Tag Archive for Google

| December 6, 2017
Comments Off on OMG Texting b 25 !

OMG Texting b 25 !

OMG Texting b 25 !This week marks the 25th birthday of text messages. Texting is more properly known as SMS. On Dec. 3, 1992, 22-year-old Sema Group software architect Neil Papworth typed the first SMS (Short Message Service) message, “Merry Christmas” on a computer and sent it over a  GSM network in the UK, to an Orbitel 901 handset owned by then-Vodafone director Richard Jarvis.

SMS serviceIn 1993, a year after the first text message was sent, Nokia (NOK) set up the first commercial SMS service in Finland. Nokia was the first handset manufacturer whose total GSM phone line supported users sending SMS text messages. In 1997, Nokia became the first manufacturer to produce a mobile phone with a full keyboard: the Nokia 9000i Communicator.

Texting adoption

SMS adoption was slow at first, with only 0.4 text messages sent per month in 1995. The fact that UK users could only send SMS messages to those on the same network was a big problem until the restriction was lifted in 1999.  However, as smartphone technology developed and text messages became easier to use, SMS popularity ballooned. As mobile phones became more popular, texting skyrocketed. By 2007, the Brits were sending 66 billion SMS messages a year and in 2012, they sent 151 billion texts.

Nokia 9000i CommunicatorIn the U.S. SMS was slower to catch on, mainly because mobile operators charged more for texts and less for voice calls, and because of the popularity and availability of PC-to-PC instant messaging or IM. However, in the United States, 45 billion text messages were sent per month in 2007, a figure that became 167 billion per month in 2011. In June 2017, 781 billion text messages were being sent in the United States per month according to the experts.

U.S. Texts Sent

MonthNumber of Text Messages Sent Each MonthIncreased Number of Text Messages Sent YoY% Increased Number of Text Messages Sent YoY
June 2017
781.000,000,000147,000,000,000431.3%
June 2016634,000,000,00073,000,000,000768.5%
June 2014561,000,000,00063,000,000,000790.5%
June 2013498,000,000,00075,000,000,000564.0%
June 2012423,000,000,00056,000,000,000655.4%
June 2011367,000,000,000126,000,000,000205.8%
June 2010247,000,000,00086,000,000,000187.2%
June 2009161,000,000,00086,000,000,00087.2%
June 200878,000,000,00030,000,000,000150.0%
June 200745,000,000,00032,500,000,00038.5%
June 200612,500,000,0005,250,000,000138.1%
June 2005
7,250,000,0004,390,000,00065.1%
June 20042,860,000,0001,660,000,00072.3%
June 20031,200,000,0002270,000,000344.4%
June 200133,000,00021,000,00057.1%
June 200012,000,000
Text Message Statistics – United States from Statistic Brain (www.statisticbrain.com)
With 25 years under its belt, many people wonder if the end of the line is near for SMS. This is because apps such as Apple‘s (AAPL) iMessage, Google‘s (GOOG) Hangouts, Facebook‘s (FB) Messenger, WhatsApp, and SnapChat have become very popular.

Closed systems

Chat applicationThese new chat applications also marked a more fundamental shift away from an open standard that anyone could use (even if your operator charged you) to closed messaging systems controlled by technology giants. Text messages, however, might not be going away soon. SMS is a very practical and easy-to-use communication method, especially for areas and countries that do not have reliable internet connections.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , , , , , , ,
| October 30, 2017
Comments Off on Are You a Human

Are You a Human

Are You a HumanDetroit-based Are You a Human was recently purchased by Virginia-based Distil Networks. The purchase is part of Distil’s efforts to expand its bot-detection capabilities. As part of the acquisition, the Human Tag will be re-branded as Distil Bot Discovery. Distil will open an office in Detroit and increase its presence in Motown. All 10 of Are You A Human’s employees are staying on, according to reports.

The firm’s website describes the Are You Human technology;

[Are You Human] collects hundreds of fingerprinting metrics and analyzes user’s device, software, and natural behavior to develop robust behavioral metrics on each page view in real-time … Only through an expert understanding of natural human characteristics and behavior is it possible to identify the 99% of non-human traffic caused by new and unique bots that fraud detection and verification systems can’t find

suite of bot-detection productsDistill Networks will add A You a Human’s real-time analysis technology and biometric information to its own suite of bot-detection products and use it to launch a free bot-discovery plugin for Google Analytics. Detecting bots is important because they can inflate website traffic numbers or present a security risk by searching for sensitive information.

