newsletter logo

Wireless News Aggregation

Friday — March 27, 2020 — Issue No. 901

Welcome Back To

The Wireless
saging News

Mar 26, 2020,08:47pm EDT

Apple iOS 13.4 Is Causing Serious iPhone Problems

Gordon Kelly Senior Contributor
Consumer Tech
I write about technology's biggest companies

Apple iPhone owners could not be blamed for rushing to upgrade to Apple iOS 13.4. It brings a lorry load of new features but unfortunately, it is also full of problems.

Apple iOS 13.4 is giving iPhones a rocky ride APPLE

In my iOS 13.4 Upgrade Guide yesterday, I had already identified a worrying number of bugs but not only have they grown in the time since, there’s a new headline problem Apple has confirmed which can leave your data exposed.

Broken Data Encryption

Discovered by popular VPN service Proton, Apple iOS 13.4 contains a security vulnerability which prevents your data from being secured when using a VPN on your iPhone. Proton explains that iOS 13.4 fails to close existing unsecured connections when your VPN is started and “some are long-lasting and can remain open for minutes to hours outside the VPN tunnel.”

This is hugely significant for any iPhone owner who uses a VPN to protect their most sensitive data. And, most worryingly, Proton explains that it originally discovered the bug in iOS 13.3.1 and told Apple — who acknowledged it — but has since failed to provide any subsequent fix, despite iOS 13.4 coming out almost two months later.

“Neither ProtonVPN nor any other VPN service can provide a workaround for this issue because iOS does not permit a VPN app to kill existing network connections,” Proton explains. It suggests starting your VPN, and turning AirPlane mode on and off as a way to kill active connections outside the VPN but this only works for Apple’s Always-on VPN since it requires device management, to which no third-party VPNs have access.

[Source: Forbes]

Wireless Messaging News

  • Emergency Radio Communications
  • Wireless Messaging
  • Critical Messaging
  • Two-way Radio
  • Technology
  • Telemetry
  • Science
  • Paging
  • Wi-Fi
wireless logo medium


This doesn't mean that nothing is ever published here that mentions a US political party—it just means that the editorial policy of this newsletter is to remain neutral on all political issues. We don't take sides.

About Us

A new issue of the Wireless Messaging Newsletter is posted on the web each week. A notification goes out by e-mail to subscribers on most Fridays around noon central US time. The notification message has a link to the actual newsletter on the web. That way it doesn’t fill up your incoming e-mail account.

There is no charge for subscription and there are no membership restrictions. Readers are a very select group of wireless industry professionals, and include the senior managers of many of the world’s major Paging and Wireless Messaging companies. There is an even mix of operations managers, marketing people, and engineers — so I try to include items of interest to all three groups. It’s all about staying up-to-date with business trends and technology.

I regularly get readers’ comments, so this newsletter has become a community forum for the Paging, and Wireless Messaging communities. You are welcome to contribute your ideas and opinions. Unless otherwise requested, all correspondence addressed to me is subject to publication in the newsletter and on my web site. I am very careful to protect the anonymity of those who request it.

I spend the whole week searching the Internet. for news that I think may be of interest to you — so you won’t have to. This newsletter is an aggregator — a service that aggregates news from other news sources. You can help our community by sharing any interesting news that you find.

Editorial Policy

Editorial Opinion pieces present only the opinions of the author. They do not necessarily reflect the views of any of advertisers or supporters. This newsletter is independent of any trade association. I don't intend to hurt anyone's feelings, but I do freely express my own opinions.

We need your help. This is the only remaining news source dedicated to information about Paging and Wireless Messaging.

animated left arrow

Subscribe Here


* required field

If you would like to subscribe to the newsletter just fill in the blanks in the form above, and then click on the “Subscribe” bar.

Advertiser Index

IWA Technical Services, Inc.  (Ira Wiesenfeld)
Leavitt Communications  (Phil Leavitt)
Media 1
Prism-IPX Systems  (Jim Nelson & John Bishop)
Paging & Wireless Network Planners LLC  (Ron Mercer)
Wex International Limited

Service Monitors and Frequency Standards for Sale

Motorola Service Monitor

IFR Service Monitor

Efratom Rubidium Standard

(Images are typical units, not actual photos of items offered for sale here.)

Qty Item Notes
2 Late IFR 500As with new batteries
1 Motorola R 2001D  
4 Motorola R 2400 and 2410A  
5 Motorola R 2600 and R 2660 late S/Ns  
4 Motorola R 1200  
2 Motorola R 2200  
2 Stand-alone Efratom Rubidium Frequency Standards 10 MHz output
1 Telawave model 44 wattmeter Recently calibrated
1 IFR 1000S  
All sold with 7 day ROR (Right of Refusal), recent calibration, operation manual and accessories  
Factory carrying cases for each with calibration certificate  
Many parts and accessories  

Frank Moorman animated left arrow

(254) 596-1124

Leavitt Communications


Specialists in sales and service of equipment from these leading manufacturers, as well as other two-way radio and paging products:

bendix king COM

motorola blue Motorola SOLUTIONS



Contact us for price and availability please

Philip C. Leavitt
Leavitt Communications
7508 N. Red Ledge Drive
Paradise Valley, AZ 85253
Web Site:
Mobile phone: 847-494-0000
Telephone: 847-955-0511
Fax: 270-447-1909
Skype ID: pcleavitt

Old tech’s new wave, or why we still love faxes, pagers and cassettes

Once seen as cutting edge, many of yesterday’s gadgets are — surprisingly — still in use or are making a comeback. Richard Godwin goes back to the future

Past masters: everything from vinyl to milk floats is still with us. But why is it that we are
turning to retro solutions more frequently?
Illustration: Phil Hackett/The Observer

Pagers became popular in the 1980s as a fast way of sending a message to someone . . . who couldn’t message back. You might imagine that the text message would have killed the pager. PageOne, the country’s remaining service provider, stresses that the pager remains the most reliable and cost-effective way of sending out thousands of messages at a time, with far greater coverage than the mobile phone network (including on aeroplanes). Fire and ambulance services use them widely, with the NHS accounting for an estimated 10% of use worldwide — thanks to the 130,000 or so doctors who use them while on call. Many doctors say it’s quicker and easier paging in emergency situations — mobile reception is patchy in many hospitals and paging doesn’t interfere with electric equipment — and if it ain’t broke, why fix it?

Source: The Guardian  


Hong Kong


W8001 (4 Line/8 Line IP67 Alphanumeric Pager)

W8008 Thinnest IP67 Rated Alphanumeric Pager 4 Line/8 Line, OLED Display

W2028 (2 Line/4 Line Alphanumeric Pager)

For Trade inquiries contact:
Eric Dilip Kumar

  • Available in VHF, UHF & 900 MHz Full Range Frequency Bands
  • We are OEM for Major Brand names in USA and Europe
  • We also Design and Manufacture POCSAG Decoder Boards
  • We can Design and Manufacture to customer specifications
  • Factory located in Shenzhen, China
  • Pagers have FCC, RoHs, C-Tick, CE-EMC, IC Approvals

Visit our websites for more details

For ESPAÑOL, PORTUGUÊS AND DEUTSCH versions, please go to:

Paging Transmitters 150/900 MHz

The RFI High Performance Paging Transmitter is designed for use in campus, city, state and country-wide paging systems. Designed for use where reliable simulcast systems where RF signal overlap coverage is critical.

  • Commercial Paging systems.
  • Healthcare Paging systems.
  • Public Safety Emergency Services Paging systems.
  • Demand Response Energy Grid Management.

Built-in custom interface for Prism-IPX ipBSC Base Controller for remote control, management and alarm reporting.

  • Use as a stand-alone unit or in wide area network.
  • Mix with other transmitter brands in an existing paging network.
  • Adjustable from 20-250 watts.
  • 110/240 VAC or 48VDC.
  • Absolute Delay Correction.
  • Remote Diagnostics.
  • Configurable alarm thresholds.
  • Integrated Isolator.
  • Superb Reliability.
  • Improved amplifier efficiency.
  • Most reliable high-powered paging transmitter available.

Prism-IPX Systems LLC.

