General

ChatGPT, General February 2, 2023

So much hype about Chat GPT… here are some facts

So much hype about ChatGPT these days.. But what does it mean? So, I gave it a try … and I created an account. This is the first post from many about ChatGPT. First thing you see when you go on the page: CapabilitiesRemembers what user said earlier in the conversationAllows user to provide follow-up correctionsTrained to decline inappropriate requests LimitationsMay occasionally generate incorrect informationMay occasionally produce harmful instructions or biased contentLimited knowledge of world and events after 2021 I will only see later how true these warnings are 🙂 Query: What does Chat GPT mean? ChatGPT: “ChatGPT” stands for “Chat Generative Pretrained Transformer”. It’s a language model developed by OpenAI, which uses the Transformer architecture and is pre-trained on a large dataset to generate human-like text in response to prompts. Nice, let’s try something else: If I ask about me or several people I know, but not any VIP person, nothing is found. If I ask about big VIPs, like Joe Biden, Olaf Scholz, Michael Jackson, then it finds various things you would find by just googling.. But then if I provide an anchor, a starting point, apparently this more information confuses the…

General, News November 30, 2021

Takeovers in the IT-Security Industry

I just sow a post by AV-Comparatives called “AV-Comparatives Explains the Implications of Takeovers in the IT-Security Industry” The entire article is very interesting and it is worth reading. And it is also objective and valid as well! Great job, AV-Comparatives! What made me write this post is the graphic at the end of the post (courtesy of AV-Comparatives): I became immediately nostalgic when I sow that it starts with 2003, the acquisition of GeCAD by Microsoft. I was there when this happened! For those who don’t know, I started my career in cybersecurity in 1999 at RAV Antivirus, produced until 2003 by GeCAD. I was in the industry when all these M&A happened and I was actually working with some of them when they were acquired. I am still working with some of them. 😉 Of course, the most interesting one was Avira being acquired twice in 12 months. I was no longer working as an employee of Avira, but I was working with Avira in 2020, when it was first acquired. I don’t know if these acquisitions are the only ones that happened in the AV industry, but this list it is for sure the most complete…

General, News, security November 29, 2021

Cyber Monday – enjoy the discounts safe !

Today is Cyber Monday , a day when all webshops (and not only) give big discounts to many products they sell. Even if the discount campaigns of some webshops are incredible and too good to let it go, you should think twice before giving the order: the discount is for a product that everybody wants and seems very hard to find. Think of PS5, latest XBOX, etc…. the discount is waaaaayyy too big to miss you haven’t seen that website/webshop before you haven’t bought from that webshop before you haven’t seen on the Internet any review about that webshop you are being requested to give your personal details, card or bank PIN number If you answered YES to at least one, then STOP right here, right NOW. As a rule of thumb If something is too good to be true, then probably it isn’t! How can you recognize if a webshop is fake or fraud? Transform the 5 statements above in questions and ask yourself. Is the discount for a product that everybody wants and seems very hard to find? Why would any shop (online or offline) exactly the product that everybody wants at almost any price, reduce it…

General, security November 4, 2021

The importance of user names in WordPress

I have a plugin that prevents multiple unsuccessful logins. As can be seen, the spammers try several combinations like: admin (the default), then site name, and several others. It is critical to create a user name that is different than the obvious names, especially the default username “admin”. Another interesting thing is that I get both IPv4 as well as IPv6 IP addresses. More and more IPv6. Also, a spammer will continuously try to hack you, because they have automated scripts. So, it makes sense to block them for a longer time. For example, I use these settings: The plugin I am using is “Limit Login Attempts Reloaded”. I am not affiliated with them in any way.

General, German, News October 28, 2021

BSI: Die Lage der IT-Sicherheit in Deutschland (German)

Quelle: https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Lagebericht/lagebericht_node.html Malwarelage: Das vergangene Jahr war geprägt von einer deutlichen Ausweitung cyber-krimineller Erpressungsmethoden. Nicht nur die Anzahl der Schadprogramm-Varianten stieg zeitweise rasant an – mit bis zu 553.000 neuen Varianten pro Tag der höchste jemals gemessene Wert (siehe Kapitel Neue Schadprogramm-Varianten, Seite 11). Auch die Qualität der Angriffe nahm weiterhin beträchtlich zu. https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-1-Schadprogramm-Varianten.mp4 Die Hauptbedrohungen: Cyber-Erpressungen entwickeln sich zur größten Bedrohung (Ransomware) https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-2-Ransomware.mp4 Schwachstellen https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/Lagebericht-3-MS-Exchange-Schwachstellen.mp4 Der Faktor „Mensch” Mehr in dem PDF Dokument von BSI hier: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2021.pdf?__blob=publicationFile&v=3