The firm cited the Motor City as being:

… incredibly helpful and supportive to us, and we can’t imagine doing this anywhere else. Being able to build this company in Detroit has been hugely meaningful to all of us, and we’ll still be part of that awesome community going forward.

Detroit skyline

 

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
| October 25, 2017
Comments Off on Biometrics Hype

Biometrics Hype

Biometrics HypeFollowers of the Bach Seat know biometrics have a limited value in replacing passwords. Despite the technical flaws another round of biometric hype is rolling across the Intertubes. The latest round of biometric hype is coming from Samsung (005930). In the hope to revive their brand, Samsung has released the Galaxy S8. The Samsung Galaxy S8 includes the ability to use facial recognition software to unlock your brand new phone. CNet says that this idea “sounds awesome.”

However, this awesome idea appears to lower the bar for your security. CNet reports that the video blogger MarcianoTech demonstrated a pre-release version of the Galaxy S8 being unlocked using just a photo (at the 1:09 mark). To their credit, Samsung has acknowledged that the Face Unlock feature is more for convenience than for security. The biometric feature cannot be used for mobile payments. While weak facial recognition software may be a convenience for the user, it could also be very convent for others, too.

The troubles with Face Unlock date back to 2011.  In 2011 SlashGear reported that Google (GOOG) admitted the security system could be fooled by a picture of you and not the real thing. CNet reports that the technology was developed by PittPatt, a startup originating from Carnegie Mellon University, which was later acquired by Google.

FBI’s facial recognition database

Next Generation Identification databaseThe Guardian reports during testimony before congress the FBI admitted that about half of adult Americans’ photographs are stored in facial recognition databases that can be accessed by the FBI. About 80% of photos in the FBI’s network are non-criminal entries, including pictures from driver’s licenses and passports from 18 states including Michigan.

The FBI first launched its advanced biometric database, Next Generation Identification (NGI), in 2010. NGI augmented the old fingerprint database with further capabilities including facial recognition. The bureau did not tell the public about its newfound capabilities nor did it publish a privacy impact assessment, required by law, for five years.

Unlike with the gathering of fingerprints and DNA, which is done following an arrest, photos of innocent civilians are being collected proactively. The FBI made arrangements with 18 different states to gain access to their databases of driver’s license photos.

 

“I’m frankly appalled,” said Paul Mitchell, a congressman for Michigan. “I wasn’t informed when my driver’s license was renewed my photograph was going to be in a repository that could be searched by law enforcement across the country.

rb-

So anyone with a photo of you, or maybe even just access to your Facebook (FB) photos, could potentially access your phone. There are two important reasons why biometrics won’t work, and why the old-fashioned password is still a better option: a person’s biometrics can’t be kept secret and they can’t be revoked.

 

no real way to hide biometric data from the worldPeople expose their biometrics everywhere – they leave fingerprints behind at bars and restaurants, their faces and eyes are captured in photos and film, etc. There’s no real way to hide this data from the world. As far back as 2002, research led by Japanese cryptographer Tsutomu Matsumoto. Matsumoto and his team gummy bears to make artificial fingers that they then used to fool fingerprint scanners. The gelatin-based finger was successful in fooling all 11 devices tested. I wrote about spoofing fingerprints in 2016.

However, it’s the second problem with biometrics that is the really big one: once a person’s biometrics have been compromised, they will always be compromised. Since a person can’t change their fingerprint or whatever biometric is being relied upon, it’s ‘once owned, forever owned.’ That is biometrics’ major failing and the one that will be hardest to overcome.

Part of the reason is that it’s silly to only have 10 possible passwords your whole life (20, if you count toes) but unlike a password, once a biometric is compromised, it is permanent. Today, if your Twitter account gets hacked, you just change the password – but if you are using a biometric, you will be stuck with that hacked password for the rest of your life.

With the release of Windows 10, Microsoft stepped up its biometrics game. CNet reports that with the recent improvements in Windows 10 biometric security includes facial recognition software. Besides facial recognition, Windows Hello also supports other biometric factors to secure your PC. Some of the factors are fingerprints and iris recognition. For facial recognition though, Microsoft (MSFT) has partnered with chipmaker Intel (INTC) for its RealSense 3D camera tech to get the job done. RealSense uses depth-sensing infrared cameras to track the location and positions of objects. Microsoft uses RealSense to scan a person’s face or iris before unlocking the device in question.

To further push the biometrics agenda, more than 200 companies including Microsoft, Lenovo, Alibaba, and MasterCard have already come together to form a partnership known as the FIDO (Fast Identity Online) Alliance. FIDO was founded in 2013 to address issues such as a worldwide adoption of standards for authentication processes over the Web to help reduce reliance on passwords.

