Tag Archive for AAPL

| March 23, 2016
Comments Off on Fake Fingerprints Can Open Your Phone

Fake Fingerprints Can Open Your Phone

– Updated 03-30-2016 – The Business Insider proves that you can use Play-Doh to fool the fingerprint sensor in your Phone.

Fake Fingerprints Open GalaxyI have pointed out a number of times that biometrics will not be the complete final solution for passwords. Biometrics is the measurement and statistical analysis of people’s physical and behavioral characteristics. The technology is mainly used for identification and access control. The basic premise of biometric authentication is that everyone is unique. An individual can be identified by his or her intrinsic physical or behavioral traits.

Fake Fingerprints Can Open Your PhoneThere is a huge issue with biometrics.  You can’t change your intrinsic physical or behavioral traits if they get stolen or hacked. Well, now there is more proof that biometrics can be hacked without cutting off a finger.

Hack mobile phone authentication

Two smarty Sparty’s from Michigan State University’s biometrics group has figured out a way to hack mobile phone fingerprint authentication. According to Help Net Security, the MSU researchers can hack your secure phone by using just a scanner, a color inkjet printer, a special type of paper, and ink.

AgIC silver conductive ink cartridgesTurns out that the attack is easy to execute. The first step is to scan the target’s fingerprint image at 300 dpi or higher resolution. Then, the image is mirrored and the original or binarized fingerprint image is printed on the glossy side of an AgIC special paper. The printer uses AgIC silver conductive ink cartridges (along with normal black ink).

Magical conductive ink

CrunchBase explains that advances in material science have made it possible to manufacture almost magical conductive ink. AgIC silver conductive ink has tiny silver particles and can be purchased online. The ink is printed by standard Brother printers. The ink dries in a few seconds and conductivity emerges instantly when the traces are drawn on special photo inkjet printing paper also available online.

spoofed fingerprintAll in all, an attacker can have a spoofed fingerprint that would allow him to access a phone protected with fingerprint authentication in less than 15 minutes, and the cost of all the tools he needs to do this does not surpass $500.

Researchers Kai Cao and Anil Jain successfully managed to fool the fingerprint sensors on the Samsung (005930) Galaxy S6 and Huawei (002502) Hornor 7 phones.

They posted a demo of the attack on YouTube:

 

The attack is an improvement over Germany’s Chaos Computer Club’s attack against Apple (AAPL) Touch ID on iPhone 5S by lifting a fingerprint of the genuine user of a glass surface and then making a spoof fingerprint. More details about the Michigan State researchers’ work can be found here (PDF).

Only a matter of time

Starbucks app hackedThe Sparty researchers note that not all mobile phones can be hacked using this method. But their experiment is proof of the urgent need for anti-spoofing techniques for fingerprint recognition systems, especially for mobile devices which are being increasingly used as a part of two-factor authentication for site access and payment processing like Apple Pay, Google (GOOG) Pay, or Samsung Pay.

The researchers warn that it is only a matter of time before hackers develop improved hacking strategies not just for fingerprints, but other biometric traits that are being adopted for mobile phones (e.g., face, iris, and voice).

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , ,
| March 2, 2016
Comments Off on Tablets are Doomed

Tablets are Doomed

Tablets are DoomedTechCrunch reports from Mobile World Congress in Barcelona that tablets are dead. Six years after the original iPad ushered in the post-pc era, there were no tablets at the premier mobile showcase. Companies and consumers have moved on.

iPadTo be fair, TechCrunch says that if you looked hard enough, you could find an Android tablet or two stashed away in a corner. And Apple (AAPL), the tablet leader, doesn’t come to MWC. They conclude that tablets are not the future for Samsung’s (005930) and LGs (LGLD) of the consumer electronics world.

In fact, the author reports that Samsung, Sony (SNE), HTC (2498) and LG didn’t have any new tablets to announce. They didn’t even mention tablets during their conferences. It’s not just that people don’t care about tablets anymore — the big electronics companies themselves aren’t even trying to release new products for this market anymore. The article lists a number of reasons why tablets have become so unpopular.

Tablets are now a commodity

tablets have become so unpopular

First, tablets are now a commodity. You can find dozens of perfectly fine tablets for less than $200. And there’s no differentiating factor between Android tablets. As a result, companies are not making a profit from them.

You already have a tablet

Second, chances are you already have a tablet at home and it’s working fine. So the author reports that there’s no reason why you should upgrade it — it probably runs Netflix, Facebook (FB) and the Kindle app. It has a browser and your emails. Long replacement cycles mean you don’t need to pay attention to the new and shiny tablets. The Business Insider also observes tablets are more like PCs — you buy a new one only when the old one is worn out or doesn’t run the software you need.