11175 Cicero Dr., Alpharetta, GA 30022
Ph: 678-242-5290 Email:

  • LIVE response possible to any program with Media 1 Live app from Android or Apple stores, summed up immediately for producer on web site
  • Propose LIVE broadcast on Internet. with live response to reach youth with low cost quality education, seeking persons interested.
  • Contact:


“Is Paging Going Away?” by Jim Nelson

  • Click here for English.
  • Click here for German. (Berlin Revision: November 8, 2016)
  • Click here for French.

Here is an English PDF edit of this paper formatted with page breaks and suitable for printing.

Volunteers needed for translations into other languages.

Board of Advisors

The Wireless Messaging News
Board of Advisors

Frank McNeill
Founder & CEO
Communications Specialists
Jim Nelson
President & CEO
Prism Systems International
Kevin D. McFarland, MSCIS
Sr. Application Systems Analyst
Medical Center
Paul Lauttamus, President
Lauttamus Communications & Security
R.H. (Ron) Mercer
Wireless Consultant
Barry Kanne
Paging Industry Veteran
Ira Wiesenfeld, P.E.
Consulting Engineer
Allan Angus
Consulting Engineer

The Board of Advisor members are people with whom I have developed a special rapport, and have met personally. They are not obligated to support the newsletter in any way, except with advice, and maybe an occasional letter to the editor.


Can You Help The Newsletter?

animated left arrow

You can help support The Wireless Messaging News by clicking on the PayPal Donate button above. It is not necessary to be a member of PayPal to use this service.

Reader Support

Newspapers generally cost 75¢ $1.50 a copy and they hardly ever mention paging or wireless messaging, unless in a negative way. If you receive some benefit from this publication maybe you would like to help support it financially?

A donation of $50.00 would certainly help cover a one-year period. If you are wiling and able, please click on the PayPal Donate button above.


10 Vanadium Place, Addington
Christchurch 8024, New Zealand
Ph: +64 (0)3 379 2298
Web Page:
Free: 0508 Salcom (NZ Only)


Investor Relations -Press Release

Spok’s Board of Directors Unanimously Rejects B. Riley’s Unsolicited Proposal

Opportunistically Timed Proposal Substantially Undervalues Spok

Board Determines That Now Is Not the Right Time to Pursue Strategic Alternatives Process

SPRINGFIELD, Va.—(BUSINESS WIRE)—Mar. 24, 2020— Spok Holdings, Inc. (NASDAQ: SPOK), a global leader in healthcare communications, today announced that its Board of Directors, after consultation with its financial and legal advisors, unanimously determined that the unsolicited and non-binding proposal from B. Riley Financial, Inc. (NASDAQ: RILY) to acquire Spok for $12 per share in cash substantially undervalues Spok, and that pursuing this transaction at this time was not in the best interest of the Company and its shareholders.

“The Board of Directors is confident in Spok’s strategic direction and executive leadership, even as the capital markets and our healthcare customers are experiencing historic dislocations due to the COVID-19 national emergency,” said Royce G. Yudkoff, Chairman of the Spok Board. “We have determined that this unsolicited, conditional and incomplete proposal from B. Riley grossly undervalues Spok. Now is not the time for Spok to pursue a sale or strategic transaction with B. Riley, given the disruptions to the debt and equity markets, strict restrictions on travel and the inability to conduct meaningful due diligence on any proposed transaction, and the significant distractions affecting private equity and potential strategic counter parties due to COVID-19, as well as the very recent launch of Spok Go® and its broad market potential for critical in-hospital communications at a time when the nation’s health care system is under extraordinary stress.”

Notwithstanding these manifest considerations, the Spok Board of Directors will carefully and seriously evaluate any good faith proposals from financially capable parties that fairly values Spok and the potential for stockholder value represented by the Company’s long-term investment in its enterprise, cloud-based Spok Go platform.

About Spok

Spok, Inc., a wholly owned subsidiary of Spok Holdings, Inc. (NASDAQ: SPOK), headquartered in Springfield, Virginia, is proud to be a global leader in healthcare communications. We deliver clinical information to care teams when and where it matters most to improve patient outcomes. Top hospitals rely on the Spok Care Connect® and Spok Go® platforms to enhance workflows for clinicians, support administrative compliance, and provide a better experience for patients. Our customers send over 100 million messages each month through their Spok® solutions. Spok is making care collaboration easier. For more information, VISIT SPOK.COM or follow @SPOKTWEETS on Twitter.

Spok is a trademark of Spok Holdings, Inc. Spok Care Connect and Spok Go are trademarks of Spok, Inc.

Safe Harbor Statement under the Private Securities Litigation Reform Act: Statements contained herein or in prior press releases which are not historical fact, such as statements regarding Spok's future operating and financial performance and statements relating to the unsolicited takeover bid from B. Riley Financial, Inc., are forward-looking statements for purposes of the safe harbor provisions under the Private Securities Litigation Reform Act of 1995. These forward-looking statements involve risks and uncertainties that may cause Spok's actual results to be materially different from the future results expressed or implied by such forward-looking statements. Factors that could cause actual results to differ materially from those expectations include, but are not limited to, declining demand for paging products and services, continued demand for our software products and services, our ability to develop additional software solutions for our customers and manage our development as a global organization, the ability to manage operating expenses, particularly third party consulting services and research and development costs, future capital needs, competitive pricing pressures, competition from traditional paging services, other wireless communications services and other software providers, many of which are substantially larger and have much greater financial and human capital resources, changes in customer purchasing priorities or capital expenditures, government regulation of our products and services and the healthcare and health insurance industries, reliance upon third-party providers for certain equipment and services, unauthorized breaches or failures in cybersecurity measures adopted by us and/or included in our products and services, the effects of changes in accounting policies or practices, adverse economic, political or market conditions in the U.S. and international markets and other factors such as natural disasters, pandemics and outbreaks of contagious diseases and other adverse public health developments, such as coronavirus disease 2019 (COVID-19), the outcome of the unsolicited takeover bid from B. Riley Financial, Inc., as well as other risks described from time to time in our periodic reports and other filings with the Securities and Exchange Commission. Although Spok believes the expectations reflected in the forward-looking statements are based on reasonable assumptions, it can give no assurance that its expectations will be attained. Spok disclaims any intent or obligation to update any forward-looking statements.

View source version on BUSINESSWIRE.COM: HTTPS://WWW.BUSINESSWIRE.COM/NEWS/HOME/20200324005732/EN/

Al Galgano
+1 (952) 567-0295

Source: Spok Holdings, Inc.  

Prism-IPX Systems

prism-ipx systems

prism-ipx systems

prism-ipx systems

prism-ipx systems

Click on the image above for more info about advertising here.

Internet. Protocol Terminal

The IPT accepts Internet. or serial messaging using various protocols and can easily convert them to different protocols, or send them out as paging messages.

An ideal platform for hospitals, on-site paging applications, or converting legacy systems to modern protocols.

Input Protocols: Serial and IP
Output Protocols: Serial and IP
FLEX (optional PURC control)   POCSAG (optional PURC control)

Additional/Optional Features

  • Database of up to 5000 subscribers.
  • 4 serial ports on board.
  • Up to 8 phone lines (DID or POTS).
  • Can be configured for auto-fail-over to hot swap standby.
  • 1RU rack mount unit appliance—no moving parts.
  • Easily secure legacy system messages leaving site for HIPAA compliance.
  • Only purchase the protocols/options you need.
  • Add Paging Encryption for HIPAA compliance on site.

Prism-IPX Systems LLC.

11175 Cicero Dr., Alpharetta, GA 30022
Ph: 678-242-5290 e-mail:

Paging Data Receiver PDR-4

The PDR-4 is a multi-function paging data receiver that decodes paging messages and outputs them via the serial port, USB or Ethernet connectors.

Designed for use with Prism-IPX ECHO software Message Logging Software to receive messages and log the information for proof of transmission over the air, and if the data was error free.

  • Option—decode capcode list or all messages.
  • Large capcode capacity.
  • Serial, USB and Ethernet output.
  • POCSAG or FLEX page decoding, special SA protocols.
  • Receivers for paging bands in VHF, UHF, 900 MHz.
  • Message activated Alarm Output.
  • 8 programmable relay outputs.
  • Send notifications of a system problem.
  • Synthesized Receiver Tuning.
  • Selectivity better than 60 dB.
  • Frequencies 148-174, 450-470, 929-932 MHz.
  • Image Rejection better than 55 dB.
  • Spurious Rejection better than 55 dB.
  • Channel Spacing 12.5 or 25 kHz.
  • Power 5VDC.
  • Receiving Sensitivity 5µV at 1200 bps.

