Dell Addresses Built-In Security Flaw

dell-logoTech giant Dell is working to fix the “eDellRoot” certificate that comes pre-installed on PCs after it was discovered the certificate “unintentionally introduced a security vulnerability” to customers.

News of the security flaw initially spread on Reddit. The certificate potentially leaves information such as user communication, passwords, and usernames open to “man-in-the-middle” hackers. Security experts interviewed on the BBC about “eDellRoot stated it has two main flaws:

“It would allow traffic to be intercepted, potentially exposing sensitive information; secondly, the key could be used to make a user’s computer misidentify unsafe connections as safe.”

Dell has released instructions for how to remove the certificates, as well as promising it will be removed from all future Dell systems. An update was made available yesterday that will check for and remove the certificate if detected.

*Source: Fox News

Schooley Mitchell Lawsuit Watch: Verizon’s Big Tax Bill

verizonIn this week’s Schooley Mitchell lawsuit watch we take a look at a case that Verizon recently lost in the Pennsylvania Supreme Court, forcing the telco to pay taxes on fees collected for installing phone lines, performing repairs and providing directory assistance.

According to the Daily Journal, the issue started 11 years ago when the Department of Revenue delivered Verizon a bill for an additional $48 million in taxes. The amount was lowered by its board of appeals to just $10 million. A subsequent ruling in 2013 by the Commonwealth Court put Verizon on the hook for revenues associated with installing lines and directory assistance, but said it didn’t have to pay for moving or changing lines, or any repairs.

But that’s all changed since the Supreme Court ruled that yes, Verizon does owe taxes on all of it. And others could be impacted by the decision – the Pennsylvania Telephone Association has warned the precedent means other companies may face hefty back tax bills related to other matters before the courts.

Chief Justice Thomas Saylor noted it has been over 70 years since the scope of gross tax receipts has been clarified by the Legislature.

“I find this state of affairs an unhappy one and would welcome a decision by the legislative branch to enter the field and provide guidance,” said Saylor, in his dissent.

Verizon refused to comment on the matter, as did the Department of Revenue, citing confidentiality.

Man facing prison in Verizon phone scam

In criminal news, a Los Angeles man is facing eight years in prison after pleading guilty to wire fraud. According to the Associated Press, Karen Galstian told Verizon he needed phones for drivers in his expanding business. He managed to purchase thousands of iPhones for 99 cents each under contract. He then sold them to companies who shipped them to emerging markets overseas. Galstian pocketed $13 million as a result of the scam. Considering he was also convicted of bank fraud in an earlier case, we suspect he’ll be spending lots of time behind bars.

Rogers Fined for Violating Canada’s Anti-Spam Legislation

crtc_logoRogers is the latest company to be nailed for violating Canada’s anti-spam legislation (CASL) for issues surrounding its email unsubscribe mechanism.

According to the Canadian Radio-television and Telecommunications Commission (CRTC), emails sent by Rogers during a one-year period starting July 2014 – the same month CASL came into effect – had a faulty unsubscribe mechanism.

“During this period, the company allegedly sent commercial emails containing an unsubscribe mechanism that did not function properly or which could not be readily performed by the recipient,” states a CRTC press release. “In addition, in some instances, the electronic address used to unsubscribe was allegedly not valid for the required minimum of 60 days following the sent message.”

The CRTC also said that Rogers failed to unsubscribe recipients from commercial emails within 10 days of receiving notice. All in all, the violations have set Rogers back $200,000 in a voluntary undertaking to resolve the offences. Efforts include improvements to an existing internal program to ensure compliance with CASL, which is probably a good thing since it doesn’t seem it was doing a very effective job from the start.

“Companies must respect the choices of Canadians who do not wish to receive commercial emails, and must make it easy for them to unsubscribe from their mailing lists,” said Manon Bombardier, CRTC chief compliance and enforcement officer, in the press release. “We are satisfied that Rogers Media Inc. made the necessary changes to comply with Canada’s anti-spam law.

Today’s announcement is a direct result of the information provided by Canadians and we continue to encourage them to report suspected violations to the Spam Reporting Centre.”

And it appears Canadians have been doing just that. Since 2014, $400,000 in undertakings and $1.1 million in fines have been collected for violations of the legislation.

CRTC options to protect against unwanted calls

Stepping up in its fight against unwanted and spoofed calls, the CRTC recently published a thorough summary of options Canadians have to protect themselves from the nuisance communications. The list, which outlines the method of blocking and filtering calls by provider, was compiled from information provided to the CRTC direct from the telecom companies.

