A ‘smart lock’ seems like a fantastic idea/innovation/invention/whatever.

To some people.

Not me.

NEVER me!

Why the hell do I need an Internet-connected lock for my door?

I mean, if I’m not at the lock’s location, why do I need smarts in my lock?

What if electrical power is off, or internet connectivity in down?

Read this story.

This Internet of Stupid Shit really has legs….

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

On my mind today……

Windows & Microsoft

• As they rightfully should! After Racist Rage, Statues Fall Quietly
• Building out the Azure story.  Microsoft Acquires A Cloud Technology Company From Right Under Google And Amazon's Noses
• Awwww! Another feature slips out of the Windows 10 Fall Creators Update
• I had never thought of it before, but I agree wholeheartedly. Microsoft’s Photos fragmentation is driving me mad
• Good read. Can Windows Server Make Hyper-Converged Infrastructure a Boring Commodity?

Business & Technology

• It’s a surreptitious price increase. A billionaire-owned restaurant charged a ‘minimum wage’ fee. Outrage ensued.
• They should. But, they’re weak-kneed. Can Tech Stand Against White Supremacy?
• Ease of use will certainly decide which drone my Princess is getting this Christmas. DJI’s Newest Is a Small Step for Drones, But a Giant Leap for Dronekind
• A ‘smart lock’ seems like a good idea. Right? Riiiight!
• Am I the only one who thinks India is being fleeced because they’re paying an average of $108 million for an EFFIN’ helicopter? India clears purchase of six Boeing helicopters in $650 million deal
• Google Play is fast becoming a global malware distribution portal! 'GhostClicker' malware found in 340 apps on Google Play had 'millions' of downloads
• So, ‘resting-and-vesting’ has a new name? Inside the world of Silicon Valley's 'coasters' — the millionaire engineers who get paid gobs of money and barely work
• Read the August 2017 issue of The Engineer. Fantastic read. Always.
• Love it! Self-Driving Wheelchairs Debut in Hospitals and Airports
• This will be a game-changer, when cost-efficiently mass produced.  Harvard’s new self-healing rubber could mean the end of the road for flat tires
• Though just a concept, it does look cool. However, can it generate enough force for list and propulsion? QED. The Dyson of Drones
• Ooookaaay. An iOS 11 feature could let you quickly disable TouchID and keep cops out
• Yikes! Hiding malware in boobytrapped replacement screens would undetectably compromise your mobile device
• Definitely more than $2 billion, I would think!
• Probably not. Can Silicon Valley Disrupt Its Neo-Nazi Problem?
• A stretch, I think.  Amazon goes after gas stations and corner stores with ‘Instant Pickup’ option
• That’s a whole lotta trees! We Print 50 Trillion Pages a Year, and Xerox Is Betting That Continues
• This increases survivability 100%. Reliable Perching Makes Fixed-Wing UAVs Much More Useful
• Bigger IS always better! LOL For Wind Power, Bigger Is Better
• Wow!  How activists of color lose battles against Facebook’s moderator army
• For $10 a month, I would purchase a monthly subscription for myself and each person in my household. MoviePass Is Trying to Disrupt Hollywood — Will It Succeed?
• Today in Ammosexualville: The Rural Suicide Rate Is Driven by Men With Guns
• Scammers are always trying something.  People Are Losing A Bunch Of Money From These Scams On Amazon
• It would help. Movie Studios Are Thinking of Shrinking Theatrical Release Windows—Again
• Hahahaha Wal-Mart Applies for Patent for Blimp-Style Floating Warehouse

General Interest

• I actually agree. It’s a vestigial holdout that needs abolishing. Also is contradictory to “Go forth into the world and multiply”. The Catholic Church Can Start Fixing Itself by Changing Its Celibacy Rule
• That right there! Removing Confederate Statues Isn't Sanitizing History—It's Fumigating History
• Yes! Lucasfilm is working on an Obi-Wan Kenobi movie
• How true! Arnold Schwarzenegger to Neo-Nazis: Your Heroes Are Losers
• <giggles….insane giggles/> How Obama Is Owning ~/ on Twitter
• The North American XB-70 Valkyrie is the 2nd most beautiful aircraft ever produced. After the gorgeous SR-71A Blackbird, that is.  5 U.S. Technologies That Could Have Been Super Weapons
• Unknowing guinea pigs. Women of Color Are Bearing the Brunt of a Toxic Beauty Industry
• Wow! What Robert E. Lee Wrote to The Times About Slavery in 1858
• Damn! Some Consumers Are Calling Poland Spring Water 'A Colossal Fraud'
• Wow. The Kushner Rent Gouging Lawsuit Highlights A Bigger Problem
• Satire. But very true! Millions Willing to Work for Mueller for Free If That Would Speed Things Up
• Seriously, WTF Delta? Delta Jets Clip 2 Planes, Truck in 24 Hours at JFK Airport
• This guy is trying to get me to like the Sox!  Red Sox owner John Henry, citing racist past, wants to change name of Yawkey Way
• Sure. ‘I’m not a Nazi’: Michigan bar owner facing public backlash over Facebook posts he says were ‘bad humor’
• What bastard does this to a dog? Arizona woman shocked when dog with swastika painted on its head arrives at her door
• That Story About James Harrison Threatening Any Teammate Who Sits For The Anthem Is Bogus
• LOL A history of the New York Times discovering “exotic foods”

World

• An unintended consequence can be a powerful force. What Ferguson Means Now
• This would piss me off majorly if it happened to any of my sleds! Driver leaves £45k Mercedes in Bolton garage for respray - then uses phone to track it driving around Manchester
• Officials in Nigeria receive £985m in bribes every year

Politics

• Jesus Christ! Sucks major! The Most Racist Statue in America Is in ... Pittsburgh, and It’s the Most Ridiculous Magical Negro You’ll Ever See
• As they rightfully should! After Racist Rage, Statues Fall Quietly
• Weeping snowflakes. White Power Is About White Victimhood, and It’s Everywhere
• I hope it destroys them. Amen! The internet empowered Charlottesville white supremacists. It still has the power to destroy them.
• Good! All the Companies Who Say Hate Groups Can’t Use Their Services Anymore
• Nice. The Economist’s KKK cover pulls no punches, and neither does the story
• Take note, folks. The New Uniform of White Supremacy
• Expose them all! Charlottesville: Mo. man ID'd in viral photo
• He’s our worst nightmare: a racist in robes! A federal jurist, no less! Retired federal judge donated to hate group
• Good! ACLU rethinks defending hate groups protesting with guns: WSJ
• Truth hurts. The Myth of Jared and Ivanka Meets Charlottesville
• Is there a difference? “NO!”, is the right answer! Southern anger: Nazis, KKK 'hijacking' Confederate debate
• Did this ratfcker do the same when Blacks were – and are – actually killed? James Murdoch, Rebuking Trump, Pledges $1 Million to Anti-Defamation League
• No words.   OkCupid bans crying Nazi for life
• And this tweet is why I wouldn’t mess with J.K. Rowling. You shouldn’t even try either!
• Sadly, it never stops!  Dashcam video shows white cop punching black man during stop
• For real! White supremacists don’t think they have power? Look at the voting laws in the states they come from
• Bwahahahaha! ‘My life is over’: 21-year-old Charlottesville marcher whines over ‘outing’ by anti-fascist group

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

On my mind today……

Windows & Microsoft

• TLA types must be salivating at the prospects! Microsoft’s autonomous gliders seek out thermal updrafts to stay aloft
• Smart school. Major university switches over 35,000 students from Gmail to Office 365
• Nice win for Azure. Microsoft to power Baidu’s self-driving project outside of China
• Microsoft’s View 3D app finally delivers Apple ARKit’s coolest feature

