Bob Young

@[email protected]
581 Followers
224 Following
2.2K Posts

Sole proprietor, FIFO Networks
Cybersecurity - Networks - Wireless – Telecom - VoIP
Most of my money comes from contract work for public utilities around the country, but I also provide remote tech support to small business and SOHO clients, mainly (but not exclusively) in the USA.

I do a fair amount of custom work for people when a loved one dies: unlocking computers, data recovery, and account recovery (Advice: keep paying their cell phone bill until you've got all their data back).

Also, personal cybersecurity for journalists, TV reporters, politicians down to the City Council level, and political candidates. TV stations: contact me for contract pricing for your entire news team.

Use https://fifonetworks.com/contact-us/ for questions or to schedule service. It's just me. You'll be communicating directly with me.

Licensed and Insured.

LinkedInhttps://www.linkedin.com/in/fifonetworks/
Software Developer's Code of Ethicshttps://fifonetworks.com/software-developers-code-of-ethics/
Bob Young1d ago

This mini-PC (in the yellow circle) was shipped to me from Texas. The owner, a man who lived alone, suffered a major medical event and will never be able to use it again. The person with Power of Attorney sent it to me to crack. I recovered email, a rather insecure password list, information on all utility bills, where banking is done, and so forth. Now the family can proceed with handling the person’s financial affairs.

The mini-PC is even easier to ship than a laptop, because it doesn’t have any lithium battery inside. It uses an external AC adapter.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

Bob Young2d ago

It’s time for company’s to change this website notice to, “You may need to download an application to view PDF documents.”

The Portable Document Format (PDF) was originally a proprietary format, but it has been an open standard for many years now.

I sign Non-Disclosure Agreements (NDAs) with several of my clients. Adobe’s constant pressure to incorporate their automatic cloud storage and artificial intelligence analysis of documents that are read, created, or edited with their software make their products not just a security risk, but a legal risk.

I canceled my Adobe subscription and uninstalled all of their products from every computer I use for work-related tasks. (Full disclosure: my wife still has her Adobe subscription and has no interest in changing products).

Opening a PDF file in a web browser is also a security risk if you have an NDA, since many web browser providers are analyzing displayed content. If you have security obligations to your clients, I recommend disabling the viewing of PDF files in the browser, or, better yet, use a less invasive browser for work-related tasks.

I’m not making any recommendations in this post (or in the comments) for PDF viewers or browsers, because that would create the impression that this is a sales pitch. If anyone recommends something in the comments, that’s fine, just understand that I’m not making an endorsement here.

But back to the original point, in my opening sentence: unless Adobe is paying you to recommend their product on your website, you should drop the reference to Adobe in your PDF notice. It’s an open standard, and recommending a particular product when it’s not a requirement is misleading at best.

#CallMeIfYouNeedMe #FIFONetworks

Cybersecurity - Networks - Wireless – Telecom – VoIP

Bob Young2d ago

One of the most bewildering aspects of remote tech support is when I connect to the user's computer, there's an error message on the screen telling exactly what to do to fix the problem, and the user says, "Just close that, it always pops up."

I respond with, "Well, that's a safe error message, so I'm going to click on it and resolve it so it doesn't keep being an annoyance."

And then their problem is fixed and I invoice them.

It would make sense to me if they said, "I'm not sure if it's okay to click on that, or if it's trying to trick me."

But when they don't think it's related to the problem - I don't know how to explain that.

#HelpDesk

Bob Young3d ago
Sometimes in TV crime shows when they have the petite female officer fight the burly bad guy, they completely ignore the realities of physics and mass.
Yes, martial arts can give a smaller fighter an advantage. But when the fight scene is simple pushing and punching, no way. Mass will always win. The only way the smaller person wins is when they use the larger person's mass and energy against them. TV directors miss that on a regular basis.
Bob Young3d ago
Turning to the Fediverse with a question.
Today I was in a bank branch that I don't typically visit. While I was at one teller window waiting for my banker to do stuff, a person at the teller next to me did a withdrawal. I heard the flap-flap of the bill counter, and then the teller gave the person a STACK of $100 bills. They left, next person came up... same thing. It was probably fifty to a hundred $100 bills.
What's going on? What do people do with all those large bills?
Bob Young5d ago

Are QR codes for restaurant menus safe? Why yes, as a matter of act, they are. And before you start with the “But Bob,” read the whole post.