Prism-IPX Systems LLC.

11175 Cicero Dr., Alpharetta, GA 30022
Ph: 678-242-5290 e-mail:

Wireless Network Planners

Wireless Network Planners
Wireless Specialists

R.H. (Ron) Mercer
217 First Street
East Northport, NY 11731

ron mercer
Telephone: 631-786-9359 left arrow left arrow

The Best Way to Beat a Bad Mood, According to Psychology: The 3Ms

A timely reminder from psychology: you are in control of your mood, not the other way around.

By Jessica Stillman, Contributor

Happiness makes your brain work better, Harvard researcher Shawn Achor once told Everyone, especially hard-pressed business owners, could definitely use our brains to be at their sharpest in the midst of the current crisis. But let's be honest, now isn't the easiest time to stay positive.

For some folks with mental health issues, the challenges go way beyond cabin fever and everyday anxiety. But for those of us lucky enough to be dealing with garden-variety grumpiness, science has good news. Simple interventions that are doable for nearly everyone can have a profound effect on your mood. Psychology writer Nick Wignall brilliantly summed them up on Medium as "the 3Ms."

Don't underestimate the power of these simple steps to help you regain control of your mood, so you can weather the current craziness with a little more good cheer and a little clearer mind.

1. Move

It's not just woo-woo yoga teachers and masochistic marathon runners who insist humans are hard-wired to move. Science agrees. "Exercise does the same kind of thing that many of our medicines do. A bout of exercise is like taking a little bit of Prozac and a little bit of Ritalin," Harvard researcher John Ratey has explained. Who couldn't use a little more happiness and concentration at the moment?

Exercise is admittedly harder when you're stuck at home. But not impossible. Jogging is the perfect social distancing activity, Apple has a whole list of apps that can help you keep active indoors, or just go old school with push-ups and jumping jacks.

2. Make

In uncertain times, it's good to remind yourself of all the things you can control and accomplish. One of the best ways to do that is to make something with your own two hands. It doesn't have to be fancy. It doesn't even have to be good.

"Look for small opportunities to make something, fix something, or simply clean something up. Why not bake some cookies, or declutter your desk, or trim the roses? Working with your hands can be profoundly pleasurable, and there's satisfaction in seeing the results of your labor in such a tangible way," Wignall writes.

3. Meet

In a time of social distancing you can't physically meet your friends, but that doesn't mean you can't stay connected. There are virtual book clubs, Netflix and chill nights, and happy hours going on all over the world right now. Join them. Science shows friends are just about the most powerful stress buster we have.

Priya Parker, author of The Art of Gathering, has great tips on how to make your online get togethers meaningful and rewarding.


The opinions expressed here by columnists are their own, not those of


Consulting Alliance

Brad Dye, Ron Mercer, Allan Angus, Vic Jackson, and Ira Wiesenfeld are friends and colleagues who work both together and independently, on wireline and wireless communications projects.

Click here left arrow for a summary of their qualifications and experience. Each one has unique abilities. We would be happy to help you with a project, and maybe save you some time and money.

Note: We do not like Patent Trolls, i.e. “a person or company who enforces patent rights against accused infringers in an attempt to collect licensing fees, but does not manufacture products or supply services based upon the patents in question.” We have helped some prominent law firms defend their clients against this annoyance, and would be happy to do some more of this same kind of work.

Some people use the title “consultant” when they don't have a real job. We actually do consulting work, and help others based on our many years of experience.

“If you would know the road ahead, ask someone who has traveled it.”
— Chinese Proverb

Consulting Alliance

Remote AB Switches

ABX-1 switches are often used at remote transmitter sites to convert from old, outdated and unsupported controllers to the new modern Prism-IPX ipBSC base station controllers. Remotely switch to new controllers with GUI commands.


ABX-3 switches are widely used for enabling or disabling remote equipment and switching I/O connections between redundant messaging systems.


Common Features:

  • RJ45 for A, B and Common connectors.
  • Manual push button or use Prism IP commands to switch one or more relays.
  • Single or Dual Port Control card for IP or Serial connection.
  • Form C relay—control local connection.
  • Power Loss Indicator.
  • Rear Panel Connector for controlling the switch externally.
  • Power Source: 5VDC for ABX-1; 12VDC for ABX-3.

Prism-IPX Systems LLC.

11175 Cicero Dr., Alpharetta, GA 30022
Ph: 678-242-5290 e-mail:

LastPass, 1Password and other password managers can be hacked: What to do now

By Paul Wagenseil
March 25, 2020

Multiple password-manager flaws permit password theft

(Image credit: designer491/Shutterstock)

UPDATED March 25 with further comment from Dashlane.

Five widely used password managers have serious flaws, some of which have been publicly known for years, a pair of researchers said in an academic paper published earlier this month. It's not clear whether all of the flaws have been fixed.

Dashlane, Keeper, LastPass, 1Password and RoboForm, in the form of their Android apps and Chrome browser extensions for Windows, were analyzed by Michael Carr and Siamak F. Shahandashti of the University of York in England in 2017 and 2018.

The researchers found that each password manager had flaws that could let attackers steal passwords from either the Chrome browser extension or the Android app.

A few made it possible to guess the access PIN for the Android apps, giving an attacker full control, or even to "brute force" the master password to the account via the Chrome extension.

"Vulnerabilities in password managers provide opportunities for hackers to extract credentials," Shahandashti said in a University of York news posting. "Because they are gatekeepers to a lot of sensitive information, rigorous security analysis of password managers is crucial."

How you can make your password manager stronger

In response to queries from Tom's Guide, representatives from all five password managers pointed out that the researchers' analyses were conducted two years ago, and that many of the flaws described in the paper had since been fixed, although not all of our questions were answered.

We still recommend that you use one of the best password managers, because it will permit you to make your passwords all unique and strong.

But make sure that the master password you choose is especially strong. Avoid using a PIN to quickly unlock the password manager's mobile app — use your fingerprint or your face. And don't "sideload" Android or iOS apps from off-road app stores — use the official Google Play or Apple stores.

From worst to just bad

Dashlane fared worst in the study, being vulnerable to seven different security flaws, including five that had been discovered in 2013 and 2016. 1Password had the fewest vulnerabilities with four, but in truth, none of the password managers came out with flying colors.

For its part, Keeper's Craig Lurey said in a very detailed blog post that Keeper "immediately processed and addressed all reported critical, high and medium-priority issues within 24 hours" of receiving the vulnerability reports from the researchers in 2018.

UPDATE: After this story was initially published, Dashlane sent us a similarly detailed rundown of what it had done to address the various vulnerabilities outlined in the paper. Its explanations are in italics throughout.

App phishing

LastPass and 1Password were both successfully "phished" by a phony app the researchers created that simply shared the same file name as the real Google Android app. Both password managers would see the app's file name and autofill the user's real Google credentials into the fake app.

"If a victim is tricked into installing a malicious app, it will be able to present itself as a legitimate option on the autofill prompt and have a high chance of success," Shahandashti said.

The researchers said that LastPass told them that fixing the rogue-app flaw was a low priority. But LastPass disputed that in communications with Tom's Guide, saying that in 2018 "we implemented changes to our LastPass Android app to mitigate and minimize the risk of the potential attack."

"Our app requires explicit user approval before filling any unknown apps, and we've increased the integrity of our app associations database in order to minimize the risk of any 'fake apps' being filled/accepted," LastPass told Tom's Guide. "This type of vulnerability would not only require a significant amount of effort on the side of the attacker but also a significant number of mistakes to be made by a user."

App PIN brute-forcing

The researchers found that Dashlane and RoboForm did not adequately limit incorrect entries of the four-digit access PINs to launch their Android apps, which users can type in instead of master passwords for the sake of convenience.

Brute-force attacks against the PINs, which have a maximum of 10,000 possible combinations, could be successful in a few hours and would give attackers full control of the password managers.

"This attack has the potential to be catastrophic for the victim," the researchers wrote in their paper.

"A malicious attacker would have full access to the application, providing there is no prompt for the user to re-authenticate using something other than the PIN," they added. "Access to the application in both Dashlane and RoboForm enables the user to view, modify or delete records within the password manager's vault."

