Category: Security

How the IATA travel pass can verify USA or other countries vaccine cards

Paul
Example of a CDC Vaccine Card

Verification of Vaccine Cards

Several countries around the world are wanting people to have a way to verify that people who are coming into their country has gotten the vaccine. There have been a number of news articles of people who have faked the vaccine card for one reason or another usually just because they don’t feel like they need to get the vaccine. Requiring vaccine cards have never been new or original in traveling around the world. There has always been countries that require vaccines like rubella or Hepatitis B vaccine to enter their countries. We’ve seen many countries who would like to proof of vaccine and proven ways to knows that it’s not forged.

Stopping the forgery

Each country is wondering how they can stop the forgeries of vaccine cards. No country wants to have take financial responsibility for someone who might get really sick due to the covid19. This is why countries are really wanting way to provide a way to know that someone has gotten the vaccine. The problem is that some people think they really don’t need the vaccine because of herd immunity, so why are they so worried about it. It’s one way to know that their immune system has been given enough protection from getting the severe version of covid19. I am sure there are other reasons and that is what I always hear.

The IATA Travel Pass Verification

When I say that IATA could verify that each vaccine cards in the USA or other countries to be authentic, is saying something that no other airline could do. If countries are looking to verify that the vaccine cards from countries that don’t want to share their vaccine data due to laws, such as the US. They can at least do some minor things while you register for a vaccine passport on their IATA travel pass app. I’m going to talk in length about this so please be patient and maybe someone will actually implement this in the IATA Travel Pass app.

There are several ways they can verify the picture of the vaccine passport to be authentic. They can have the Iata travel pass do image searches to see if there are images that are unique or close to the same exact type that is being submitted. There are several ways you can do that:

These are only two of several ways they can search the web and find out if it is not authentic or original, from the vaccine card that is being submitted.

Images not on the Internet

What if the criminals are being sneaking and keeping these cards off the internet. What options do the Iata Pass have to verify that it isn’t be used in other countries or accounts on the IATA travel pass? This is where it gets really interesting because there are several ways that can be used to verify that the vaccine card hasn’t been used in the past. They can get the Hash Value of the picture and store it in their servers for later on. Don’t worry, the hash value doesn’t save the picture on the server but keeps a copy of the hash value so they can search for that value and probably even keeps the account that it is associated with it for security reasons.

Imaging Hashing by pyimagesearch

As you can see it’s is really an easy process for phones around the world to hash a picture and send the hash to server to either use it to search for a copy or to record it so no other person can use it. I really suggest you go check out the pyimagesearch site and see all the ways that can be used to search for a duplicate hash. This would be a great resource for people to authenticate if they have a unique vaccine card or not.

Examine the Metadata

Metadata is according to Google “a set of data that describes and gives information about other data.” Basically when you take pictures with your phone, your phone records what type of phone was being used and many different things sometimes including the GPS location of the image being take. So they can examine the metadata and see a lot of stuff from the submitted picture of the vaccine card is coming from and also keep record of that information also in a database for reference for obvious reasons. They can also prevent photos being used if they have been edited before uploaded, for example there is a good little photo editor like Snapseed. It’s a great little app that can be used in Android devices to edit or change a photo.

Once it has been edited the metadata would show that it was edited by snapseed or any other photo editing software and thus should be thrown out for security reasons like that. So if someone is trying to get around the vaccine authentication they probably would have a very hard time in verifying there vaccine card.

This is what I would think should be implemented when making the IATA travel pass to help governments to know that the vaccine cards are as authentic as possible. I won’t say that people will not come up with ways to still submit forgeries, that will always be a problem. It however will make it more difficult for people to do that. It is my hope that we won’t have to use this for very long and this would just be a stop gap way to get travelers back to traveling around the world.

What do you think about this idea? Do you think they did this or do you think they will do this in the future? What’s your experience with the IATA travel pass?

How Nvidia LHR Graphics cards will work. Are they even worth it?

Paul
Someone from Ebay selling their 2070 super for that much!

All over priced GPU’s

Well you can see that there are several different types of people who are trying to sell cards.   Those who get them out right and buy them and then turn around and sell them on sites like this for even more money.   I really can’t blame people for doing this after all the demand is high for really good Graphics cards.  The problem right now is the crypto miners are using them to get bitcoins and even dogecoins.   It is a constant problem because of how much people can make with mining rigs to get bitcoins or even dogecoins.  Although right now the Bitcoin, and other crypto miner coins are dropping in value rather fast, we really don’t know if it will keep going down or go even higher in the future.