Phones are getting bigger

everybody uses their phones constantly to interact with other people and do everything they’d do on a tablet.Third, phones are getting bigger. The LG G5 (5.3-inch display) and Samsung Galaxy S7 (5.1-inch display) are the two most interesting flagship phones that were announced at MWC. The first Samsung Galaxy Note had a 5.3-inch display, which could be called a phablet. Today, it would be an average phone. According to TechCrunch, big phones are the new normal, and everybody uses their phones constantly to interact with other people and do everything they’d do on a tablet.

BI explains the phenomenon of phones replacing tablets includes Apple. Apple started making larger phones, the iPhone 6S and 6S Plus, a year ago, which eliminates some of the justification for a bigger touch screen device. Also, consumers upgrade their phones every two or three years, since the carriers subsidize some of that up-front cost (plus, it’s just cool to have a new phone, which you carry with you everywhere in public).

it's just cool to have a new phone, which you carry with you everywhere in publicFor those who need a snapshot of the decline of the tablet, Business Insider presented a chart from Statista based on numbers from IDC. In the last four quarters, tablet sales have been down from the previous year’s quarter. Overall, shipments in the first three quarters of 2015 are down 9% from the same time a year ago.

Business Insider - Global Tablet Market Decline

TechCruch takes a pretty hardcore position on tablets. Tablets had a good run, but won’t be around for much longer. They argue that the iPad is a better tablet than any Android tablet because there aren’t many tablet-optimized apps on the Play Store. This is key to understanding the iPad’s appeal.

rb-

I have covered the issues around tablets since 2011 including the first signs of a decline in Apple’s iPad Teflon armor in 2014.  TC says tablets can still make a comeback. They need to become something else. But something needs to change and soon. Current tablets prove that you should never bet against the smartphone.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Tablet computing | Tags: , , , , , , , , , , , , ,
| February 9, 2016
Comments Off on Trivial Taxes for Tech Titans

Trivial Taxes for Tech Titans

Trivial Taxes for Tech TitansJust in time for the start of the U.S. tax season, reports have surfaced that should piss off most tax-paying Americans. The Business Insider is reporting that most of the American tech giants, like Apple, Google and Microsoft are not paying their share of taxes.

the effective tax rate paid by US tech titans is well below the average rate paid by the 100 biggest S&P companies

The U.S. corporate tax rate is about 35%, but according to an analysis by financial research website WalletHub and charted by Statista, the effective tax rate paid by U.S. tech companies, like Apple (AAPL), Microsoft (MSFT), and Google (GOOG), was well below the 28.6% average rate paid by the 100 biggest S&P companies.

Facebook (FB) was the exception with an effective tax rate of 41%, but the social networking company has paid a higher rate in past years and recouped some of the money in tax deductions, according to Quartz.

Infographic: How Much U.S. Tech Companies Pay in Taxes | Statista

One way these tech giants are lowering their tax bills is by stashing most of their profits overseas, where lower international tax rates apply. Despite claims by Apple CEO Tim Cook, that Apple pays all of its taxes, Apple, for example, keeps most of its cash offshore, and openly says it’s keeping it overseas to avoid their U.S. corporate tax bills.

Tax dodgerThe New York Times recently reported that Apple made a deal with Italian tax authorities over a dispute about how much tax the iPad maker should have paid Italy. A spokesman for Italy’s tax authority declined to comment to the NYT on the amount of owed taxes but the BBC reports that the figure is €318m ($348m).

The investigation found that since 2013, Apple had moved roughly $1.1 billion in revenue from its Italian operations through an Irish subsidiary to lower the taxes that the company was obliged to pay under the 27.5% corporate income tax rate in Italy.

The NYT says Ireland’s corporate tax rate, at 12.5%, is one of the lowest in the Western world, compared with 35%, before deductions, in the United States. Of course, Irish officials deny that the low-tax structure represents unfair competition.

rb-

The Tech Titans have long lusted after a tax cut. I cover the 2011 meeting where Tech giants Facebook, Mark Zuckerberg, Apple, Steve Jobs, Yahoo, Cisco (CSCO), Twitter (TWTR), Oracle (ORCL), Netflix, Google, and venture capitalists lobbied Obama for a tax cut on $1 trillion of profits they’ve stashed overseas.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , ,
| October 30, 2015
Comments Off on Tech Titans Dodge Taxes

Tech Titans Dodge Taxes

Tech Titans Dodge TaxesA recent report by the Center for Tax Justice (CTJ) on the use of tax havens in 2014, identified the 500 largest American companies hold more than $2.1 trillion in accumulated profits overseas to avoid U.S. taxes. The report found that one-quarter of that amount (549.7 billion) is hoarded abroad by ten tech companies alone, as the chart from Statista illustrates.

