Ethics

How a Landfill PC Exposed Years of Insecure IT Practices

Posted on by in Diary, Ethics, Security, Story | Comments Off on How a Landfill PC Exposed Years of Insecure IT Practices

A new client told me they’d bought a brand-new Windows 11 PC. It even had the shiny sticker on the front. But inside? It was a landfill special:

  • 4 GB of soldered RAM, non-upgradeable
  • Slow eMMC storage barely faster than an SD card
  • Bargain-bin Intel N-series CPU that wheezed opening File Explorer
  • Windows 11 Home slapped on as if it were a feature, not a red flag

Sure, it “ran” Windows 11, but just barely. That wasn’t even the real problem. The real kicker was when it couldn’t connect to the office NAS. They were told if they just bought this new PC that their NAS would start working fine! Thats what drove them to call me.

The Shortcut Fiasco

The NAS had been “breaking” for years apparantly. Every time it did, the previous IT provider came out, charged a support fee, and “fixed” it by creating new shortcuts to the NAS’s new DHCP IP.

By the time I got there, the client’s old windows 10 desktop was a graveyard of old NAS shortcuts. The new Windows 11 machine (they bought to apparantly fix it) finally broke the cycle, because Windows 11 doesn’t support SMB1.0, and the NAS was still running it, So no matter what, it would not connect.

No more shortcuts. No more quick fixes. The game was up.

The Real Issue: Legacy SMB Protocols

This is where the real problem lay: reliance on SMB1.0, a protocol designed in the 1980s and riddled with vulnerabilities.

  • SMB1 was the vector for the WannaCry and NotPetya outbreaks.
  • Microsoft deprecated it years ago.
  • Windows 11 won’t even install SMB1, and for good reason.

Yet many IT providers leave it running on old NAS boxes and file servers because it “still works.” That lazy approach leaves businesses insecure, and eventually, incompatible with modern systems.

Why It Matters

  • Legacy baggage – SMB1 belongs to the NT4/Windows 2000 era.
  • Security risk – it enables ransomware, NTLM relay, and credential theft.
  • Compatibility – new operating systems simply won’t talk to it.

What We Did

We rebuilt the setup properly:

  • Assigned the NAS a static IP (no more broken shortcuts and guaranteed billiable hours for the IT guy).
  • Upgraded it to SMB3 with user-level permissions.
  • Disabled insecure legacy protocols like SMB1.
  • Added SFTP with WinSCP for additional access.

The Result

  • Stronger authentication and encryption via SMB3.
  • Stable IP addressing, no more shortcut graveyards.
  • Safer access via SSH/SFTP.
  • A setup that actually works with Windows 11.

The Bottom Line

The cheap Windows 11 PC was funny, because it exposed a much scarier reality: years of IT abuse and insecure defaults left in place.

  • SMB1 is dead, stop leaving it enabled.
  • If your NAS still requires it, upgrade or replace it.
  • Static IPs and modern protocols save money and frustration.

At Boss IT Solutions, we don’t milk clients with shortcuts or leave them hanging on legacy defaults. We fix the root cause, harden what’s left, and leave you with a network that’s stable, secure, and modern. This was one of the worst we have ever seen.

Tech Journal – VENDOR to VENDOR Lock-ins, a major concern for customers

Posted on by in Diary, Ethics | Comments Off on Tech Journal – VENDOR to VENDOR Lock-ins, a major concern for customers

Booted up the infected Samsung. Endless malware pop‑ups, factory reset hung on the unknown lock code. Removed 8 Virus Apps but still it continued to be completely unusable. Unable to be used for email or 2FA.

So to get customer access to email, we tried Google account‑recovery. 2FA code sent, straight back to the locked phone. Even when we managed to blast our way through the viruses ads we might get lucky and see a code, but even if we do, the authentication requires another (loop within google). So we ask the customer about their email, with no password and no access, even the phone is tied into that email account. Customer said “don’t worry delete the phone”, however it was registered with the google account, so they would lose apps purchased under that account, customer said “do it…”. So we setup a new email so the customer can get working. In the meantime because were unable to get anywhere with the phone, we decide to do a full factory reset. but it needed auth from Samsung, which in turn wants 2FAs to the google email…

Caught in a vendor‑to‑vendor deadlock. No way in, no way out. “What’s more important, rescuing old data or getting you running again?”

