Archive | PressRelease

Ford Fiesta Door Latch Replacement Safety Recall #15S16

Well, it’s about time! The National Highway Traffic Safety Administration (NHTSA) @ 1-888-327-4236 and Ford Motor Company have finally agreed to a manufacturer safety recall. I recommend that all Ford Fiesta owners, whether having issues with faulty or breaking door latches or not, call Ford Motor Company customer care @ (800) 392-3673 to get the facts about defective Fiesta door latches.

At this time it is unclear as to whether Ford issued the recall voluntarily or was forced by the NHTSA. Based on my personal experience with Ford’s customer care service and warranty integrity I would speculate they were forced into issuing the safety recall for replacement of defective Fiesta door latches.

I personally have just suffered a 3rd broken passenger car door latch on my 30 month old Ford Fiesta. In all my years I have never experienced even a single broken car door latch on any of my dozens of cars nor have I known anyone who has. To me it was pretty obvious from the first 2 doors latches that broke within 12 hours of each other that this was a Fiesta defect. Ford didn’t do the right thing on the first two broken doors. No, they didn’t pay for the full cost of repair at the time. They didn’t voluntarily issue a safety recall knowing full well that thousands of Fiesta’s around the world were suffering from defective door latches – a true safety concern!

In this case, if you examine the actions of Ford Motor Company as I have, you might come to the same conclusion as I have. In my opinion, regardless of all their hype and hollow words, Ford Motor Company is not actually concerned with their customer’s safety. They’re just ALL about PROFIT.

FILE A COMPLAINT

If your car door won’t latch… CALL the National Highway Traffic Safety Administration (NHTSA) @ 1-888-327-4236 to file a complaint!    OR…» File A Complaint Online!

Now get this – I called a Ford Dealer to have my broken door latch repaired under the recall. They were aware of the recall but were not yet prepared to handle the repair under the safety recall, claiming Ford had not given them instructions and had not setup the program yet. Next I called Ford Motor Company customer care. Yep, same story right from the horsepower’s mouth. We’re not prepared to begin the broken door latch replacements on Fiesta’s yet – THE PARTS ARE NOT AVAILABLE and WE HAVE NOT DOCUMENTED THE PROGRAM OR PROCEDURE. So even though they have admitted to the door latch/lock problem and issued the safety recall they still are not repairing Fiesta doors – WHEN FORD, WHEN?

I’m not at all pleased with Ford Customer Care.

Frankly, I’m down right disgusted with Ford, their customer care, and Ford’s warranty integrity.

Continue Reading

Samsung Galaxy S6 Big Lolli Fix, Did They Pop Google?

Did Google Get Trumped?

It was widely said: You can fool some of the people some of the time but you can’t Google all of the people all of the time. So did Samsung really pop Google with an Android performance fix for their lineup of Galaxy mobile phones? A fix that targets the operating system memory issue? Did Samsung… Donald Google?

Do you think for one moment that Google would allow another company to actually modify code at the core level of it’s market dominating Android operating system? Doing so would amount to a completely new version of Android, copyright issues and loss of control for Google. What do you think? I think Not!

Two Scenarios

In my mind their are only two possible scenarios that may explain what really happened behind the scenes and why it may appear to some that Google was trumped by Samsung in fixing the Lollipop memory bug.

Samsung Covers For Google

The fist of two likely options is that the fix is actually just a temporary work-around patch application that installs on top of the actual unmodified Google Android operating system; much like any other 3rd party software. If Google were to release an application like this it would have the effect of making their OS appear less than perfect to all of the people. So by agreement Google may have collaborated with Samsung to release a temporary application that would help to release memory and restore performance. Samsung comes out looking heroic in the media and receives untold marketing value pushing the release of their new Galaxy S6 and S6 Edge cell phones. Older Galaxy S models are now also being updated to Lollipop presumably because a fix is now available.

Meanwhile, Google can continue to develop core code to overcome the memory loss issues and quietly release a better fix in a future update. But none the less, Samsung deserves big Kudos for possibly developing and distributing this performance restoring application even though Google may have had a hand in it; or more likely, hands completely wrapped around.

