Pittsburgh Tech Guy

'Tis the season for phishing scams. You've probably already seen quite a few here and there, and now there's another one to add to the list. There's a license key scam swirling around inboxes from scammers claiming to be Adobe, straight from the company itself. 

Adobe reports the campaign attempts to lure users to download a ZIP attachment containing an executable file with malware inside. As usual, the actual email itself (viewable via ZDNet) is riddled with weird sentence structure and pronouns that aren't capitalized, so it shouldn't be difficult for tech-savvy users to tell if it's a fake -- especially if they haven't even purchased an Adobe product in the past. 

Keep safe while attending to your holiday affairs, and don't open up that executable file!

Website hacks aren’t news; almost every other day, a major website getting hack makes headlines, with thousands, and at times even millions of user account details falling in the wrong hands. There’s been a number of high profile system breaches lately against internet juggernauts like Gawker media, Sony, Facebook and Yahoo. In case you’ve had accounts on these services and have been wondering whether you’ve been among those unlucky ones whose personal information was leaked or compromised during those attacks, there’s a new web service called Have I Been Pwned? that can help you out instantly finding it out. Details just past the jump.

In case you haven’t spent a lot of time playing online video games like me, you might be wondering what ‘Pwned’ really is. A quick look at Wikipedia reveals it to be a ‘leetspeak’ slang term derived from the verb ‘Owned’, which means taking control of something.

Getting back to the service, Have I Been Pwned basically tells you whether your account was really ‘Pwned’ or not. Here’s how to find it out:

Simply head to the website via the link provided at the end of this post, enter your email address on the home page, and hit the ‘pwned?’ button.

The website will take a few seconds to analyze your email, and then if you’re safe, it will give you a green signal with a message stating ‘no pwnage found!’. On the other hand, if your email is indeed among any of the lists of stolen accounts, you’ll be warned about the number of sites where your account information might have been leaked. HIBP doesn’t explicitly state how it collects that data, other than that it uses information that has been made publicly available by the breached sites.

Of course, you will have to take further measures to safeguard your account on your own, either via changing the password associated with that account as well as all other accounts where you used the same password, or deactivating that account. The service currently matches your email address against the data leaked in Adobe, Yahoo, Gawker, Pixel Federation, Stratfor, and Sony website breaches.

http://www.haveibeenpwned.com/

The nation's top wireless carriers today relented on the cell phone unlocking issue, committing to a voluntary set of principles that will make it easier for consumers to unlock their devices.

"We believe this agreement will continue to foster the world-leading range of devices and offerings that Americans enjoy today," CTIA, the wireless industry trade association, said in a statement.

The carriers that have signed on are AT&T, Sprint, T-Mobile, U.S. Cellular, and Verizon Wireless.

The move comes about a month after the FCC's new chairman, Tom Wheeler, penned a note to Steve Largent, president and CEO of CTIA, to push for "an amendment to your Consumer Code in which this industry would address consumers' rights to unlock their mobile wireless devices once their contracts are fulfilled."

Wheeler backed a five-point plan, but CTIA was apparently not supportive of a provision that required carriers to either notify customers when their devices were eligible for unlocking or just unlock those devices for free, automatically, when eligible.

It appears CTIA has had a change of heart. In a Thursday letter to Wheeler and the FCC commissioners, Largent said the carriers have agreed to a six-point plan that includes notification.

Specifically, the carriers have committed to: posting information about their unlocking policies; unlocking the phones of customers who have satisfied their contracts; unlocking the phones of pre-paid customers no later than one year after they first become a customer; notifying customers when their phones are eligible for unlocking and/or automatically unlocking; unlocking devices within two business days; and unlocking devices for deployed military personnel.

I rarely find a website that I find this cool, but here it is...www.flightradar24.com  What is it.  It allows you to track the flight of every airliner in America in real time.  You get a map, you have little planes moving across the landscape.  Click on a plane, it will tell you the Airline, flight number, departure and arrival and have a line showing you the flight pattern it has taken so far.  Note, to save resources, it does time out after 30 minutes, unless you have a paid account.

Got my glasses last week and am eager to try them out.  I have one question for those people on Ebay buying a Google Glass Invite...why?  You can sign up for one for free on the website, took me about  a month to get an invite and the process is done.  Not sure why people are signing up for something that is completely unnecessary.  I must admit the process is simple, Google even overnights them as part of the purchase price.  Good work Google.

Government spying programs have reportedly peeked at phone records, data centers, and email contact lists, but the latest leaks point to a coordinated effort to spy on gaming networks, too.

According to The New York Times, documents leaked by Edward Snowden suggest that U.S. and U.K. officials have tapped into online gaming worlds like World of Warcraft and Second Life. The agencies have created their own online personas "to try to recruit informers" and gather data on game communications, the Times said.

While chats about fake online realms might seem useless, the NSA said at one point that they can be "a way to hide in plain sight." At this point, though, it does not appear that the agency has actually uncovered a terrorist plot within an online world.

The surveillance, however, also extends to Xbox Live, which has 48 million members worldwide. The paper did not know how the NSA was monitoring content. Blizzard, which runs World of Warcraft, said it had not detected any sort of surveillance on its network, and denied cooperating with the feds.

The NSA did not immediately respond to a request for comment.

The U.S. effort to infiltrate gaming systems dates back to at least 2007, while the U.K. apparently started taking an interest a year later, the Times said.

The news comes as several top tech firms today made a public push for more transparency and more limited surveillance. AOL, Facebook, Google, LinkedIn, Microsoft, Twitter, and Yahoo signed on for Global Government Surveillance Reform, and they are pushing five principles: limiting governments' authority to collect users' information; oversight and accountability; transparency about government demands; respecting the free flow of information; and avoiding conflicts among governments.