Business & Technology

• Excellent news, if you’re a holder of INTC, or a stakeholder: Intel announces its next-generation Ice Lake chips unexpectedly early
• New battery tech is always exciting! Bill Joy’s New Battery
• My bullshit meter VUs are maxing out on this! This app is certified in the EU as a form of birth control. Is the US next?
• With each mention of how 3D printing will revolutionize yet another thing, I fear the hypetrain is starting to roll again! 3D printing will revolutionize how the Marine Corps fights
• Back when we thought big thoughts…. Sea Dragon is the Biggest Rocket We Ever Dreamed Of
• When you lay down with pigs, flies are your friend! From Aide to Single Mom
• Sadly, Hollywood thinks that all they need is the DMCA! Hacking in Hollywood: Why the Industry Needs to Shore Up Security 
• Excellent. Carpe diem! Seriously though, they have to have been very well connected to have obtained the VC’s phone number. These 2 teens cold-called Sam Altman and became the youngest founders ever accepted to Y Combinator
• Android is fast becoming a ‘use-at-your-own-peril’ OS! Messaging Apps With Surveillance Malware Made It Onto Google Play Store
• Nice!  Breaking the code: how women in Nigeria are changing the face of tech
• Cool! Cubesats Are Making Inroads Into NASA Science Missions
• That’s a lot of moolah! How Apple’s Deal with Google Clicks
• Isn’t that something else? It’s Not Just Google: White Male Discontent Has Come to the Tech Industry
• Is the Delorean brand that strong? A Flying Car From DeLorean Really Won't Need Roads
• One man’s meat… How Energy Hedge Funds Are Making Money as Oil Prices Stagnate
• LA deputies' private body cams raise transparency questions
• On making Keystone Kops look like Mensa mavens… 24 hours later, ANOTHER massive Wells Fargo fraud scandal
• Have we lost our tech edge in aeronautical systems integration? The Terrifying, Ongoing Mystery of Suffocating Fighter Pilots
• Why Aerospace’s Love Affair With Low-Cost Suppliers Is Fading

General Interest

• Seriously? This would shatter the dreams of young adults worldwide! Ménages à trois might be bad
• Good primer. The battle over Confederate statues, explained. Confederate statues have always been about white supremacy. That’s why they’re coming down.
• Wow. Pretty sure I didn’t want to know this! New Drone Footage Exposes the Horrors of Factory Farming
• Niiiice! Watch America's Three Heavy Bombers Fly Wing to Wing
• Does it still make sense to belong? Airlines make it harder to earn free flights for loyalty
• Interesting. Why do hotels still put a Bible in the nightstand?
• This isn’t new. Tim Brown has always shown himself to be a few tacos short of a full plate! He’s truly stupid, and rather imbecilic! Tim Brown Thinks Marshawn Lynch’s National Anthem Protest is ‘Negativity’
• Do they even think at all? What do flat-Earth truthers think is really happening during the 2017 solar eclipse?
• And that’s the effin’ truth! Video evidence is meaningless without accountability
• I love brain teasers! What Would it Take to Blow Up the Entire Earth?
• It IS patently unfair Berkeley Professor Aims To Eliminate Natural Hair Bans In Schools
• This will hurt us in the long run! Why students are choosing to go to college in Canada instead of the United States

World

• I agree. What a hero! Ken Frazier: The Strongest Man in the World
• Wouldn’t recoil slow this kind of drones even further? How is their survivability? Company's dystopian promotional video for drone armed with machine gun
• Time to pay the piper. Saudi Arabia's missing princes
• A looming fail. There’s zero accountability, so, what’s the point? Using the Blockchain to Clean Up the Niger Delta

Politics

• Cowards. Alla dem! A Charlottesville White Supremacist Stripped Down to Escape Protesters and We Got It on Video
• Excellent. Expose them all! Yes, your boss can fire you for being a white supremacist
• Again, excellent! Why the First Amendment won’t protect Charlottesville white supremacists from being fired
• Aaah, know-nothings! “Barack Obama is to blame”: 13 Alabama conservatives on Charlottesville
• He’s maturing… LeBron James Comments On Charlottesville
• This is how smart folks do this thing. Crews remove Baltimore's Confederate statues overnight
• Nah. Let’s just repeal Obamacare. At that time, all these problems will automagically vanish. Right? Rural America’s Childbirth Crisis: The Fight to Save Whitney Brown
• Fingers crossed. Nigeria: Economic Titan Of The Late 21st Century
• They just won’t quit! There Are Two New Fronts in the War on Voting
• Go already! Rebel yell: Southern nationalists again crying 'secede'
• Good guy! Kentucky mayor responds to Charlottesville by doing exactly what white nationalists don’t want
• Their wish won’t come true!
• The Prison-Industrial Complex. When Prisoners Are a 'Revenue Opportunity'
• Dammit! Florida school accused of offering students 'front of lunch line pass' for $100; parents outraged

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

We will never forget you.

Today’s Entry in the Internet of Stupid Shit Journal, is the ‘smart pillow’, which promises you a better night’s sleep.

They started a crowdfunding campaign to raise $50,000.

However, dumbfochs have gifted them over $350,000.

And the crowdfunding campaign isn’t even over!

John Obeto is CEO of Blackfriars Capital
© 2002 – 2015, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Out this past weekend for a family event with several members of my immediate and extended family, and chanced upon our kids with their electronic devices.

Sheeez!

For my ‘immediate-extended’ family the devices were

• Princess: iPad, Kindle Fire HDX;
• MN: Kindle Fire HDX, iPhone;
• KA: Kindle Fire HDX
• #2 Son: Kindle Fire HDX, iPad; iPhone;
• AN: iPad Mini, iPhone;
• #1 Son: iPad, iPhone;
• JeN: iPad, iPhone;
• OO: iPhone;
• JaN: iPhone; iPad Pro;
• CO: iPhone;

The adults were just as bad.

• Wifey: iPhone, Kindle Fire HDX;
• Wifey’s Clone: iPhone; Kindle Fire HDX
• Wifey’s other sister: some Android POC;

I wasn’t much better

• Me: iPad, iPhone; Dell Venue 8 Pro; HP ElitePad;

In my defense, the ElitePad was in a go-bag I always carry with me when I travel. Normally, it’s in addition to a laptop; however, I did not carry a laptop with me this trip. Neither did Wifey or our kids. (#1 Son is currently iOS-only, relying on his iPad and iPhone for all his computing needs.

So, between the 13 of us, we had 25 devices, with most lugging two devices.

The other husbands are pure luddites, with one even sporting a BlackBerry!

Thankfully, the event hotel allowed 6 devices per room.

The youngest kids, who tend to read a lot, and the moms like the Kindle Fire HDX. The ‘older’ kids liked iPads, with my Godson being the only iPad Pro user.

I was the lone Windows tablet user.

Apple iPhone won this contest going away, with the lone Android and BlackBerry devices as anachronistic “What Are Those’s?

No, there wasn’t a Windows Phone in sight. Or in the county, for that matter!

How cluttered are you and your family with electronic devices when you travel?

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Disruption, is good.

And any disruption which brings about the complete and total disintermediation of a manufactured, and artificially maintained monopoly, really warms my cockles.

Uber should have done that.

Slight correction: Uber did that. Initially.

For the incredible public benefit they have done in exposing, and almost driving to extinction the various taxi commissions around the country and indeed, in other countries, which merely exist to artificially limit the numbers of registered/certified taxi cabs that ply the motorways.

However, within a few months of Uber becoming ‘a thing’, they completely lost me.

At first I thought it was because I was not in their target demo.

Confession: I have never used Uber. I also don’t intend to use them. Ever. I enjoy the privilege of having alternative transportation provided ad hoc. For which I am, of course, grateful.

However, in conversations with those infinitely smarter folks than myself that agree to come down and engage with me, it dawned on me that my reasons from my growing distaste for Uber stemmed directly from the increasing number of revelations about the underhanded way Uber conducts business.

This year, the year of Our Lord 2017 Anno Domini, the former trickle of bad news has become a deluge.

In fact, there have been so many crazily insane stories about Uber that I have dubbed 2017, as “Uber’s #YearOfLivingDangerously”, hashtag mine.

This past weekend, I was away with mi famiglia, and since I actually traveled without a PC, I read the various fishwraps provided by the hotel. And lo and behold, in the New York Times, I read the pretty damning story, “Uber’s CEO Plays with Fire”.

Unbelievable!

It is a completely unflattering look at a company that embodies, celebrates, and festers a culture of deceit, a blatant disregard for regulations, and corporately completely disregards those laws that they don’t like.