They chose “running again.”

Step 1: New Email

  • Spun up a fresh Gmail.
  • Configured webmail access in Chrome.
  • Verified they could send/receive immediately.

Step 2: Outlook Plan Deferred

  • PC stuck on failed Windows updates, Outlook install blocked.
  • Customer doesn’t want Office 365. Uses desktop Outlook.

Step 3: Data Audit

  • “Anything critical on the laptop?”
  • Answer: “Nothing I can’t reinstall.”
  • Decision: schedule a clean Windows reinstall later. No rush.

Customer back on email. Phone loop broken by starting fresh. Laptop limping along on webmail.

Reflection:

Viruses can’t physically brick hardware, but can certainly make it impossible to use in the aftermath when big vendors trap you in endless verification loops.

Orange NSW 5G Reading on 2022 05 17

Posted on by in Community, Ethics | Comments Off on Orange NSW 5G Reading on 2022 05 17

https://youtube.com/shorts/bdjvXJJve4I

Pretty bad actually, but not as bad as the Illumba Way Tower in Kelso NSW – https://youtu.be/WwXsjUXwDgc

Dead Internet is FACT not Theory

Posted on by in Ethics, AI | Comments Off on Dead Internet is FACT not Theory

As a veteran IT consultant with over two decades of experience, I’ve witnessed the evolution of the internet from its nascent stages to its current state. I have noticed I am spending more time away from the internet. Why? One theory that has garnered significant attention in recent years is the “Dead Internet” Theory, which posits that a substantial portion of online engagement is artificial and that users are effectively segregated into algorithmically defined bubbles.

Not every individual online is truly connected to one another but rather exists within a curated subset of connections. While some may dismiss this as nostalgia for the early days of the internet, there are compelling trends and circumstances that lend credence to this notion.

It’s worth noting that they have had AI for much longer than the population has, the cat is out of the bag, and they are trying to put it back in.

Several factors contribute to the plausibility of the Dead Internet Theory:

  1. Immense Bot Traffic: A significant portion of web traffic is attributed to bots rather than humans. These bots, whether benign or malicious, contribute to the distortion of online interactions.
  2. Content Generation Tools: Advancements in AI have lowered the barrier for bots to mimic human behavior, blurring the lines between genuine and artificial engagement.
  3. Big Tech Consolidation: The dominance of a few major online platforms facilitates control over information dissemination and user behavior.
  4. Reach Control: Major platforms exert control over what content users see, effectively shaping narratives and controlling information flow.
  5. Virtualized Segregation: Users may be segregated into algorithmically defined bubbles, limiting exposure to diverse perspectives and interactions.
  6. Internet Censorship & Shutdowns: Escalating censorship threatens the openness of the internet, transforming it into a tool for propaganda and control.
  7. Human Disengagement: Despite increased online presence, genuine participation has stagnated, leading to a disconnect between online interactions and real-life engagement.

While the internet isn’t dead, it’s undeniably facing existential threats. However, there’s hope for reclaiming cyberspace:

  • Maintain a non-commercial web space: By fostering independent and personal online spaces, individuals can resist censorship and foster meaningful interactions.
  • Use open protocols and opensource: Embracing open protocols and opensource platforms can empower users to break free from corporate control and engage in genuine online interactions.

Through collective action and a commitment to open and independent online spaces, we can steer the internet away from its current trajectory towards a more vibrant and inclusive future.

https://www.bitchute.com/video/9nHOBtLNHE8h/

Navigating the Sea of SEO and Web Design Sales: How to Identify Genuine Providers Amidst Automated Harassment

Posted on by in Sales&Marketing, Ethics | Comments Off on Navigating the Sea of SEO and Web Design Sales: How to Identify Genuine Providers Amidst Automated Harassment

Navigating the Sea of SEO and Web Design Sales: How to Identify Genuine Providers Amidst Automated Harassment

Untitled

Businesses are inundated with offers from SEO and web design salespeople promising to boost their online presence and transform their websites. However, many of these offers are generic and lack any understanding of the unique needs and challenges of the businesses they target. This article explores the prevalent issue of automated harassment by salespeople and offers guidance on how businesses can differentiate genuine providers who prioritize conducting proper due diligence.