Clever Win-Win Samsung-Google Public Relations

The second of two probable options would be that if the actual core code of the Android operating system was updated then it’s pretty much a slam dunk that Google actually developed the code for this performance fixing update and delivered it to Samsung for first roll-out by special agreement. Why?

Well, if I were Google, I wouldn’t want all of the people to realize my Android operating system had performance issues. So, leveraging my brightest thinkers and my best public relations artisans I would come up with a creative win-win marketing strategy for rolling out this better late than never performance restoring software update. Too bad it may have taken Google this long to come up with a strategy that could shield them from fault and at the same time provide favorable publicity for a top tier business partner.

Either way, Samsung appears to me to have been used by Google for cover.

So now you know my opinion!

-Mark

Continue Reading

WordPress: How To Stop Hacker & Creepy Crawler Spam Attacks

Block Hacker & Spammer Attacks

Recently I discovered how to setup an enhanced Real-Time hacker and spammer security solution, and it’s totally Free. It creates a “trap” for malicious hackers, spiders, bots and crawlers.

If you want to take a huge byte out of resource robbing creepy crawler spam bots and human hackers alike, this article will provide easy instructions about how you can setup this security trap to guard against attackers on any WordPress site.

See Real-Time blocking in action… It really works!

Did You Know?

These monsters are responsible for a huge number of attacks on your site as well as mass Spam User Registrations!

    What It Can Do

  • Block and lockout malicious crawlers, hackers and bots.
  • Prevent auto bots from posting comments if you require registration.
  • Stop automated bots from making posts.
  • Block / Lockout malicious human attackers and hackers.
  • Prevent re-registration of deleted spam users.
  • …and much more!

Effective Security Against IP Rotation Spoofing And Forging

While nothing can stop, block or lockout 100% of hackers and spammers, this security combo trap is able to lock-out a large percentage of creeps and humans having bad intent. Even those who are using rotating IP’s, spoofed IP’s and even visitors using forged IP addresses. The IP is not locked out permanently but long enough for most hacksters and spam-misters to give up and move-on to another potential victim.

I’m not trying to sell or peddle anything here. This trap is a combined solution I put together that helped me immensely so I thought I would share it with others. It immediately started blocking malicious spiders, crawlers, potential hackers, locked-out deleted spam users and bad bots before they could do damage, login and/or re-register.

The Epidemic

Even if you just have one WordPress website, sooner rather than later, your site will become prey for countless human hackers and the never ending streaming plague of spamming hacking crawling spider bots; the scourge of the web.

You see, whether or not you have registration and/or comments shut down the creepy crawler spam bots continue their spider-like activity of trying to hack, register, leave comments, do trackbacks and crawl your site, page after page, at lightning speed looking for vulnerable URL’s and user names to exploit. If they only find one user name they assume it belongs to the administrator or a high level user of the site and then use it for an attempted log-in with the belief that if successful they can carry out their missions unobstructed. Otherwise they will try the username “admin” and any number of user names associated with content found on your site. If you have this trap setup properly then that malicious crawler or human will immediately get blocked. Legitimate crawlers and bots are never programmed to do this.

Crawler-bots can and will automatically register many thousands of users. Then they visit often dropping spam comments and posting poorly written spun content until they overload and break your site.

Unless you have a more powerful than average hosting plan it is likely they are already slowing down your site by stealing valuable server resources of bandwidth, CPU, ram memory and the number of concurrent connections your hosting account can support.

These bots can cause abnormally high page load times and trigger temporary denial of service to legitimate visitors.

Unfortunately, no single solution seems to work very well and enterprise level solutions are expensive, making them prohibitive for the vast majority of owner-webmasters.

Invisible and Silent Criminals

One of the problems we face when trying to stop this plague of humans and bots is we don’t see them coming and we don’t know who they are before or after the damage is already done.

