WTF Were You Thinking Fucktard?
Tag Archives: Security
T-shirt Inappropriate @ Fiesta Texas
I mentioned in my other post that I have a vast collection of t-shirts because they are typically what I wear everyday. I also mentioned that on our vacation to San Antonio that we visited Fiesta Texas (Six Flags Theme Park). If I recall correctly, I added that the little adventure was worthy of it’s own post. So, here is that post. Now, due to some certain particulars, I will not be mentioning anyone by their actual names. By now y’all have most likely noticed the photo above of the t-shirt I was wearing on the morning of our visit. I said “was” wearing because initially I was refused entry into the park because I “was” wearing it as I passed through the gates. In fact, let’s start with the gate first, I will get back to the shirt later.
I don’t know how it is where y’all live but most places of entertainment that I have been to include walking through a metal detector. Seems to be a way of life in larger cities. Remember one thing as you read forward, I have had six (6) open knee surgeries on my right knee, the latest resulting in a knee replacement, so I have a little hardware holding everything together these days. I know, based on past metal detector experience, that I light those things up like a Christmas tree when I walk through. Which is the exact reason why I already had my U.S. Government issued information card in my hand. It explains the metals and other materials to the screener in English, Spanish, and French. It also has a toll free number if there are any further stupid questions. I step through and it of course goes apeshit crazy, in fact, all four times I passed through it the alarms went off. I handed the man my card and Veteran’s ID card, both were dismissed, but I was asked to follow another man off to the side so I could be wanded and patted down repeatedly. Finally, enough is enough, I asked the obviously arrogant question if they couldn’t see the huge fucking scars on my leg. And you know what my answer was? “Sorry, Mr. Z., I guess we didn’t observe those during our investigation”. This is from 3 separate people, all claiming they didn’t see them or fully understand the information card I provided.
After 15 minutes I was released to go into the park, but only if I am wearing a different shirt which is not offensive or inappropriate. Wait just a fucking minute! Offensive or inappropriate? By what standard? Because if we are going to point fingers I saw a few that I thought were in very bad taste, but according to the screeners a shirt with the Mexican flag bearing the words ” Thank you Obama for not sending me home” or the shirt with a burning American flag which read “Burn Bitch Burn” were just fine to wear in the park because the two people were not believed to be “American” based on their skin color. Y’all are yanking my chain, right? Nope. At this point my wife takes me by the arm and tells me to just go get another of my shirts from the car. WTF? So, the screening idiot stamps my hand, therefore being able to avoid the whole line and metal detector again. How nice. I did go to my car, I was furious, I did smoke a few cigarettes, I did change into a plain gray shirt, and I did go back to the park. Why? Because my wife asked me to come back in to have the family day, together, and in peace.
The rest of the day was uneventful, except the Superman ride was down 90% of the day, the only ride I ride. Yes, I did file a formal complaint to both Fiesta Texas and to Six Flags. It was all done electronically Sunday afternoon, I have yet to get a reply. Personally, I don’t think my shirt having the word ass on it offended anyone, nor do I think it would. I also believe in the freedom of speech, I may not have agreed with the two examples given above, but it is what it is, just a shirt, just an opinion. I personally wasn’t looking for the attention I received, but it happened. However, I remain pretty pissed at the fucktards they have as screeners, because that was just super ignorant on their part. Glad to know they can’t read OR see while they are looking out for everyone’s “safety”. I will cut this off here because if I don’t I could go on for hours, and I got dinner to finish cooking.
80% Of All Android Phones Are At Risk
Recently a well-known and recommended security research organization found a vulnerability in the legitimate certificate validation of the Android system. Hackers can create malicious apps to imitate trusted Android system apps such as Adobe Flash Plug-in, 3LM, etc. Malicious applications will then operate stealthily in user’s mobile devices, secretly stealing account numbers, passwords and other private information, making it a huge threat to all users.