Now, more than ever, I know why I don’t like them.

Please, go ahead: read that story.

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Seriously, why do the default apps in Windows 10 SUCK so much?

They used to be passable: Paint, Messenger, Windows Media Player, etc.

Now, the default, or ‘ships-with-Windows’ apps are a fugly compendium of barely useful wannabe-default-iOS-apps that aren’t as useful as I remember!

Take Mail, for example.

Seriously, take it. Take it away….to another universe.

Which still wouldn’t be far enough away for that piece of turd.

Or Groove Music app. And the Movies & TV app.

Why are there separate music and video players?

For which their forte is trying to a) upsell a subscription to a less-than-capable music or video service, or b) trying to sell or rent media.

However, they’re ham-fisted in trying to do ecommerce!

Hey, I’m all for trying to part bars of gold-pressed Latinum from the proletariat.

(This noble endeavor is enshrined in The Rules of Acquisition, from Rev. 1 to the latest, as published by the Ferengi Commerce Authority.)

However, their methods aren’t insanely bad!

It’s almost as it they have taken the worst behavior exhibited by Apple, namely that abominable iTunes piece of crap, and lionized it as the ideal for all their default offerings!

Meanwhile, formerly useful add-on bits such as Windows Live Writer, Windows Live Mail, Photo Gallery, and Windows Movie Maker, have been sunset without any replacements.

This, is the future?

Shake your corporate self, Microsoft!

Your default apps really suck.

Make a change.

For the better!

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Well, that was q-u-i-c-k, quick!

Yesterday, I made a promise to catalog, and expose the nonsense people were coming up with under the guise of the Internet of Things.

I decided I would class these stupid products as the Internet of Stupid Shit, hashtag #IoSS.

Today, this.

Are you foching kidding me?

A ‘smart’ garbage can.

Remember, when as a young adult, you thought of such a product after you had your first trepanning session?

WTF?

Actually, I take it back.

Even after a lobotomy, I don’t expect regular sapient humans to yearn to play with their garbage cans.

Now, even the so-called tech press is complicit is this silliness by touting this shit with breathless headlines like the ones throughout this blog post!

Shame on them!

It’s a garbage can, for goodness sakes!

The first entry in the IoSS Files is the ‘Smart Garbage Can’!

Filed under : The Internet of Stupid Shit.

There you have it.

Have you seen any of these abominations that I may have missed? Tweet at me @johnobeto

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

The ELE for humanity won’t be weather related.

It won’t even be due to bombardments by solar winds, the depletion of the Van Allen Belts, or an asteroid breaching Terra, or Luna being snagged by Jupiter or something.

It definitely won’t be by malevolent First Contact with otherworldly species.

No, it won’t be by those factors.

It certainly might be as a result of a brain-addled humanity mentally dumbed-up, Wall-E-like, by the series of nonsensical products flying under the moniker of “smart”, or “Internet of Things” labels.

These days, it seems everyone, and man + dog, are ‘inventing’ silly knick-knacks, calling them “smart-<insert product category here> because they have created an app for it!

I have seen smart toasters, smart percolators, smart bullschthako.

It doesn’t stop!

In order to protect my progeny from this onslaught, I am going to be posting, under a specific banner and associated social media hashtag, the most egregious of these as they come across my consciousness.

This series will be under the topic “The Internet of Stupid Shit”, and for which I hope to use the hashtag #IoSS to great jocularity.

See you online…

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

The HPE Proliant ML10 is the entry-level* tower server in HPE’s tower server inventory.

As part of the review series announced here, I received the HPE Proliant ML10 designated for an AbsolutelyWindows RealWorld Review

The ML10ReviewCo February 2017 Update
Last month, the owner of ML10ReviewCo approached up with a scope expansion: he would like an additional ML10 to use for a sister firm on a adjacent property.

Why?

He wants to physically isolate the Proliants for security.

However, when we look at his current ML10ReviewCo server capacity utilization over the past few months, and coupled with projected CapUtil for his new business, we find that both servers would be severely underutilized.

Even combined into the ML10, peak CPU utilization would hover under 48%.

So, we must go virtual.

Meaning, Hyper-V.

We will still acquire a second HPE Proliant ML10 for that firm. It would be used as a hot backup for the primary device, however.

We are also looking to leverage HPE’s virtual storage appliances for this firm, just to see useful they could be in such a small business.

Stay tuned.

Note
The HPE Proliant ML10 review unit at ML10ReviewCo has been provided by HPE for review by AbsolutelyWindows.

.Logikworx has, and is donating resources and personnel for this review series.

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

This is Part IV in a 4-part series on print security, HP printers, and how the HP Print Security Team is trying to protect your printer from both the bad actors out there, and inadvertent ineptitude within your organization. (My choice of words, not theirs. J )

In the concluding article, Part IV, I am going to give you my thoughts on HP’s offerings, particularly highlighting where I think HP is excelling, and where they are failing.

Our world today is a highly-connected one.

Everything we do is in some form connected to the ethereal cloud somewhere in order to deliver immediacy, connectedness, and community.

Printers get hacked all the time.

This isn’t new.

In fact, first known printer hack occurred in 1962 when a Xerox printer was modified with a camera to snoop on the Soviets during the Cold War.

Today, printer hacking is much more sophisticated.

And as with personal computers, the ultimate goal of break-ins now is financial. Yes, don’t be fooled: be it for IP, or direct financial misappropriation, these are thefts. For monetary gain.

Oh and yes: for your monetary loss!

[Your] Printers As a Malware Entry Endpoint

In Part I, Part II, and Part III of this document, I believe I touched on the many ways a printer, being an endpoint on your network, could be surreptitiously repurposed as a malware entrepôt into your network/computing environment.

This is NOT an academic exercise. It is happening. Now.

And getting more sophisticated daily.

For example, see that drone buzzing your high-rise office building?

So, what is HP doing?

(1) HP has identified the threat

The first step in conquering – or, at least, ‘managing’ – a threat, is identifying that there is a problem.

Thankfully, HP has done this.

Not only have they ID’s a threat, but they have put together a printer and print security team tasked with mitigating the problem from the root – design, to the branches – end users.

(2) HP is creating printers that are secure by design

HP makes sure that security is now part of printer DNA.

HP business printers now have the following:

• HP Sure Start, which secures printer BIOS
• Firmware Whitelisting, which secures printer firmware
• HP Printer Run-Time Intrusion Detection , which keeps printer memory safe, and
• HP JetAdvantage Security Manager, which keeps an enterprise’s HP printer assets safe

(3) HP has a printer security consulting arm to help enterprises

Not every enterprise had modern printers in their inventory.

However, most of those printers are networked, and may not be patched on schedule, or regularly, or ever, even.

Having a security consulting SWAT team, so to speak, allows HP to help enterprises with several generations of HP printers not only bring them up to date, from a security standpoint, it also presents a sales/upgrade opportunity.

Once companies are faced with the fact that some of their printers can no longer be upgraded to meet their current compliance requirements, then a new printer (or printers) is needed.

Excellent double-dippin’.

(4) HP is adding a cloud-based printer security schema

No official word on this.

But, I'm sure it does. It has to.

The wealth of information it can use from such a cloud-based scheme would be invaluable

Is HP doing enough?

From a technological, and product standpoint, yes.

HP is providing locked-down printers, and the ability for companies to not only inventory their printers, but to leverage enterprise authentication products such as Microsoft Active Directory to create and apply policies that help define printer security.

However, it is not enough.

Why not?

Because of the weakest link in the chain, namely, humans.

As long as there are humans in the chain, there are bound to be some lazy, or incompetent users.

And while HP has rather reduced the ability of lazy nincompoops to fubar a computing environment using HP printers, I see the following two issues as needing to get implemented to further reduce the likelihood of future breaches.

They are:

(a) Make Printers locked down to local network only

I’m not a hardware or networking maestro, however, the first thing I want to see HP do, is make sure all HP printers, not just the pro/business printers, are set, by default to ONLY connect to the local network or LAN.

All this stuff where printer HAVE to be connected outside the LAN to be properly set up, or to download software, or unpleasantly, to sell more ink.

