36 Years of the Digest ... founded August 21, 1981
Copyright © 2017 E. William Horne. All Rights Reserved.

The Telecom Digest for Sat, 03 Mar 2018
Volume 37 : Issue 52 : "text" format

Table of contents
Re: Why Amazon is sending you pictures of your front porchGarrett Wollman
Power, phones out in Ottawa Thursday after powerline falls Bill Horne
Broadband issues exploredBill Horne
AT&T has good and bad news for users of its limit-ridden unlimited plansMonty Solomon
23,000 HTTPS certificates axed after CEO emails private keys Monty Solomon
You're Probably Underestimating What You Can Do With Your iPhone Home ScreenMonty Solomon
Trustico website goes dark after someone drops critical flaw on TwitterMonty Solomon
---------------------------------------------------------------------- Message-ID: <p7a4fb$2ren$1@grapevine.csail.mit.edu> Date: Fri, 2 Mar 2018 00:04:59 +0000 (UTC) From: wollman@bimajority.org (Garrett Wollman) Subject: Re: Why Amazon is sending you pictures of your front porch In article <C1BBE24E-0893-4345-97FA-59C2CB7E1AEE@roscom.com>, Monty Solomon <monty@roscom.com> quotes a USA TODAY article that said: >Amazon has been quietly expanding a program over the past few months >in which some of its delivery providers take a picture of where they >put your package. The photo is included in the notice of delivery >received by shoppers so they know when it arrived and where to look >for it. If they did that for me, it would be a picture of my back steps, exposed to theft and the weather. After a dozen attempts I've given up trying to explain to them that they should leave packages inside the front door, where the mail bins are -- the message seems to be accepted by their customer service team but is never transmitted to the drivers. -GAWollman -- Garrett A. Wollman | "Act to avoid constraining the future; if you can, wollman@bimajority.org| act to remove constraint from the future. This is Opinions not shared by| a thing you can do, are able to do, to do together." my employers. | - Graydon Saunders, _A Succession of Bad Days_ (2015) ------------------------------ Message-ID: <20180302161103.GA27937@telecom.csail.mit.edu> Date: Fri, 2 Mar 2018 11:11:03 -0500 From: Bill Horne <bill@horneQRM.net> Subject: Power, phones out in Ottawa Thursday after powerline falls By Bryan Reynolds OTTAWA - Four AEP Ohio vehicles and seven employees converged at the intersection of Williamstown Road and Oak Street a bit before 1 p.m. Thursday to fix a downed power line which caused a power outage and CenturyLink phone service outage in the village. Brad Brubaker, 9-1-1 coordinator for the Putnam County Sheriff's Office, said they noticed the power was out for their business and company phone lines at around 12:20 p.m. The sheriff's office never lost power to the building but the power was down to the CenturyLink phone service, and 9-1-1 dispatch, for a couple of hours, he said. CenturyLink rerouted the sheriff's office 9-1-1 calls to a cellphone in the dispatcher office, Brubaker said. -- Bill Horne (Remove QRM from my email address to write to me directly) ------------------------------ Message-ID: <20180302160639.GA27906@telecom.csail.mit.edu> Date: Fri, 2 Mar 2018 11:06:39 -0500 From: Bill Horne <bill@horneQRM.net> Subject: Broadband issues explored By Alexis Bechman A potentially dangerous six-hour Internet and phone outage Sunday in Rim Country after a contractor inadvertently cut a fiber optic line in Pine has renewed interest in fixing the area's fatal flaw. The outage once again caused both a medical crisis and major headaches and lost sales for local businesses. http://www.paysonroundup.com/news/local/broadband-issues-explored/article_d14d8072-7510-5e35-8ee0-fba25380539a.html -- Bill Horne (Remove QRM from my email address to write to me directly) ------------------------------ Message-ID: <A20D8C18-9246-4F64-815D-AC9DC4BA5DA5@roscom.com> Date: Fri, 2 Mar 2018 07:08:53 -0500 From: Monty Solomon <monty@roscom.com> Subject: AT&T has good and bad news for users of its limit-ridden unlimited plans AT&T ends one speed limit but introduces a new one; some prices are going up. By Jon Brodkin AT&T today raised the price of one unlimited smartphone data plan by $5 a month and lowered the price of another by $10, for single-line users. Instead of the entry-level