Greedy AppleAmong the tech titans hoarding cash, Apple (AAPL) has parked the largest amount of cash outside the United States. The article notes that the iPhone maker has stashed a whopping $181 billion overseas. That is almost twice as much as second-ranked Microsoft (MSFT) ($108.3b) and roughly three times the total of IBM (IBM), which ranks third in the tech-list with foreign cash holdings of $61.4 billion. Cisco (CSCO), ranked fourth, stands out with as many as 59 tax haven subsidiaries.

The top twenty tech firms in the order of the amount of money hoarded overseas in 2014 to cheat the taxman in 2014:

  1. BillionairesApple
  2. Microsoft
  3. IBM
  4. Cisco
  5. Google (GOOG) $47,400 millions
  6. HP (HPQ) $42,900 millions
  7. Oracle (ORCL) $38,000 millions
  8. Qualcomm (QCOM) $25,700 millions
  9. Intel (INTC) $23,300 millions
  10. EMC (EMC) $11,800 millions
  11. Western Digital (WDC) $9,400 millions
  12. Xerox (XRX) $8,500 millions
  13. Ebay  (EBAY) $7,900 millions
  14. Cognizant Technology (CTSH) $6,121 millions
  15. Agilent Technologies (A) $5,700 millions
  16. Micron Technology (MU) $4,910 millions
  17. Broadcom (BRCM) $4,850 millions
  18. Symantec (SYMC) $3,600 millions
  19. Computer Sciences (CSC) $2,552
  20. Amazon (AMZN) $2,500 millions

Statista notes that the study found the number of tax haven subsidiaries is not directly connected to the amount of taxes dodged by a company. On the contrary, some companies now report fewer subsidiaries in tax haven countries than they did in 2008 while reporting significant increases in the amount of cash they hold abroad.Center for Tax Justice graphic

The study offers two possible explanations for this occurrence: First of all, some companies may choose not to report all of their subsidiaries because the SEC’s penalties for failing to do so are pretty lax and secondly companies could simply consolidate more income in fewer offshore subsidiaries, often in structures dubbed “Double Irish”.

Infographic: U.S. Tech Companies Hoard Billions in Offshore Tax Havens | Statista

This chart shows how much money U.S. tech companies hold in offshore subsidiaries to avoid U.S. taxes.

You will find more statistics at Statista

The CTJ claims U.S.-based multinational corporations are allowed to play by a different set of rules than small and domestic businesses or individuals when it comes to the tax code. Rather than paying their fair share, many multinational corporations like Apple, Cisco, Google, and Intel use accounting tricks to pretend for tax purposes that a substantial part of their profits are generated in offshore tax havens, countries with minimal or no taxes where a company’s presence may be as little as a mailbox. Multinational corporations’ use of tax havens allows them to avoid an estimated $90 billion in federal income taxes each year.

Uncle Sam in redtapeCongress, by failing to take action to end to this tax avoidance, forces ordinary Americans to make up the difference. Every dollar in taxes that corporations avoid by using tax havens must be balanced by higher taxes on individuals, cuts to public investments and public services, or increased federal debt.

The CTJ recommends the following steps to stop the abuse of offshore tax havens by the tech titans and restore fairness to the US tax system and reduce pressure on America’s budget deficit and improve the functioning of markets.

End incentives to shift profits and jobs offshore. The most comprehensive solution to ending tax haven abuse would be to stop permitting U.S. multinational corporations to indefinitely defer paying U.S. taxes on profits they attribute to their foreign subsidiaries. Ending “deferral” could raise nearly $900 billion over ten years, according to the report.

Reject the Creation of New Loopholes. Reject a “territorial” tax system. The CTJ estimates that switching to a territorial tax system could add almost $300 billion to the deficit over ten years.

Close the most egregious offshore loopholes. Policymakers can take some basic common-sense steps to curtail some of the most obvious and brazen ways that some companies abuse offshore tax-havens. Close the inversion loophole by treating an entity that results from a U.S.-foreign merger as an American corporation if the majority (as opposed to 80 percent) of voting stock is held by shareholders of the former American corporation. These companies should be treated as U.S. companies if they are managed and controlled in the U.S. and have significant business activities in the U.S.

Patent trollStop companies from shifting intellectual property (e.g. patents, trademarks, licenses) to shell companies in tax haven countries and then paying inflated fees to use them. This common practice allows companies to legally book profits that were earned in the U.S. to the tax haven subsidiary owning the patent. Limited reforms proposed by President Obama could save taxpayers $21.3 billion over ten years.

Stop companies from deducting interest expenses paid to their own offshore affiliates, which put off paying taxes on that income. This reform would save $51.4 billion over ten years, according to the CTJ.