1Password was vulnerable to this flaw as well, but it apparently fixed the flaw within days of being notified by by the researchers. RoboForm told Tom's Guide that this issue would be fixed in the next Android release.

Dashlane apparently told the researchers that fixing this flaw was a low priority. Its representatives did not specifically address the issue in communications with Tom's Guide.

UPDATE: In subsequent communications with Tom's Guide, Dashlane said: "We do not enable the PIN code by default or recommend using it, although some of our customers prefer to use it. It is less secure than a proper master password, which we do recommend."

Master-password attacks in browser extensions

Advertisement All the password managers except Keeper did not seem to limit incorrect guesses of the user's master password in the Chrome browser extension.

In theory, an attacker could just keep trying new entries, although successfully "cracking" the master password and getting full control of the account might take thousands of years.

RoboForm told Tom's Guide that it had "server-side protection" against this kind of attack, which could mean that a RoboForm server detects multiple incorrect guesses in the browser extension and takes countermeasures.

Taking a different approach, 1Password made a strong argument to Tom's Guide that limiting incorrect entries in a password manager's browser extension is a dumb idea.

"Lockout in the UI [user interface] doesn't offer a real defense," 1Password's Jeffrey Goldberg told us in an email. "A serious attacker is not going to try to brute-force through the app itself. Instead, the attacker will make their own copy of the local data and will use an off-line cracking tool."

"At the same time, such lockout in the UI can do real harm," Goldberg added. "It can lead to accidental or malicious lockout. More importantly, it can give the user the false impression that they can get by with a weak master password." UPDATE: Dashlane later told us that this was "an attack vector inherent to encryption itself, although an attacker would have to have access to an encrypted vault in the first place by compromising a user’s device, either physically or at a user-level remotely." Clipboard data theft All the services except 1Password were vulnerable to attacks on the Windows Clipboard that would steal passwords being copied from one application to another. The attacks could be as simple as someone with unauthorized access to a computer hitting "Paste" in an open document.

RoboForm told us that in its next Windows release, "we will be implementing an option for clearing the clipboard after a set period of time."

Keeper's Lurey suggested that users use autofill instead of Clipboard to enter credentials in online services, whenever possible.

He added that an existing optional feature in the iOS and Android Keeper apps, and the Windows and Mac desktop apps, will automatically clear the operating system's clipboard after a period of time. (The desktop apps are not the same as the browser extensions.)

Malicious URLs, sub-domain stacking and HTTPS confusion

In 2016, LastPass was found to be vulnerable to attacks in which specially formed URLs tricked the password manager into auto-filling the credentials for one website into another website's login field.

That flaw was quickly fixed by LastPass back then, but ironically, the York researchers found that all four of the other password managers were vulnerable to this attack in 2017 and 2018.

Keeper told Tom's Guide that it "performs strict matching of the root domain prior to filling a password on any target website."

All five password managers could be fooled by domain names that appear to be subsets of other domains, and none of the five were able to distinguish between insecure HTTP and secure HTTPS connections.

In other words, "" could capture the credentials for "," even though it's possible for the "evil" sub-domain to be under someone else's control.

And a man-in-the-middle attack could capture a password being sent to "" instead of "", yet the password managers did not seem to distinguish between the two types of links.

Both of those flaws could easily be exploited to reveal stored passwords, and both were disclosed in an unrelated academic paper in 2013.

UPDATE: Communicating with Tom's Guide after this story was first published, Dashlane said that "we do not allow autofill on unencrypted connections to web sites. (Those that use only HTTP, not HTTPS.) If a user chooses to still use Dashlane to fill a password form, we warn them first that it is not secure."

Dashlane added that "we use the same protocol as most browsers do to establish cookie limitations, using the publicly maintained Public Suffix list ( to determine which domains should be allowed to be treated as a group versus being isolated as separate sites."

Making the right design decisions

Keeper said it had fixed both of the latter flaws in its browser extension since the study was conducted, but both Dashlane and RoboForm pushed back against the researchers' conclusions, telling Tom's Guide that password managers do need to be usable as well as secure.

"I'm not sure it's a question of us 'not fixing flaws' as much making design decisions that balance realistic security needs and humane UX [user experience]," a Dashlane spokesman told Tom's Guide.

"Because sites themselves often change or have multiple login pages, users expect RoboForm to provide the ability to AutoFill on more than just a single login page for each site," a statement provided by a company representative said.

"It should be noted that RoboForm's AutoFill always requires the user to manually click submit, thus providing an opportunity for the user to give the site and URL a once over before proceeding," the statement added.

"That said, we are examining implementing an option to warn users when there is a mismatch based on the above three cases so they can decide how and if to proceed on a case-by-case basis."

Source: Tom's Guide

Leavitt Communications

We can supply alphanumeric display, numeric display, and voice pagers.

We also offer NEW and refurbished Alphamate 250s, refurbished Alphamate IIs, the original Alphamate refurbished, and new and refurbished pagers, pager repairs, pager parts, and accessories. We are FULL SERVICE in Paging! Outstanding service is our goal.

E-mail Phil Leavitt ( ) for pricing and delivery information, or for a list of other available paging and two-way related equipment.

Phil Leavitt

7508 N. Red Ledge Drive
Paradise Valley, AZ 85253

Friday, March 27, 2020 Volume 8 | Issue 60

FCC Grants AT&T Extra Temporary Spectrum Access for Puerto Rico, USVI

The FCC Thursday granted Special Temporary Authority to AT&T to use additional spectrum to serve Puerto Rico and the U.S. Virgin Islands during the coronavirus pandemic. The Commission is granting AT&T access to the AWS-4 spectrum, currently licensed to DISH, for 60 days to expand its network capacity to meet expected increases in network traffic as a result of more Americans on the islands working from home, social distancing, and sheltering in place.

“We have put a special emphasis on helping those on the islands stay connected following the terrible storms that hit them in recent years,” said FCC Chairman Ajit Pai. “We continue that work today in a new kind of emergency.”

He thanked DISH for agreeing to this use of its spectrum and the Department of Justice for its cooperation. The FCC has granted STAs to several carriers around the country since the start of the national emergency, Inside Towers reported.

CBRS Offers New In-Building Wireless Choices

March 27, 2020 5:55 am

Stop me if you heard this before — roughly 80 percent of all mobile calls originate or terminate inside buildings. Credit this widely cited metric to the former AT&T Antenna Systems Group (ASG) that extended AT&T’s network into very large venues like sports facilities, airports and convention centers. Quality cellular connections inside commercial buildings is imperative for all mobile users and the venue owners.

Implementing and operating an in-building wireless (IBW) system involves significant technical and economic challenges, however. Every building has a different size and shape. Materials like steel, concrete and energy-efficient glass all inhibit RF transmissions both from outside and within buildings. More important, the carriers own the cellular frequencies.

The DOE Energy Information Administration’s (EIA) latest Commercial Buildings Energy Consumption Survey (CBECS) shows there are 5.6 million U.S. commercial buildings comprising 87 billion square feet of space for all types of use. Yet IBW penetration remains stubbornly low due to the high deployment costs and restricted access to frequencies.

Wireless carriers already address the Large Venue tier of 8,000 structures that average nearly a million square feet (sf). IBW systems are either active distributed antenna system (DAS) or small cells, depending on the size and layout of the facility. Wireless carriers fund these IBW deployments. Often, one major carrier handles the initial installation and others on board once the system is in service.

By contrast, the low-end Small Buildings tier accounts for 94 percent of the total or 5.2 million buildings averaging 16,000 sf. Most are too small to warrant their own IBW system. Small businesses, retail stores and professional firms generally rely on signals from the nearest macrocell coming inside. Where better indoor coverage is needed, a low-cost bi-directional amplifier (BDA) or passive DAS brings in signals from outside.

The IBW sweetspot is the so-called Middleprise, involving two tiers totaling 327,000 buildings in the 50,000 to 500,000 sf range. Middleprise appeals to equipment vendors and contractors because of the sheer numbers that support a myriad of vertical applications – enterprise, hospitality, education, healthcare, hi-rise residences and industrial sites, either as standalone buildings or multi-building campuses.

Carriers have stated they are unwilling to invest in all these Middleprise buildings. Instead, they leave it to the building owners and their neutral host partners such as tower companies or systems integrators to pay for IBW systems that transport carrier frequencies. Therein lies the problem.