unlimited plan costing $60 and the better plan costing $90, the single-line prices are now $65 and $80 a month (plus monthly taxes and fees and a one-time $30 activation fee for each line). AT&T raised the family plan prices by $5 a month for both of these unlimited plans. For example, four-line plans that used to cost $155 or $185 a month now cost $160 or $190. (These prices are after a discount that may not apply on your first bill.) https://arstechnica.com/information-technology/2018/03/atts-unlimited-choice-plan-no-longer-throttled-to-3mbps-at-all-times/ ------------------------------ Message-ID: <2E280214-437F-4067-904A-029C507759E8@roscom.com> Date: Fri, 2 Mar 2018 07:14:10 -0500 From: Monty Solomon <monty@roscom.com> Subject: 23,000 HTTPS certificates axed after CEO emails private keys Flap that goes public renews troubling questions about issuance of certificates. By Dan Goodin A major dust-up on an Internet discussion forum is touching off troubling questions about the security of some browser-trusted HTTPS certificates when it revealed the CEO of a certificate reseller emailed a partner the sensitive private keys for 23,000 TLS certificates. The email was sent on Tuesday by the CEO of Trustico, a UK-based reseller of TLS certificates issued by the browser-trusted certificate authorities Comodo and, until recently, Symantec. It was sent to Jeremy Rowley, an executive vice president at DigiCert, a certificate authority that acquired Symantec's certificate issuance business after Symantec was caught flouting binding industry rules, prompting Google to distrust Symantec certificates in its Chrome browser. In communications earlier this month, Trustico notified DigiCert that 50,000 Symantec-issued certificates Trustico had resold should be mass revoked because of security concerns. https://arstechnica.com/information-technology/2018/03/23000-https-certificates-axed-after-ceo-e-mails-private-keys/ ***** Moderator's Note ***** Yes, Virginia, *THAT* is why you should always check for revoked certs. Bill Horne Moderator ------------------------------ Message-ID: <10F9209E-985E-412E-9C53-283D7EAC7829@roscom.com> Date: Thu, 1 Mar 2018 23:12:54 -0500 From: Monty Solomon <monty@roscom.com> Subject: You're Probably Underestimating What You Can Do With Your iPhone Home Screen You're Probably Underestimating What You Can Do With Your iPhone Home Screen http://randsinrepose.com/archives/youre-probably-underestimating-what-you-can-do-with-your-iphone-home-screen/ [This added quote is from the article pointed to above - mod] The first page of my home screen for my iPhone is a sacred real estate. It is the one screen where I carefully curate my apps. Placement and grouping are considered because the apps on my first screen are daily use apps. Because real estate is precious, each year I perform an annual reflection on this space. Apps are deleted or - worse - moved to the useless chaos that is anywhere else on my phone. ------------------------------ Message-ID: <298CB2C8-02B1-4B59-83DB-340AFD05CFF8@roscom.com> Date: Fri, 2 Mar 2018 07:11:45 -0500 From: Monty Solomon <monty@roscom.com> Subject: Trustico website goes dark after someone drops critical flaw on Twitter Outage comes a day after CEO admitted emailing private keys for 23k HTTPS certs. By Dan Goodin The website for Trustico went offline on Thursday morning, about 24 hours after it was revealed that the CEO of the UK-based HTTPS certificate reseller emailed 23,000 private keys to a partner. The website closure came shortly after a website security expert disclosed a critical vulnerability on Twitter that appeared to make it possible for outsiders to run malicious code on Trustico servers. The vulnerability, in a trustico.com website feature that allowed customers to confirm certificates were properly installed on their sites, appeared to run as root. By inserting commands into the validation form, attackers could call code of their choice and get it to run on Trustico servers with unfettered "root" privileges, the tweet indicated. https://arstechnica.com/information-technology/2018/03/trustico-website-goes-dark-after-someone-drops-critical-flaw-on-twitter/ ------------------------------ ********************************************* End of telecom Digest Sat, 03 Mar 2018

Telecom Digest Archives