How hackers forge trusted apps
Every Android application has its own certificate which serves as a unique identifier in the Android system, like an ID card. The Android system verifies the authenticity of an app only by referring to this ID. Once the ID is trusted, the app can carry out its operations as requested by users. Apps continue to be authenticated as long as they keep the same ID. In the real world, if one person holds the ID card of another, they can spoof that person’s identity and carry out certain transactions.
Impact of the Fake ID vulnerability
Currently the vulnerability affects devices running Android system versions from 2.1 to 4.3, which encompasses over 80% of Android users, or 100 million people worldwide.
As the Android system reports the malware as having a trusted ID, it’s difficult for the user to detect. For example, once a fake Adobe Flash ID malicious application has been verified by the system and installed on a device, it will be automatically loaded along with a browser and can then steal account credentials for online banking or social networking sites. Android will not know anything is wrong, as it thinks a trusted app is running.
Google and security vendors actively responded to Fake ID
Google published patch as soon as they discovered the vulnerability, and communicated to Samsung, HTC and other partners. At the same time they updated the Google Play app store to prevent applications that exploit the vulnerability from being added.
Users who can not update the system or install the Google Play Store are still at risk. For users who are part of this category, the CM Security Research Lab has developed a warning module and integrated it into CM Browser, Clean Master and CM Security, to provide instant protection and defense against this issue. Install Clean Master or CM Security immediately to ensure your device’s safety in real-time. As the same time surfing the web with CM Browser to prevent malicious plugins.
CM Security Researcher Lab tips:
1. Update your mobile versions to Android 4.4 and above as soon as possible.
2. Download apps from the official Google Play Store to prevent malware infection.
3. Install a reliable antivirus and keep it updated. We recommend using apps Clean Master and CM Security, which were recently awarded title of No.1 antivirus by AV-TEST for the sixth consecutive time.
4. Surfing with a secure browser .
References:
[1] http://bluebox.com/blog/technical/android-fake-id-vulnerability/
[2] https://android.googlesource.com/platform/libcore/+/android-cts-4.1_r4%5E%21/
Posted From Scorpion Sting’s Motorola Droid Maxx!
Finding A Lost Cell Phone
Well, saying I found this cell phone is putting it mildly. Let’s say that when I noticed the cell phone it was after I pulled into the parking space at Home Depot. I heard a crunch and when I back up a bit and got out of my H1 I saw the carnage. Truly it was an unforseen accident. For a moment I even felt a little bad. But then that turned into laughing silently because some dumb bastard dropped his phone in the parking lot and doesn’t even know it, and now I killed it. Oooops. My first thought was to kick it so it would slide under someone else’s vehicle, but then I wanted to pick it up to see of it still turned on. My curiosity got the best of me because I bent over and pocked the damn thing up. I quickly realized that the phone was identical to mine, well except my phone isn’t smashed to shit, but it madefiguring out how to power it on super simple. I like simple. It took a very long time, meaning like 3 minutes, before it went to the home screen. Now, I am thinking the phone belongs to a female because the background is a picture of a dozen roses and a bottle of wine. No, I am not being stereotypical, I am being assuming, there’s a difference. So, the phone at least powers on, so I decided to see what else it had going on. Does it have service? Yes, good signal and 4G lit up nice and proud. I open the contacts, well, attempted to, and there was an error which made the phone restart. I’m thinking man this phone is fucked up. When it came back on I went to the recent calls and it spazzed out again restarting. Maybe a trash can would be okay, just wipe my prints off, toss it, and walk away. But nooooooooooooo, I’m too nosey for that and I am too curious to do that. Okay, maybe see if this person had some pictures to look at. Ummm, there are pictures I should have never seen. Let’s just say she took quite a few very intimate selfies everywhere she damn well pleased. Now, I will admit, I didn’t mind looking at her naked, I felt bad for doing so, but was also humored knowing that she mist be concerned that somebody would see the pictures.
