Author: Jason

  • AI Questions About This Site and Me

    Use this field to ask a question to Jetpack AI about the contents of this site.

    For example, I asked…

    Who is Jason

    and it returned…

    Jason Lamb is an IT Manager and the author of the blog where the documents were found. In one post, he shares a personal story about being put on Rear Detachment (Rear-D) while his unit deployed, highlighting the feelings of disappointment and frustration that can accompany such situations in the military. Another post introduces Luke through an Instagram link, providing a glimpse into the author’s personal life. Additionally, there is a post discussing a recent outage of a VoIP phone provider and the importance of knowing a service’s status page for business continuity.
    Furthermore, the blog has a post titled “But Not Me,” where Jason Lamb addresses other individuals with the same name, including a doctor at the Avon Lake Animal Clinic, a web designer in Virginia, an author from Canada, and other professionals with the name Jason Lamb. It seems that Jason Lamb has a long history in web design and technology, with years of experience and a passion for sharing information and experiences through his blog. There is also an “About” page on the blog that provides more background on Jason Lamb’s experience as a web designer and IT Manager, along with insights into his web history and interests.

    Let me know what interesting questions you ask and the info it returns. Add a comment below after you try this.

  • Fake Recall Notice

    I just got a news brief notification on my phone. It read, “about 2.2 million vehicles” and “nearly all Tesla EV models”… I wonder if they know of other Tesla models that are not EV?

    https://www.foxbusiness.com/fox-news-auto/tesla-recalls-2-million-vehicles-us-warning-lights-issue – Elon Musk, chief executive officer of Tesla Inc., during a fireside discussion on artificial intelligence risks with Rishi Sunak, UK prime minister, not pictured, in London, UK, on Thursday, Nov. 2, 2023. (Tolga Akmen/EPA/Bloomberg via Getty Images / Getty Images)

    CLICK BAIT, Thanks Fox Business and really any news publication that just released this story.

    If a car or any electronic has the ability to push ‘OTA’ (Over-The-Air) updates via Wi-Fi or Cellular, then is it really considered a ‘recall’? They may have been forced to do it by the NTSB but a recall implies action on the end user to do something.

    When I got a recall on my baby car seat, I was contacted by the manufacturer, I sent them a picture, my address, and a quick form and was sent a new base with the issue resolved. Arguably, a new component cost the company much more money then some code edits. I am not saying a Software Developer’s time is not valuable. I am saying it cost a company far more money to manufacture and ship a piece of hardware versus the time to code some software and push it out to all impacted users.

    As my friend pointed out, if a software update was considered a recall then my iPhone and Microsoft Windows computer gets ‘RECALLED’ at least once a month…

    https://www.foxbusiness.com/fox-news-auto/tesla-recalls-2-million-vehicles-us-warning-lights-issue

  • Outlook vs OWA

    Outlook vs OWA

    I am defining Microsoft 365 Outlook app on your computer vs Outlook Web Access via https://outlook.office.com/mail/.

    Here is a side-by-side comparison and I bet you can’t tell which is which? There are only subtle differences. This is a screenshot from my 2 24″ monitors and on my work account with Microsoft E3 license with Office build version 2311.

    It’s pretty easy to see that Microsoft is wanting no difference between your installed app and your web app versions. I can bet this is for easier development. I can also bet you that the install outlook is actually running on some emulated html code unlike other actually installed apps. You can tell this when it loads and also the settings page.

    There is one way to tell which screenshot is which but I don’t want to spoil the fun of you guessing. And no, I am not using some special version of Microsoft insider preview build.

    Leave a comment below with your guess on which is the Desktop App or the Online Version?

  • The Big Four Oh

    The Big Four Oh

    Guest who’s turning 40? THIS. GUY.

    I am going to run a social experiment to see how many of my friends, family, or followers see this and/or participate.

    How do you feel about me?Link$# Rcvd
    I Like Youhttps://jasr.me/40$0.40
    You’re Coolhttps://jasr.me/4bux$4.001
    You’re Very Coolhttps://jasr.me/440$4.401
    I Love Youhttps://jasr.me/4d$40.00
    I Absolutely LOVE YOU! (with a tip)https://jasr.me/4444$44.44

    These links will all take you to PayPal.