Make end users explicitly unlock the printer to access the Internet, or externally.

(b) Make sure Printers DON’T automagically become Wi-Fi hotspots

Imagine my surprise when an HP business printer an acquaintance installed in their business this very month was set up as a Wi-Fi hotspot?

Are you kidding me?

Why is this even a thing?

This development alone has the potential to eviscerate all advances HP is making to print security.

Finally…
Apart from the little blips above, which I will be escalating to the HP print security team for more information, I think HP is being smart here.

The HP printer operation, at nearly $20 billion in revenue, is large enough to be a Fortune 500 firm.

For a business like that, a major breach has the potential to damage the brand beyond repair in that space.

As a result, it is refreshing to see that HP realizes this, and is doing a lot to make sure they secure the printers, and by proxy, the computing infrastructures that HP printers are connected to.

That gives me confidence in HP printers.

As it should for you as well.

Moreover, for our MSP operations, it is another way of looking out for them.

We can help them inventory and identify their printer assets.

We can help them patch and secure those printers.

We can help them remove the printers that don’t conform to company policies.

And finally, we can help them replace those outdated printers with new devices that are complaint with stated company policies, and industrywide security best practices.

This can, and should be the case for you as well.

You must secure your printing environment.

If you utilize HP printers, avail yourself of their products, and security products.

If you have standardized on non-HP printers, make sure your printer OEM has similar products.

If they don’t, perform an ROI on what a breach would do to your firm, both monetarily, and in terms of brand damage.

Then evaluate HP printers.

In this series

1. Off to HP Print Security Bloggers Day
2. Why Should Organizations Care About Print Security?
3. What HP is Doing about Print Security
4. My final thoughts on HP Efforts on Print Security. (This post)

HP Print Sec Tech Day 2017 sponsored content

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

This is Part III in a 4-part series on print security, HP printers, and how the HP Print Security Team is trying to protect your printer from both the bad actors out there, and inadvertent ineptitude within your organization. (My choice of words, not theirs. )

In this post, I list what the HP Print Security Team is doing to identify and combat the threat posed to your infrastructure by errant printers.

In the concluding document, Part IV, I will give you my thoughts on HP’s offerings, particularly highlighting where I think HP is excelling, and where they are failing.

Printers get hacked all the time.

This isn’t new.

In fact, first known printer hack occurred in 1962 when a Xerox printer was modified with a camera to snoop on the Soviets during the Cold War.

Today, printer hacking is much more sophisticated.

And as with personal computers, the ultimate goal of break-ins now is financial. Be it for IP, or direct theft, or ransomware, or as part of a botnet, or whatever.

Yet, you have the lowly networked printer. Left alone invitingly for no-gooders to access.

Print Security Ostriches
It is quite telling that in an IDC survey of 2,000 IT security professionals, 56% of them – 56%! – did NOT see printers as a source or factor in a potential breach of their networks, or infrastructure.

62% of this group also revealed that they overlook IT governance best practices and policies, and do not ensure that hard drives or memory, is wiped, and/or destroyed.

Moreover, a depressingly mind-boggling 77% of them do not have access controls or SIEM tools activated on their printer inventory!

*SIEM: Security Information & Event Management tools.

Hopefully, we won’t descend into ‘acronymania’!

These are security professionals, mind you.

These are security professionals?

This quite lackadaisical attitude towards a very real, very visible, and rather well-documented threat is almost certainly a sort of malfeasance on the part of these security professionals. And bothering on nearly criminal, if you ask me!

Bad Printer Security is a Potential Brand Killer
Against this backdrop is HP, the global leader in printers.

HP’s dominance in the printer space is the stuff of legend, as they have innovated their way to the top here, racing past the Xeroxs, IBMs, C.Itohs, everyone! They dominate from the smallest consumer printers to mammoth devices that do everything, including producing wraps for automobiles.

Anyone who has printed a document in the past going-on-30 years, as almost always used an HP printer.

For them, print security has the potential to be a brand killer.

That realization came to them early, and for over the past decade, HP has had a print security team tasked with not only imbuing their printers with the best, most unobtrusive security they can deliver, but also with detection and interdiction of malware and malefactors who focus on printers as an attack vector.

Technically a ‘fixed-function computing device’
At the dawn of personal computing, your average printer was basically a print engine receiving data already rasterized by your PC.

Today, things are different.

HP’s print security team knows this, and treats printers just the same as they treat computers on a network.

“Why?” you ask. “That’s overkill!”, you declare.

Is it?

Look at the following image, which describes the componentry in PCs, and contrasts it with those in printers.

I dare say there is some overlap.

Printing is risky

How risky?

View the image below.

It shatters the comfort we have just thinking that print security can be only about securing the hard drive in the device. From the device BIOS to the output tray, and all stops in between, your printer has vulnerabilities that can be exploited by any bad guy. (Bad guy as used here is non-gender-specific.)

Meanwhile, the threat landscape is rapidly evolving, with participants now looking for the ‘holy grail’ be it state-sponsored actors hacking for espionage or strategic spoils, or true criminal enterprises looking to break into your infrastructure for a monetary reward.

By all indications, printers are the weakest link in most networks or computing environments. And they will sadly remain so until, and unless IT professionals realize the dangers they pose if not adequately secured, and managed.

So, what is HP doing about this?
(A) Identify The Threat
After seeing the above landscape, the HP print security team set out to identify the top printing security concerns. They narrowed it down to these seven:

(B) Develop Baseline Security Metrics for Print Infrastructure

(C) Develop an industry wide framework that encompasses the position printers occupy in an enterprise.

By looking beyond just HP products, HP can stave of stagnation and myopia, and see what others are either doing or not doing, and leverage it.

(D) Develop a detailed strategy to protect HP printers, their data, and customer networks

Cyber Resilience

HP’s security efforts around print security has coalesced around a concept they dub “Cyber Resilience.

Create the world's most secure printing system

• a) Securing the device
• b) Securing the data,
• c) Securing the document by creating a secure managed print service, and
• d) Establish a Print Security Advisory Service

Securing The Device
HP’s steps to secure HP printers involve the following.

HP Sure Start requires the BIOS to verify that it is using a signed version, using whitelisting to also ensure that firmware components are also approved.

Real-time intrusion detection schemes allow the printers to detect, and reject attacks as they occur.

The lynchpin of HP’s printer hardware device security arsenal is the HP JetAdvantage Security Manager.

HP JetAdvantage Security Manager workflow is described in the graphic below.

The capabilities built into HP JetAdvantage Security manager are numerous, and keep evolving based on the evolution of the threats HP printers face, and because of innovations coming from HP.

I hope to be able to snag a JetAdvantage PM for a briefing very soon.

Securing the data

This requires a knowledge of network security, the device(s), Microsoft Windows, and of [Microsoft] Active Directory.

To help, HP enterprise MFPs have over 250 security policy settings available which allow sysadmins and security admins to adequately lock down their printer assets to suit business needs.

Securing the document by creating the HP Secure Managed Print Service

Establish a Print Security Advisory service

This is a corps of print security consultants who will work with client on

1. Education and risk assessment
2. Security Policy Guidance
3. Solution recommendations.

The HP Print Security Advisory Service focuses on the following:

• Access Control
• Asset Management
• Build & Release
• Business Continuity
• Data Security
• Governance
• Information Security
• Log & Security Incident Management
• Logical Access
• Network Security
• Patching and Anti-Virus
• Personal Security
• Physical Security
• Security Configuration
• System Acquisition & Development

Is this enough?

Looking at this intensive list, it is obvious that HP has given printer, and print security a lot of thought, and is deploying a largish amount of resources to protect their clients’ print infrastructure.

Is this enough?

In Part IV of this series, I will give you my thoughts on it from an MSP viewpoint.

Stay tuned.

In this series

1. Off to HP Print Security Bloggers Day
2. Why Should Organizations Care About Print Security?
3. What HP is Doing about Print Security (this blog post)
4. My final thoughts on HP Efforts on Print Security.

HP Print Sec Tech Day 2017 sponsored content

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Sometimes, I amaze myself.

I’m serious.

Back in 2011 when Apple iPad was all the rage, I happened to take part in a little debate arranged by NetworkWorld Editor-in-Chief John Dix.