Increase transparency. Require full and honest reporting to expose tax haven abuses. Multinational corporations should report their profits on a country-by-country basis so they can’t mislead each nation about the share of their income that was taxed in the other countries.

Michigan-based companies dodging the taxman in 2014 have hoarded almost $55 Billion according to the CTJ. With just a 1% tax on the withheld income, we could probably get the roads fixed. On the list ranked by millions held off-shore by Michigan based firms according to the CTJ are:

  1. Dow Chemical $18,037 millions
  2. General Motors $7,100 millions
  3. Stryker $5,878 millions
  4. Whirlpool $4,900 millions
  5. Ford $4,300 millions
  6. Autoliv $4,000 millions
  7. TRW Automotive $3,400 millions
  8. BorgWarner $2,700 millions
  9. Kellogg $2,200 millions
  10. Lear $1,200 millions
  11. Penske $711 millions
  12. Visteon $245 millions
  13. Kelley Services $111 millions
  14. Conway $32 millions
  15. Masco $12 millions
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| October 27, 2015
Comments Off on Online Security in Era of Connected Cars

Online Security in Era of Connected Cars

Online Security in Era of Connected CarsKarl-Thomas Neumann, CEO of General Motors (GM) European Opel brand announced that GM would launch OnStar telematics service in vehicles sold in Europe in late 2015. The Opel CEO declared the new technology, “transforms the car into a true part of the Internet of things.” The Detroit Bureau says it raises some of the same concerns consumers face on the Internet, including how to protect their privacy in highly connected cars.

App controlled carEven though a growing number of consumers have embraced the idea of having mobile access to smartphone apps, built-in Wi-Fi, and the safety and security promised by systems like OnStar issues loom that consumers, manufacturers, and regulators need to address. At the 2014 Consumer Electronics Show, Jim Farley,  then the top marketing executive at Ford Motor Company (F),  told an audience that the automaker “know(s) everyone who breaks the law, we know when you’re doing it,” thanks to the data collected by its OnBoard Sync technology system.

Despite a quick backtrack by Mr. Farley, the article says he was being truthful. The fact is, the onboard black boxes in most cars are now equipped with two-way capabilities. Privacy has become “a big issue,” according to Jon Allen, a principal with consulting firm Booz Allen Hamilton who focuses on security issues. Precisely what makes such technology so compelling is why it is also so worrisome. Mr. Allen told The Detroit Bureau,

Connected products provide customization and convenience because of the data they track. Part of the great opportunity to improve the customer experience is producing a vehicle that ‘learns’ your habits and preferences. But that information must be protected.

Data privacyThe EU takes privacy seriously and these types of tracking technology have drawn the attention of regulators in Europe and to a lesser extent, in the U.S. The article describes a measure of just how strongly Europeans feel about the issue that came during Opel chief Neumann’s news conference. Unlike the U.S. version of OnStar, the European system will include a “Privacy” button to let a user “choose whether they want to provide location information or not.”

That choice would only be over-ridden after a crash severe enough to trigger OnStar’s emergency call system, CEO Neumann explained. It’s designed to call rescue crews in the event of an accident severe enough passengers might be disabled.

Don't panicThere have been experiments with marketing that could target motorists much as Google today can toss ads at a web viewer based on information revealed by hidden “cookies.” Imagine, they suggest, being able to send a McDonald’s ad and virtual coupon to a car driving near one of its restaurants around lunchtime.

While some drivers might embrace that possibility, others are appalled. The Detroit Bureau reports the potential to reveal more detailed personal information, as well as allowing a vehicle to be tracked, is raising flags on both sides of the Atlantic.

Digtal trackingIn the U.S., an auto industry alliance recently agreed on an approach called “Privacy Principles for Vehicle Technologies and Services.” (rb- Which I covered here) Meanwhile, both the U.S. Federal Trade Commission and the National Highway Traffic Safety Administration are exploring the issues – though in some cases, they are actually encouraging greater access, noted analyst Allen.

The issue is further complicated by the threat of cyber-criminals exploiting vulnerabilities in-vehicle communications systems.

rb-

I first covered this threat in 2011 here and here. And the theoretical became real in 2015 when researchers demonstrated they could use online systems to take over a Jeep Grand Cherokee.

The threat to personal freedom and privacy in your car has accelerated as Apple (AAPL) and Google (GOOG) join Microsoft (MSFT) in the battle to rule the car. Apple’s automotive ambition does not stop at CarPlay, they are also focused on developing an iCar. Google’s Autonomous Cars ambitions are well known, but their efforts to take over the car cockpit are also taking off with Android Auto.

The government is contributing to the connected car conundrum. The Feds are abetting the Autos by trying to prevent security researchers from doing testing and reverse engineering that could improve security and safety for all of us according to Naked Security.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Cars | Tags: , , , , , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »