Friday, December 1, 2017

Verizon will launch 5G home internet access in 2018

Unfortunately, only in a few areas


"Verizon's 5G wireless will soon become a practical reality... if not quite the way you might expect. Big Red has announced that it's launching residential 5G broadband (that is, fixed-in-place wireless) in three to five markets starting in the second half of 2018. Most details aren't nailed down at this point, but the rollout will begin in Sacramento, California.

It's no shock as to why Verizon is showing its cards so early. The carrier is in fierce competition with fellow incumbent AT&T, which has also been trialing 5G and hopes to deploy it nationwide by the end of 2018. Verizon wants you to know it's keeping pace and will have a real, publicly available 5G service ready to go within a matter of months.

No, this isn't the cellphone access you might be looking for, it's still an important milestone. It's not just that 5G is extremely fast, promising hundreds of megabits per second -- it's that its latency is low enough to improve very time-sensitive tasks like action gaming and multi-user VR. How well it works in real-world commercial service is yet to be determined, but home 5G may be the first fixed wireless that's about as responsive as a good landline connection."

Tuesday, October 31, 2017


Alert: New Ransomware "Bad Rabbit"


Good morning,

The U.S government has issued a warning about a new ransomware attack which is spreading through Europe and into other countries around the world.

The new cyber-attack known as 'Bad Rabbit' is believed to disguise itself as a Windows Flash update in order to convince innocent people (like you) to download the virus.

Once installed it quickly hijacks your computer encrypting your personal files and data demanding a ransom payment to decrypt.

Monday, October 23, 2017

On Premise Vs Cloud-Based Voice

The definition and difference:

A premises-based PBX solution (also known as an IP PBX) is
dependent on a voice server kept on-site in the
equipment/server closet. Physical phones are located
throughout the office. Calls can route through a traditional
phone company as well as over the internet using SIP trunking.
Hosted PBX is a cloud voice solution where the provider
manages/maintains the voice server in a cloud data center.
The only equipment in the office are physical phones. Calls
route over the internet using SIP trunking.

On-Premise PBX
• Cost – higher upfront costs and set-up fee. Above certain
threshold it might be cheaper to own equipment than pay a
monthly fee, but servicing and maintenance can get expensive.
When using only basic call features with >25 phones per
store, total cost of ownership is less over 5-year period

• Scalability – purchase phones to expand (in addition to any
licensing required). PBX needs to be able to accommodate
growth and possibility of complexity with added features
• Failover – if issue with PBX in store, calling is affected and
potentially down until PBX can be repaired via service

• Features – find Me / Follow Me feature requires adding a
mobility server to each PBX – can become expensive
• Presence, tablet/mobile apps for wireless calling can be
added– usually works together with Find Me / Follow Me for
seamless use across devices

• Maintenance – managed services contract (with phone
vendor) required for software patching and maintenance to
ensure security and uptime.

• Changes to system settings require PBX in store to be
adjusted on-site by phone vendor or internal IT team

• Can leverage traditional phone company service (PRI) for
inbound/outbound calling, or SIP trunks over the internet
> PRI is not affected by quality or busyness of internet

• Handsets do not contain a lot of features/functionality –
providers push users to use the desktop application.

Hosted PBX
• Cost – usually low upfront costs, monthly fee per user.
Typically low total cost of ownership as hosted provider
takes care of server configuration, maintenance and
software patching.

• Scalability – purchased or leased IP phones added to
service plan, picking and canceling numbers and moving
phone system is easy and quick.

• Failover – calls can be rerouted to cell phones if issue with
SIP trunk quality, power at store or catastrophic event.
Safeguards at off-site facility includes back up power
sources, geographic redundancy of data centers,
active-active failover of servers, etc.

• Features – can integrate into CRM for advanced customer

• Can integrate contact center-life features for advanced call
routing or call analytics for advanced reporting.

• Dedicated internet bandwidth required to maintain high call
quality of SIP trunks.

• Tablet/mobile app allows users to make/receive phone calls
from app over wifi/cellular connections.

• Presence allows users to see who is available and on the
phone within store.

• Find Me / Follow Me feature included – will ring desk
phone, tablet, cell phone all at once or in order.