My assertion, then, and as yet very unwavering now, was that the iPad was a niche evolution of the PC.

Not a revolution.

Not at all!

In fact, my primary position was, and is:

My debate opponent of course thought iPad heralded the post-PC era.

Nyet.

Today, iPad sales are down and have been for several quarters, and non-[Windows-based] tablet sales are in the toilet.

It’s almost the Second Coming of Netbooks!

And yet, sales of both Microsoft’s Surface tablets, and the entire Windows-based tablet ecosystem, are on the rise!

Thankfully, NetworkWorld still has the debate up on their site.

And don’t look now, but Apple released the iPad Pro with a keyboard back in 2015.

Validating my April 4, 2012 tweet where I stated

Go ahead and read the debate while I busy myself patting me on the back!

If you only use your ipad with a keyboard, don't make any noise about what a great tablet it is. You're using a touch-enabled laptop, okay!

— John Obeto II (@johnobeto) April 5, 2012

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Logitech is a PC peripheral company that has amped up its design chops to Level 11!

Their latest goodie is the Logitech Spotlight presentation remote.

This sleek presentation remote sports a 3-button interface with gesture capabilities.

Connectivity to your PC is via an equally sleek built-in USB dongle, or integrated low-energy Bluetooth. Additionally, your PC is kept awake and connected throughout your presentation when using Spotlight.

According to Logitech, that’s not all.

It comes with a built-in USB-C interface for fast charging, which I understand should last up to three months with a full charge, based on usage. A full charge takes about an hour, while users should be able to eek three hours of presentation time from it after a one minute charge!

Haptic feedback is also included, with Spotlight buzzing to notify you of a low-power condition. The battery indicator also glows red when a recharge is required.

In my preview tests, the Logitech Spotlight is rather easy to master.

While I haven’t gone 100 feet away from my PC in the five presentations I have directed using the Logitech Spotlight, I can attest to the extremely long range it afforded me.

Spotlight is compatible with PCs running Windows and OS X/MacOS, and with PowerPoint and other presentation software.

I will be posting a full review shortly.

*Thanks to Ann F.

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

The Smart City Just Might Be an Engineer’s Unfulfilled Dream

“It is I, Arthur, son of Uther Pendragon, from the castle of Camelot. King of the Britons, defeater of the Saxons, Sovereign of all England!” – King Arthur, “Monty Python and the Holy Grail,” Michael White Productions, 1975

We’ve lived most of our adult life in Silicon Valley or what some call a bubble environment.

You know:

• Everyone and nearly everything is connected 24/7.
• Everyone has 4-5 devices with them all the time.
• Days are filled shoveling data from here to there and then to there.
• Stuff happens and it happens overnight, in the blink of an eye.

While the Valley may have been the first, there are bubble areas seeded all around the globe including:

• M4 Silicon Corridor
• Science Park Amsterdam
• Silicon Docks/European Silicon Valley
• Silicon Allee
• Aerospace Valley
• Softwarepark Hagenberg
• Australian Technology Park
• Central Taiwan Science Park
• Sangdo Science Village
• King Abduaziz City for Science and Technology
• Kansai Science City
• Silicon Wadi
• Silicon Alley
• Silicon Forest
• Silicon Hills
• Silicon Slopes
• Canada’s Technology Triangle
• Silicon Valley North
• Research Triangle
• Porto Digital

They are magnets for start-ups and people from around the globe.

Global Attraction – Technologists from around the globe go where the total environment is best for them to make a contribution or breakthrough. For them, it’s not just a job, it’s the complete ecosystem.

People who want to develop the next great idea and share all of the great things are drawn to the area and everything it has to offer.

Countries, states, cities hustle the new ventures – and wildly growing firms – with a wide range of inducements and visions of what the area has to offer:

• Great place to work, live
• Proximity to excellent educational systems
• Open to diversity
• Opportunities to succeed, grow

The problem is there’s no long-term plan for Silicon Valley or NYC’s Silicon Alley or similar areas to handle the growth; which means some of the smart visions we have will be difficult to accomplish.

You know smart car, smart home and the holy grail--smart city.

Let’s use Silicon Valley as an example.

The Valley now extends from San Francisco down to Gilroy, highlighted by company towns:

• Menlo Park – Facebook
• Palo Alto - HP
• Mountain View – Google
• Cupertino – Apple
• Santa Clara – Intel
• San Jose – Adobe, EBay, Cisco

It’s not a definitive list, but you get the idea.

And there are hundreds of spin-offs, new ventures and out-of-area firms requiring space constantly.

Along the way, a lot of ventures fail and are rolled over by new dreams.

Take Cupertino’s Vallco Park Mall for example.

Fallen Short – The Vallco Fashion Park was started years ago to attract consumers from all of central Silicon Valley but it just never captured mindshare. Today, it stands vacant.

For some reason, it never clicked and sits virtually vacant, although surrounded by new construction.

The owners came up with what seemed to be a great redevelopment idea -- a 55-acre mixed-use neighborhood with up to 2 million square feet of office space, 625,000 square feet of retail and 800 residential units.

Located right across the highway from Apple’s spaceship headquarters that’s under construction, it seemed like a great idea for people to live and work.

What’s not to like?

“The Hills at Vallco features an unprecedented 30-acre community park and nature preserve, which will not only be the largest community park in Cupertino, but also the largest green roof in the world,” said a statement from Sand Hill Property Co., the developer behind the $3 billion project.

Breathing New Life – Developers have proposed converting the Vallco location into an ecosystem that includes homes, offices, shops and a rolling park. Since it’s not part of an overall area plan, local citizens find it easy to resist the project.

Topping all this would be a 30-acre park and walkways.

The undulating green roof—designed to buffer the residential locations from neighboring industrial sites—would be crossed by a 3.8-mile network of running/walking trails. Vineyards and orchards, an amphitheater, playgrounds and banks of native plantings to attract local wildlife would also be designed and incorporated on the roof.

A great idea as a project but …

For the time being, like Silicon growth projects around the globe, it’s on hold because folks who already staked their claim in a dream home/community don’t want more traffic, more kids in “their” schools, more chaos in their busy lives.

Years ago, I used to drive on a quaint two-lane blacktop street through a grove of walnut trees to a nice home, good-sized yard and swimming pool.

Still “own” the home but BAM! the orchard is now a community of more nice, albeit expensive, (for newcomers) homes.

Like most thriving technology centers, the Valley added 65,600 jobs and 39,800 residents over the last 12 months, increasing the growing shortage of housing.

People like those who forced the Hills of Vallco to be put on hold get it.

Just not in my neighborhood.

And the same holds true in Brooklyn and the Berlin Burroughs, as well as local communities in Tokyo, Toronto, Sydney, Shanghai, Dubai, Johannesburg, Amsterdam, Seattle, Charlotte, Saint Petersburg and Stockholm.

Of course, the industry has a solution … the smart city.

Complete Connection – Developers and architects have a clear vision of tomorrow’s city with everything and everyone connected. The challenge is that smart cities don’t appear overnight with people being displaced/inconvenienced.

People who own brownstones in NYC or Boston, an apartment in Amsterdam, a house close to London or Saigon or a home in Los Altos or Sunnyvale agree.

Just not in my neighborhood.

In the meantime, San Francisco and LA inch closer to each other in community after community.

Collision Course – Like two solar bodies, the visionairies who plan the smart city of tomorrow are usually on a collision course with people who have finally achieved their dream of home ownership.

The challenge is that tech communities are going from suburban to urban with nothing in between.

Folks in Palo Alto, Tiburon and Los Gatos love their small-town atmosphere. That’s why they live there.

People are in love with the smart city idea.

Just not in my neighborhood.

So we have projects being carried out in every technology area without a long-term plan as to what the silicon corridors are going to look like in 50 years (2068) or even 2042.

That means your neighborhood (and mine) has a patchwork of status quo - everything the way it is – plus.

Interruptions – To upgrade the infrastructure and produce portions of tomorrow’s cities, citizens endure traffic interruptions and growing traffic problems.