It is the first step on the CRTC’s quest to discover “new and innovative solutions” to combat unsolicited telemarketing and spoofed calls. Now the agency is asking any interested parties to review the summary of options and submit comments by Dec. 4.

The CRTC estimates up to 40 percent of unwanted marketing calls come from spoofed numbers.

Amazon Storywriter Officially Launched

amazon_logo_RGBAmazon has launched its new Storywriter program, offering free, cloud-based screenwriting software. It’s the media giant’s latest effort to expand its original video and TV content. It will now also accept drama series submissions, in addition to the comedy and children series submissions.

This is part of Amazon Studios, which launched in 2010 as a way to crowdsource the process of finding new material for film and television programs. Writers can upload and make their works public, gain feedback, and ultimately have the opportunity to have their script purchased from Amazon. The children’s show Gortimer Gibbon’s Life on Normal Street came to Amazon through this medium.

The software is aimed at newcomers who haven’t made a name for themselves in the screenwriting world. It coheres to the strict screenwriting form that some might not know despite their interest in getting into the craft. Amazon Storywriter auto-formats, supports the import and export of PDF files, FDX files, and Fountain formats. It saves work online, and includes an app for Chrome on both Mac and PC.

*Source: TechCrunch

Kid Starts Secure Password Business

secure passwordWhile most kids are content to play, 11-year-old Mira Modi has proven to be both business savvy and security conscious in her recent e-commerce effort. After the Grade 6 from New York City began creating passwords for her friends and family, for fun, by rolling dice, the idea grew into an online business.

Last month, Modi created, where users can buy guaranteed secure passwords that she creates. Not sold? Here’s the pitch:

“Buying a password seems crazy. But trying to make your own passwords is even crazier. C’mon – admit it, your passwords could be better. Instead of 12345 or password, your passwords could be longer, stronger, and more unique.

That’s where I come in. Using a proven methodology, I build long, strong, memorable passwords using strings of words from the dictionary that I select using dice. This method has been endorsed by no less an authority than the XKCD comic.”

In an impressively short amount of time, Modi’s online shop has exploded and attracted plenty of media attention. Two weeks after her launch, Modi had sold about 30 passwords according to an interview with Ars Technica. Two days after the piece was published, Modi had processed 500 orders.

“Any plans on my weekends have now been canceled,” Modi told the New York Daily News. She has disclosed that each password takes about 10 minutes to generate and complete. “My entire weekends go to this. During the weekdays I really don’t have much time since I have to do homework.”

Modi’s Diceware system, initially developed by Anrold Reinhold, uses a pair of baby blue six-sided dice 30 times. The numbers she generates correspond with letter and word patterns from the official Diceware word list. From this, Modi creates a random, six word password that she claims in “very secure” and “not easy for the computer to hack.”

Mira Modi’s interest in password safety is fitting, considering her mother is Julia Angwin, a Pultizer Prize-winning veteran reporter and author of Dragnet Nation, which explores computer and network surveillance.

Apple Pay Available in Canada

Apple PayAmerican Express users in Canada can now access Apple Pay on their iPhones. The service allows users to upload their credit card information into their phone and use it for tap-to-pay purchases.

Apple requires cooperation of banks and card issuers for the service to work, and unfortunately for them Canada’s financial institutions have not been eager to jump on board. That’s why at this time only American Express cardholders issued by Amex Bank of Canada can activate Apple Pay. There is no word on whether it will expand to others.

Apple Pay is compatible with near-field communication while using the iPhone 6 and 6S models and the Apple Watch. It can also be used to make in-app purchases.


Comcast Customer Falls to Internet Billing Errors

comcast complaintsMistakes happen. Whether it’s your personal life or business dealings, we’re all human and no one is perfect. However, it seems certain screw ups are more apt to happen in certain industries and no matter how many times they rear their ugly head, nothing seems to change. Internet billing errors fall into this category.

We know that studies show up to 80 percent of telecom bills contain errors: we recover tens of thousands of dollars a year for our clients because of it. It’s something that usually flies under the radar – the vast majority of people and companies being overbilled never realize it – but every once and awhile an example makes the news.

ArsTechnica shared an outrageous story this week about an IT consultant who was sent to collections after dutifully paying his Comcast bills. You read that right. He had collection agencies sicced on him even though he wasn’t in arrears.

Ken Mueller has spent the last year and a half trying to deal with the mistakes, which happened after he moved twice in three months. During one of those moves, Comcast didn’t link his account with the new location and continued billing him for the disconnected service at his old address.