• Maintenance – no managed services contract required –
provider performs software patching, maintenance, upgrades
of PBX in the cloud.

• Changes to system settings performed through online portal
for remote management.

• Handsets do not contain a lot of features/functionality –
providers push users to use desktop/mobile app

Saturday, July 29, 2017

Web Security Action Plan for Artists and Activists Under Siege (part 1)

By: Candace Williams Head of Community Operations by day. Poet by night (and subway ride). Forever @TeacherC.

It’s imperative that folks under siege (POC, LGBTQ+, Indigenous folks, immigrants, Muslims, folks with disabilities, etc), especially artists and activists, take steps to protect their data and privacy online.

These are just suggestions This list is not exhaustive or the only way to secure your data.
Web security is like a tree. A young tree can be snapped by a fist. As trees grow layers and roots, they require knowledge, equipment, and energy to cut down. I’m trying to help you add layers of security to your daily routines. I don’t like the words “secure” or “safe” because nothing fits into those categories. The only thing we can do is become safer and more secure. Each bullet point is a layer, a step another person or agency has to take, to access and trade your information. I’ve tried to choose the layers that have the highest return on your investment in time and money. Think about your situation and resources and create your own action plan.

Identifying assumptions that underlie this article:
  • Taking a small, first step lowers your mental barriers.
  • Changing workflows is hard and takes practice. Go at your own pace and be easy on yourself.
  • COINTELPRO (and similar programs) didn’t just “happen”. It’s been happening and will ramp up.
  • Government and non-governmental bodies already have you on their radar: They know you disagree with some element of the status quo and that you’re a person under siege (black, POC, Muslim, queer, a person with physical or intellectual disabilities, a recent immigrant, indigenous, etc).
  • Many of your private communications are sitting on the email accounts and devices of your friends and family.
  • Surveillance capitalism is dangerous. We don’t know the implications of how tech companies extract value from their customers’ data. Most people don’t understand what corporations like Facebook and Google know about them, how the data is used/bought/traded/aggregated/sold/deployed, and if corporations have already handed over information to government groups. 
  • Lack of transparency + colonialism/capitalism + technological supremacy = STRANGER DANGER.
  • Withdraw $10–$40 of cash from your bank.
  • Buy a Starbucks gift card with the cash.
  • Use the gift card to purchase 1 month to 1 year of VPN access on (or a comparable service of your choosing. Ask around or read online reviews. Make sure the service doesn’t keep logs of your activity). Keep in mind: It’s better to purchase VPN with a credit/debit card than to purchase none at all. Furthermore, this is just a small layer and it’s still possible to figure out which VPN service you’re using.
  • Download and start to use Tor as your primary browser. Be sure to follow the instructions and security warnings here:
  • Since it’s impossible to follow all of the warnings and there are limitations to Tor, it’s a good idea to also use a VPN. If you don’t use a VPN, using Tor + Chrome/Firefox with the HTTPS Everywhere extension is a good start.
  • Download Signal on your phone and encourage all folks you communicate with privately to use it as well. Use it instead of iMessage, SMS, WhatsApp, Facebook Message, etc. You can also make calls. The desktop version can be used in lieu of Skype, Slack, etc.
  • Enable 2 Factor Authentication on all email, financial, etc services.
  • Do an info security audit — Begin to brainstorm how you use social media, email, mobile devices, and cloud storage. How do you use these services? Which communications need to be moved to secure channels? Are sensitive documents saved in the cloud? Can you quit Facebook, Twitter, Google, and Amazon altogether?
  • Choose strong and distinct passphrases. The Intercept has a handy guide here:
  • @AllBetzAreOff recommends using non-cloud-based password manager to generate and secure your passwords. More info here:
  • It’s important to turn on software auto-updates so you’re protected from known software vulnerabilities. (Thanks to Dan Sullivan, Ph.D. for this advice! Check out his excellent comment for more information.)
  • Encrypt your mobile devices. iPhones are automatically encrypted but many use access codes that are inadequate. Reset your code to a long, random string of numbers (make sure you write this down while you’re committing it to memory). Android users can enable encryption in the Settings app.
  • Encrypt your computer using BitLocker (Windows) or FileVault (Mac).
  • If you have (or want) a website, database, or app, join an encrypted hosting service like MayFirst.
  • Purchase a physical safe (like the SentrySafe SFW123DSB) for your important documents, hard drives/USB keys, and artwork. You can split this cost with folks who live nearby. If your artwork is larger than a common household safe, and you’re interested in chatting, ping me. We need to brainstorm how to help artists under siege keep their art safe from destruction. Research the safe to make sure electronics won’t oxidize or buy Silica Gel Dehumidifier Desiccant packets/special sleeves.
  • Purchase a hard drive that can store your digital files. Encrypt it. In the future, consider purchasing multiple drives and keeping your most valuable information in multiple places. If you bought a safe, keep your hard drive there. You should also prepare for a time when Internet access or your information stored online is completely unavailable to you.
  • Audit your cloud storage. Where are you files stored? What kind of information is stored? Where’s the most sensitive information?
  • Begin to break your dependence on cloud storage (when possible): iPhoto, Google Photos, Google Drive, DropBox, etc. Structure your filesystems in ways that are easy to navigate without Google’s search capabilities.
  • See if you can minimize your use of Chrome/Firefox/Safari/etc by the end of the month. Dennis Cahillane says:
NOTES:, Using a Firefox add-on you install yourself is not recommended. Recommend downloading the Tor Browser bundle directly from the Tor Project here Using the Tor Browser bundle is easy for non-technical users, but you will quickly become frustrated by its limitations. When you aren’t using Tor, Also recommend Firefox or Chrome with the following add-ons: HTTPS Everywhere, uBlock Origin.”
  • Download all of your files to your computer + external hard drive. This might take awhile so you can do a batch a day. Start with the most sensitive information. (This is just a start. There are ways to have access to encrypted cloud storage, I think folks can consider this after the New Year after they’ve done the initial transfer and have broken their dependence on easy to use cloud services).
  • If you’d like, choose an activist email provider you’ll use instead of Gmail (or a service like ProtonMail). You’ll also need to loop in your friends and family. Jamie McClelland, Co-Founder of MayFirst/PeopleLink says:
NOTES: “Using Gmail is definitely a bad idea. Under Obama we had a huge
expansion in the federal government spying infrastructure and they
definitely target the big corporate providers — either by compromising
them or simply sending them a subpoena. And now all of that will belong
to Trump.