With no one responsible or accountable for long-term growth; designers, developers and elected/appointed officials (who look to keep the job in the next go around) go for short-term, uncontrolled hyper-growth.

Whether you’re on interstate 35 going out of Austin or 101 out of San Jose, you see how area builders and planners are solving the problem … move the affordable housing further out and people will come.

Despite the inconvenience, people aren’t willing to give up their sanctuaries in the burbs so they commute an hour plus by train, bus, car and even plane.

Of course, there’s a way to bring commute times down. Simply build higher-density apartment complexes and townhouses near worksites and along public transit corridors.

Or maybe a more palatable solution would be to build out our communications infrastructure by upgrading to 5G and becoming more flexible in where/how people work … micro office complexes located closer to where people live rather than the headquarters.

5G can have speeds up to 100 times faster than current 4G networks and handle 1,000 times more traffic volumes.

Even in the most densely populated cities like NYC, Singapore, Hong Kong, Tokyo, Seoul, Berlin, London or Montreal; people could stream 4K video and make huge data transfers to work (and play) together more efficiently and more effectively without daily mind/body-breaking commutes while still enjoying their community, home, family.

Maybe the smart city of tomorrow is horizontal rather than vertical?

You know, it will work and like King Arthur, you can say, “Well, you have to know these things when you're a king, you know.”

More affordable housing and workspace is needed in every silicon center but tearing down to build up is the anathema to all of us who say that’s great…

Just not in my neighborhood.

Then, the Hills of Vallco might look more appealing to folks in that neighborhood.

G. Andy Marken is founder and president of Marken Communications

 

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Munich abandons Linux?

Seriously?

Stop the presses!

MUNICH ABANDONS LINUX!!!

Ain’t that something?

Or, as Flo would say, “Ain’t that ssssspeciallllllll?”

Isn’t it?

For years, we have been fed a lot of soup about how Linux was the way, how the “Linux Desktop“ was going to supplant Windows.

Right!

In my blog post, The Linux Desktop, posted on April 16, 2007, I scoffed at not only the idea of a Linux desktop, but of the several rags and glossies attempting to foist that abominable OS on the desktop.

Which, without a doubt, it was, and is, ill-suited for.

Yet, the madness continued, with several countries, especially those in the former Western Europe, seizing the opportunity caused by the troubles Microsoft had with the EU’s antitrust authorities as an opportunity to attempt to develop desktop and server operating system alternatives to Windows.

Yes, they liked Linux, because a) the creator was European, and b) it wasn’t American, despite UNIX being largely open source as well, and without a doubt vastly superior to ALL forms of Linux!

People, their efforts were to naught.

For a while, nary a day went by when the tech news wouldn’t have at least an article of some governmental agency in Europe jumping on the Linux bandwagon.

The largest of these was the city of Munich, in Germany.

In 2003 or thereabouts, the city of Munich – hereinafter to be referred to as simply ‘Munich’ – was a pioneer in Linux.

After being schneidered by local yum-yums into it, the city moved en masse to Linux, abandoning Microsoft Windows in a wholesale fashion. They became both the flagship, and the poster city for this nonsensical move.

Supposedly, it was to save money. However, it was the horde of open source yobs wanting to establish Silly Valley Europe that were prompting governments to act stupidly. And profiting quite handsomely from these Linux installations, thank you!

Again, I was beyond skeptical.

I could see that these efforts to create  local European open source operating systems were doomed to fail. And to do so spectacularly!

However, this obviousness escaped the powers-that-be, well steeped as they were in their ardor for the creation of a local hero OS.

In my September 22, 2007 blog post titled, The Linux Flameout: 7 Reasons, where I expatiated on an article I had read on InformationWeek.com.

To me, the most important reasons for the flameout were a) numerous incompatible distros of Linux, and b) porting issues and expenses.

Basically, that Linux was, and is, a forking mess, a very witty play on the fact that Linux had forked into so many distros

Still, no one seemed to care. Especially Munich.

A few years later however, the Swiss canton of Solothurn, another municipal Linux pioneer, having used it since 2001, decided that that they had had enough, and like Roberto Durán after that pummeling by Marvelous Marvin Hagler, screamed “No MAS”, and yanked out their Linux installs for Windows.

I asked the question, “Who’s Next?”, in my blog post Swiss Canton of Solothurn Rejects Linux, published September 22, 2010.

I then moved on, trying not to beat the issue to death.

Fast forward to today…

I just read that Munich, long heralded as the touchstone for both municipal and large-scale installs, will/is/might be moving back to Windows, because, get this: the savings from using free-to-acquire Linux haven’t materialized.

After 12+ years!

Well, welcome back, Kotter!

To crown it all, the second reason for this pending switch is something you and I know: users hate the efft out of it.

That second reason is no joke!

Seriously, outside of open source adherents, fans, and admins, no one – NO ONE! – likes any of the Linux UIs.

No one.

Now, unless Microsoft steps in to make the transition less financially biting, the poor people of Munich will pay the price of a transition to Windows, which is an upgrade to the abominable version – any version, actually – of Linux, that they have been using.

This financial cost will come atop the years of using a below-standard OS foisted upon them by open source clowns who wanted sold them on the free cost of the software while hiding the fact that the true costs associated with using Linux are hidden in those support contracts.

The Bottom Line
Don’t be fooled.

There is NO magic bullet.

Everything costs money.

Whenever a Linux fanboi tries to sell you their stuff, ask them where their margins are. Ask them why they are peddling it. Ask them how much their profits will be. And most of all, make sure you know what the support contracts cost.

You will find out that all in all, a Microsoft stack including Software Assurance, costs less per user than the supposedly-free Linux.

Again, don’t be fooled.

From my Wayback Posts

• April 16, 2007, The Linux Desktop, Absolutely Windows.com
• September 22, 2007, The Linux Flameout: 7 Reasons, NetworkWorld.com
• September 22, 2010. Swiss Canton of Solothurn Rejects Linux, AbsolutelyWindows.com

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

While I was at the aerodrome the other day awaiting entry into my stasis pod for a short day trip to LaLaLand, I overheard a fellow traveler sanctimoniously admonishing another passenger over the fact that she wasn’t covering her laptop camera with some tape or such.

She informed him that if someone got into her computer, the webcam was the least of her problems. Moreover, she said, she didn’t use the laptop while indelicately dressed, or have confidential stuff around while computing.

It wasn’t enough for him.

I tried to MMOB, but the guy was relentless.

He then brought up the fact that “[Facebook’s] Mark Zuckerberg covers his laptop webcam..”.

At this point, you just know I had to step in.

“Sir,” I said, (actually, I didn’t say ‘sir’, and didn’t want to ), “do you have all webcams in all of your devices covered?”

“Yes”, he replied.

Excellent, I told him. Because some people only think of their laptops.

He agreed with me on that.

Then, I slipped in a plastic spork between his ribs: “I assume, you have that done on your iPads or tablets too?”, I asked.

No, he didn’t.

“You must be joking, I exclaimed!

Then, and only, then, with his mouth slightly agape from the virtual bleeding caused by the shock of the spork wound, I decided to mercifully administer the coup de grâce, hitting him with virtual flensing knives: “Please don’t tell me you do not have the cameras on your phone, both rear and front-facing, covered for security purposes as well?”, I asked, with an Oscar-class performance of a completely aghast countenance on my melon.

He didn’t.

I don’t.

Neither do you.

People, stop this bullschtako.

I can understand operatives at TLA security organs covering up their webcams, and being mungo paranoid. It’s their job to be so.

Not you.

Not me.

They have hardened devices.

With which they are extremely careful.

Our Smartphones
Our smartphones are the most intimate devices we own.

We take them everywhere.

Everywhere. Bedrooms, boardrooms, bathrooms. Heck, some people even take them into the shi**er and orinatoio. Not me, but, to each his/her own.

Without the cameras being covered!

See where I’m going here?

If, your laptop, which generally has a single, weak, low-resolution user-facing camera, warrants the extra security measure of you taping over that camera’s lenses for privacy and whatnot, what about your smartphone?

Yes, your smartphone, which almost always dual high resolution cameras that are pointed in two opposite directions for near 360⁰ coverage?

That smartphone?

Isn’t the covering-up-the-webcam practice a security placebo?

