Got Robocalled? Don’t Get Mad; Get Busy. — Krebs on Security

Several times a week my cell phone receives the telephonic equivalent of spam: A robocall. On each occasion the call seems to come from a local number, but when I answer there is that telltale pause followed by an automated voice pitching some product or service. So when I heard from a reader who chose to hang on the line and see where one of these robocalls led him, I decided to dig deeper. This is the story of that investigation. Hopefully, it will inspire readers to do their own digging and help bury this annoying and intrusive practice.

Source: Got Robocalled? Don’t Get Mad; Get Busy. — Krebs on Security

The time Santa rescued me

A visit from Santa at sea

Over the holidays, I found myself thinking back to another Christmas of over 25 years ago.

I was serving in the Navy on the USS Elliot (DD-967) and it was yet another Christmas away from home. I was in a funk at the time though now I’m not sure which one of the many possible causes was responsible. I’m pretty sure I was nearing the end of my enlistment. I definitely remember that the deployment was ending and we were bound for San Diego. Maybe it was because I had been butting heads with some of the other guys in my division (we didn’t always get along and when I finally earned some rank I became more comfortable with confronting the slackers and assholes). Maybe it was simply because I didn’t know what I should be doing with my life. Still don’t, actually.

But there I was at sea. It was about 8 AM. I had been working midwatches and had just come off of twelve hours of nighttime duty. I was in my rack, exhausted and feeling depressed. I just wanted to sleep and make the time pass as quickly as I could.
Continue reading

‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

A massive security issue has been found in Intel’s processors that will very shortly have a huge performance impact on almost all computers. Details are sketchy at the moment but it’s not looking good.

Remember the Year 2000 (Y2K) bug? This is likely to eclipse Y2K. Why? Because patching broken software is trivial but patching broken hardware is all but impossible. We will feel the effects of this design flaw for years. Soon nearly all computers you interact with (including online services like Facebook, SalesForce, Netflix, etc) could be from five to thirty percent slower.

When I purchased a new Intel processor last year, I did so thinking it would give me a decade or more of service. Now it’s already obsolete. If any class-action lawsuits spring up over this I would be willing to join in. This is ridiculous.

A fundamental design flaw in Intel’s processor chips has forced a significant redesign of the Linux and Windows kernels to defang the chip-level security bug.

Programmers are scrambling to overhaul the open-source Linux kernel’s virtual memory system. Meanwhile, Microsoft is expected to publicly introduce the necessary changes to its Windows operating system in an upcoming Patch Tuesday: these changes were seeded to beta testers running fast-ring Windows Insider builds in November and December.

Crucially, these updates to both Linux and Windows will incur a performance hit on Intel products. The effects are still being benchmarked, however we’re looking at a ballpark figure of five to 30 per cent slow down, depending on the task and the processor model. More recent Intel chips have features – specifically, PCID – to reduce the performance hit.

Similar operating systems, such as Apple’s 64-bit macOS, will also need to be updated – the flaw is in the Intel x86 hardware, and it appears a microcode update can’t address it. It has to be fixed in software at the OS level, or buy a new processor without the design blunder.

Source: ‘Kernel memory leaking’ Intel processor design flaw forces Linux, Windows redesign • The Register

Bonus link: Some technical speculation on the bug from “pythonsweetness.”

Cheap Thoughts: Microcell towers

A microcell site outside of the gas station at Raleigh’s Costco.

I’d been a bit puzzled by all of the microcell sites I’ve seen popping up around town. The first I found was the one behind Adventure Landing on Capital Boulevard a few years ago. Since then, more and more have appeared at locations like Hillsborough Street near N.C. State, Cameron Village Shopping Center, Red Hat Amphitheater, St. Augustine University, outside the Subway on Creekside Drive, and the one pictured above outside of Costco on Six Forks Road near Wake Forest Road.

Many of these new towers sit almost literally in the shadow of massive, existing towers. Why were all of these micro towers going up in places that already have clearly good coverage?

Then the Eureka moment hit me. These cheap, utility-pole cell sites are poaching cellphone users away from the massive towers and collecting the connection fees!
Continue reading

The Promotion and Marketing of OxyContin: Commercial Triumph, Public Health Tragedy

I stumbled upon this old but still relevant paper on the National Institutes of Health website, tracing our country’s current opioid epidemic directly to Purdue Pharmaceutical’s aggressive marketing campaign.

It is truly frightening to consider how many lives have been sacrificed – and continue to be sacrificed – in the name of profits for the pharmaceutical industry. These are real people who trusted their health care providers and were let down. So many families have been shattered and it makes me extremely angry.

America’s health care system is badly broken and needs a drastic fix.

Purdue promoted among primary care physicians a more liberal use of opioids, particularly sustained-release opioids. Primary care physicians began to use more of the increasingly popular OxyContin; by 2003, nearly half of all physicians prescribing OxyContin were primary care physicians.19 Some experts were concerned that primary care physicians were not sufficiently trained in pain management or addiction issues.

Primary care physicians, particularly in a managed care environment of time constraints, also had the least amount of time for evaluation and follow-up of patients with complicated chronic pain.

Source: The Promotion and Marketing of OxyContin: Commercial Triumph, Public Health Tragedy

Hello, 2018

New Years 2018 arrives in Raleigh City Plaza during the First Night Raleigh celebration

It’s New Years Day 2018 and I sit in my comfortable home office, coffee in hand and a pile of technology surrounding me. The weather is a brisk 22 degrees Fahrenheit as we’re in the middle of a brutal cold spell. I’ve been spending the past week and change catching up on home projects, mostly of the indoor variety.