For email, stick with activist providers. And *everyone* has to do it.
If you are having a group conversation and just one person is on gmail,
then everything goes to gmail.

If everyone is on MF/PL, then it never leaves our servers and it is far
more difficult to intercept. If some people are on Riseup and some are
on MF/PL it’s also good — since MF/PL and Riseup will encrypt messages
between servers.

However… even with all of these protections, I would advise against
relying on email for anything sensitive.

If you haven’t already, I would suggest replacing whatever program you
use to send SMS messages with Signal ( It’s
on both iPhone and Android. It’s easy to use and it’s very secure.
I would also suggest using Jabber (see the MF/PL page here:

Both signal and jabber work on your phone and provide much better
encryption and privacy than email ever will.

A note about email: Dan Sullivan, Ph.D. left a relevant criticism of activist email accounts in the comments:

Also, infosec is largely a battle of technical skills and resources. Google has more of both than any email or other cloud provider I know of. I use Gmail with two factor authentication and will stick with it. Sure, an agency may get a warrant for emails at Google but there is less chance of successfully hacking the Google infrastructure to get those emails than hacking another provider with fewer resources.

Email seems impossible to secure. I’m already starting to drift away from email as my primary means of communication. Although I might use an end-to-end encrypted service, PGP, etc. 95% of my contacts do not have access to this technology. So the question is: where do I want my unencrypted emails and metadata to sit? Who do I trust more — Google or activist groups? Although activist groups draw attention to themselves, I trust Riseup and MayFirst’s track record of resisting subpoenas from US grand juries, US agencies, and many other governments/legal systems around the world. Because of the identity and ideologies of dissident artists, the government already knows we’re activists. I’d rather collaborate with groups that have been working on this issue for quite some time. I’m also leery of surveillance capitalism because it goes hand in hand with the surveillance state. COINTELPRO and other surveillance projects that impacted POC-led movements is in the back of my mind as I make these decisions. Google has the money and the know-how but they don’t give a shit about me or my struggle. They aren’t going to go to the mattresses for me. I don’t like the demographic and psychometric data providers like Google and Facebook gather (and the lack of transparency for how that information is used). I’m a dissident artist who is willing to spend the effort to divest as much as I can and become a contributing member in political tech groups.
Here’s a short clip of a training given at at Eyebeam about email encryption.
There are a countless number of situations where Tails could be an invaluable tool for your privacy. Activists looking to organize in spite of government surveillance can use Tails to effectively communicate. People being tracked by predatory abusers can use Tails to access the internet without risking their physical location or data. Someone that wants to utilize public computers or internet networks can do so while still having their privacy protected. Any time you want to be maximally private in your activity and your data, Tails is an incredible tool to have at your disposal!