Y’all have a good day now, bokay?

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

Why Print Security?

That simple question exposed prevailing lackadaisical attitudes towards printers, and an almost criminal forgetfulness on the part of IT admins and IT security staffers about the fact that printers can expose them to harm. Both externally, and sickeningly, when it happens internally!

After our introduction to the event by Ed Wingate, VP and GM for HP JetAdvantage Solutions, we got into it.

I was thoroughly fascinated by the session “Why Should Organizations Care About Print Security”.

Led by HP Chief Security Advisor Michael Howard, this eye-opening session delved into how the lowly printer could be used for crimes and tasks so nefarious, most of us haven’t even comprehended how!

As the session went along, I thought of all the printers at all the locations of all the businesses we manage.

It was, frankly, nether-puckering!

Internet access was speedy there, but even if it wasn’t, I wasn’t going to wait: I immediately troffed off an email to my EVP asking him to initiate an immediate inventory of networked printers at our managed firms, and see where we stood.

As declared earlier, this deeply engrossing session tried to show how even if you reduced your company’s attack surface to what you thought was manageable for your computers and servers, not doing so for your printers left you with a gaping hole so large, a toddler could drive a Mack truck through it.

My takeaways are below.

Your Printer is an Endpoint
Where is your printer located?

Behind your firewall, right?

On your network, eh?

With access to everything, huh?

Most networked printers are embedded with a little web server in order to easily facilitate management. In case you did not know.

These web servers tend to be full-featured web servers just being used for a single purpose.

However, they are, full-featured.

Meaning that any intruder, if he or she has access to that device located behind your firewall and other security devices, could wreck havoc with your firm, or enlist your printer as part of a zombie army of RaTs (Remote-access Trojans) engaged in large-scale criminal activities.

Your printer.

Your Printer is a gateway
You do know that your printer is an entrepôt into your computing infrastructure, right?

While my examples above are of folks who want to use your printer for external crimes, think about what your printers are used for, how many confidential document go across the wire to those devices daily?

Oftentimes, print security is thought of as ‘’local access security’ only, where jobs sent to print are secured until the sender or the recipient logs into the print device(s) to create their output.

What if there was someone waiting to intercept those documents for financial return to them? What if the documents attached you or your firm to a crushing liability that would end up killing your company?

Remember, again, that all that a bad actor needs, is remote access to your printer.

Your printer has intelligence
You printer these days, is basically a computer dedicated to performing a fixed task of printing.

It almost always has a CPU, which was a RISC CPU for so long. Then, I believe, low-end x86 CPUs. Today, I will almost bet that they use an ARM processor. Complete with an OS, networking, and storage. Most business-class printers today are equipped with scanners.

I read earlier that scanners are particularly bad for your print security health because they keep electronic images of you document(s) in their caches loooong after you think they should – no, must – have been deleted.

And open ports. Lots of open ports! Lots of lovely unsecured open ports.

You printer is always listening
And what is your printer doing through those lovely open ports?

Listening.

Always listening for work, or for orders to perform work.

In performing work, you printer is happily conscience-free, agnostic to the provenance or intention of proffered orders. Only consumed with fulfilling those orders.

Do you see the fail here?

Your printer is seldom patched
Even I, am guilty of this.

Prior to now, any time the HP print devices here throw up a notification that a firmware patch or a software patch is available, I have always tended to treat those notifications are extreme annoyances, and disregarded them.

No longer!

The session showed us how we basically hang neon lights out our electronic doors asking for criminals to hack us when we leave our print devices unpatched. Rather unlike what the norm is with our PCs and servers.

Your printer is inadequately managed
Most people can’t tell with any reliable amount of certainty just how many print devices are in their inventory. They are also unaware of how many of those devices are intelligent enough to be used as drones for attacks, possibly bringing down their network, or, in extreme cases, open the company up for tortious actions.

A detailed, quantifiable management scheme is needed to identify, manage, and harden printers on company networks.

As I see it
Print security is not only necessary, it must be an integral of your IT playbook.

Printers hung on your network must be part of a holistically-managed fabric that inventories, categorizes, patches, and allows access to and with them, based on the whims of the primary user the print device has been issued to.

Nothing else will do.

In this series

1. Off to HP Print Security Bloggers Day
2. Why Print security (this blog post)
3. What HP is Doing about Print Security
4. My final thoughts on HP Efforts on Print Security.

HP Print Sec Tech Day 2017 sponsored content

© 2002 – 2017, John Obeto for Blackground Media Unlimited

Follow @johnobeto

The Alternate World of Virtual Reality at CES

“I can carry nearly eighty gigs of data in my head.” – “Johnny Mnemonic,” Tristar, 1995

Even though industry analysts are lukewarm on the success of VR (virtual reality), you couldn’t tell it as you navigated around many of the booths during CES with HMDs (head-mounted displays) taking you into fantastic immersive worlds and games.

Ups, Downs – Gartner’s Hype Cycle reveals trends affecting start-ups and investments. When the interest is building, new folks rush to VCs and quickly get money to develop their barn burner. Then the MBA VCs realize too many folks are chasing the same rabbit so investments drop and reality settles in.

But it was hard to say “Whoa” when CES was so content-centric this year.

Jeezz, you were dodging folks stumbling around blindly with HMDs at every turn.

With the units strapped on, all I could think of was horses with blinders.

Leading up to the show, industry analysts were suddenly saying Whoa to VR and were lukewarm to the technology’s wild success forecasts for mind-twisting, fantastic immersive worlds and games.

The big problem was newbies, VCs (venture capitalists) and pitch people put VR in the same bucket with augmented (Pokemon Go) and anything with a headset. No wonder they couldn’t see the forest for the trees!

Whe-e-e-e

They were riding the consumer VR hype train that left the station when Oculus’ Palmer Luckey put on the Rift.

They didn’t know where the train was going, but they were getting on board!

Most of the publicists called the stuff in their booth the real VR thing--computer-tethered (Oculus Rift, HTC Vive, Sony and…) or smartphone clamp-on stuff (Samsung Gear, Google Daydream, Zeiss and a gaggle of others)--even if they were only showing 360 content.

Despite the enthusiasm slump, growth is on the horizon because the major processor folks (Intel, Nvidia, AMD, Qualcomm, Samsung) have already made a wholesale commitment to the new space.

And the major players (Alphabet, Facebook, Sony, Samsung, HTC) have jumped in with both feet.

When I caught up with him at the show, VR filmmaker Lewis Smithingham (30ninjas) said, “This is one of the few technologies in history that all of the major players have weighed in on and invested early. That’s had a profound effect on how quickly products that are solid and economic have become available.

“Unfortunately, it’s just been overhyped,” he added. “It will continue to grow, but probably won’t have such a giant spotlight until 2018.”

Huge Someday – VR is super cool and will be huge in a few years, but success seldom occurs overnight. The market requires a total ecosystem – hardware, software and content. Then it needs consumer acceptance beyond the early adopters. That requires more time than people want to recognize.

His estimates coincide with a recent report by Greenlight Insights that notes growth will be relatively modest for the next five years, becoming strong by 2026 ($38B in revenues).

Officials at Nvidia’s and Intel’s booths were more bullish during the show about how quickly the market will expand, noting:

• the working tools are in place
• every game developer is delivering or developing fast-moving, white-knuckle, immersive games
• both firms have been working closely with Hollywood studios, and 2017 will mark the opening of nearly a dozen tentpole VR films

“We’ve spent the past few years working on the infrastructure development which is key to VR’s success,” a member of the Intel team noted. “Experience it just once and you know it’s going to be a category that is growing.”

Not Really New
Actually, VR has been the stuff of science fiction since the early 1900s with the development of the Link Trainer for pilots; and even earlier with 360-degree viewing. The Link Trainer saved the aviation industry billions of dollars and probably hundreds of lives.

Nip ‘n Tuck – While kids think VR was developed totally for their enjoyment, it has been invaluable in educating and training--especially in the healthcare industry. With the consumerization of the technology’s hardware and software, costs have come down quickly in these areas.

It wasn’t long before the educational community saw how it could enhance and enrich student training. Not as exciting as playing Wayward Sky or watching Invisible but then no one wants to be a surgeon’s first for an operation.