Because Mueller paid his bills through automatic withdrawal, Comcast happily took money out of his account to cover the phantom costs. He disabled the payments and was told by a customer service rep that all would be well and the issue would be fixed. This sounded great, until Mueller started getting the collection notices.

He estimates he’s spent over 10 hours on the phone with Comcast reps trying to resolve the problem. It’s finally been made right after the recent media intervention. And even though Mueller knew something was wrong and had all the documentation (and smarts) to back it up, he was still unable to clear it up on his own.

“One time someone said, ‘you didn’t fill out a move form,’ and I said, ‘yes I did, in fact I have a copy and here it is,’” Mueller told ArsTechnica. “It would be one thing if I had made a mistake, but I didn’t. It’s frustrating that the onus is on me to fix their mistake, the bug in their system that they can’t figure out.”

Comcast’s customer service is notoriously poor, so much so that a senior vice president of customer experience was appointed last year. It has pledged a $300 million investment, and the hiring of 5,500 new employees, in an effort to improve its interactions with subscribers.

The billing error in this case isn’t uncommon. We frequently encounter similar situations where our clients are still paying for services that were disconnected years ago. It can be difficult to keep tabs on your communications inventory, especially when you’re busy focusing on other areas of your business. It’s worth having someone do a thorough audit – it can save you plenty of money, and some big headaches, down the road.

Verizon Introduces $10 TravelPass

verizonVerizon subscribers traveling in foreign countries can now pay a flat daily fee for calls, texts and data. Launched last week, TravelPass will set you back $10 per day if overseas, or $2 per day if visiting Canada or Mexico.

The flat fee is simpler than the old system, which saw users pay separately for international minutes, texts or data. Verizon is promising 3G to 4G speeds under their new plan.

“Unlike other providers, Verizon doesn’t use gimmicks like ‘free data roaming’ to lure you in and then put you on the slowest network and restrict your data use while outside of the U.S.” the company was quoted as saying in a CNN article.

TravelPass is best suited for short trips. Those who plan on being out of the country for a longer period of time may want to consider the International Travel Preferred Pricing Plan with 100 MB of data, 100 outgoing texts and 100 voice minutes for $40 per month.

Mozilla Rolls Out Firefox for iOS

firefox for iosAlthough it has been a long time coming, Mozilla’s Firefox for iOS app is finally available publicly to anyone with an Apple device. Last December the non-profit browser maker, whose mandate is to keep the Internet open, announced it would be reversing its stance against making software for the App Store. By May, the earlier versions of Firefox for iOS were released in a limited capacity for user testing.

It’s certainly great that users now have access to Firefox on their phones, but will the app actually make a splash amongst its competitors? Safari comes installed on all iOS devices and Google Chrome remains the most popular browser on the web. One perk – which is great for Mozilla faithful – is that with a pre-existing Firefox account, users are able to access their bookmarks, browsing history, tabs and passwords via their mobile device. Mozilla also hopes its search prediction, visual tab management and incognito browsing features will attract new users too.

In its review of the new app, TechCrunch notes it works well and has interesting features, but does not distinguish itself enough from Chrome to draw users away from the other browser.

Firefox is available in the App Store for iOS 8.2 or newer.

FCC Can’t Stop Facebook from Tracking Users

FCCThe Federal Communications Commission (FCC) says it cannot force companies like Google, Facebook, or generic ad providers from tracking users online.

The privacy advocacy group Consumer Watchdog has been petitioning the commission to make the “Do Not Track” setting in browsers illegal to ignore. It sends a signal when visiting websites that supposedly limits the amount of data that can be collected. However, this reduced collection must be voluntary and the “Do Not Track” setting is simply a preference.

The FCC said in a written order that enforcing the “Do Not Track” setting actually falls out of its jurisdiction.

“The Commission has been unequivocal in declaring that it has no intent to regulate edge providers,” read the statement. “We therefore find that the Consumer Watchdog Petition plainly does not warrant consideration by the Commission.”

Edge providers like Microsoft and Twitter provide services on the Internet without actually selling Internet connections.

Consumer Watchdogs is understandably unhappy with the decision, but will not give up its pursuit.

“We believe that the FCC has the authority to enforce Internet privacy protections far more broadly than they have opted to do,” said John Simpson, the director of Consumer Watchdog’s Privacy Project, in a statement. “Requiring that Do Not Track requests be honored is a simple way to give people necessary control of their information and is in no way an attempt to regulate the content of the Internet.”

*Source: NBC News