IBW installations in such large facilities are expensive, running $1-2 per sf, depending on the IBW system, whether an active DAS, small cells, or a Private LTE network for which they must obtain licenses in non-carrier frequency bands. Moreover, negotiating with multiple carriers to access their frequencies for in-building is a lengthy and arduous process.

Citizens Broadband Radio System (CBRS) in the 3.5 GHz band offers a new solution. “We see CBRS in the mix as having the reliability of cellular with the easy-to-deploy method of WiFi without spending millions of dollars for spectrum,” says Alessandro Feitosa, SVP-WiFi, IT & Analytics at Atlanta, GA-based Connectivity Wireless, a systems integrator and neutral host operator. “We’ve applied for GAA [General Authorized Access] licenses and are working with partners testing CBRS in lots of applications in several venues.”

Feitosa points out that with CBRS, venue owners can establish Private LTE networks to complement a DAS and WiFi system in that same facility. “Carrier customers’ smartphones can incorporate programmed SIMs so they can roam on to the Private LTE network. This helps offload traffic from the carrier network to the cheaper private network. At the same time, the venue owners could sell capacity to the carrier in a third-party operator (3PO) model. DAS or WiFi plus CBRS now becomes contract infrastructure.” Feitosa expects more mixing and matching of CBRS, cellular DAS and WiFi depending on the location, cost and use cases. “WiFi will still be part of 80 percent of use cases. In large venues where DAS is installed, CBRS is complementary. They are all frienemies!”

CBRS likely will stimulate new Middleprise IBW deployments at lower overall costs and in shorter time-frames than traditional systems. These systems can deliver robust services to users and create potential new revenue sources for the building owners and their neutral host partners.

By John Celentano, Inside Towers Business Editor.

Source: Inside Towers newsletter Courtesy of the editor of Inside Towers Jim Fryer.
Inside Towers is a daily newsletter by subscription.

BloostonLaw Newsletter

Selected portions [sometimes more — sometimes less — sometimes the whole updates] of the BloostonLaw Telecom Update and/or the BloostonLaw Private Users Update — newsletters from the Law Offices of Blooston, Mordkofsky, Dickens, Duffy & Prendergast, LLP — are reproduced in this section of The Wireless Messaging News with kind permission from the firm. The firm's contact information is included at the end of this section of the newsletter.

 BloostonLaw Telecom Update Vol. 23, No. 13 March 25, 2020 

Reminder: Form 499-A, and Access to Advanced Services Certifications Still Due April 1

Despite several deadline waivers and extensions due to the Coronavirus, the Annual Telecommunications Reporting Worksheet, known as FCC Form 499-A, is still due on April 1. The filing, which applies to every telecommunications carrier that provides interstate, intrastate, and international telecommunications, and certain other entities that provide interstate telecommunications for a fee, requires the reporting of revenue information from January 1 through December 31 of the prior year, along with certain other information.

Also still due April 1 is the Annual Access to Advanced Services Certification. This filing, which applies to all providers of telecommunications services and telecommunications carriers subject to Section 255 of the Telecommunications Act, requires the filer to certify that it has procedures in place to meet the relevant record-keeping requirements and actually keeps the required records.

BloostonLaw has an extensive experience with both filings and has a compliance manual available for the Accessibility filing.

BloostonLaw Contacts: Gerry Duffy and Sal Taillefer.


FCC Changes Schedule for CBRS PAL Auction (Auction 105) Due to COVID-19 Pandemic

Citing the need “to protect the health and safety of Commission staff during the auction and so that parties have additional time to prepare to participate in Auction 105 given the COVID-19 pandemic,” the FCC Wireless Bureau and Office of Economics and Analytics this afternoon announced postponement of certain dates and deadlines for the auction of Priority Access Licenses in the 3550-3650 MHz band.

“Many Americans have had to make tough decisions on how they do business in this rapidly changing environment, and the FCC is no different,” said Chairman Ajit Pai in an FCC press release announcing the action. “After consulting agency staff within the relevant Bureaus and Offices, we determined that it was in everyone’s best interest to make these changes. But we remain committed to holding the 3.5 GHz auction this summer and look forward to beginning this important mid-band auction in July.”

A complete list of the revised auction dates and deadlines is below.

Short-Form Application (FCC Form 175)
Filing Window Opens ................... April 23, 2020, 12:00 p.m. Eastern Time (ET)
Short-Form Application (FCC Form 175)
Filing Window Deadline ................... May 7, 2020, 6:00 p.m. ET
Upfront Payments (via wire transfer ................... June 19, 2020, 6:00 p.m. ET
Bidding Tutorial Available (via Internet) ................... No later than July 9, 2020
Auction Registration Materials ................... By July 15, 2020, 12:00 p.m. ET
Mock Auction ................... July 20, 2020
Bidding Begins in Auction 105 ................... July 23, 2020

Clients who are interested in Auction 105 should continue assembling information required for their short-form application because the new filing deadline will be upon us quickly. The disruption of FCC operations due to the COVID-19 pandemic is an evolving story, and further announcements will be posted on the Auction 105 website (

BloostonLaw Contacts: John Prendergast, Cary Mitchell

FCC Open Meeting to Proceed as Scheduled; Live-Feed Only

On March 24, the FCC released the official agenda for its next Open Meeting, currently scheduled for March 31 at 10:30 a.m. ET. Due to the current COVID-19 pandemic and related agency telework and headquarters access policies, this meeting will be in a wholly electronic format and will be open to the public on the Internet via live feed from the FCC’s web page at and on the FCC’s YouTube channel. Because of these special circumstances, the items listed below are expected to be voted on circulation prior to the meeting.

At the meeting, the FCC will consider the following items:

  • Mandating STIR/SHAKEN to Combat Spoofed Robocalls: a Report and Order and Further Notice of Proposed Rulemaking that would (1) adopt rules requiring originating and terminating voice service providers to implement the STIR/SHAKEN caller ID authentication framework in the Internet Protocol portions of their networks; and (2) propose additional measures to combat illegal spoofing, including measures to implement portions of the TRACED Act. (WC Dockets Nos. 17-97, 20-67). See the full article below for more.
  • Amending Distributed Transmission System Rules to Facilitate Next Generation TV: a Notice of Proposed Rulemaking that would seek comment on whether to modify the FCC’s rules governing the use of distributed transmission systems by broadcast television stations. (MB Docket No. 20-74; GN Docket No. 16-142)
  • Defining Significantly Viewed Local TV Stations: a Notice of Proposed Rulemaking that would seek comment on whether to update the methodology for determining whether a television broadcast station is “significantly viewed” in a community outside of its local market. (MB Docket No. 20-73, 17-105)
  • Revising Program Carriage Rules and Part 76 Review Procedures: a Further Notice of Proposed Rulemaking and Notice of Proposed Rulemaking that would seek comment on whether to modify the FCC’s rules governing the resolution of program carriage disputes between video programming vendors and multichannel video programming distributors. (MB Docket Nos. 20-70, 11-131, 17-105)
  • Detariffing Telephone Access Charges and Simplifying Consumer Bills: a Notice of Proposed Rulemaking that would propose to (1) eliminate ex ante pricing regulation and require detariffing of various end-user charges associated with interstate access service (including SLC and ARC), and (2) prohibit carriers from separately listing these charges on customers’ telephone bills. (WC Docket No. 20-71).

The links above are for public drafts of meeting items. The FCC is publicly releasing the draft text of each item expected to be considered at this Open Commission Meeting, along with one-page cover sheets prepared by the FCC to help summarize each item. It is important to note that these are only drafts, and may differ from the final version of the item actually considered at the Open Meeting.

BloostonLaw Contacts: Ben Dickens, Mary Sisak, and Sal Taillefer.

FCC Delays FM Broadcast Construction Permit Auction; Upfront Payment Refunds Available

On March 25, the FCC issued a Public Notice announcing an indefinite postponement of Auction 106, an auction of construction permits in the FM broadcast service, which had been scheduled to begin on Tuesday, April 28. According to the Public Notice, the FCC took this action in order to protect the health and safety of FCC staff during the auction and so that parties have additional time to prepare to participate in Auction 106 given the COVID-19 pandemic. The FCC will announce a revised schedule in a future public notice.