General April 29, 2021

Twitter is strange when it comes to business accounts

I created my company’s Twitter account, called @EndpointCS . Obviously, I tried to add the birth date of the company: 1.1.2015. Well, imagine what happened next with my brand new account: it got locked because the owner of the account must be at least 13 years old. And my company is only 6 years old. I had to submit a photo of my ID in order to get it unlocked. Fortunately, and very surprisingly for me, the process took a few minutes. Did they automatize it ? I think so… otherwise it couldn’t have been so fast. So, Twitter, get your processes straight. In case you’re wondering, there is no official way to set up a business account. You still need a person to create it and mark it as such. And that person must be 13 years or older. 🙂

General February 22, 2021

A post about searching a software developer on LinkedIn that didn’t go as planned

I was and still am in need of a freelance Android developer with experience in Java. After trying all other possibilities (my own network) I decided to post the job on LinkedIn. Due to the special requirements of the project, I needed a very close and good cooperation between myself, the customer and the developer. For this reason, I asked in my post on LinkedIn to be contacted by freelancers in the CET +/- 2 Timezone. Now, if you look on a map, this means approximately until Turkey in East and Portugal in West. I did not mention restrictions on nations because I have no prejudices with whom I work. I work now and have worked in the past with people from all around the world and I can really work with anybody. I published it on Thursday the 18.2.2021, on Friday I closed the comments, and finally I erased it on Saturday 20.2.2021 in the evening. Let’s have a closer look on the post. I wrote specifically : I need an experienced freelancer PM me only if you meet this requirement… “Companies are excluded”, because I want to build a long-term relationship with that person. Let’s…

General July 24, 2020

Facebook advertising at its best

It is known that the Facebook advertising is very aggressive sometimes and that it very often fails. Very often I find strange ads and I click on the details in order to to see why was it displayed to me. If you click on Hide Ad: And then, for example, click on “Irrelevant”: Then, you can click on “Why did I see this ad?”. I found very strange to see one ad for some kind of sales training and process improving (?!). To my surprise, I’ve seen that the ad was targeting “Star Wars” fans… :)) The other two requirements are always the same: – 18+ – location Germany So, is this intended and there is actually some study that shows that Star Wars fans are more inclined to buy consulting for improving sales ? What do you think ?

General April 20, 2020

“Your Site Has Been Hacked” ransomware email campaign in the wild

I was actually not expecting this kind of ransomware… I am used by now with “You’re hacked”, “You’re infected”… and others alike , but this one with the website is actually really interesting. What I find very disturbing is the fact that there are 5 transactions. A few were for tests, I think, but there is at least one who paid. They do use the a correct website of mine. PS: Of course that my site hasn’t been hacked :)) Here are some of the headers: Return-Path: <hacker@autoservistoth.cz> Received: from autoservistoth.cz ([213.157.59.58]) by mx.google.com with ESMTP id ce7si16117485edb.534.2020.04.17.03.08.14 for <sorin@mustaca.com>; Fri, 17 Apr 2020 03:08:23 -0700 (PDT) Received-SPF: neutral (google.com: 213.157.59.58 is neither permitted nor denied by best guess record for domain of hacker@autoservistoth.cz) client-ip=213.157.59.58; Authentication-Results: mx.google.com; spf=neutral (google.com: 213.157.59.58 is neither permitted nor denied by best guess record for domain of hacker@autoservistoth.cz) smtp.mailfrom=hacker@autoservistoth.cz X-AntiVirus: Checked by Dr.Web [version: 11.1.11.04270, engine: 11.1.9.04170, virus records: 6152810, updated: 8.05.2017] Return-path: <postmaster@thehomebase.top> From: “Hacker” <hacker@autoservistoth.cz> To: sorin@mustaca.com For indexing better, this is the body of the email. PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website http://www.xxxxxx.com and extracted…

General April 13, 2020

Hey, UniFi, why Java? Or “The Best way to destroy customer trust”

I am using at home Unifi to extend my WiFi through two access points. I am writing this post as a user who paid good money for these devices and feels betraid and left alone in the dark by Unifi. While installing the Unifi Controller on new machine, I am prompted to install Java. I am forwarded on this page: https://www.java.com/en/download/win10.jsp Of course, I know that Oracle changed licensing. Yes, this is supposed to be free for personal use. But I don’t like to support this concept, as I personally think that Java should be free for all. So, I tried to install OpenJDK, which is free to use for everybody: https://jdk.java.net/java-se-ri/14 And here started the problems: there is just a ZIP archive on that website. Sooooo, then I googled which environment variables are installed and I set all of them manually. That is a challenge itself, as the OJDK doesn’t seem to come with the required JAR files. Unfortunately, the Unifi Controller refuses to detect the OpenJDK. Then I started to google again on how to use Unifi with OpenJDK: Here As I was assuming, a lot of people are asking the very same thing. It appears…