Related article

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| May 12, 2017
Comments Off on Whose Time Is It?

Whose Time Is It?

Whose Time Is It?What time is it? If you looked at the lower right corner of your Windows PC screen, you know what time it is. That is good enough for most people, but followers of the Bach Seat want to know more. How does Microsoft know that time it is? Microsoft and everybody else uses Internet Engineering Task Force (IETF) RFC 7822 standard protocol called Network Time Protocol (NTP).

Network Time Protocol (NTP)

Network Time Protocol (NTP)NTP is one of the oldest Internet protocols still in use. NTP was designed by UMich alum David Mills at the University of Delaware. NTP can maintain time to within tens of milliseconds over the public Internet, and better than one-millisecond accuracy on a LAN. Like many other things in the network world, NTP is set up as a hierarchy. At the top of the tree are “Atomic Clocks” (Stratum 0). Corporations, governments, and the military run atomic clocks.

USNO NTP ServersAtomic clocks are high-precision timekeeping devices that use the element cesium, which has a frequency of 9,192,631,770 Hertz. That means it “oscillates” a little over nine billion times a second. Knowing the oscillation frequency and then measuring it in a device creates an incredibly accurate timekeeping mechanism. Atomic clocks generate a very accurate interrupt and timestamp on a connected Stratum 1 computer. Stratum 0 devices are also known as reference clocks. The other stratum levels are:

1 – These are computers attached to stratum 0 devices. Stratum 1 servers are also called “primary time-servers”.

2 – These are computers that synchronize over a network with stratum 1 servers. Stratum 2 computers may also peer with other stratum 2 computers to offer more stable and robust time for all devices in the peer group.

3 computers synchronize with stratum 2 servers. They use the same rules as stratum 2, and can themselves act as servers for stratum 4 computers, and so on.

First gen time serverOnce synchronized, with a stratum 1, 2, or 3 server, the client updates the clock about once every 10 minutes, usually requiring only a single message exchange. The NTP process uses User Datagram Protocol port 123. The NTP timestamp message is 64-bits and consists of a 32-bit part for seconds and a 32-bit part for the fractional second. 64-bits gives NTP a time scale of 232 seconds (136 years) and a theoretical resolution of 232 seconds (233 picoseconds). NTP uses an epoch of January 1, 1900, so the first rollover will be on February 7, 2036.

Microsoft Windows Time Service

Microsoft (MSFT) has a mixed history of complying with NTP. All Microsoft Windows versions since Windows 2000 include the Windows Time service (“W32Time”) which was originally implemented to support the Kerberos version 5 authentication protocol. It required time to be within 5 minutes of the correct value to prevent replay attacks. The NTP version in Windows 2000 and XP violates several aspects of the NTP standard. Beginning with Windows Server 2003 and Vista, MSFT’s NTP was reliable to 2 seconds. Windows Server 2016 can now support 1ms time accuracy.

In 2014 a new NTP client, ntimed, was started. As of May 2017, no official release was done yet, but ntimed can synchronize clocks reliably under Debian and FreeBSD, but has not been ported to Windows or Apple (AAPL) macOS.

Accurate time across a network is important for many reasons; discrepancies of even fractions of a second can cause problems. For example:

  • Distributed procedures depend on coordinated times to make sure proper sequences are followed.
  • Authentication protocols and other security mechanisms depend on consistent timekeeping across the network.
  • File-system updates carried out by a number of computers depend on synchronized clock times.
  • Network acceleration and network management systems also rely on the accuracy of timestamps to measure performance and troubleshoot problems.
  • Each individual blockchain includes a timestamp representing the approximate time the block was created.

NTP vulnerabilities

NTP has known vulnerabilities. The protocol can be exploited and used in distributed denial of service (DDoS) attacks for two reasons: First, it will reply to a packet with a spoofed source IP address; second, at least one of its built-in commands will send a long reply to a short request.

Ion-trap time sourceMore vulnerabilities were recently discovered in NTP. SearchSecurity.com reports that security researcher Magnus Stubman discovered the vulnerability and, instead of going public, took the mature route and privately informed the community of his findings. Mr. Stubman wrote that the vulnerability he discovered could allow unauthenticated users to crash NTPF with a single malformed UDP packet, which will cause a null point dereference. The article explains this means that an attacker could be able to craft a special UDP packet that targets NTP, resulting in an exception bypass that can crash the process. A patch to remediate specific vulnerability — named NTP 4.2.8p9  — was released by the Network Time Foundation Project.

