Greg from Chili’s – Ridiculous Dialogue Episode 95

Posted on February 16, 2018 by The ITS Crew

With the Olympics in full swing, this week on Ridiculous Dialogue we discuss how much better events would be if a normal person was forced to compete alongside top athletes. We also gave an update on Elon Musk’s crazy goals and how he’s pushing the boundaries of not just the world, but the universe.

Finally, it wouldn’t be Ridiculous Dialogue without some movie talk and we gave our thoughts on everything from the upcoming Venom movie to why they’ll be making Star Wars movies until the end of time.

Continue reading

Posted in Podcast | Tagged , , , , , , , , , , , | Leave a comment

What’s the Best Button Compass? – Questions Over Coffee 01

Posted on February 15, 2018 by The ITS Crew

Questions Over Coffee is back in a new standalone format! This week, Bryan answers questions on non-metallic knives and his preference on button compasses.

Additionally in this episode, he gives some recommendations on every day carry items when traveling internationally and provides a quick look at a brand new pack from Evergoods, called the Mountain Panel Loader. Continue reading

Posted in Gear Tasting | Tagged , , , , , , , , , , , , , , , , , , , | Leave a comment

Spectre & Meltdown: Newly Discovered Vulnerabilities that Affect Almost All Computing Devices

Posted on February 14, 2018 by The ITS Crew

Early this year, two variations of a major electronic security vulnerability were discovered. These vulnerabilities have existed for 20 years, but no one has come forward with the information until now. This means that they may have been used before, just not publicly shared.

To sum it up, Spectre and Meltdown are the names used to describe variations of a vulnerability that affects almost all computer chips manufactured in last 20 years. That means everything from your Hewlett Packard laptop to your Apple iPhone is affected by these vulnerabilities.

What are the Vulnerabilities?

By using these vulnerabilities, a malicious program can gain access to and spy on data that it shouldn’t be allowed to see. The attack exploits two features in computer chips used to increase speed, one called speculative execution and the other called caching.

Speculative execution is a fancy term for when a computer chip works ahead to improve speed. The chip will find the solutions to both outcomes of the current choice before the choice is made

Caching is a process used to speed up memory access. It takes a long time for a computer’s CPU to get data from RAM (Random Access Memory) because it’s located on a separate chip. To get around this, there’s a small amount of memory on the CPU chip. This allows fast retrieval of data that the chip will soon need. Often times the output of speculative execution is stored in the CPU cache.

This is where it gets messy. Speculative execution and caching are part of protected memory, which houses the vulnerability that Spectre and Meltdown attacks take advantage of.

What is Protected Memory?

Protected memory is fundamental to computer security, as without it, any process would be able to access any data; whether it should be able to or not. With protected memory, programs are able to keep their data private from users and other programs.

What you really need to know is what can happen and how to prevent it

If a process wants to access data, it must undergo a privilege check. Here lies the key to understanding the vulnerability. A privilege check can take a long time and while the CPU is waiting, it starts working with the data through speculative execution, even though the CPU hasn’t received permission yet. Now you might be thinking “What’s the big deal?” because the speculative execution results are still protected at the hardware level through the privilege check.

However, because the data is stored in the CPU cache before privilege is granted and because the CPU cache can be accessed quickly, a process can try to access certain memory locations in an attempt to see if that data’s been cached. Even though the process can’t read the memory because it doesn’t have the privilege to do so, it can figure out what the data is by identifying that memory location. This is also known as a side channel attack.

While this is definitely a complicated subject, a complete understanding of the vulnerabilities isn’t necessary to protect against them. What you really need to know is what can happen and how to prevent it.

Prevention

At this point you might be wondering what this all means to you. Do hackers know your passwords? Have your credit cards been compromised if you’ve shopped online? Is the world going to end? Not quite, but there are still some things you should be concerned about, as Spectre and Meltdown open the door for many dangerous attacks.

For instance, malicious code on a website could trick your browser into divulging user and password data. These attacks could also cause the leak of information through many cloud computing services.

Don’t leave any of your devices unattended

The worst part of this discovery means that all secure code (code that was written to be secure with the assumption that the underlying hardware was secure) is no longer secure. So now that we know that, let’s examine some steps you can take to minimize the risks of these vulnerabilities.