There’s this concept in cybersecurity called a risk assessment. When the restaurant puts an official, restaurant-sponsored QR code linking to their menu on your table, the risk is very low. Click on the link and pick your favorite food and beverage.

Did someone tape a new QR code over the original QR code? The risk went up. Ask your server if the restaurant changed the QR code. If they did, the risk is back down.

QR codes are a nice benefit in the age of smartphones. They make it much easier to get a complex URL into your browser, and to identify valid concert ticket holders, and many other things.

THE LESSON
Instead of parroting negative rules (“Don’t do this!” “Don’t do that!”), use your skills and do the analysis.

(About the picture: someone on Threads complained about QR codes for restaurant menus. They don’t like them. Fine. Me neither. But then someone posted in the comments, “You should never scan random QR codes this is a huge cybersecurity issue.” And that’s just a gross oversimplification).

Bob Young6d ago

If you receive a call from an agency trying to verify someone’s employment, take the call. Return the call if they left a voicemail. Go the extra mile and make the effort.

STORY TIME
Yesterday a call came from an unknown number, and I was driving, so I let it roll to voicemail. It was an employment verification call. The caller gave me the person’s name and dates of employment, but didn’t say what company they worked for. The employment dates overlapped the time when I was CISO at a national retailer. I didn’t recognize the name, but there were a lot of employees working Help Desk, and the Help Desk Manager reported to me. The company has since gone bankrupt, and they might be having difficulty finding someone to verify employment. So I called back.

No joy. I was moved from the automated attendant to a holding queue, and after a few minutes I hung up.

Today, they called and left another voicemail. I called back right away, and this time I connected with a real person. I gave them the case number and they looked it up, and I asked questions.

It turned out that the woman who wanted her employment verified worked for a company in Florida with a name similar to my company name – it started with “FIFO.” I’ve never done business in Florida, and she never worked for me, but I doubt she lied on her application. The company she listed still exists, and is headquartered in Florida. It’s more likely that the company doing employment verification is having difficulty finding a good contact.

THE “ALMOST” PROBLEM
What if I had just said, “I don’t recognize that name, she never worked for me?”

Right now, finding a job is hell on Earth. Someone is interested in hiring her. I could have destroyed her reputation and prospects for employment by being quick to judge, and speaking without full knowledge of the situation.

THE CORRECT RESPONSE
If you get a call from an employment verification agency and you don’t recognize the name, ask questions. Get information before jumping to conclusions. In this case I was able to say, “I’ve never had employees in Florida, and that company name is slightly different than mine, so I can’t verify her employment, but you should keep looking and see if you can find someone from the right company.”

My unknown friend, best wishes for your job search. I hope you find a job where you can be happy soon.

#jobs

Bob YoungMar 20

And on top of everything else going on...

Millions of Scorpions Emerging Early Sparks Warning

https://www.newsweek.com/millions-of-scorpions-emerging-early-sparks-warning-11703988

Millions of scorpions emerging early sparks warning

Experts are reporting a spike in activity as the western U.S. faces a record-breaking heat wave.

Newsweek
Bob YoungMar 19
Dear Kindle App:
Do not load recommendations.
Load my library.
If I want recommendations, I'll ask.
Sincerely,
Everyone
Bob YoungMar 19
A client has an air gapped system with Microsoft 365 on it. This was a decision on his part, without any prompting from me. I found out about it after the fact. Of course, it quit working without an Internet connection to periodically verify the product is still licensed. When he called looking for a solution, I switched him to LibreOffice and now he’s using Calc for his spreadsheets. Now I’m wondering if I’ll see more of this. Has concern about AI accelerated the move to Free and Open-Source Software (FOSS)?