The Problem with Automated Harassment:

Automated sales tactics, such as mass emails and cold calls, have become ubiquitous in the digital marketing landscape. Unfortunately, these impersonal approaches often result in businesses being bombarded with irrelevant offers that do little to address their specific needs. Instead of taking the time to understand the nuances of each business, salespeople rely on generic pitches that fail to resonate with their audience.

Lack of Due Diligence:

One of the primary issues stemming from automated harassment is the lack of due diligence on the part of salespeople. Instead of researching the businesses they target, salespeople often resort to a one-size-fits-all approach, offering cookie-cutter solutions that may not align with the unique goals and challenges of their prospective clients. This not only leads to frustration and annoyance for businesses but also undermines the effectiveness of the services being offered.

How to Differentiate Genuine Providers

So, how can businesses separate the wheat from the chaff when it comes to SEO and web design providers? The key lies in identifying providers who prioritize conducting proper due diligence:

  • Look for providers who take the time to research your business before making contact. Genuine providers will demonstrate a clear understanding of your industry, target audience, and current online presence.
  • Seek out companies that ask insightful questions about your goals, challenges, and previous marketing efforts. A provider who is genuinely interested in helping your business succeed will take the time to understand your unique needs and tailor their approach accordingly.
  • Request case studies or examples of previous work that demonstrate a track record of success. Genuine providers will be more than happy to showcase their expertise and highlight how they have helped businesses similar to yours achieve their goals.
  • Ensure their website is accessible and SSL secured. A reputable provider will prioritize the security and accessibility of their own website, reflecting their commitment to best practices in web design and digital security.
  • Evaluate the performance of their website using tools like Google PageSpeed Insights or GTmetrix. A reputable provider will prioritize website performance, including fast loading times and optimized user experience.
  • Check if their website is mobile-friendly using Google’s Mobile-Friendly Test. With mobile usage on the rise, it’s crucial for websites to be optimized for mobile devices to ensure a seamless browsing experience for visitors.
  • Research their own search engine rankings for relevant keywords related to their services. A provider that excels in SEO should have a strong presence in search engine results pages (SERPs) for relevant industry keywords.
  • Review their portfolio and case studies to assess the quality of their work and the results they’ve achieved for previous clients. Look for evidence of successful projects that align with your business goals.
  • Inquire about their technical expertise and certifications. Look for providers who have certifications or accreditations from reputable organizations in the field of SEO, web design, or digital marketing.
  • Request references or testimonials from past clients to get insights into their experience working with the provider. Hearing from satisfied clients can provide valuable reassurance about the provider’s capabilities and professionalism.
  • Evaluate their communication style and transparency in discussing their services, pricing, and timelines. A trustworthy provider will be open and honest in their communication, providing clear explanations and setting realistic expectations.
  • Look for social proof on platforms like LinkedIn, where you can verify their professional credentials and see endorsements from colleagues or clients. Active engagement and positive feedback from their professional network can further validate their credibility.

The Importance of Due Diligence in Provider Selection

Choosing the right SEO and web design provider is crucial for the success of your online endeavors. By conducting proper due diligence and selecting a provider that truly understands your business, you can ensure that your investment yields tangible results. Genuine providers will work collaboratively with you to develop a customized strategy that addresses your specific needs and delivers measurable outcomes.

Alternatives to Traditional Sales Approaches

In addition to conducting due diligence when selecting a provider, businesses can also explore alternative approaches to engaging with potential partners:

  • Look for providers who offer free consultations or audits to assess your current online presence and identify areas for improvement. This demonstrates a commitment to understanding your business and providing tailored solutions.
  • Seek out providers who prioritize building relationships and long-term partnerships over making a quick sale. Genuine providers will invest the time and effort to earn your trust and demonstrate their value as a strategic partner.

It’s more important than ever for businesses to be discerning in their selection of SEO and web design providers. By prioritizing providers who demonstrate a commitment to conducting proper due diligence and understanding their clients’ unique needs, businesses can ensure that their investment in digital marketing yields meaningful results. Remember, the right provider is not just selling a service – they’re offering a partnership that can propel your business to new heights of success.

By thoroughly assessing these technical aspects and conducting due diligence, you can better evaluate the validity of SEO and web design salespeople and make informed decisions when selecting a provider for your business.

This comprehensive guide provides businesses with practical strategies to navigate the influx of sales pitches and identify genuine providers who prioritize understanding and meeting their specific needs.