Then, out of the blue the fucking things vibrating in my hand, someone was calling. What do I do? Answer it? I think not. Then she gets a voicemail. Moments later she gets a text. She has it set up where the text opens automatically on top of everything else. The text read: “If you find this phone please reply or return a call to the last number”. I wonder if she realized her lost phone was on vibrate. Probably not. Wanting to return her property I returned the text and said “you can retrieve your phone at the customer service desk at the Home Depot where she misplaced it, they are expecting you”. I left it in the care of a very nice woman and went on my way, I was here to get a toilet kit so I could stop the toilet in my show from running all the time. After checking out I asked the woman if anyone came to claim the phone and she said no. I was parked up front so I went out and waited for a bit to see if she was coming. After about ten minutes or so I saw her walking in. A few minutes layer she is walking out, looking around very suspicious like. I could see the look on her face, she looked very upset and disappointed. She walked out to her little Lexus sports car and drove away. See, I can be a nice guy when I want to be. As far as I know this story has had a happy ending. In the end I was left wondering what she was thinking at the moment she realized she had misplaced her phone. The reality is that all I can do is just imagine. I guess the moral of this story is be careful what you keep on your cell phone because this could one day be you.
U.S. Government Announcement
Incompatible Software Malfunctioning IT
As the workplace becomes increasingly mobile, the federal government is opting for devices other than BlackBerrys. The Obama Administration announced a Digital Government Strategy for federal employees to access workplace networks from mobile devices without compromising privacy and security concerns. In accordance with this strategy, the Department of Homeland Security, Department of Defense, and National Institute of Standards and Technology developed a baseline of standard security requirements for mobile computing and a framework design to reference in designing security and privacy protections. This would allow federal employees to use a range of popular brand devices without compromising government networks and leaking information, and even allow some offices to implement a bring-your-own-device policy instead of on government-issued devices.
Technology insiders applauded the government’s decision to develop the mobile technology to permit federal employees to work remotely. A survey of federal managers and federal workers found that each employee would add an additional seven hours each week in productivity, amounting to $14,000 in productivity gains. Of those federal workers who already have mobile device access, they spend a weekly average of nine additional hours on top of their full-time work schedules checking in to their workplace networks. Almost half of these workers report working more efficiently outside the office.
The Department of Agriculture forked over $20 million to several companies for MDM integration which is now one year behind schedule and malfunctioning. Perhaps if the USDA hired one of the companies approved by the GSA for mobile management solutions, then the USDA would not be having these rollout problems. Or maybe if the USDA required a demonstration of the bidding companies’ capabilities for MDM integration in the USDA’s network, then USDA employees would now be using their own iPhones and Android to access their workplace servers. Instead, the USDA paid three contractors $20 million.
Testing before handing over taxpayers’ money would have shown that one contractor’s software is not compatible with part of the USDA’s network security infrastructure. Eight months after the MDM system was supposed to have completed a 30-day, 3,000 phone test phase, this test phase has been pushed back, and the USDA is still just testing one component of the contractor’s incompatible software to determine whether the software will be used or abandoned. According to the USDA’s Request for Proposal, the agency already supported more than 3,000 mobile devices before the $20 million project and hoped to expand the number of mobile devices to more than 100,000 over the next few years. As of late July, only 1,370 devices were on the USDA’s MDM system.
Surely, given the failure of the MDM integration at the USDA, other federal agencies would restrain themselves from awarding millions in taxpayer dollars to these contractors without first testing their product? Think again. One of these three contractors was awarded $212.1 million in government contracts just in 2013. The contractor with the incompatible software has several multi-million dollar government contracts with the CIA, NSA, FBI, DHS, and the Air Force. Instead of pouring millions of dollars to fix “glitches,” taxpayers would prefer their money go towards testing new technologies first to prevent such rollout problems.
Information found for this “Your Tax Dollars @ Work” post was done by using a Google search. Information compiled from multiple public websites & media outlets.
Crazy Word Verifications
The Sting Of The Scorpion Blog (T.S.O.T.S.B.) 