The Purple Yahoo Verizon Mobile Device Innovation
November 2, 2020
I spotted a hard-hitting bit of “real” journalism in “Yahoo’s First Branded Phone Is Here. It’s Purple and Only $50.” One question, “Is the ring tone the Yaaaa-hoooooo yodel? The phone comes from the hard working folks at ZTE. This is a Chinese firm located in Shenzhen with clean, cheerful factories in several locations. The model has been around for a decade. The purple version available from the cheerful Verizon unit managed by Guru Gowrappan. Yep, “guru.” The write up points out that Guru Gowrappan allegedly said:
[You] may have the option to get free access to its Yahoo Finance Premium offering, while a Yahoo Sports fan would get free betting credits or promotions for the company’s sportsbook, assuming they are in a state where sports gambling is legalized.
Yaaaa-hoooooo.
Stephen E Arnold, November 2, 2020
Inconsistent: Not If You Are Googley
November 2, 2020
In the rip roaring testimony on October 28, 2020, I thought some of those digital illuminati wanted Federal guidelines. But I could be mistaken. “The Technology 202: The Social Media Hearing Was a Missed Opportunity for Lawmakers” stated authoritatively:
The nearly four-hour event was chaotic and disjointed from the outset, as lawmakers frequently jumped from hot-button issue to issue — from the Twitter’s’ handling of dictators’ accounts to Google and Facebook’s effect on local news
I like the “dictators’ accounts.” Plural. Lots of dictators.
I noted “Google Steps Up Campaign against EU Push for Tough New Tech Rules.” I learned this allegedly “real” factoid:
Alphabet Inc unit Google has launched a 60-day strategy to counter the European Union’s push for tough new tech rules by getting U.S. allies to push back against the EU’s digital chief and spelling out the costs of new regulations, according to a Google internal document.
The write up continued:
When asked about the document, Google said new rules should take into account that people and companies are asking more from tech companies, rather than less. “As we’ve made clear in our public and private communications, we have concerns about certain reported proposals that would prevent global technology companies from serving the growing needs of European users and businesses,” Karan Bhatia, vice president, global government affairs and public policy, said. The paper proposed increasing the pushback against European Commissioner for internal market Thierry Breton, who is in charge of the DSA, by reaching out to the U.S. government and embassies with the message that the new rules threaten transatlantic relations.
Inconsistent, no just playing chaos and a game plan.
Stephen E Arnold, November 2, 2020
Microsoft Security: Time for a Rethink
November 1, 2020
Not long ago, the Wall Street Journal ran this full page ad for a cyber security company named Intrusion:
The ad is interesting because it highlights the failure of cyber security. Evidence of this ineffective defense is revealed in reports from the FBI, Interpol, and independent researchers: Cyber crime, particularly phishing and ransomware, are increasing. There are hundreds of threat neutralizers, smart cyber shields, and a mind boggling array of AI, machine learning, and predictive methods which are not particularly effective.
“Microsoft 365 Administrators Fail to Implement Basic Security Like MFA” provides some interesting information about the state of security for a widely used software system developed by Microsoft.
The article reveals that researchers have found that 99 percent of breaches can be “prevented using MFA.” MFA is cyber lingo for multi-factor authentication. A common way to prove that a log on is valid is to use a password. But before the password lets the user into the system, a one time code is sent to a mobile phone. The user enters the code from the phone and the system lets the person access the system. Sounds foolproof.
The write up states:
The survey research shows that approximately 78% of Microsoft 365 administrators do not have multi-factor authentication (MFA) activated.
Another finding is that:
Microsoft 365 administrators are given excessive control, leading to increased access to sensitive information. 57% of global organizations have Microsoft 365 administrators with excess permissions to access, modify, or share critical data. In addition, 36% of Microsoft 365 administrators are global admins, meaning these administrators can essentially do whatever they want in Microsoft 365. CIS O365 security guidelines suggests limiting the number of global admins to two-four operators maximum per business.
Let’s step back. If the information in the write up is correct, a major security issue is associated with Microsoft’s software. With an increase in breaches, is it time to ask:
Should Microsoft engage in a rethink of its security methods?
We know that third party vendors are not able to stem the tide of cyber crime. A security company would not buy a full page ad in the Wall Street Journal to call attention to failure if it were just marketing fluff. We know that Microsoft admins and Microsoft apps are vulnerable.
Perhaps shifting the burden from the software and cloud vendor to the user is not the optimal approach when one seeks to make security more effective and efficient. The shift is probably more economical for Microsoft; that is, let the customer carry the burden.
Some Microsoft customers may push back and say, “Wrong.” Perhaps regulators will show more interest in security if their newfound energy for taking action against monopolies does not wane? Over to the JEDI knights.
Stephen E Arnold, November 1, 2020
-
- Subscribe to Beyond Search
Feature archive
News archive
-