BOSS IT & LOCALS – Request independent checks on 5G tower in Kelso NSW

Posted on by in Community, Ethics | Comments Off on BOSS IT & LOCALS – Request independent checks on 5G tower in Kelso NSW

We have diligently monitored this tower for over three years and previously raised concerns regarding its operation, which consistently exceeds the legal limit for biological areas by a factor of 16. We wish to reiterate our apprehensions based on both our readings (whether 100% accurate or not, the surge in EMF levels as the tower approaches is evident) and the numerous complaints we have received from residents who have reported experiencing headaches and illnesses since moving to this area. It is essential to underscore that we offer this service without any charge, solely for the betterment of our community. PLEASE LIKE AND SUBSCRIBE IF YOU WANT US TO CONTINUE DOING THIS TYPE OF COMMUNITY SERVICES.

Subscription Models – A Bane on the IT Industry

Posted on by in Ethics, Software | Comments Off on Subscription Models – A Bane on the IT Industry

In recent years, the software industry has undergone a seismic shift, with subscription models becoming the dominant method of software distribution. While proponents argue that these models offer flexibility and convenience, I firmly believe that they are a bane on the IT industry. Subscription models do not save users money in the long run, rely on people’s forgetfulness to extract payment, and are inherently dishonest.

Advocates of subscription-based software often tout the apparent cost savings as a key selling point. They argue that by paying a smaller monthly or annual fee, users can access the latest updates and features without the hefty upfront cost of purchasing software outright. However, this is a deceptive argument. Over time, the cumulative cost of a subscription can far surpass the one-time purchase price of software. It’s a cunning trick, where the software companies ensure a steady stream of income while the customer continually pays, often without realizing the true cost.

Once you subscribe to a service, it’s easy to set up automatic billing and forget about it. This hands-off approach may seem convenient, but it encourages a disconnect between the user and their spending habits. Users might find themselves paying for software they rarely use, or even forgot they had subscribed to in the first place. This convenient forgetfulness becomes a profit centre for software companies, as they continue to collect payments without delivering value.

Moreover, the subscription model fosters a sense of dishonesty in the software industry. Companies often use tactics such as automatic renewals, hidden fees, and complex terms and conditions to trap users into ongoing payments. It’s disheartening to see the industry resort to such tactics to secure profits. Instead of competing on the quality of their software, companies engage in a race to the bottom, prioritizing short-term gains over long-term customer trust.

But it’s not just customers who suffer from subscription models; the IT industry as a whole is adversely affected. Smaller businesses and start-ups, in particular, find themselves struggling to keep up with the ever-increasing software subscription costs. This hampers innovation and economic growth, as valuable resources are redirected towards software expenses rather than investment in new technologies and talent.

Indeed, as a seasoned player in the IT industry, BOSS IT has encountered numerous clients who have fallen victim to the subscription model trap, only realizing the drain on their bank accounts when it’s too late. However, we also acknowledge that subscription models can have their place if managed properly. It’s crucial to strike a balance and recognize that, just like managed services, they can be a way for companies to profit from the forgetfulness or ignorance of their users.

Managed services, when executed transparently and ethically, can be a valuable asset for businesses. They offer proactive maintenance, regular updates, and a support structure that can be a lifesaver for organizations with limited IT resources. However, when mismanaged or used as an excuse for lackluster customer support, managed services can indeed exploit the ignorance of clients, leading to a feeling of dependency that keeps businesses locked into costly agreements.

Similarly, subscription models can be a win-win scenario when software companies genuinely focus on delivering continuous value to their customers. Regular updates, improved features, and reliable customer support can justify the ongoing costs. However, when companies prioritize profit over customer satisfaction, they rely on users’ forgetfulness to keep the revenue stream flowing.

The responsibility falls on both sides of the equation. Users must stay vigilant, regularly reviewing their subscriptions, and taking control of their financial commitments. Companies, on the other hand, should embrace transparency, ethical business practices, and strive to provide tangible value for the fees they charge.

At BOSS IT, we firmly believe in responsible and ethical business practices. We advocate for subscription models and managed services that are clear, beneficial, and flexible to meet the evolving needs of clients. Our goal is to empower users with knowledge and understanding, helping them make informed decisions about their IT investments.