Real genius at least 3 light-deer away from Apple Store

I went to the Apple Store.
Apple Staff: “Can I help you?”
Me: “Yeah, I need a USB to Serial adapter please.”
“A what? You mean Sirius?”
“No Serial.” I spell it out.

She gives me the deer in the headlights look. You know, when the deer gets caught by the car headlights and just stands there transfixed and unable to decide what to do. I like to measure how far from understanding a person is by calling it light-deer. She was at least 3 light-deer away from knowing what I was talking about.

“I’ll get you an Apple Genius. Hold on.”
Oh good. That was quick.

Apple Genius comes up: “Can I help you?”
“Yeah, I need a USB to Serial adapter please.”
“Are you sure that’s what you need?”

I give her my look that means “Are you kidding me?” Many of my friends and clients have seen this look. Ask Wayne Skelton. He has scolded me for giving him the look.

“Yes, I’m sure.”
“What are you going to use it for?”

OK, now she deserves to be messed with. Besides, the other customer standing next to me knew what I was talking about.

“Well, I need to use my MacAir to plug into a Cisco router and reset the password since my client doesn’t know it. The router monitor port is RS-232. So, I need a USB to serial cable since the Mac no longer has a built-in serial port. Do you have one?”

She gives me the look of being at least 2 light-deer away from understanding.

“I’ll look it up.” By looking it up she means she is going to search Google. She finds a picture and says: “Oh, you mean a VGA port.”

“No.” Admittedly, the VGA ports looks just like a 9-pin RS-232 port so she shouldn’t have deserved my scorn except for all of the above.

“So then you need a HDMI?”
“No. Not video at all. RS-232 please.”

I used to teach a class on data communications. 3 days long. It covered RS-232 and I would even draw out the sine wave to show how the signal is interpreted. I decided not to teach this class in the Apple store right now.

She gets another person. I’m not sure what constitutes smarter than an Apple Genius but here she comes. Person arrives. I describe what I need. She smiles. “I know what that is but only because my dad is an old tech guy like you.” Ouch!

They don’t have it. I went to Microcenter. They had one. While I was reaching for it someone on staff asks me if I need help. I tell them this story about my visit to Apple store looking for a serial port. He gives me the 4 light-deer look.

EuroPol Internet Organized Crime Assessment for 2016

The new EuroPol Internet Organized Crime Assessment for 2016 is out:

https://www.europol.europa.eu/content/internet-organised-crime-threat-assessment-iocta-2016

Really short version: Increasingly monetized through ransomware, phishing attacks directed at CEOs and CFOs to trick them into transferring money and attacks against banks.

Your Electronic Message is NOT EVER private

[This post was prompted by the news that an experienced lawyer texted disparaging comments about his famous client. That text made the news and got him fired.]

Electronic messages cannot be destroyed by the sender once they reach their destination. The message is now under the control of the recipient. They can save it, forward it, take a picture of it, or print it. Anyone they send it too can do the same. The problem expands exponentially as each person sends the message to others. Electronic mailing lists accelerate publication of messages. Email messages sent to an electronic mailing list are saved both by mailing list server and potentially by any or all members of the mailing list. By design, a mailing list gets the message out to a large number of people quickly. The concept behind twitter, Facebook, LinkedIn, and other social media platforms is based on mass publication made easy and there is always a way to capture the message. It is simply not possible to retract an electronic message or force a delete once sent. When you send or post or tweet, the message is gone. It’s out of your hands. You have published and how far it goes depends on each and every recipient of the message for as long as the message is kept by anyone.

For lawyers, this presents both a problem and an opportunity. If someone finds the system where the message still exists, the client may be screwed or saved depending on what that message says or who it was sent to. For lawyers as publishers, it boggles the mind why any of them post, email, or tweet something damaging about their client or their case. It doesn’t matter if they intended that message to only reach a “safe” recipient. Once sent, it’s out of their control and can be in many hands before they even realize what has happened. What’s more, if even one person kept a copy, it can resurface and explode in the same way at any time. Sometimes even the location from where the message was sent can be damaging. People can be located geographically by looking at the metadata associated with the messages sent by them or someone with them.

FAQ on DomainKeys Identified Mail

I’ve written a FAQ on DomainKeys Identified Mail. You can find it here. I wrote this while reading through the RFC looking for an answer to something else. (I really read the RFCs. Go figure.) I eventually found what I needed and decided to condense the knowledge into this FAQ since I’ve been asked about it enough times lately. If you are not familiar with DKIM, here is a short summary:

DomainKeys Identified Mail (DKIM) allows an organization to lay claim to a message they send in a way that recipients can verify. This allows the receiver to associate the reputation of the signing domain with the message received. It also allows receivers to check if the signature or signed headers have been modified or forged.

Is an open WiFi a legal risk to owner?

I often get the equivalent of the following question for both business and home users. The short answer is that you should never leave your WiFi routers open to all. This question comes from a lawyer concerned about his client:

Question: Client lives in an apartment. He has an open Wi-Fi connection in his apartment. Anyone living nearby could access the internet using his Wi-Fi. If someone accesses and or downloads child porn while using that Wi-Fi connection, would it come back to my client’s IP address?

Answer: If the WiFi router is also the Internet router then in the vast majority of configurations, the WiFi router masquerades user IP addresses behind the WiFi’s public IP address. This means that all activity between the user and Internet sites will be between the WiFi’s public IP address and the site. The Internet site’s logs will have no record of the user’s IP address itself but instead will have the WiFi router’s IP address. The WiFi’s IP address permits finding the physical location of your client’s WiFi router. This should be enough to get a subpoena of user’s PCs at the location.

To make the connection between the activity on the Internet site and the user themselves an investigator will have to do a little more. The WiFi router, even if its logging is turned on, will likely only show a table of IP addresses associated with MAC addresses. MAC addresses are unique to the network cards of each device (although even that can be spoofed). However, even with this information the WiFI router makes no record connecting specific Internet activity and the user’s real IP and MAC addresses.  This is where the subpoena of PCs comes in. Investigators will be hoping that the many traces left by the Internet activity are still on the PC.

The other alternative for an investigator is to connect to the same WiFi router in the hopes of monitoring the activity in real time. If successful and done while the user returns to the same sites, this monitoring from inside the WiFi network will reveal the user’s real IP address and the Internet activity as well as some information about the strength of the signal and a crude measure of distance between the investigator and the user being monitored.

If it turns out that your client is not the person the investigator is looking for they will still face the subpoena of user PCs because that is all the investigators will have to go on. Leaving their WiFi in an open state subjects them to the scrutiny that comes with any illegal activity performed through their WiFi router. It is far better that they do the minimum to secure their WiFi router. While it is still possible to break the encryption, abuse the use of a WiFi router, and cause all the above to happen that is significantly less likely when the WiFi router is properly secured.