Friday, July 28, 2017

Throttling on Mobile Networks Is a Sign of Things to Come, Unless We Save Net Neutrality Now

July 27, 2017
Major mobile carriers are slowing down video streams, a net neutrality violation that heralds things to come if they get their way and roll back legal protections against data discrimination.
Recent reports on Reddit from Verizon Wireless customers have drawn attention to video streams being throttled, which Verizon claimed were caused by a temporary test of a new video “optimization” system. If that sounds familiar, it's because it's not the first time a carrier has throttled certain content sources while claiming to optimize them.
We’ve previously reported on how T-Mobile tried to pass off throttling as optimization with their Binge On “feature.” T-Mobile’s Binge On has evolved since we last wrote about it, but hasn’t abandoned throttling: it now throttles video for customers on their unlimited plan, and charges them extra to not be throttled, which is also against the principles of net neutrality.
Similarly, AT&T makes use of a “just-in-time” delivery technique (aka “Buffer Tuning”) for video streams. The carrier explains that with just-in-time, “a sufficient amount of video is delivered to the device so that the user can start viewing the video, and the remainder of the video is delivered just in time to the device as needed for uninterrupted viewing.” But using just-in-time means the video will stop playing more quickly if you lose reception, rather than larger portions being buffered in advance as they would on a neutral network that wasn’t observing and throttling your traffic. Although AT&T claims that just-in-time delivery helps customers by stopping them from paying for data they don’t actually use, it doesn’t give customers the choice to disable this “feature.” Sprint also makes use of the neutrality-violating just-in-time technique.
Right now, these throttling technologies seem to be used to slow down video data generally, rather than to favor the ISP’s content over competitors, but it is a trivial matter to flip that switch and make the net neutrality violation more serious, and more harmful to competition and speech.
Net neutrality allows carriers to engage in “reasonable network management,” but throttling a class of traffic does not satisfy this standard. A more reasonable technique (that Sprint also employs) is transcoding, a technique where the quality of the stream is modified in real time to match the network’s condition. For example, if the network slows down, the video quality decreases so as to still be able to deliver video at the same rate, and vice versa.
We’ve reached out to Verizon asking for more details about the “optimization” tests it’s running. Since optimization is a technical term which implies attempting to tune a system to maximize or minimize specific measurable criteria, we’re wondering what those criteria are and if Verizon will share them with the subjects of its tests. Also, given that mobile carriers have historically had trouble differentiating between streaming video traffic and other uses of their networks, we’re curious what technical means Verizon is using to identify video, and what steps it’s taken to make sure other uses aren’t affected.
Rolling back net neutrality rules could open the door to many unfair practices like site blocking and throttling. While we can't predict exactly what changes carriers will make, it’s alarming to see them already rolling out throttling infrastructure. Without net neutrality protections, little will stop them from using that same infrastructure to discriminate against competitors, speech they dislike, or your favorite app.

Friday, February 24, 2017

When Phone Encryption Blocks Justice

The NY Times The Opinion Pages | Op-Ed Contributors

"In June, 2015, a father of six was shot dead on a Monday afternoon in Evanston, Ill., a suburb 10 miles north of Chicago. The Evanston police believe that the victim, Ray C. Owens, had also been robbed. There were no witnesses to his killing, and no surveillance footage either.

With a killer on the loose and few leads at their disposal, investigators in Cook County, which includes Evanston, were encouraged when they found two smartphones alongside the body of the deceased: an iPhone 6 running on Apple’s iOS 8 operating system, and a Samsung Galaxy S6 Edge running on Google’s Android operating system. Both devices were passcode protected.