If you use shared-hosting (i.e. cloud) services, you should check with your service provider to confirm they’ve applied security updates to address these vulnerabilities. Locally, you should deploy security updates to all systems and devices as soon as they become available. Additionally, consider discontinuing the use of systems that cannot be updated.

Ensure you’re using good anti-virus/anti-malware software on your computers and frequently update your operating systems to the latest version. When deleting files, ensure that you’re employing methods of digital shredding, whether using software or system tools built into your operating system. Lastly, make sure your firewall is enabled to prevent unwanted intrusion.

When you’re in public, don’t leave any of your devices unattended. For devices that include administrator accounts, consider disabling these unless absolutely necessary. In public and in private, beware of phishing attacks or social engineering methods. In a phishing attempt, an attacker will create a false login page to get a user to input their credentials. Social engineering attempts usually involve an attacker pretending to be an official organization or authority figure, in an effort to get a user to divulge sensitive information. An example of a social engineering attack would be an attacker calling you as a representative of your bank and requesting bank account details from you.

For data security, ensure that you’re clearing your data from your web browser on a regular basis. Consider using a password manager to secure your different passwords and add yet another layer of security. Lastly, remember not to store sensitive data on removable media like flash drives or SD cards, in case those become lost.

Conclusion

Using these above tips will help you remain secure against not only Spectre and Meltdown, but other vulnerabilities that may arise in the future. Remember that security is a layered approach, so the more you can do to protect yourself and your devices, the better.

Posted in Security | Tagged , , , , , , , , , , , , | 1 Comment

One Year Down – Gear Tasting Radio 52

Posted on February 13, 2018 by The ITS Crew

With 52 episodes now under our belt, this week on Gear Tasting Radio we’re celebrating one year of bringing you an in-depth look into the usage and philosophy behind the equipment in our lives.

Not only did we recap some past episodes and give some updates, but we also announced a “real life” 5 Item 48 Hour Challenge that we’ll be doing to put our skills and gear to the test.

Continue reading

Posted in Podcast | Tagged , , , , , , , , | 1 Comment

Around the Globe: Tips to Make Your International Travel Safer

Posted on February 12, 2018 by ITS Guest Contributor

The appeal of international travel is undeniable and visiting another country can be a life-changing adventure. It’s a chance to meet new people, experience another culture and sample amazing cuisine. However, being in an entirely new world also brings risks. From the relatively minor, (such as picking up a mild case of food poisoning) to the deadly serious (like getting caught in a civil war). Still, millions of people travel safely every year and you can too.

The following tips can help you come home from a grand adventure with nothing but souvenirs and happy memories to show for it. Continue reading

Posted in Mindset | Tagged , , , , , , , , , , , , | 5 Comments

Introducing a Brand New Colorway of ETA Trauma Kit Pouches and A New Dimension in Patches

Posted on February 9, 2018 by The ITS Crew

Today we’re excited to be adding some awesome new products into the ITS Store! Kicking off this happy Friday is a collaboration with Dan’s Skinz that we’ve been very excited about. The extremely limited ITS + Dan’s Skinz Wood & Leather Morale Patches feature premium leather and real wood! Only 50 of each colorway are available and are extremely limited. These two variations will never be available again once they’re gone. 

Additionally this week, we’re proud to be rolling out a brand new high visibility Red colorway for our ETA Trauma Kit Pouches. For more on these new products, read below. Continue reading

Posted in ITS Information | Tagged , , , , , , , , , , , | Leave a comment

Inside Team Rubicon and a Special Gear Tasting Announcement

Posted on February 8, 2018 by The ITS Crew

This week’s Gear Tasting kicks off with Bryan announcing some changes the show will see in the near future and showcases one of the best nonprofit organizations around, Team Rubicon.

Team Rubicon offers a great opportunity for Veterans and civilians alike, to assist with disaster relief efforts after tragic events, like hurricanes, tornadoes and earthquakes. This week you’ll get a behind the scenes look at Team Rubicon’s National Operations Center in Grand Prairie, Texas and learn more about their mission. Continue reading

Posted in Gear Tasting | Tagged , , , , , , , , , , , | 1 Comment

Off-Road Staple: Using a Hi-Lift Jack and the Associated Hazards

Posted on February 7, 2018 by Derek Gill
2 of 3 in the series Off-Road Staple

Editor’s Note: In this second article of a three part series, contributor Derek Gill covers how to safely use a Hi-Lift jack and explains some of the hazards behind these tools. He also offers a look at different points to lift on a vehicle with a Hi-Lift. 

Now that you have your farm jack mounted properly, you’ll do well to actually know how the jack works before you have to YouTube it in front of your friends. I’m not explaining where to use the jack yet, I’m only discussing the basic function of the the runners and how they operate when the lever is actuated.

Basically, this thing is a massively strong iron rod with a bunch of holes in it. The lifting device works on simple leverage. There are two “runners,” with the small runner being nestled inside the large runner. Each runner has a climbing pin and a spring. As the handle is leveraged downward, the large runner climbs to the next pin hole. This creates a gap in the two pins that must be overcome. As the handle is returned to the vertical position, the small runner disengages and climbs to the next pin hole. Once again, the lever forces the large runner to climb one hole higher as the small runner remains engaged.

The direction of travel is determined by the position of the lever on the outside of the large runner and the climbing direction is quite easy to figure out. With the jack in the vertical position, flipping the lever up makes the jack climb up. With the lever returned to the down position, the runners climb down. This whole process is a combination of simple machines, pure brawn and manliness. For this reason, you’ll want to keep your body and facial features away from the jack handle.

If you slip at any point in the jacking process, you’ll likely remove several of your teeth and maybe break some face bones. Don’t do that. It can be quite difficult as this jack requires a considerable amount of strength and energy from the user, but be smart about using your whole body to lift a vehicle. An important piece of information to remember is that once the load is fully relieved in the down-jacking process, the entire assembly will simply fall to the ground. That’s a bad place to leave your foot.

Pay close attention to changing conditions

All of this over-dramatized hysteria isn’t just ITS or myself covering our butts after teaching you to use a farm jack. This is serious business. Let’s say you’ve put your vehicle in the air and finished whatever questionable task you’ve found for using the new farm jack. (I know, I make excuses to use my new toys too.)

Now you must begin the process of jacking the vehicle down safely. For some reason, be it intentional or otherwise, the jack handle loses the grip of your hands and shoots on up to the vertical position. This handle can bounce back to the leveraged position and begin to jack itself down. Actually, I can’t think of a downside here other than just losing control of the jack for a bit. The majority of jacks I’ve tried this with simply don’t function that way, as the handles aren’t heavy enough to create the necessary momentum. Being that this whole process requires a considerable amount of force from the user, the handle and unstable nature of the jack create exceptional and uncommon hazards. So keep your hands on the handle and pay close attention to changing conditions.

When and Where Can I Use My Farm Jack?

You don’t ever need permission to use your Hi-Lift jack, this is America. However, I’m going to share some helpful information so that you can choose the Hi-Lift as your primary piece of equipment. To be clear, I’m not going to talk about all of those boring farm uses. No one here is interested in pulling stumps out of the ground or making a homemade log splitter, regardless of how cool those things are. Lets talk about how, when and where to use this bad boy.

Lifting From the Bumpers or Sliders

This is really simple. Any upgraded part of your vehicle can be used as a jack point. I’m not talking about those side steps that came with the luxury package either. I mean big steel bumpers and hardcore rock sliders. The sliders can be used basically like a normal jack point that you’d use on the frame. The only asterisk here is that you need to be very mindful of how the vehicle may shift. Rock sliders are normally very slick and can allow your jack to slide out on the high side of your lift. This can bury the iron track into the sheet metal of the vehicle or destroy other valuable parts of the car. Typically, the higher end manufacturers recommend that you don’t lift from the sides at all unless you’re using a bumper or wheel lift mate.

Always be mindful when using the jack. There often won’t be any warning before the foot of the jack shoots out from under the truck like a greased pig. Try to keep loads centered. This means that any time you’re lifting from bumpers or sliders, you’re likely lifting two tires. There are some sliders and bumpers that have specific notches or place holders exactly for this thing, but that’s normally a custom addition. If your vehicle isn’t equipped with this type of feature, it’s advisable to lift from a more stable point on the vehicle.

Lifting From the Wheel

There’s a Hi-Lift Jack Adapter Kit that’s quite popular for this. Basically, this kit uses a small metal box, D-rings and two thick nylon straps with large hooks on the ends to lift from the rim. The metal box is secured to the foot of the jack and then pressed against the top of the tire. The hooks feed into the gaps in the rim and allow for a secure lift from the wheel and tire assembly.

This method of lifting has some limitations in my mind. I don’t think it’s a bad system, but it would be impractical for something like changing a tire. However, there are many reasons to lift from a tire. If your rig were stuck in an unforgiving position, lifting the wheel to stack up rocks as an aid might be a good solution. These situations aren’t uncommon in hardcore four wheeling. Perhaps you’ve broken a steering or suspension component and the best way to work on it is by lifting that wheel and tire off the ground. Or maybe you just want to put something underneath your tire. All in all, it’s a good piece of kit and has made it to my “acquire” list.

Lifting from the D-Ring or Hitch Receiver

My H3 has factory D-Rings installed and they’re perfectly suited for pulling, winching, snatching and even lifting. If you have hardcore D-rings or bow shackles fitted to your vehicle, these can also provide a lift point. Simply slide the foot inside the D-ring and begin the lift.

There’s a kit for this kind of lift as well. Lifting in this manner with just the foot is sketchy, because it forces the jack into an awkward position while the lift is underway. The previously mentioned kit aims to minimize the shear forces and promises to keep the jack vertical while a series of chains and hooks work on your shackles.

If this isn’t an option for you, try removing your trailer hitch and cramming that foot inside there. I know what you’re thinking, Jeep and Hummer owners, “What about my spare tire?” Is that a spare tire back there, or is it a base plate for your jack? Ok if you’ve got alloy wheels, I don’t recommend using the spare for a base plate in heavy mud, but steel wheels work very well. It seems like a bit of extra work, but if you’re stuck and using a Hi-Lift Jack, you’re basically pulling out all the stops. You’re going to want to take your spare off to use the hitch receiver and if you’re feeling brave, you can use the spare as a base for the jack.

Editor-in-Chief’s Note: Derek Gill has been a Plank Owner here at ITS from the beginning and has an extensive background in healthcare, pharmaceutical research and technical diving. He’s been certified in SCUBA since 2000 and diving technical/CCR since 2010. He speaks several languages including Russian and Spanish as well as several computer languages. These combined skills have opened the door to more creative ventures in Network Security and Physical Security consulting. Derek is a veteran of the US Navy and a former Navy Corpsman who worked alongside the US Marine Corps. His military nickname, “Witch Doctor,” has stuck with him ever since and it can now be found across many internet forums where he takes pride in trolling sensational zealots from multiple industries.

Posted in Off Road | Tagged , , , , , , , , , , , , , , , , , , , | 1 Comment

How to Thwart a Package Thief – Gear Tasting Radio 51

Posted on February 6, 2018 by The ITS Crew

With online ordering at an all-time high, package theft is becoming more and more of a problem. This week on Gear Tasting Radio, we answer a Question Over Coffee and discuss a few steps you can take to thwart package thieves.

While your first instinct might be to start renting out a Post Office Box, we offer a few solutions as an alternative, including one device that we feel every home should have.

Continue reading

Posted in Podcast | Tagged , , , , | Leave a comment

Protecting Your Info 101: Using a Password Manager

Posted on February 5, 2018 by ITS Guest Contributor

We’ve all been through it, attempting to log into our email, banking or social media accounts only to find receive an error message that the password is incorrect. “Forgot your password? Click here.” The nonstop resetting of account passwords due to failure to record or store the information properly in a secure location, is less than ideal and downright frustrating! Today we’ll be discussing how using a Password Manager can relieve the stress of losing or forgetting your passwords, while also keeping them secure from prying eyes. Continue reading

Posted in Security | Tagged , , , , , , , , , , , , , | 1 Comment