they see unusual requests for information. 

https://www.ic3.gov/media/2018/180221.aspx

Beginning in January 2017, IRS’s Online Fraud Detection & Prevention (OFDP), which monitors for suspected IRS-related phishing emails, observed an increase in reports of compromised or spoofed emails requesting W-2 information. Sometimes these requests were followed by or combined with a request for an unauthorized wire transfer.

The most popular method remains impersonating an executive, either through a compromised or spoofed email in order to obtain W-2 information from a Human Resource (HR) professional within the same organization. Individual taxpayers may also be the targeted, but criminals have evolved their tactics to focus on mass data thefts. This scam is just one of several new variations of IRS and tax-related phishing campaigns targeting W-2 information, indicating an increase in the interest of criminals in sensitive tax information.

How to report a data loss related to IRS related to a W-2 scam — If notified quickly after the loss, the IRS may be able to take steps that help protect your employees from tax-related identity theft. To contact the IRS about a W-2 loss, email IRS at dataloss@irs.gov and provide the information listed below so the IRS can contact you. In the subject line, type “W-2 Data Loss” so that the email can be routed properly

DDoS attacks – Memcache reflective amplified UDP-based security alert

The SANS ISC and US-CERT are sharing awareness on UDP-based DDoS attacks (port 11211) circulating in the wild as follows:

https://isc.sans.edu/forums/diary/How+did+this+Memcache+thing+happen/23391/

https://isc.sans.edu/forums/diary/Why+we+Dont+Deserve+the+Internet+Memcached+Reflected+DDoS+Attacks/23389/

https://www.us-cert.gov/ncas/alerts/TA14-017A

This memcached reflected DDoS thing is pretty bad.  How bad?  Well, US-CERT updated its UDP-Based Amplification Attacks advistory to add Memcache to the list of potential attack vectors.  The really telling bit is the chart that shows the Bandwidth Amplification Factor.  Before memcache was added the largest factor was 556.9 from NTP where each byte sent in to a vulnerable server would return about 557 bytes in attack traffic.  Memecache is listed as 10,000 to 51,000.  That’s remarkably large.

So you got yourself a classic reflective amplified DDoS attack. Luckily, it isn’t too hard to block. You should see traffic *from* port 11211 if you are hit by this attack. Blocking all traffic from port 11211 should be possible as all modern operating systems tend to use a source port higher than that for client connections.

RECOMMENDATIONFor vulnerable systems, change the memcached configuration setting for CACHESIZE

1.Open /etc/memcached.conf in a text editor.
2.Locate the -m parameter.
3.Change its value to at least 1GB.
4.Locate the -l parameter.
5.Change its value to 127.0.0.1 or localhost.
6.Save your changes to memcached.conf and exit the text editor.
7.Restart memcached.

Blockchain security – Expanding beyond Cryptocurrency

This article shares how some industries plan to use the decentralized and encrypted approach of BLOCKCHAIN technology beyond cryptocurrency:

https://techspective.net/2018/02/23/blockchain-technology-and-cryptocurrency-are-transforming-industries/

What is blockchain technology? — A blockchain is a digitized public ledger of all the cryptocurrency transactions. The records—which are called blocks—are linked with each other and secured by cryptography.  Blockchain is touted as one of the most secure technologies because its ledger is decentralized and encrypted. The transactions taking place on the network are self-verifying and don’t have to go through a central institution (like the central bank of a currency in the case of a domestic currency like the US dollar), which is why it’s able to enjoy a whole new level of security.

Blockchain was originally designed for Bitcoin. However, a number of top companies and institutions such as FedEx and the European Union have started working on their own blockchain projects, after discovering potential in features like high transparency, efficiency, and security. In fact, blockchain is being applied across a growing number of industries, including banking, online gambling, and healthcare.

Hardware – New QUALCOMM Snapdragon 845 CPU

QUALCOMM’s Snapdragon CPU family is innovative & state of art.  The new 845 CPU offers powerful multi-core computing with LOW BATTERY usage,  The Samsung S9 &  Xiaomi smartphone families will be two early adopters in 2018: 

https://www.digitaltrends.com/mobile/qualcomm-snapdragon-845/

https://www.qualcomm.com/news/releases/2017/12/05/qualcomm-launches-technology-innovation-advancements-always-connected-pc

The highly anticipated and heavily rumored Qualcomm Snapdragon 845 processor is finally here. The new chip is set to power the next generation of high-power, flagship-quality smartphones this year, likely starting with the likes of Xiaomi and Samsung, both of which took the stage at Qualcomm’s Snapdragon Summit in Hawaii this week.  Eventually most flagship phones will feature the Snapdragon 845.