  • Securing Your Domains

    If you are responsible for any website domain, PLEASE make sure you secure you registrar account, setup MFA and have a long complex password. If you lose access to your registrar account or your hosting account and/or FORGET to renew your domain then the bad guys definitely will help you out by taking it over. I just spent about 4 hours helping a friend track down ownership of their domain. It is hosted on WordPress and luckily I still have admin access to that. They have email from that domain and it is hosted with Google Admin. We were also able to reach out to the company who hosts the domain, albeit pro bono for the last several years, something they would love to offload. I contacted GoDaddy and since I can’t provide proof of a GoDaddy account then I am in a Catch 22 right now. I did submit an email to [email protected] and submit a request on their site changeupdate.com. The key to this whole thing is the whois record. It shows Wild West Domains as the registrar which I know is a reseller (subsidiary) of GoDaddy. Unfortunately the domain was renewed on 11/1/23 which either means it was automatically renewed and we need to find the good owner, OR it was forgotten about and a bad guy purchased and renewed it on their account and is looking for a big pay out. We know also the WordPress has several updates needed and the content on the site has been completely changed to some Japanese blog. I am now waiting on the abuse department to reply back to my request.

    If this domain was not set to auto renew then it goes to the open market after so many days and is fair game for anyone to renew. This actually happened to Google a few years back. So if a large company can lose access to their domain then so can you. – https://jasr.me/lost-google-domain  

    Stay tuned for more on this story…

    Update:

    I was able to get access to the domain dns and it was an account that has been set up years ago and forgotten about. I update the account info and password and documented everything. The host was able to restore the site for a couple of minutes by overwriting the WordPress core files, but the bad script soon took over again and the site is still in a hacked state.

    My options now are to wait for the host to make a backup export and send to me via a FTP account that I setup for them so I can restore the site files and sql database on my host or to completely start a new WordPress site and start from scratch. I’m hoping for the first option.

    I just loaded the site and see it’s restored on the front end but the backend admin portal is still hosed.

    And just refreshed and it’s back to bad…again.

    Stay tuned for more updates on this website recover journey.

    LinkedIn Post

  • Izzy Tech Support

    Izzy Tech Support

    #BabyIzzy was very talkative before I started filming. Once I started she was confused. I also put my headset on her and she was trying to figure that out…

    I think she will be a great customer service rep.

  • GRC Link Shorteners

    Source: https://www.grc.com/securitynow.htm – Leo Laporte and Steve Gibson as Star Trek characters. “Live long and prosper.”

    I have created an Excel doc that I am tracking all of grc.sc link shorteners. This is an Excel file stored in Dropbox, with my own link shortener to make it easier to go to.

    https://jasr.me/grcsc

    I have referenced grc.com and Security Now many times on this site. I started listening to it faithfully back in 2010 when my then new boss and now friend enlightened me to wonders of Leo Laporte and the Twit network.

    GRC is Gibson Research Corporation and SC is Short Cut

    Here are the links to subscribe to the podcast and show notes.
    https://www.grc.com/securitynow.htm & https://twit.tv/sn

    Often times Steve will reference an external website, article, picture, or other media and then he makes it “short cut of the week.” He used to use bitly but then people started to pre-register the same bitly links for his show and then he created his own shortcut domain using YOURLS. I liked this so much that I also created a shorter domain jasr.me and used YOURLS for my implementation.

    Thank you Leo and Steve for this long lasting podcast. 999+
    As of this writing there are 942 episodes.

  • The History Of My Web Domains

    I will build this out chronologically and explain what I have done in the last 20 years on the web. Starting with indycrewworld.com in December 2004.

    December 2004 – purchase indycrewworld.com from luckyregister.com and host on powweb.com
    This started my journey in to web development.

    October 19, 2005 – purchase icwnow.com from luckyregister.com and host on powweb.com

    These are other domains that I was involved with in the past:

    nxlvlent.com bluestartwarriors.com mlambphotography.com mlambphotography.info jk-entertainment.net blackriverkennels.com doubleunlimited.com greatlakeslawnscape.com luckytouchchimneysweeps.com kristiseymour.com pclprobiz.com

    These are other domains I currently own and when they were first registered.

    icwnow.net – 11/11/10

    jasonlamb.me – 4/12/12

    jasrasr.com – 5/22/17

    jasr.me – 8/29/22

    jasonlamb.co – 10/14/22

    MORE TO THIS STORY, COMING SOON…

  • World Architecture Day & Cybersecurity: Building a Secure Foundation

    Not my own words but I think they are important enough to share. Thank you Tom Blair (IT Director at Middough Inc.

    As we look ahead to October 2nd, we anticipate the celebration of World Architecture Day – a day dedicated to honoring the art and science of designing and constructing spaces that shape our world. Just as architects meticulously plan and build structures to withstand various challenges, we, too, must fortify our digital landscape against the ever-evolving threats in the cyber world.

     In the spirit of this occasion, we would like to draw parallels between the principles of architecture and cybersecurity to emphasize the importance of safeguarding our company and personal data.

    Strengthening Our Digital Defenses

     In the world of architecture, the foundation is the key to any resilient structure. Similarly, in the digital realm, our collective actions are the foundation of our security. Let us take this opportunity to discuss critical steps that each of us can take to enhance our digital security, while drawing parallels to architecture:

    Cybersecurity Awareness: Just as architects understand the materials they work with, each team member should have a basic understanding of cybersecurity. This knowledge is akin to an architect’s deep understanding of construction materials, enabling them to make informed decisions for the structural integrity of a building.

    Password Hygiene: Like using high-quality materials in construction, use strong, unique passwords for your accounts. Think of your password as the structural framework of a building—strong and resilient.

    Multi-Factor Authentication (MFA): Implement MFA, which is akin to adding multiple layers of security to a building. It ensures that even if one layer is compromised, there are additional barriers to protect sensitive areas.

    Phishing Awareness: Be vigilant against phishing attempts, which are like unexpected design flaws in a building. A keen eye for detail in architectural design helps identify flaws, much like your ability to spot suspicious elements in emails or websites.

     Software Updates: Regularly update your software and devices, just as architects ensure buildings are well-maintained. Updates often include security patches that protect against known vulnerabilities – similar to ongoing maintenance in the architectural world.

    Safe Browsing: Exercise caution when visiting websites, just as architects assess the structural integrity of a building before entering. Only enter websites you trust and avoid unsecured connections, much like entering a well-designed and maintained structure.

    Our Collective Commitment to Security

    On this World Architecture Day, let us commit to building a strong, secure digital foundation for our company. Just as architects imbue their creations with creativity and innovation, let us infuse our cybersecurity efforts with the same spirit of ingenuity. We must continuously adapt and improve our security measures to protect our valuable assets and uphold our reputation.

    Remember, just as architects transform blueprints into awe-inspiring structures, our individual and collective efforts can transform potential vulnerabilities into robust defenses. Let us celebrate World Architecture Day by fortifying our digital world and ensuring the safety of our company and clients.

    Thank you for your dedication to our shared mission and let us work together to build a secure future!

    #iheartarchitecture #middough

  • It it’s not tied down…

    This just just shows that the bad guys are only getting better. No matter how much security we think we have, we need to constantly test ourselves. “…attacks always get better, they never get worse…” #BruceSchneier

    Given enough time, the bad guys will find a way. It’s unfortunate, but true. The bad guys are highly motivated by money. There is a LOT of money in being bad. There’s not enough monetary motivation to being a good guy. You just have to want to do it for moral reasons. On a recent #SecurityNow podcast, Steve Gibson laid out all the millions of dollars that were gained by the top recent attacks and the company behind those attacks.

    If you are responsible for your company’s security then you need to educate your users regularly on security measures and best practices. If you are a human and have any username/password combination then you MUST use MFA when you can, or when offered. Time-based is way more secure than SMS. You MUST use a reliable password manager because you MUST NOT use the same passwords on different accounts. Help yourself stay secure because the bad guys will help themselves to your data. I PROMISE YOU!

    #security #data #motivation #podcast

    Courtesy: Steve Gibson from #SecurityNow Podcast – grc.com/sn/sn-928-notes.pdf