Kitestrings

From our parent company, Medium Rare Interactive.

ZDNet has a list of available patches against the KRACK WiFi vulnerability. Keep an eye on it if you have WiFI devices (including routers). http://www.zdnet.com//here-is-every-patch-for-krack-wi-fi/

More detailed info on the KRACK WiFi vulnerability: https://arstechnica.com//how-the-krack-attack-destroys-ne/

This newly discovered vulnerability in the WiFi protocol will require updates across just about every device out there - computers, mobile devices, even your routers. Patches are not yet available in most cases. Stay tuned - we will provide updates on this issue as they become known. The good news is that it's a very localized attack vector: without additional breaks (e.g. a compromised computer within the network) attackers will need to be within the range of a wifi network to attack it. This isn't a "change your passwords" issue, it's a fundamental security flaw in the WiFi protocol.

FYI, iPhone users: new in iOS 11, the buttons in the control center that look like they turn off wifi and bluetooth... don't. They disconnect devices currently connected, but do not actually turn off those services. To actually turn them OFF, you need to go into your Settings app. Turning off these services while not in use is a good security practice, as well as a battery saver. According to Apple, this is a feature, not a bug. We hope that Apple adds some feedback to this process to help users understand the difference.

Tonight we'll be rolling out some updates to Kitestrings. We'll be starting at 10pm Pacific time. If all goes well, we should be back up and running by midnight. However, there's a possibility that the maintenance will go longer, so be prepared for extended downtime into the early morning hours. Thanks from the team at Kitestrings!

Security Alert: New, sophisticated Google Docs based phishing scam. Be very careful about accepting Google Doc shares until this is resolved. Read about it on Reddit: https://www.reddit.com//new_google_docs_phishing_scam_al/

Security Alert/PSA: Attackers have figured out how to register a domain name that looks identical to an existing domain name when displayed in Firefox and Chrome, right down to the secure lock icon. This technique is being used for Phishing attacks and is very difficult to detect if you're not looking for it. To protect yourself, be very wary of URLs/buttons in emails that are coming unexpectedly from known services. You can copy and paste the URL from the URL bar into a text... editing program and you'll see that it's actually NOT the URL you see in your browser. Firefox has a manual setting that can be changed to force the URLs to display properly (read the linked article for more info). Chrome does not have a manual setting, but is working on a fix to be released in the near future. Keep an eye out for updates.

In today's episode of "passwords you need to change," there's a threat against Apple's iCloud and devices associated with Apple accounts (me.com, mac.com, icloud.com). TL;DR: CHANGE YOUR APPLE ACCOUNT PASSWORD IF THERE'S ANY CHANCE YOU'VE EVER USED THE SAME PASSWORD ELSEWHERE. Hackers have managed to acquire an unknown number of valid access credentials to Apple accounts, which can be used to wipe phones, iPads and other devices associated with the account. The way it seems ...to be working is that the hackers are relying on re-used passwords from other third party accounts obtained in unrelated data breaches. We talk about the dangers of password re-use in a blog post here: https://www.kitestrings.io/stop-being-creative-why-to-star/ Check out the full article about the Apple threat here: http://www.zdnet.com//icloud-accounts-breach-gets-bigger-/

Good morning #BCTECHSummit! Kitestrings has 4 care packages from the Comox Valley to hand out. Give us a shout for some wine and chocolate!

Hey folks, we'll be at the Tap & Barrel at the Vancouver Convention Centre tonight at 7:30pm. Come join us for a beer!

There are plenty of ways to be creative, but when it comes to making up passwords, it's better to use a password generator.