Nvidia Announced Low Hash Rates

A few weeks ago, Nvidia announce the LHR Graphics cards that is being made in the future.  The low hash rates will go into effect when the gpu thinks it will is being used to mine and will drop the hash rates to half to discourage miners from buying gpus to crypto mine for coins from all the most common miners.    There are some really big problems ahead for those who might want to bit mine.   So now that they made this announcement what is the likelihood that they find a way to get around this bitcoin limiter?

Will it work?

Many people wonder that, and I am also really curious about it.  I can only surmise what it will likely be like and we can then go ahead and see when the finally release it.   I am hopeful that it will be hardware locked, meaning that no one can change with any possible way.   This should make the miners go somewhere to get their hardware.   I have heard of miners trying to unlock this feature but I think I’ve heard it because of the firmware updates.   This isn’t a hardware but a software lock and those can easily be hacked and changed.    Hardware locks are those that are not able to be modified or changed and thus should make it far less likely for the miners to even try to use them for their mining rigs.

Will it make any difference in gaming?

This part is also something I really don’t know much about but Nvidia has said that it will not make any difference in speed and use of the GPU for gaming since most of them don’t use hashes to run games and when it does is just to check a file is correct and that is far and few between.  I can surmise that if it does make a difference it will be so slight and not even hardly be seen by the gamer.   The frame rates and speed of the games I can’t see that creating any problems in the game play.

When will it be released?

It is due to happen sometime at the end of this month or at the beginning of next month.   Don’t expect too much to happen at first launch and I don’t know what the prices will be.   I’ve been looking all around to see when they will start selling but Amazon, NewEgg, and Even other stores around the internet have yet to show any signs of selling those cards yet.   You’ll know when you see the box, I am sure it will say something like low hash rates or will have the LHR on the box somewhere to make sure to let the crypto miners know that it isn’t something they may want.   This is just one of those steps we will have to watch and see how that will evolve in the future because I am sure the crypto miners are going to try to find way to get past the hash limiter and make it to where it will work just like normal.

Will you use it?

Now here’s the ultimate question, will you use it when it get released just to because you’ve been waiting for that GPU to put in the system you’ve built or are you going to just wait and see what people say about it?  Why not leave a comment and tell me what you think will happen and is this a good idea or a bad idea?

You are not being investigated, or is there suspicious activity on your account!

Paul

Social Security Card - Illustration

Keep getting scam Calls

Today alone I got two identical scam calls from a local number.   The Automated message warned that I was under investigation because of suspicious activity on my account, and I should dial 1 to talk to a representative.   I really need to record this message and write down this automated messages just because it is obviously a red flag right there.   There seems to be a lot of people who don’t know anything about these types of scams but here is what I already know before I even dial 1 just to keep the scammer busy for a few more minutes.   I’m going to talk about some of the ways you know that it is a scam.

They Prey on your Fears!

This one is quite obvious to me at least because they want you to give them money or make it seems you are going to be arrested because of a debt or even your tax information is out there.   I am sure that my information is never truly going to be private and I’ve talked about it time and time again.   So I have to believe that it will eventually leak and someone will try to do something to use it against me.   I am hopeful by the time they do that I won’t be alive to even worry about it.

There is a warrant for you arrest!

This is another one that I’ve heard recently by the phone scammers, they like to use this one with debt scam and trying to scare you to pay a debt or maybe not even that just to scam you for money.  Either way, if there was a warrant for your arrest then you’d have someone knocking on your door this instant.   Also if this is in relation to a debt than it is against the law, the Fair Credit Debt Act prevents creditors from doing this such thing to get money from you.

Social Security Administration

This is another red flag for anyone who gets a call from them.   This is an obvious scam because social security will never call you.   If there is a problem they will send you mail through your mailbox and not from a phone call.

Phone Number

It usually is a local number and or number that isn’t being used.   9 times out of ten, if you had any call id information it will look like a local number calling you.   Again, they like to spoof their number and keep you from know where they are truly calling from or the real number.   So when I hang up with them, I call that number back and find out the number is no long in use.

Won’t give you any information

They will never give you any information about why they called you or where they are calling from, or even give you a real number to call to confirm that this is them.  I even tried to ask for the exact address from where they are calling from, they just hung up.    Also be wary even if they give you their federal employee number, that another way they will use to get you to either give them money or steal your identity.