In the meantime, Auction 106 applicants that had submitted upfront payments may obtain a refund of those deposits after submitting a written request. Refund processing generally takes up to two weeks to complete. All short-form applications (FCC Form 175s) filed for Auction 106 are dismissed, and the FCC will announce procedures for filing applications and other procedures to participate in Auction 106 in a future announcement.

Finally, the rules prohibiting certain communications set forth in section 1.2105(c) of the FCC’s rules no longer apply to each applicant that filed a short-form application in Auction 106.

BloostonLaw Contact: Cary Mitchell.

USDA Extends Certain RUS Deadlines, Waives Certain Rules due to Coronavirus

On March 25, USDA Rural Development announced that it has taken a number of immediate actions to help rural residents, businesses and communities affected by the COVID-19 outbreak, including the following in regard to the Rural Utilities Service:

  • extended for 60 days the deadline for Telecommunications and Electric Program borrowers and grantees to submit their annual CPA audit. In most cases, such audits are due to the agency by April 30, 2020.
  • waived borrower covenant requirements for loan agreement financial ratios for the period from Jan. 1, 2020, through Dec. 31, 2020. Additionally, USDA is waiving all financial reporting requirements associated with existing Rural Utilities Service (RUS) loan and grant covenants beginning Jan. 1, 2020 through June 30, 2020.
  • delegated authority to the RUS Telecommunications, Electric, and Water and Environmental Programs to consider requests to waive certain site inspection requirements during the current COVID-19 National Emergency.
  • allowed applicants will be able to use alternative methods to notify the public, such as through video conferences, teleconferences and public notices on websites and in local newspapers, as a substitute for the public meeting notification requirement for water and waste projects.
  • will help, on a case-by-case basis, Electric Program borrowers gain access to obligated funds more quickly at current low interest rates by considering extensions of loan terms (within statutory limits); considering requests to move obligated funds between the Electric Program’s six budget purposes where the new purpose has cleared environmental review; and by considering Temporary Normal Inventory (TNI) requests.

BloostonLaw Contacts: Ben Dickens and Sal Taillefer.

FCC Temporarily Waives 3.65 GHz Transition Requirement

On March 19, the FCC issued an Order temporarily waiving the requirements in the FCC’s rules for licensees to transition their Part 90 operations to Part 96 operations in the 3650-3700 MHz band, to specify a new deadline of October 17 for all licensees that would otherwise have had to transition such operations between April 17and October 17. According to the FCC, the temporary waiver is granted in effort to ensure connectivity during the Coronavirus pandemic.

The transition rules were adopted in 2015 as part of the rules for shared commercial use of the 3550-3700 MHz Band (3.5 GHz Band). That order included a transition period for existing Part 90 wireless broadband licensees in the 3650-3700 MHz band (3650-3700 MHz band licensees) to complete the transition of their operations to Part 96 Citizens Broadband Radio Service, either on a grandfathered, protected basis or on a non-grandfathered basis. Pursuant to existing rules, the transition period ends between April 17, 2020, and January 8, 2023, depending on the grant and expiration dates of each individual license. The extension granted in this Order extends the transition period for those licensees whose transition period would otherwise expire between April 17 and October 17, for additional time, to October 17.

BloostonLaw Contacts: Cary Mitchell and John Prendergast.

Law and Regulation

“Take Responsibility for Workers and Families Act” to Include Broadband Funding

On March 23, Appropriations Committee Chairwoman Nita M. Lowey (D-NY), along with co-sponsors Zoe Lofgren (D-CA), Robert C. “Bobby” Scott (D-VA), Frank Pallone, Jr. (D-NJ), Maxine Waters (D-CA), Carolyn B. Maloney (D-NY), Nydia M. Velázquez (D-NY), Peter DeFazio (D-OR), and Richard E. Neal (D-MA), introduced HR 6379, the Take Responsibility for Workers and Families Act, a coronavirus response bill that injects more than $2.5 trillion into the American economy

Of particular interest is Division U, which contains the following sections on telecommunications:

  • Section 201.Broadband Hotspots and Connected Devices for Schools and Libraries During COVID-19 Emergency. This section authorizes increased funding and provides flexibility to the FCC E-Rate program to enable schools and libraries, including tribal schools and libraries, to offer broadband hotspots and connected devices to facilitate distance learning and connectivity during the COVID-19 public health emergency
  • Section301.Expansion of Low-Income Broadband Subsidies During COVID-19 Emergency. This section authorizes increased funding and provides flexibility for the FCC’s Lifeline program to expand access to broadband for low-income Americans during the COVID-19 public health emergency.
  • Section401. Telecommunications Consumer Protections During COVID-19 Emergency. This section makes certain practices unlawful during the COVID-19 public health emergency, such as the stopping of telephone or broadband services, if a consumer is unable to pay for reasons related to the COVID-19 emergency.
  • Section 501. Public Safety Use of the T-Band. This section repeals the requirement on the FCC to reallocate and auction the T-Band (470-512 MHz), which allows first responders to continue the use of the band for their public safety communications.

President Trump Signs Broadband Data Mapping Bill

On March 23, the President signed into law S. 1822, the “Broadband Deployment Accuracy and Technological Availability Act or the Broadband DATA Act,” which requires the FCC to issue rules relating to the collection of data with respect to the availability of broadband services. The DATA Act was originally introduced in June of last year by Sen. Roger Wicker, R-Miss., chairman of the Senate Committee on Commerce, Science, and Transportation, together with Sens. Gary Peters, D-Mich., John Thune, R-S.D., and Amy Klobuchar, D-Minn.

As we reported in a previous edition of the BloostonLaw Telecom Update, the bill would will specifically:

  • Require the FCC to collect granular service availability data from wired, fixed wireless, and satellite broadband providers.
  • Set parameters for service availability data collected from mobile broadband providers to ensure accuracy.
  • Permit the FCC to consider whether to collect verified coverage data from state, local, and tribal governments, as well as from other entities.
  • Create a process for consumers; state, local, and tribal governments; and other groups to challenge FCC maps with their own data, and require the FCC to determine how to structure that process without making it overly burdensome on challengers.
  • Establish a crowd-sourcing process that allows the public to participate in data collection.
  • Strengthen enforcement against providers that “knowingly or recklessly” submit materially inaccurate broadband data.
  • Require the FCC to use the newly-created maps when making new awards of broadband funding.

Chairman Pai issued the following statement on the passage of the bill into law: “I applaud the President for signing the Broadband DATA Act and thank the leadership of the Senate and House Commerce Committees for their bipartisan work in moving this legislation through Congress. The Act affirms the FCC’s approach to collecting more precise and granular broadband data through our new Digital Opportunity Data Collection program.

“At this point, it is vital for Congress to provide the FCC as soon as possible with the appropriations necessary to implement the Act. Right now, the FCC does not have the funding to carry out the Act, as we have warned for some time. And given the Act’s prohibition on the Universal Service Administrative Company performing this mapping work, if Congress does not act soon, this well-intentioned legislation will have the unfortunate effect of delaying rather than expediting the development of better broadband maps. I look forward to working with Congress in the weeks ahead to secure this funding, so that we can ensure that we have the best tools available for bridging the digital divide for the American people.”

BloostonLaw Contacts: Ben Dickens and Sal Taillefer.

Sen. Klobuchar Introduces Rural Broadband Sustainability Bill

On March 24, U.S. Senators Amy Klobuchar (D-MN) and Kevin Cramer (R-ND), along with Tina Smith (D-MN), Dan Sullivan (R-AK), Tammy Baldwin (D-WI), Steve Daines (R-MT), Doug Jones (D-AL), Lisa Murkowski (R-AK), Jon Tester (D-MT), John Barrasso (R-WY), Pat Roberts (R-KS), Jacky Rosen (D-NV), Todd Young (R-IN), and Gary Peters (D-MI) introduced the Keeping Critical Connections Act to help small broadband providers ensure rural broadband connectivity for students and their families during the coronavirus pandemic.

Specifically, the Keeping Critical Connections Act would appropriate $2 billion for a Keeping Critical Connections fund at the FCC under which small broadband providers with fewer than 250,000 customers could be compensated for broadband services—if they provided free or discounted broadband services or upgrades—during the pandemic for low-income families who could not afford to pay their bills or provided distance learning capability for students.