However, with the right type of security plugins we can identify a small number of them before and a much larger number after. But this really falls short and takes a lot of hands-on personal time on our part to monitor, analyze and manage these free security solutions in helping to stop these criminals.

Unfortunately most of our efforts will only guard against possible future visits after the initial damage is already done. We become forever trapped in a cycle of personal time wasting involvement if we are to guard against future bots and human attackers.

The Admin Trap

Let’s set an automatic trap that catches a large number of both humans and bots in the act… before they do their damage!

This particular trap is based on the premise that most ill intentioned humans and crawlers test for the ‘admin’ user. Most wicked human spammer-hackers just can’t resist doing this and it seems that the majority of nasty crawlers are programmed for it. These crawlers are also responsible for bulk spam registrations and automated spam bot user log-ins. So when you block and kill a spider you also block a bunch of future spam registrations.

Using free WordPress security software plugins and painstaking observation I learned that attempting to login as administrator is one of their fist malicious activities when landing on a website. Almost all will try to login to WordPress sites as the administrator user, which by default installs the user “admin” and/or using the administrator’s “nickname”.

We can catch and stop a large number of these malicious visitors before they do damage by capturing and using their IP address against them using some specific security action rules found I found in the Wordfence Security plugin for WordPress combined with changing the name of the WordPress default administrator user. Then I made sure to give the new administrator user a nickname. A recommended security practice is to make sure all users create and use public nicknames rather than their actual user names.

Steps To Set-Up The ‘Admin’ Security Trap

    Step 1

  • Install the free or pro version of the Wordfence Security plugin.
    • Go to Wordfence options. Most of the best action options are pre-selected by default but you must manually select several additional optional actions as part of creating the “Admin Trap”.
    • You might want to turn-off automatic scanning because it can frequently use a lot of server resources while in action.
    • Adjust the “Firewall Rules” as you feel is best for your site.
    • Under “Login Security Options”
      1. 1. Make sure you limit login attempts. I am using 3 login failures and 2 password recovery attempts.
        2. I am counting failures over 30 minutes because I want as many as possible deleted spammers and creepy bot users to get locked out next time the crawler or human spammer comes back.
        3. IMPORTANT: Select a long lockout period. I am using the max of 60 days.
        4. IMPORTANT: Put a check in the box for “Immediately lock out invalid usernames”.

      **Note: Items 3 and 4 above are critical to creating the trap.

    Step 2

  • Change (rename) the admin user to whatever works for you. To make it easy to remember I just added a couple of initials to the original admin name. Caution, do not change the password at the same time. The administrator username “admin” is located in the WordPress “wp_users” database table for your specific site. You can easily access and edit it directly using, “phpMyAdmin”. This database administration tool is found in most hosting account management panels.
  • Alternately you can install a “Rename Admin” plugin to accomplish the task. I have used both methods. After the change you can delete the plugin if desired. The recent plugin I used for this had not been tested with WordPress 4.0 but it worked just fine.
  • Important!… log into your WP admin area as administrator using your new administrator username. Go to “Your Profile”. Give yourself a public nickname (alias or pen name) that is different than your new admin user name. This is part of the sucker trap. When any user tries using the nickname to login they will instantly get blocked and locked-out.

From this moment on when the hackers and spammers, humans and bots, visit your site(s) this security software configuration will catch, stop and automatically block them for relatively long periods of time.

One Last Security Tip

So immediately prune / delete your spam and zombie users (users without approved posts or comments) as well as spam comment users. Also, optionally close user registrations and/or comments. Spammers and auto bot registered users generally don’t use or have nicknames associated with their profile. Many of them also have impractical to use or remember email address.

With this security trap you can not only stop, block and deter crawlers from future crawls and logins, you can also stop, block and deter returning human spammers also. It works because anyone trying to login using a non-existent user name automatically gets blocked and locked out based on their IP address, meaning they cannot even re-register for up to 60 days – long enough that they may go pick on some other website and scratch yours off their list.

Now you have it – “The Hacker Spammer Admin Trap”.

Need an extra payroll day?

Continue Reading