Never Give them any Information

This one goes without saying, no matter what never give them any of your information including but not limited to you Social Security Number, Your Full name, where you life, you’re phone number or anything like that.   If they say they are from the Social Security Administration office and you’re concerned please hang up and call your local Social Security office to find out if you have a problem.   They will probably tell you it was a scam like I suspect.

*UPDATE*

As of July alone, I got several phone calls from Orlando Florida area code (407) claiming something similar like this:

  • (407)540-3718
  • (407)548-2738
  • (407)434-8822
  • (407)483-8647

 

Are you treating your passwords like Underwear?

Paul
Really nothing like underwear!

I am perplexed

Saw this meme or poster that I found on Facebook has me thinking about password security.   What is good way to tell people about Password security?  Is it as simple as this poster says?  We could use some really bad passwords over and over again!  Let’s explore the really good questions of this.   I’ll talk about what might be very well help with your password security.  Although these are just a few that stick out in my mind but they do help create a strong password.   I know I’ve talked about some of these in the past but sometimes it is good to talk about them again.

Password Manager

Now a days if you don’t have a good password manager than you are really not keeping your passwords safe.   Like the poster says we usually write down our passwords on a piece of paper on  the desk.   Instead we should securely put them in a vault somewhere.   Should we use something like Google to hold our passwords?   That’s a good start.   I’d be willing to bet they do a really good job of it.  I personally love Lastpass and have used it for years and years.   Even though there is a lot of balancing acts with a password manager and your lifestyle.   It can be helpful to keep your passwords safe and away from prying eyes.

Keep away from easy passwords

Easy guessable passwords will make you loose your accounts quicker than anything.   So keep away from those weak passwords and passwords that anyone can guess.  I did talk about those in the past about the top ten passwords that people use and you can bet most hackers will use them to try to get into yours or other accounts.   Using a good password manager plus letting them create a hard password is essential to keeping your accounts safe from hackers.

Two factor Authentication

I’ve always said having two factor authentication can also help you prevent your account from being hacked.   It will prevent a hacker from getting instant access to your account and even warn you that you’ve been hacked.   You can use something like YubiKey but since most of us have cell phones than I just use sms for verification.  I’ve even recommend Google Authentication for this purpose.   It is almost like a one time password and can save you money in the long run!

Don’t use same passwords

I have talked about this in the past also, but you should never use the same password twice on any of your really important websites like banking or electricity websites.  You can keep up to date on if you need to change your passwords by checking Have I been pwned website and seeing if you might need to change your password.   It’s never a bad idea to go and check every year to see if you need to change them.

If you are like me, you are constantly trying to keep your passwords safe and secure.   Do you have any recommendations or suggestions.   Why not leave a comment?  I’d love for you to share and talk about how you keep yourself safe.

5 Ways to protect yourself on Kik Messenger!

Paul

Understanding the Kik Messenger!

The Kik Messenger is just a little app that allows people to chat without the need to share you phone number.   It has several things that help make people want to use Kik, and I am going to share some of them with you and hope that it helps you protect yourself from scammers.  With any messaging app, you will always have bots and scammers who only purpose in life is to steal your money or your identity.   It seems that I found a few that times when I wondered how they figure out my username.   it really wasn’t hard to find me on Kik, I seem to keep Something the same and you could find me to if your really wanted to.  

  • Don’t give out your Phone Number — It seems it is the easiest thing to do but if you give out your phone number to a complete stranger, you are just asking for trouble from people who are going to stalk you or harass you.  
  • Don’t give out specifics — until you really start to be friends it is something that should be in your head at all times.   Don’t tell them your personal stuff like where you actually work, or the exact model of your car.   If you have to answer them, just generalize it to the point that it would make it really hard for them to find you after that.   I wouldn’t say Lie to them but don’t speak the whole truth, until you are sure they are trustworthy.
  • Quick Repliers — If you find yourself getting almost instant replies from the sender, you can bet that it isn’t truely a person because even I can’t type that fast.   It does not mean people who reply with yes or no answer are bots because most people are quick with those.  if it is long text in under a minute, you can bet it is a bot!
  • Don’t share Pictures or Videos —  If you don’t want your friends to see the picture or video, you really shouldn’t share it to some unknown bot or person on the messenger app.   You really do not know who or What they will do with that stuff.   It could cause your embarrassment in the future.
  • Don’t click links — Unsolicited links are just going to probably get your infected and thus you shouldn’t click on any links or go to sites that that the person says unless you know about that site personally.   Just be careful what you do online and you are far better off!

If you use these tips, you are better off than before.   Just remember that you do not really know the person unless you meet them in person.   HOpe this helps!