Folks at CES say the VR market could reach $10 billion by 2018.

The challenge is the market is segmented:

• If you’re a heavy gamer or want to be in a fantastic, breathtaking movie; you’ll use a computer powered by NVidia, Intel or AMD or a game console. People who really care about visual quality know it takes power to move smooth, jitter/buffer-free VR.
• If you like decent on-the-go gaming or brag-about-it videos from YouTube or Facebook Live, slap an HMD on your smartphone and go for it. The biggest issue is going to be your smartphone because the display and processor inside can make a huge difference. In addition, the units generate a lot of phone heat and put a tremendous drain on the battery.

Most market analysts treat VR as one big bucket.

The Tractica team is one of the few that views mobile (hardware, software and use) as a unique market.

Mobile VR – The emerging VR market isn’t a one-solution-fits-all. Many feel that over the long haul smartphone HMD VR will be the dominant viewing/playing platform.

True there will be about 3B smartphone users worldwide by the end of the year; and only about 2B PCs, but the immersive quality difference between the two is night and day.

Game On
CES attendees seemed to enjoy the active participation with the VR games; pitting themselves against zombies, aliens, bad guys and spooky environs.

Standing next to the PlayStation VR demo, one of the Sony folks explained that the immersive and involved play that is possible with VR will drive the rejuvenation and expansion of the video game market.

“Nothing compares to the thrill, excitement you experience when playing one of the new VR games … nothing. Gaming will make VR mainstream!” he emphasized.

I didn’t want to burst his bubble but I’m pretty certain movies, video (very good content) will dominate VR entertainment. But then, I don’t do games!

Still, when it comes gameplay, I had to sanity check with someone who really knows the market so I checked in with Mark Poppin, of BabelTechReviews, who has been testing games on Nvidia-powered PCs as well as consoles and other systems.

He pointed out that VR gaming can’t be judged by the initial offerings because many of them were “worse than bad.”

A lot of good VR games are rolling out and our forum has been very excited about the strength of the graphics and opportunities in the fresh releases. The good games really point out the problems of stuff that’s just been thrown together.  Good VR lets you become part of the game and makes it different, more challenging every time you put on your HMD,” he explained.

"Thank Heaven for VR game reviewers and social media to point the good ones out," He added.

Despite the shortcomings of smartphone HMDs for game play, even VR filmmaker Smithingham enjoys them for a break from work.

VR Storytelling
However, for the great VR movies scheduled for release this year and for most VR video projects (documentaries, travelogues and immersive and personalized entertainment), he believes HMDs will have to be tethered to a PC … the more power the better!

“Mobile works very well for things like streaming YouTube and Facebook videos,” Smithingham noted. “You know, the social media stuff and 360- degree marketing. But right now, there’s a limitation with mobile. You’re sucking up 4 to 5 times the bandwidth 4K video requires. They have to overcome the laws of physics.”

If you’re like my kid, you’ll want both – the on-the-go smartphone HMD and the gotta-be-in-the-middle-of-it – with his PC HMD. Try both flavors and you’ll “know” which is best for the kind of stuff you want to play/view.

Of course, there were rumors that next year; we’ll see a standalone (not tethered to something) HMD with its own display, processing and wireless connectivity. But that’s only a rumor.

Regarding the movies we viewed on the show floor, one thing was apparent, “This year’s VR movies and video experiences are going to be freakin’ awesome!”

And with the industry’s drive to consumerize VR, the reduction of hardware/software costs has dramatically accelerated.

Capture Tools
It was perhaps most apparent with the wide range of 360/VR cameras being shown.

Jaunt, Nokia, Lytro, GoPro’s Omni and Sphericam’s camera that includes timesaving automatic stitching software were evident at the show and looked like overkill for the consumer shoot/view event.

There was a wide array of $100 - $500 consumer level 360-degree cameras shown by Samsung, LG, Alli, Bubl, Kodak, Giroptic, Nikon, Ricoh and 360fly as well as a number of cute VR attachments for your smartphone.

While these will appeal to YouTube and Facebook video folks, a major concern is that the VR experience might impair widespread acceptance and enjoyment of virtualized video.

Major studios like Fox, Disney, MGM and Lionsgate; as well as leading-edge VR filmmakers shoot and review scenes and content multiple times to ensure the final content doesn’t produce an “argument between the mind/body” which can result in nausea and headaches.

Pro Cameras – While there were a bunch of low-cost 360 cameras unveiled at CES, Lewis Smithingham (r), president of 30 ninjas, found units like the Shericam 2 being held by company founder Jeff Martin to be the preferred choice for serious filmmakers.

Sphericam’s Jeff Martin (founder) noted that the film experiences people have are totally different from films the industry has been producing for more than 100 years where the producer controls the storyline and flow of the film.

“It’s not like you slap a GoPro rig in a racecar and drive around the track,” he cited. “That’s fun once but a really good VR film puts the viewer squarely in the center of the story and he/she controls how the story unrolls. Filmmakers are learning how to guide the viewer with little plot hints – like Hansel & Gretel bread crumbs – but it requires experimentation to get it right.”

Content Plus
Sphericam’s founder Jeff Martin noted that the film experiences people have are totally different from films the industry has been producing for more than 100 years where the producer controls the storyline and flow of the film.

“It’s not like you slap a GoPro rig in a racecar and drive around the track,” Martin said. “That’s fun once but a really good VR film puts the viewer squarely in the center of the story and he/she controls how the story unfolds. Filmmakers are learning how to guide the viewer with little plot hints – like Hansel & Gretel bread crumbs – but it requires experimentation to get it right.”

Content Plus
Strictly for VR research purposes at the show, I stopped by the Naughty America VR booth. I think this is a return of adult entertainment to CES, which as I recall was encouraged to seek another venue about 10 years ago.

Ian Paul, Naughty America CIO, noted that according to Google Trends (they track everything), interest in the VR subject area has increased 9,900 percent in the last 17 months.

At CES, the company went to great lengths to point out they were platform agnostic. Their “members” could use the HMD of choice -- Samsung Gear VR, HTC Vive, Oculus Rift, Google Daydream, Zeiss VR One, Sony PlayStation VR. They even encouraged headset manufacturers to swing by and see how well their gear delivered.

We politely declined to check the content – honest – after one individual summed up his experience as … “Awkward!”

To compensate for the massive streaming downloads to mobile HMDs, the company used adaptive streaming technologies.

But we prefer immersive entertainment that we can talk about in mixed company and our kids can participate in like Gone Girl, X-Men: Days of Future Past, 28 Days Later, Die Hard, Predator, Office Space, Martian VR, Jurassic World VR and the new stuff coming out this year.

We got hooked on the possibilities of VR films after seeing early demos two years ago at SMPTE and the quality of work students had created for this year’s conference.

Getting it Right – Lewin and his team spent hours shooting, stitching and editing their work on Invisible to get the content just right for the viewer to control the storyline using Nvidia-powered systems and lots of fast SSD (solid state drive) storage.

And after seeing the work Smithingham had done for Conan 360 and Don Liman’s recently released Invisible mini-series, it’s easy to see why filmmakers say they have only scratched the surface of what they and the viewer can do with the technology.

The foundation has been built and the games, video content and applications are available; but the ramp-up of hardware/system sales will take a few years.

That’s probably why folks formed three groups just before CES:

• GVRA (Global Virtual Reality Association)
• CTAWM (Consumer Technology Association Working Group)
• VRIF (Virtual Reality Industry Forum)

The first is hellbent to educate the consumer about VR hardware (and increase sales).

The second was formed to provide “ecosystem-wide leadership” as new stuff is developed/released. I guess that’s why the first thing they’re going to do is develop a glossary of AR/VR definitions.

VRIF seems to be more focused on open industry standards. They advocate a consensus for the creation of an interoperable, end-to-end ecosystem that will give filmmakers (and game developers) non-proprietary tools to produce content folks can distribute (monetize) that people can use/enjoy.

That’s what will make Johnny Mnemonic and everyone else say, “I want to get online... I need a computer!”

But as CES folks said, Whoa!”

# # #