An Illinois state judge issued a warrant ordering Apple and Google to unlock the phones and share with authorities any data therein that could potentially solve the murder. Apple and Google replied, in essence, that they could not — because they did not know the user’s passcode.

The homicide remains unsolved. The killer remains at large.

Until very recently, this situation would not have occurred.

Last September, Apple and Google, whose operating systems are used in 96 percent of smartphones worldwide, announced that they had re-engineered their software with “full-disk” encryption, and could no longer unlock their own products as a result.

According to Apple’s website: “On devices running iOS 8.0 … Apple will not perform iOS data extractions in response to government search warrants because the files to be extracted are protected by an encryption key that is tied to the user’s passcode, which Apple does not possess.”

A Google spokeswoman said, “Keys are not stored off of the device, so they cannot be shared with law enforcement.”

Now, on behalf of crime victims the world over, we are asking whether this encryption is truly worth the cost.

Between October and June, 74 iPhones running the iOS 8 operating system could not be accessed by investigators for the Manhattan district attorney’s office — despite judicial warrants to search the devices. The investigations that were disrupted include the attempted murder of three individuals, the repeated sexual abuse of a child, a continuing sex trafficking ring and numerous assaults and robberies.

Criminal defendants have caught on. Recently, a suspect in a Manhattan felony, speaking on a recorded jailhouse call, noted that “Apple and Google came out with these softwares” that the police cannot easily unlock.

Apple, Google and other proponents of full-disk encryption have offered several rationales for this new encryption technology. They have portrayed the new policy as a response to the concerns raised by Edward J. Snowden about data collection by the National Security Agency. They say full-disk encryption makes devices generally more secure from cybercrime. And they assert that, if the companies had master encryption keys, then repressive governments could exploit the keys.

These reasons should not be accepted at face value. The new Apple encryption would not have prevented the N.S.A.’s mass collection of phone-call data or the interception of telecommunications, as revealed by Mr. Snowden. There is no evidence that it would address institutional data breaches or the use of malware. And we are not talking about violating civil liberties — we are talking about the ability to unlock phones pursuant to lawful, transparent judicial orders.

In the United States, Britain, France, Spain and other democratic societies, the legal system gives local law enforcement agencies access to places where criminals hide evidence, including their homes, car trunks, storage facilities, computers and digital networks.

Carved into the bedrock of each of these laws is a balance between the privacy rights of individuals and the public safety rights of their communities. For our investigators to conduct searches in any of our jurisdictions, a local judge or commissioner must decide whether good cause exists. None of our agencies engage in bulk data collection or other secretive practices. We engage in targeted requests for information, authorized after an impartial, judicial determination of good cause, in which both proportionality and necessity are tested.

It is this workable balance that proscribes the operations of local law enforcement in our cities, and guides our residents in developing their expectations of privacy. But in the absence of laws that keep pace with technology, we have enabled two Silicon Valley technology companies to upset that balance fundamentally.

The Evanston case is just one example. In France, smartphone data was vital to the swift investigation of the Charlie Hebdo terrorist attacks in January, and the deadly attack on a gas facility at Saint-Quentin-Fallavier, near Lyon, in June. And on a daily basis, our agencies rely on evidence lawfully retrieved from smartphones to fight sex crimes, child abuse, cybercrime, robberies or homicides.

Full-disk encryption significantly limits our capacity to investigate these crimes and severely undermines our efficiency in the fight against terrorism. Why should we permit criminal activity to thrive in a medium unavailable to law enforcement? To investigate these cases without smartphone data is to proceed with one hand tied behind our backs.

The new encryption policies of Apple and Google have made it harder to protect people from crime. We support the privacy rights of individuals. But in the absence of cooperation from Apple and Google, regulators and lawmakers in our nations must now find an appropriate balance between the marginal benefits of full-disk encryption and the need for local law enforcement to solve and prosecute crimes. The safety of our communities depends on it."
Cyrus R. Vance Jr. is the Manhattan district attorney. François Molins is the Paris chief prosecutor. Adrian Leppard is the commissioner of the City of London Police. Javier Zaragoza is the chief prosecutor of the High Court of Spain.