The CPU in the Snapdragon 845 is called the Kryo 385, and like its predecessor, the Snapdragon 835, the new chip features eight cores — four so-called “performance” cores, and four “efficiency” cores. The performance cores, which have a clock speed of 2.8GHz, offer a performance boost of 25-30 percent over those in the Snapdragon 835, while the efficiency cores, which clock in at 1.8GHz, offer a 15-percent performance boost.

Phones that pack the Snapdragon 835 include the Google Pixel 2, the LG V30, HTC’s U11, Sony’s Xperia XZ1, and more. We expect these phones’ successors to make use of the Snapdragon 845.

Mobile Phones – Samsung Galaxy S9 announcement on FEB 25th

While Samsung & Apple are playing cat-and-mouse in smartphone technology innovations — the Samsung Galaxy S9 was announced yesterday at the world-wide Mobile Congress.  While expensive, it has numerous design improvements & innovations as shared below:

http://bgr.com/2018/02/26/samsung-galaxy-s9-review-top-10-new-features/

Samsung on Sunday finally announced its hotly anticipated flagship smartphones, the Galaxy S9 and Galaxy S9+. We’ve already told you everything you need to know about the new Galaxy S9 duo, and we gave you your first hands-on look at Samsung’s hot new phones. We also went over pricing direct from Samsung and through every major carrier in the United States, and we took a deep dive into Samsung’s Galaxy S9 specs

NINE NEW & IMPROVED FEATURES

1. “Super Speed Dual Pixel” camera, — by far the most impressive camera the world has ever seen on a smartphone
2. Super Slow-mo — The camera captures video in 720p HD resolution at 960 fps & because the quality of Samsung’s new Super Speed Dual Pixel camera is so good, the clarity of well-lit Super Slow-mo videos is incredible
3. AR Emoji improved support
4. Bixby Live Translation
5. New “Iris Unlock” for improved security (10X more accurate than facial recognition)
6. Improved Desktop Support (DeX Pad)
7. Design and build changes – new 7000 series aluminum, which makes the construction more sturdy overall. The glass is 20% thicker to help prevent breaks
8. Brighter display – Samsung is the king of smartphone displays with Super AMOLED screens
9. Performance and power- Improved internal components headlined by the Snapdragon 845 chipset provide way more oomph as well as more efficient power consumption

Windows 10 – 85 percent of users upgraded to current build

Windows 10 uses new update methodologies which are more automated to ensure users take critical security updates & new service-pack type updates every 6 months.  An estimated 85% adoption rate is noted in article below

https://techreport.com/news/33287/report-windows-10-fall-creators-update-adoption-speeds-past-85

If AdDuplex’s Windows 10 Fall Creators Update adoption figures are accurate, the software giant might be doing something constructive with all the ones and zeroes gleaned from customer PCs. The “cross-promotion network for Windows Phone and Windows applications” reports that 85% of all PCs running Windows 10 have upgraded to the Fall Creators Update, which started rolling out to customer machines at the end of October. For comparison’s sake, the previous Creators Update had reached about 66% of Windows 10 devices at the four-month mark

 

Privacy – European Union GDPR starts May 25 2018

The European Union’s General Data Protection Regulation (GDPR) compliance deadline is May 25, 2018, you’ve only got a few months to decide what, exactly, GDPR means for your company, your customers, and your employees.

https://www.csoonline.com/article/3257695/privacy/gdpr-is-not-just-a-regulatory-framework-it-s-also-a-moral-and-existential-blueprint.html

https://en.wikipedia.org/wiki/General_Data_Protection_Regulation

https://www.ibc.org/delivery/getting-set-for-gdpr/2678.article

The main tenets of GDPR – data portability, breach notification, data protection by design and default, data/storage minimization, opt-in consent, right-to-erasure, appropriate technical measures, evidence of compliance – are amazing codification of laws that every service provider and vendor on this planet – that may or may not be impacted by the regulatory framework itself – would do well to make an integral part of their DNA and offering – for their existence and their customers’ well-being.

Below are 7 sections explained in greater detail:

1. Data portability
2. Data protection by design and default
3. Data/storage minimization
4. Opt-in consent
5. Right to erasure
6. Appropriate technical measures
7. Evidence of compliance