 Well, actually we have a segment on the show Today is oh goodness it is March 9th, so it is my two-month anniversary here two-month anniversary March 9 Thursday vlog update Yeah, things are happening stuff's happening and this our special guest is brought to you by the wind Because the wind it was crazy here in the Detroit area actually some big areas of Michigan, North Ohio and everyone doesn't have power So we're actually we're in this weird little pocket of electricity, which is my office and we are kind of shocked by this and Yeah, it flickered a few times yesterday, but it stuck it out. It's not a juice So that's why I was at work early today because it was either that or said at home in the dark with no internet Oh, no, and I passed three big B coffees on my way here that are dark So I did get to me Hortons. I'd like to me Hortons to me. Oh, it's good. It's my every day Yeah, he's his every day, but they unfortunately they they're all close because like everywhere doesn't have power Yeah, also by weird coincidence my house has power. Yeah, the people across the street from me have power Yeah, his school lucky you know power So now that we've covered the more the mundane part of the news there are yeah, he's part of the mundane news now And so he gave me being the proper father. I have a bag of donuts and for him Actually, he tries to eat an entire bag of donuts at Tim Hortons, but we didn't let him Briss is like what you like and he's like an entire box of Tim bits. Let me pick them all out She's close to guys the box. I'm like no no no. No, he's and he's like what? He's I want to eat them so like the 40 count. Yeah, he was just gonna get a whole box of donuts He told her good job. Don't let me hang it dude. Yeah So he's gonna hang out and we're gonna find things for him to do like I pick up messes and clean things. Yeah, yeah anyways interesting things that have occurred I Wanted once again over thirty two hundred maybe thirty three hundred subscribers by this morning. We're working on more content I was my wife's birthday. So She forbid me to come Saturday and Sunday because we went out for a while and come make content Which is what I usually do is my quiet times man I know wives good news is this weekend more content on the way I got stuff that I'm reviewing all right You don't you know what that is do you know you're gonna learn Got some more unified stuff. So we're gonna build a unit wireless charger But it's wireless and it's a wireless antenna right for some testing and depending on how you use it You could be charged That is So wonderful play on words there So we we talked about a little bit, you know, I do I have another podcast I do called smr.us for sunny morning Linux review with a couple co-hosts And so we cover a lot of security topics Which is why I'm always so deeply interested in security and the happenings of things I was part of what I report on and We were I was also Monday in the IT in the deep eye casters link to it on our blog large system slash blog look down here Where we they were great podcast talk about technical stuff and meet with other tech companies I was one of the guests on there So I love talking about security research and we had some incidents and we were kind of reviewing some of this And so far this year. We've had some major human errors For like the Amazon S3 turns out their their debrief on it was typo I meant to take down Two servers and took down 20. I don't know the exact as they didn't realize the exact I don't command he typed But basically the idea was supposed to take down a small number of servers Then they took down a very large number of servers and that's what I always mess up some mundane detail So it's interesting to look at these large companies like Amazon are literally taken down by a couple clicks You know one wrong click I should say my user We also seen this happen with I think was git lab a typo of a one instead of a two during a back-up restore It caused them to lose 12 hours of customer data in the cloud and Yeah So yet another typo, so it's really it's just fascinating to me that all of these things that occur now attention to detail I Donuts for you. Yeah, these donuts are clearly So now we have a vault seven to talk about goodness. Yes The CIA the largest dump right? Those are very subjective terms sure pretty big either way either way. It's very big There's a lot going on there So I've been I tweeted a couple things. I some of it's my amusement Was like, oh look, they don't care about Windows phone at the CA because most of the hacks pointed at things in the Android and iOS markets what really is scary all 16 of you on the Windows phone can breathe a sigh of relief I believe the CA's clearly doesn't have a threat So with all that it's it's amazing and it's actually a massive Security problem because under normal disclosure when a security researcher finds a hole They have a process by which they will notify provided This is not something being exploited in the wild. They'll tell Microsoft. They'll tell Google whoever has a security problem They'll let them know What it is and there's a disclosure period by which they have time to fix it before the bug is that disclosed And it's often to be patched turns out the CA was learning and buying from the whoever was selling it to them Some of these bugs which of course makes us all less secure because someone found them they're using them exploiting them and now that the Database dump has occurred so many of those bugs are now completely out in the wild for everybody to use Not just the CIA or any department that had a copy of it. So it is a massive Breach of security. They we found out well wonderful things like the we're using our TV to spy on us Yeah, that that now technically there it's not happening in our country because that would be illegal But the capability is there. Yes vulnerability exists. So the Samsung TVs had a false off basically You think the TV is off. It's not really it's recording What you're saying if they have a camera on them, I think don't they some have a camera? The important part was the microphone. Yeah, you don't want to use all the TVs on because right that they would just hear We're watching but maybe that's interesting. We know it was to Vizio Yeah, yeah, yeah, so using that very much like 1984 Yeah, very much like 1984 TV's are spying on us. So they were using that and I think the other thing too was the CIA They they violated I Get well, I guess really it was an agreement it wasn't really an act or anything but that under under the Obama administration they said any time we've any time the Administration finds a hole or any of these vulnerabilities. They will share it out. Yeah, and and I explainedly was not doing that No, this is a great Insecurity and a problem that they were collecting and hoarding them in one place because well this could happen They could end up on WikiLeaks and it did but and it did happen This is also why government encryption backdoors are such a horrible idea because government's ability to keep a secret has not been good Sorry conspiracy theorists who have these crazy conspiracy theories. Gerardia's no one's that could have keeping a secret. We went to the moon Yeah, so but what we're doing business wise So many things as always Yeah, installing lots of new cameras and schools and putting in More and more redundancies So we're seeing more and more clients and of course now power is gonna make them concerned again Because they can't operate without electricity, but redundant internet connections. We have even a smaller Fabrication company not that big but the time is worth it I mean, it's only actually a hundred dollars a month to put a redundant circuit in because they need internet or they lose visibility of their Ability to dispatch so now we're seeing it I did a review on this for pfSense which are still a favorite tool to use do these are installing boxes that allow for Redundant internet connections. This has been a really big request for a lot of our clients We're also building a lot of websites for clients right now revising some that haven't been updated since like 2012 and Yeah, it's it's time for facelift I mean if your websites even a couple years old if that's part of you Excuse me if that's part of your marketing strategy, you really should keep it up to date make sure it's responsive Look looks of websites change just as technology allows and just as people's Preferences change and so a website built two or three years ago is not going to look Like the typical website that you see today. It's not going to be appealing to people You also want to make sure that it is responsive. You want to when you look at it on a mobile device It's it needs to shrink down and scroll differently than it does when you're looking at a desktop So you want to make sure you have all these things taken into account when you're building your website? Because so many more people are looking at them on mobile devices than on desktops anyway Yeah, I mean you see everyone winding around bumping into things staring at their phone They should hopefully be staring at your website. Hmm. See or your app or anything. So exactly Other things that I have going on is has also made a little bit hard for me to produce some of the content is we've been onboarding new clients I have another proposal to do today Ineptitude scales really really well There's a wonderful way to put that yeah, so think about that for me think about what he just said But it's a wonderful way to put it in aptitude scalable And I'm not one to I know a lot of really good IT companies out there and I rarely ever We don't we we may compete for clients But they rarely leave those other IT companies for us because they're competent and good then we have the other guys and Yeah, then there are others then there are others I mean it's a client of ours that they've used a combination of us to do part of their deal But we do not all of their IT and that's because This guy really hates me and he sends me really he says some wonderful emails But he's clearly inept and they got hacked again, and they've finally had enough of him And the reason I kept him for so long was because he is somehow connected to the original owner of the company Who is now retired and the people in charge now are like we've had enough time to cut the cord Yeah, they they experienced 30 hours of downtime At their company for him trying to get it and part of it was he oops the restore and had to start a restore Over so his predicted 12-hour restore turned in a 24-hour restore, and then it didn't work right still so it was bugs to fix and The guy just becomes unresponsive didn't call back very often and on Surrendering passwords. He's being very Obsinent and just put the same password for everything first. I said you have the same password for everything They said we don't think so They were right because the passwords didn't work. So it's been a back-and-forth now the good news is As I kind of suspected he saved all his passwords in browsers on different logins that he had I was able to extract all the passwords from the browsers now I have all the passwords to the things all around the office by doing a dump of all the passwords from the browser Which I completely preach against he's never mentioned to them that it's a bad idea He told them yeah go ahead and save them all and so they're learning that they should be using a Password manager such as last pass I sent them a link to the video and they're like wow How come he never tells but this I said well good news is he didn't know about it So I was able to extract all the passwords He didn't surrender to you to all the different devices and equipment they have as they have a lot of things that have web logins So I just dumped all those passwords out of there now while it worked in this instance This is absolutely not anything we recommend doing yes Use a service like last year's like this but because of his general follies of being an IT guy It's not a very good one Yeah, he also didn't practice in-state security himself Which is kind of this time worked to my advantage because now we don't have that they were debating what they have to get an attorney involved Just to take over IT because the guy just was obstinate. He also has zero documentation. So we map their network I've shown how I've done this before we use in Tool called zen map. I have a tutorial on it We create an entire maps of their network by leaving a computer plugged in and just scanning the entire thing finding all the Crazy devices that are on our network They found things they didn't know we also were looking for Does everything match what they think they have? Because sometimes they go what's this device and what's that device because I that's kind of the questions we start asking I want to make sure he hasn't left different things because the size of the company you can easily hide some things This is a larger company that we're taking over for so they tolerated this for quite a while But yeah, so we got that I'm gonna do the we're still using the new max backup I've got to do a tutorial on it. That's my only real complaint about it was it took me longer to understand the product because their documentation is a little Lackluster so we're gonna do actually a good documentation for it I've thought about reaching out to some of these companies because the folks over at screen connect They you know, they really liked my review of screen connect They're like wow you have a great video on it. I said, well, thank you and you know, yeah So I thought about as a service because I enjoy reviewing their products to say hey, you know Hook me up with a dealer or something I read your product But I also want to make sure it's a clear line if I'm reviewing your product and we're using it's because I like it Not because I'm being paid to so I got to figure out if there's some way it is not to cross that line Or maybe they can just throw money at me. I don't know. I don't know how that would work like He's like to throw money. Yeah They have to pay a video I would fully disclose in the description and in the first part of the video going I was paid to create this sure to be an honest review though Yeah, because well, then it becomes less of a review and more of a tutorial But either way with the max backup It's a tutorial because it will serve a couple purposes one of them is going to be a Tutorial for my other employees who work here So to make sure they all have a clear understanding of how all the features work I was set it up and how to do restore and then you know break out each of those step signer It's actually not that hard to use But there was just some clarifications that I you know, I think could have been done with a video really easy So and it will be done by me The video and that's just the product we're using right now and it's nice to have a video on it Absolutely. Yeah We're gonna be also something that I suppose I'll be working on more is our social trek blog Postings talking more about how you can use social in your business and some strategy ideas and things like that So be on the lookout for that stuff If you're in the area, you'll probably be seeing my Smiling face a little more going around visiting some folks and like we said earlier if you want to if you have a Business and you want to be on our Thursday vlog. We will come to you and do a remote. Yeah, all this stuff's portable Yeah, you can you can put our muscle behind, you know your business. Yeah, so yeah, we want to go sit with some of our clients I you know, it's funny I'd like to see if our manufacturing clients would be interested in showing someone what they do because it's interesting to me going to These place one of our larger clients is kind of like it's like a giant how it's made It's a three-story manufacturing building that they was they manufacture packaging and it's really kind of cool I mean they make the entire cut package the styrofoam so everything for Companies and you know one of our clients is actually Ford Motor Company So they make some of the things that go inside the The packaging that comes with special edition cars and things like that's really cool stuff They do I you can say I'm a nerd for this or whatever. I love packaging Like to see the way that they come up with you know the ways they come up to package things. Yeah, it's fascinating to me Yeah, we we actually didn't want to throw a box away the other day for some network equipment And I'm like the box is so well made. Yeah, and I gotta give it to Apple I'm not a I'm not a big fan of a lot of the Apple products, but they do beautiful packaging like Apple stuff's fun to open That's actually the only reason I buy Apple is oh, I wish we and the Lenovo does it too So the lowest got this box in the laptop before you open it's one of the yoga ones Sets down recessed in there like you can't grab the edges So you flip this lever and when you flip the box is over it's got a little magnet hold the box again I mean flip it over the laptop rises to flush so you can just pick it up, and I'm like oh That's just that's awesome. Yeah, so this just all those things is like that little bit of packaging is like Oh, that's and we were just playing with the box Like this is so cleverly engineered like I want to keep the box Yeah, for sure so it's about Yeah, I try to think of it maybe we want to do some more job projects with you To gotta get out there gotta get to it. It's always a struggle between Dragon is camera covered around and documenting things that may be in violation Of course, we can't ever take this any medical clients or anything like that There's just too much risk involved, but we have a lot of them We have to follow the HIPAA rules and all that stuff So it's like er can't really share any of that But I'm working on more documentation in ways we can generalize it And I'm gonna do a video soon on how we do documentation my plan for this weekend provided It doesn't become amazing sunny and 70 where I want to go outside is to just hammer videos out And create content what I do a lot of times is for my creation I come up with all the ideas that I'm gonna cover and then I just do them all in one day That way I'm like just set up for it. It's quiet. It's usually after hours on a Sunday And I just spend Sunday doing it. So Yeah, so it vanished. It's a way to do it Yeah, you don't have to just because you're you want to produce content and put it out weekly doesn't mean you have to produce it Yeah, one week. Yeah, but they want to release it. It's how we release it We'll cover that in strategies. Yes, and I wanted a firewall video that I talked about last week that you know How firewalls protection how the threats manifest themselves inside of small businesses? There's a good article, and I think I can find it again on Inc.com and it was about how a small pie company can teach small businesses about security And it's because they're small businesses that've been hacked and they have a lot of statistics for the small business been hacked because they just They're such an assumption that only the big companies our targets in reality is the small businesses are just low-hanging fruit that you never hear about We hear about it, but then we can never report the actual company names or the numbers So once again, they somewhat go unnoticed unless you actually watch our videos here Hopefully some big news site picks it up But this is a constant threat of small businesses because they often don't have adequate security or have a clear understanding And they just think I'm not a target. Yeah, so everybody's a target, unfortunately If you have a computer you have a phone and you have money You're a target and we're gonna leave you here with the philosopher after meme that I found from in a CA Dump some because it amuses me. There you go. So enjoy that Enjoy that. See you guys next Thursday and hopefully I will knock out a few videos in between As always like and subscribe and all those fun things. Yeah. Hey, thanks for watching. All right. We'll see you next week