When it was still warm enough to feel one’s limbs outside I worked more on our fence, digging up more than half of our old fenceposts. The ones that are left are anchored by concrete and not as eager to be ripped from the ground. On a future warmer weekend I will pry these out as well. For now, we have a mostly-open yard for the first time in a while.
Continue reading

Broken DHCP on the Ubiquiti EdgeRouter Lite

The Ubiquiti EdgeRouter Lite (ERL), an amazing little networking box.

Back in October I finally squeezed gigabit speeds out of my AT&T Fiber connection by switching from my old OpenWRT-based TP-Link Archer C7 routers to an Ubiquiti EdgeRouter Lite (ERL). The Archer hardware could not keep up with gigabit speeds but the ERL can.

I love the ERL! It’s only about $100 but it’s a very powerful device! Previous versions of the firmware were a bit cryptic (at least in the UI area) but the latest one provides a lot of functionality (and wizards).

I had followed one such wizard to do my initial setup with the ERL back in October, after upgrading it from version 1.9.1 of EdgeOS to EdgeOSv1.9.7+hotfix.4. All seemed to work … except for it properly pulling a DHCP address from AT&T. See, I have bypassed AT&T’s PACE router in favor of my own and the ERL now does everything but the initial 802.1x authentication that opens the port on AT&T’s switch.

Why do you need to use DHCP on your AT&T link? You can put a static IP on your end of the link but AT&T offers DHCP leases of 14 days and expects you to use them. If your box (i.e., my ERL) doesn’t renew its IP near the end of those 14 days, AT&T considers the link to be dead and shuts down the connection. At this point, the only way you’ll get it going again is to reconnect the AT&T router and let it do its 802.1x authentication again. This is a pain, so avoiding it is very useful.
Continue reading

Burglars enter her home. Cops take an hour to get there.

Imagine being on your own with these guys for almost an hour

Yesterday evening one of my neighbors found herself in a terrifying situation. Three would-be burglars had targeted her home and two of them had just quietly entered through her back door – while she was home! If her very large dogs hadn’t alerted her and scared them off she could’ve found herself face to face with these young men.

She did what any panicked homeowner would do – she called 911 and waited for help to arrive.

And she waited. And waited. And waited.

Two strangers had just entered her home while she was inside and the first Raleigh police officer did not arrive until a full fifty minutes later. By that time the intruders trail had gone cold, too cold for the K9 unit to track them. Officers were apologetic, telling her the department is understaffed.

My neighbor said later that the dispatcher misclassified the break-in as a “Level 2” incident, meaning the officers didn’t even get dispatched until 20 minutes after the incident. Even so, if it takes 30 minutes to round up enough officers to respond to a B&E that is far too long.

No one should have to wait this long for assistance in a life-threatening emergency. This is completely unacceptable. If the Raleigh Police Department is this understaffed then the City of Raleigh needs to get this fixed.

I know the Council recently approved raises for our first responders. Has that boosted recruitment? Why or why not? What else can the city do to ensure the safety of its citizens?

I can’t imagine what I would’ve done had this happened to me. The City of Raleigh needs to do whatever it takes to get more officers in the Raleigh Police Department and to keep happy the ones who are there now. What we have now puts everyone’s safety at risk.

Neighbors will be asking the Raleigh City Council next month to allocate more resources towards our police.

I-Team Exclusive: Sen. Reid discusses UFO study | LasVegasNow

Former Senator Harry Reid discusses his Pentagon UFO study project.

Did anyone notice what just happened here?

1. The U.S. Government has confirmed it has been studying UFOs.
2. This study has been quietly supported at some of the highest levels of government.
3. A video of a compelling UFO encounter has just been officially released by the U.S. Government.
4. One of the highest ranking former members of Congress didn’t run away from these events but proudly claimed them.
5. In spite of all this, the world didn’t end. People didn’t run for the hills. Mostly everyone shrugged.

These are all remarkable events and unthinkable even a few years ago. If all the people who made this happen escape without being publicly crucified we may see more of these disclosures.

Is society becoming ready to accept the truth of other life in the universe?

The existence of the UFO study was first reported by the I-Team back in October. That’s when a high-ranking intelligence officer in charge of the program quit to take a job with a private company.

Over the weekend, news of Harry Reid’s role in the study surfaced in news reports. The senator gave his only on camera interview to the I-Team’s George Knapp.

Harry Reid’s interest in UFOs dates back to 1989 because that is when George Knapp first had conversations with him on the topic.

In the years since, Reid quietly collected more information, met with scientists, intelligence officials, and other experts, and finally authorized a study that was carried out by a company created by a Las Vegas billionaire.

Since the story broke on Saturday, Reid has been bombarded with media requests, but he gave his only on camera interview to the I-Team.

The release this weekend of videos recorded by military pilots is unusual because, officially, the U.S. government stopped collecting information about UFOs back in 1969, when the Air Force canceled Project Blue Book. But in the decades since, pilots and others continued to encounter technology that is beyond anything known on earth.

Source: I-Team Exclusive: Sen. Reid discusses UFO study | LasVegasNow

Navy pilot recalls encounter with UFO: ‘I think it was not from this world’ – ABC News

I’m still fascinated by this story of retired Navy F-18 pilot Dave Fravor intercepting a UFO off of San Diego in 2004. I admire this guy’s courage in sharing the story.

His statement, along with the official video, illustrates just one of many, many similar encounters that have taken place but were never publicly shared.

Retired Cmdr. David Fravor spent 18 years as a Navy pilot, but nothing prepared him for what he witnessed during a routine training mission on Nov. 14, 2004.

“I can tell you, I think it was not from this world,” Fravor told ABC News. “I’m not crazy, haven’t been drinking. It was — after 18 years of flying, I’ve seen pretty much about everything that I can see in that realm, and this was nothing close.”

Source: Navy pilot recalls encounter with UFO: ‘I think it was not from this world’ – ABC News