“Access to high speed Internet is critical for students and their families during the coronavirus outbreak,” Klobuchar said. “The Keeping Critical Connections Act would help small broadband providers continue offering free or discounted broadband services to families and students in rural areas to ensure they remain connected to school, work, and their communities during this period of economic turmoil caused by the coronavirus pandemic.”

“The federal government asked this essential industry to keep providing assistance to people during COVID—19, and they answered the call,” Cramer said. “The least we can do is make sure they are made whole when this pandemic is over.”

BloostonLaw Contacts: Mary Sisak and Sal Taillefer.

FCC Extends Push Notification Waiver for White Spaces Devices

On March 24, the FCC adopted an Order extending the existing waiver of the push notification requirement for fixed and Mode II personal/portable white space devices and white space databases. The waiver, which is due to expire on March 31, is now extended through September 30.

The push notification requirement was adopted as a part of the FCC’s Part 15 Report and Order adopted in 2015. There, the FCC adopted new and modified rules for white space devices and unlicensed wireless microphones that operate in the TV bands and 600 MHz Band, and for white space devices that operate on TV channel 37. To prevent interference to protected services, including licensed wireless microphones, certain white space devices are required to check a database at least once a day to obtain a list of available channels at their operating location. In the Part 15 Report and Order, the FCC retained this requirement and decided to also require that database administrators push information about changes in channel availability information to white space devices in the areas where licensed wireless microphones will be used.

BloostonLaw Contacts: John Prendergast and Richard Rubino.


Commissioner O’Rielly to be Appointed to Second Term

On March 19, FCC Commissioner Michael O’Rielly issued the following statement:

“Early last evening, I was informed that President Trump and his Administration officials had taken steps to nominate me for another term at the Federal Communications Commission. I am deeply appreciative of the President’s decision and his aggressive leadership on communications policy, including extensive efforts to bring broadband access to all Americans.

“During my tenure at the Commission, I have advocated for preserving and advancing American free market principles to develop common sense regulation and eliminate unnecessary rules that hurt consumers. I hope to continue this work should the Senate decide to approve my nomination.

“As we face the monumental challenges currently confronting our nation, it is gratifying to watch the private and public sectors pulling together to rise to the occasion. Our work at the Commission persists, meeting the needs of the millions of American businesses, workers, families, and students facing unique communications needs and issues.

“I thank all of those who have said kind words about my nomination, especially Chairman Pai, and Commissioners Carr, Rosenworcel, and Starks.”

Chairman Pai Touts Over 500 Signatories to “Keep Americans Connected” Pledge

On March 24, FCC Chairman Ajit Pai published a blog post indicating, among other things, that over 500 broadband providers have signed his “Keep Americans Connected” pledge. The pledge reads as follows:

Given the coronavirus pandemic and its impact on American society, [[Company Name]] pledges for the next 60 days to:

  • not terminate service to any residential or small business customers because of their inability to pay their bills due to the disruptions caused by the coronavirus pandemic;
  • waive any late fees that any residential or small business customers incur because of their economic circumstances related to the coronavirus pandemic; and
  • open its Wi-Fi hotspots to any American who needs them.

Chairman Pai has also urged companies with low-income broadband programs to expand and improve them and those without them to adopt such programs. He called on broadband providers to relax their data usage limits in appropriate circumstances and take steps to promote remote learning and telehealth. For example, BEK Communications is doubling Internet speeds for all customers at no additional charge, and offering broadband service for free for four months to new customers with telehealth, education, and work-from-home needs. AT&T is providing all consumer home Internet wireline customers, as well as Fixed Wireless Internet customers, with unlimited Internet data, and funding an eLearning coalition to provide free resources to educators. CenturyLink is suspending data usage limits. Sprint and T-Mobile are offering unlimited smartphone data and additional mobile hotspot data for 60 days, increasing data usage limits for high school students without home Internet that are supported by the 1Million Project Foundation, and accelerating the delivery of 100,000 devices originally intended for next school year to those students. Verizon is tripling the data usage limit for students in Title I schools that are part of the Verizon Innovative Learning Program and committing an additional $10 million to nonprofits supporting students and first responders.


APRIL 1: FCC FORM 499-A, TELECOMMUNICATIONS REPORTING WORKSHEET. This form must be filed by all contributors to the Universal Service Fund (USF) sup-port mechanisms, the Telecommunications Relay Service (TRS) Fund, the cost recovery mechanism for the North American Numbering Plan Administration (NANPA), and the shared costs of local number portability (LNP). Contributors include every telecommunications carrier that provides interstate, intrastate, and international telecommunications, and certain other entities that provide interstate telecommunications for a fee. Even common carriers that qualify for the de minimis exemption must file Form 499-A. Entities whose universal service contributions will be less than $10,000 qualify for the de minimis exemption. De minimis entities do not have to file the quarterly report (FCC Form 499-Q), which was due February 1, and will again be due May 1. Form 499-Q relates to universal and LNP mechanisms. Form 499-A relates to all of these mechanisms and, hence, applies to all providers of interstate, intrastate, and international telecommunications services. Form 499-A contains revenue information for January 1 through December 31 of the prior calendar year. And Form 499-Q contains revenue information from the prior quarter plus projections for the next quarter. (Note: the revised 499-A and 499-Q forms are now available.) Block 2-B of the Form 499-A requires each carrier to designate an agent in the District of Columbia upon whom all notices, process, orders, and decisions by the FCC may be served on behalf of that carrier in proceedings before the FCC. Carriers receiving this newsletter may specify our law firm as their D.C. agent for service of process using the information in our masthead. There is no charge for this service.

BloostonLaw Contacts: Ben Dickens, Gerry Duffy, and Sal Taillefer.

APRIL 1: ANNUAL ACCESS TO ADVANCED SERVICES CERTIFICATION. All providers of telecommunications services and telecommunications carriers subject to Section 255 of the Telecommunications Act are required to file with the FCC an annual certification that (1) states the company has procedures in place to meet the record-keeping requirements of Part 14 of the Rules; (2) states that the company has in fact kept records for the previous calendar year; (3) contains contact information for the individual or individuals handling customer complaints under Part 14; (4) contains contact information for the company’s designated agent; and (5) is supported by an affidavit or declaration under penalty of perjury signed by an officer of the company.

BloostonLaw Contacts: Gerry Duffy, Mary Sisak, Sal Taillefer.

MAY 1: FCC FORM 499-Q, TELECOMMUNICATIONS REPORTING WORKSHEET. All telecommunications common carriers that expect to contribute more than $10,000 to federal Universal Service Fund (USF) support mechanisms must file this quarterly form. The FCC has modified this form in light of its decision to establish interim measures for USF contribution assessments. The form contains revenue information from the prior quarter plus projections for the next quarter. Form 499-Q relates only to USF contributions. It does not relate to the cost recovery mechanisms for the Telecommunications Relay Service (TRS) Fund, the North American Numbering Plan Administration (NANPA), and the shared costs of local number portability (LNP), which are covered in the annual Form 499-A that is due April 1.

BloostonLaw Contacts: Ben Dickens, Gerry Duffy, and Sal Taillefer.

JUNE 1: FCC FORM 395, EMPLOYMENT REPORT. Common carriers, including wireless carriers, with 16 or more full-time employees must file their annual Common Carrier Employment Reports (FCC Form 395) by May 31. However, because the 31st is a Sunday this year, the filing will be due on June 1. This report tracks carrier compliance with rules requiring recruitment of minority employees. Further, the FCC requires all common carriers to report any employment discrimination complaints they received during the past year. That information is also due on June 1. The FCC encourages carriers to complete the discrimination report requirement by filling out Section V of Form 395, rather than submitting a separate report.

BloostonLaw Contact: Richard Rubino.

Law Offices Of
Blooston, Mordkofsky, Dickens,
Duffy & Prendergast, LLP

2120 L St. NW, Suite 300
Washington, D.C. 20037
(202) 659-0830
(202) 828-5568 (fax)


Harold Mordkofsky, 202-828-5520,
Benjamin H. Dickens, Jr., 202-828-5510,
Gerard J. Duffy, 202-828-5528,
John A. Prendergast, 202-828-5540,
Richard D. Rubino, 202-828-5519,
Mary J. Sisak, 202-828-5554,
D. Cary Mitchell, 202-828-5538,
Salvatore Taillefer, Jr., 202-828-5562,

This newsletter is not intended to provide legal advice. Those interested in more information should contact the firm.