This is a Windows-only vulnerability at this time. The author urges anyone running the NTP daemon on a Windows system to patch it as soon as possible. This particular DoS attack against NTP could incapacitate a time-server and cause havoc in the network. The easiest fix is to apply the NTP patch the article states.

rb-
NTP is important to your network and patching and protecting it should be a priority. The threat to your environment is real. If NTP is not patched, an attacker could take advantage of the chaos created by this vulnerability to hide their tracks since timestamps on files and in logs won’t match.

Way back in the day, when I was a network administrator, I inherited a network where a directory services container was frozen. Seems that time had never been properly set up on the server holding the replica and as time passed, the server time drifted away from network time and at some point, we could not make changes or force a replica update. That meant a late-night call to professional services to kill the locked objects and then apply DSRepair –xkz (I think) and then re-install a R/O replica.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , , ,
| April 30, 2017
Comments Off on A Lifetime on Social Media

A Lifetime on Social Media

From the scary stats department – In 2015, time spent on mobile apps exceeded time spent watching TV for U.S. consumers according to TechCrunch. And now influencer marketing agency MediaKix has calculated more scary social media statistics. Social media users will now spend years online during their lifetime.

Time spent on social media is increasingGrowth on many of the top social media platforms continues to rise as each network rolls out new features and functionalities to better compete for users’ daily time. It must be working, not only is the number of people using social media increasing, and the time people are spending each day on social media is increasing. MediaKix says that just  Facebook (FB) users are spending an average of 50 minutes each day on the site.

Time on popular social media platforms

In order to see how much the average person will spend on social media throughout their life, MediaKix calculated the time spent across today’s most popular social media platforms. Across today’s most popular social media platforms, people are spending the following daily averages:

The advertising firm says these social media consumption rates, across a lifetime will total up to:

  • A lifetime on social mediaYouTube: 1 year, 10 months
  • Facebook: 1 year, 7 months
  • Snapchat: 1 year, 2 months
  • Instagram: 8 months
  • Twitter: 18 days

5 years 4 months on social media

Cumulatively, this adds up for a total of 5 years and 4 months spent on social media across a lifetime. Compare the time spent on social media against more mundane life activities.

  • Social Media: 5 years, 4 months
  • Eating & Drinking: 3 years, 5 months
  • Grooming: 1 year, 10 months
  • Socializing: 1 year, 3 months
  • Laundry: 6 months

The Santa Monica, CA firm projected the social media figures across an entire lifetime and put the numbers into the infographic below.

rb-

I have argued for a while that the social media fake news issue is a result of the American educational system. They are obsessed with teaching the common core. They don’t teach any analytical skills. Schools need to reinstate current events and media literacy classes.

Quartz cited a survey that found that teens prefer Facebook as a news source (41%). Tweens break between YouTube (41%) and Facebook (37%). By huge margins, girls prefer Facebook for news, and boys, YouTube.

The converging trends of more time spent online, preferring social media as a news source and no education is putting democracy at risk.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

 

Search Engine Journal offers some good suggestions on how to evaluate if a story is real or fake.

What is the Site? most major recognized sources for news journalism are not going to be producing clickbait fake news. Most of the fake news sites go for “shock” value and produce fake stories that are not as recognized. Look into the source itself and see whether it is a website that can be trusted.

Check the Domain – Many fake news stories use similar URLs and domain names to mimic reputable news sources, but rather than using a .com they use .com.co endings

What are the Authors’ Sources? – Good news stories contain links to other reputable reporting by respected organizations. Be wary of sources that cannot substantiate their claims.

Fact Check! – When in doubt, fact-check the information that you read! You can start with a simple search to look into the keywords or the event that is being reported on. You can also use sites like PolitiFactFactCheck, and Snopes.

Examine the Website Closely – Look at the full spectrum of details on the site. Is there other fake-looking or shocking headlines? What does the overall website look like? How is the user experience? Sometimes doing just a little further digging will make it clear if a news story is fake.

Act! – Once you identify if a story is real or fake, you can make a big difference. Do not share stories on social media that are fake and make them more visible. If you notice a friend or family member share a fake story on a social media outlet, do them a favor and comment or message them showing how you found out it was fake so they don’t repeat the same mistake.

If you come across a fake news article, comment on it stating how you arrived at the conclusion it was fake. If everyone does their part to distinguish fake news stories and make them known, then they won’t be shared as easily.

Category: Social Networking | Tags: , , , , , , , , , , , , , , ,
« Older Entries   Recent Entries »