BBB complaint: Vonage

by 2 Comments

Today I opened a complaint with Vonage with the NJ Better Business Bureau.I think it is worthwhile to serve as an example of what can happen in the mad dash to pay off venture investors instead of keeping their eye on the ball.It reads as follows:I was one of the first Vonage adopters…. No one was listening.No one was capable of correcting my problem or interested in addressing Vonage’s breakdown in processing my situation.After two weeks, I began the process of porting my phone numbers to another VOIP telephone provider as I still did not have phone service and would have to wait another 30 days before my numbers were going to work with this new provider that had more competent employees.Eventually the numbers were ported over to my new provider and my phone was ringing again…. I would get phone calls at all hours of the day and night as they repeatedly issued my phone number to customer after customer of theirs.Eventually I had my previous number disconnected to get away from Vonage…. That is a problem for someone other than me at this time.I want a refund on the two months of service where my phone was not working by no fault of my own after Vonage took it upon themselves to break my service and then have no interest in troubleshooting their failure.

Read Article →

Next generation gaming and continued Linksys failures

by Leave a comment

Today I needed functionality and was unwilling to tolerate bad consumer implementations any longer.My household network may include the following devices at any given time:• a couple of OSX 10.4 macs• at least one Windows XP workstation or laptop• a Nintendo Wii• a Sony Playstation 3• assorted other laptops• A Zaurus• at least one visiting smartphone or IP phone• Sony PSPs• and other such widgets and devicesOddly enough for whatever reason, the PS3 was not fitting into my brave new world of WPA2. Sony doesn’t (even after the last firmware 1.5 update) support WPA2, but does manage WPA [AES].Sadly after a fair amount of trial and error, I was able to determine that the Linksys firmware does infact not offer WPA [AES], but only WPA [PSK]…. Who cares.I sshed into the now OpenWRT access point and the following commands got things where I needed them to be:ipkg updateipkg install nasrebootA really excellent feature of OpenWRT, I noticed, was that it can support WPA2 and WPA devices supporting both AES and PSK at the same time…. After the usual security warnings about how windows can be owned at any moment by anything (which prefaced the installation instructions), I installed the uPnP module via their somewhat odd procedure:cd /tmpwget http://members.optusnet.com.au/edwardluck/openwrt/packages/libupnp_1.2.1a_mipsel.ipkipkg install libupnp_1.2.1a_mipsel.ipkwget http://members.optusnet.com.au/edwardluck/openwrt/packages/linux-igd_1.0.1.ipkipkg install ./linux-igd_1.0.1.ipk/etc/init.d/S65upnpd startThe PS3 then reported that I was running a type 2 NAT (in place of the previous type 3) and that uPnP was now operational.Thank you OpenWRT for giving me the chance to distract my competition with words and laugh at them when I blow them up.

Read Article →

SEO blog defacements

by Leave a comment

Jeremy Schoemaker asked me to write up a little something regarding the recent string of SEO web defacements for a non-technical audience which he posted in his blog.The SEO industry is very focused on being SEOs.Like many professionals, many attempt to avoid time consuming activities that are not core to their business…. This is a perennial theme of information security writings and I myself have touched on itWeb defacements are nothing new, but the media attention to SEO superstars is notable and makes their online presence an attractive high-value target. The recent mass defacement of SEO wordpress blogs that was launched from a technical adversary using tor is an example of what has become a not uncommon occurrence.What can SEOs, and bloggers in general, do to lessen the risk of public embarrassment from defacements, hacktivism, and information leakage?… (For example, the bugfix for Wordpress v2.0.6 addressed a correction for those webservers that had left register_globals set to “on.” Not recommended in the first place.)Hardening the web services themselves with security modules.Use of a NIDS or HIDS that will actively block or alert upon detection of questionable behaviors.All of these methods involves time and resources that could best be applied to doing what they do best, in this case, being a SEO.

Read Article →

A review of Marcus Sachs: “Behind the Scenes at the Internet Storm Center [ISC]”

by Leave a comment

Hi Marc-not-Marcus,I wanted to give you some feedback on your presentation this evening atthe ISSA because, frankly, I was a disappointed with some of yourconclusions.First, the whole “the internet is an organism” concept of virus andmalware propagation.Lots of people have said this which, I suppose, makes it a kind ofconventional wisdom speaking point. I don’t agree with it and I’ll tellyou why. It centers around the recurring commentary that many in ourindustry have spoken about regarding shoddy software devdelopment.

Read Article →