Calendar At-a-Glance

Mar. 27 – Comments are due on RDOF bidding procedure Public Notice.
Mar. 30 – Comments on Restoring Internet Freedom/Lifeline Reform record are due.
Mar. 31 – ReConnect round 2 applications are due.
Mar. 31 – FCC Form 525 (Delayed Phasedown CETC Line Counts) is due.
Mar. 31 – FCC Form 508 (ICLS Projected Annual Common Line Requirement) is due.

Apr. 1 – FCC Form 499-A (Annual Telecommunications Reporting Worksheet) is due.
Apr. 1 – Annual Accessibility Certification is due.
Apr. 3 – E911 Location Accuracy Benchmark Deadline for VoLTE Providers.
Apr. 6 – Reply comments are due on All-Digital AM Broadcasting NPRM.
Apr. 6 – Reply comments are due on 5.9 GHz Band Proceeding NPRM.
Apr. 6 – Comments on TV Truth-In-Billing effective date extension proceeding are due.
Apr. 9 – Short Form for Auction 105 due.
Apr. 10 – Comments are due on RDOF bidding procedure Public Notice.
Apr. 10 – Challenges are due on initial RDOF census block list.
Apr. 13 – Comments on Letter of Credit rulemaking petition due.
Apr. 13 – Reply comments on TV Truth-In-Billing effective date extension proceeding are due.
Apr. 22 – Huawei/ZTE Data Collection Responses are due.
Apr. 28 – Reply comments on Letter of Credit rulemaking petition due.
Apr. 29 – Reply comments on Restoring Internet Freedom/Lifeline Reform record are due.
Apr. 29 – E-Rate application filing window closes.

May 1 – FCC Form 499-Q (Quarterly Telecommunications Reporting Worksheet) is due.
May 15 – TRS waivers expire. May 16 – Lifeline rule waivers expire.
May 21 – Upfront payments for Auction 105 due.

Jun. 1 – FCC Form 395 (Annual Employment Report) is due. Jun. 25 – Bidding begins in Auction 105.

Complete Technical Services for the Communications and Electronics Industries

Technical Services Inc.

Texas Registered Engineering Firm #F16945

“It's more than Push-To-Talk”

7711 Scotia Drive
Dallas, TX 75248-3112

Ira Wiesenfeld, P.E.

President • Principal Engineer

Cell: 214-707-7711
Toll Free: 844-IWA-TECH (844-492-8324)

Design  •  Installation  •  Maintenance  •  Training


From: Blooston, Mordkofsky et al
Subject: Blooston CISA Memo [CORRECTED VERSION] - BloostonLaw Update
Date: March 23, 2020 at 5:26 PM CDT
To: Brad Dye

Clients Should Assess CISA Guidance On Essential Critical Infrastructure Workforce

Last week, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) developed an initial list of “Essential Critical Infrastructure Workers” to help State and local officials as they address COVID-19 issues. Specifically, the list identifies “workers who conduct a range of operations and services that are essential to continued critical infrastructure viability, including staffing operations centers, maintaining and repairing critical infrastructure, operating call centers, working construction, and performing management functions, among others.” Our clients should review the Essential Critical Infrastructure Workers provisions, and determine the extent to which their services and operations may be covered. Essential status can, e.g., affect whether a shut-down order applies to the company; and may impact whether the company’s field personnel will face challenges when trying to travel to and from project sites. We can assist our clients with this effort.

Ultimately, State, local, tribal, and territorial governments are in charge of implementing and executing response activities in communities under their jurisdiction, while the Federal Government is in a supporting role. Nevertheless, CISA’s guidance here is valuable in the event local authorities adopt inconsistent restrictions affecting our clients. Of particular relevance are the following classes of companies and workers as Essential Critical Infrastructure Workers:

  • Maintenance of communications infrastructure — including privately owned and maintained communication systems — supported by technicians, operators, call-centers, wireline and wireless providers, cable service providers, satellite operations, undersea cable landing stations, Internet Exchange Points, and manufacturers and distributors of communications equipment.
  • Workers who support radio, television, and media service, including, but not limited to front line news reporters, studio, and technicians for news gathering and reporting.
  • Workers at Independent System Operators and Regional Transmission Organizations, and Network Operations staff, engineers and/or technicians that manage the network or operate facilities.
  • Engineers, technicians and associated personnel responsible for infrastructure construction and restoration, including contractors for construction and engineering of fiber optic cables.
  • Installation, maintenance and repair technicians that establish, support or repair service as needed.
  • Central office personnel to maintain and operate central office, data centers, and other network office facilities.
  • Customer service and support staff, including managed and professional services as well as remote providers of support to transitioning employees to set up and maintain home offices, who interface with customers to manage or support service environments and security issues, including payroll, billing, fraud, and troubleshooting.
  • Dispatchers involved with service repair and restoration.
  • Workers who support command centers, including, but not limited to Network Operations Command Center, Broadcast Operations Control Center and Security Operations Command Center.
  • Data center operators, including system administrators, HVAC & electrical engineers, security personnel, IT managers, data transfer solutions engineers, software and hardware engineers, and database administrators.
  • Client service centers, field engineers, and other technicians supporting critical infrastructure, as well as Essential Critical Infrastructure manufacturers and supply chain vendors that provide hardware and software, and information technology equipment (to include microelectronics and semiconductors) for critical infrastructure.
  • Workers responding to cyber incidents involving critical infrastructure, including medical facilities, state and local governments and federal facilities, energy and utilities, and banks and financial institutions, and other critical infrastructure categories and personnel.
  • Workers supporting the provision of essential global, national and local infrastructure for computing services (incl. cloud computing services), business infrastructure, web-based services, and critical manufacturing.
  • Workers supporting communications systems and information technology used by law enforcement, public safety, medical, energy and other critical industries.
  • Support required for continuity of services, including janitorial/cleaning personnel.

The full list of recommended Essential Critical Infrastructure Workforce can be found here.

It is anticipated that in the next few days, Congress will finalize a stimulus bill designed to help the economy weather the financial crisis occasioned by COVID-19. We will be tracking that legislation carefully and will issue further analysis to our clients, as indicated. Clients with questions about the applicability of any restrictions on their operations due to COVID-19 may contact the firm for more information.

BloostonLaw Contacts: Ben Dickens, John Prendergast, and Sal Taillefer.



Surgeon General Social Distancing

Centers for Disease Control and Prevention (CDC)

The Ad Council in partnership with the White House, Centers for Disease Control and Prevention (CDC), U.S. Department of Health and Human Services (HHS), developed PSAs to inform Americans about the steps they can take to protect themselves to prevent the spread of coronavirus. Together, we can help slow the spread.

Source: YouTube  

Best regards,
brad's signature
Newsletter Editor
Licensed since 1957
Current member or former member of these organizations.

mensa member
If you are curious about why I joined Mensa, click here .

A Public Library of
animated gif
Paging and Wireless Messaging
wireless logo medium

Brad Dye
P.O. Box 266
Fairfield, IL 62837 USA

Critical Messaging
European Mobile Messaging Association
emma logo
Former Board Member
  Quarter Century
Wireless Association
Back To Paging
Still The Most Reliable
Wireless Protocol
For Emergencies!
American Association

of Woodturners
U.S. Navy

U.S. Navy

radioman second class
Second Class
Petty Officer
Boy Scouts of America

National Honor Society
Creator of the

Paging Wheel of Fortune
National Skeet

Shooting Association
The National

Rifle Association

The Radio Club
of America
Life is good!

I am a person in long-term recovery.


Skype: braddye
Twitter: @BradDye1
Telephone: +1-618-599-7869
Wireless: Consulting page
Paging: Home Page
Marketing & Engineering Papers
K9IQY: Ham Radio Page

Amateur Radio

  • ex KN9IQY, KN4BK, KM5NK, WB4JCF, ZP5TQ, WA4VXU, WA9RVL, /TI2, /9Y4, /6Y5, /KP4, HH2FJ
  • Licensed FCC Amateur Radio operator since 1957
  • Licensed FCC First-Class-Commercial Operator/Engineer since 1964

United States Navy

Home Page Directory Consulting Newsletters Free Subscription Products Reference Glossary Send e-mail