Tag Archive for iPhone

| January 22, 2013
Comments Off on 5 Odd Tech Predictions

5 Odd Tech Predictions

5 Odd Tech PredictionsJulie Bort at the BusinessInsider found some really interesting ideas buried within this prediction season’s avalanche of humdrum thoughts. She shared them in the hope they will become self-fulfilling prophecies.

Software as a Service -SaaS1. Bad guys start offering “hacking as a service” – Security company McAfee says that criminal hackers have begun to create invitation-only forums requiring registration fees. The author speculates that these forums could become some sort of black-market software-as-a-service. Pay a monthly fee and your malware is automatically updated to the latest attack. Don’t pay, and it would be a shame if something happened to your beautiful website …

Mobile ransomware2. Bad guys try to kidnap your smartphone – Hackers have become fond of a form of malware called “ransomware.” It’s a popular way to harass people who view Internet porn. While visiting a porn site, bad guys plant malware on a computer that threatens to report the computer user to the police unless they pay up.

In 2013, the article says the trend will be to hold your smartphone hostage. Hackers will sneak malware onto smartphones and then make you pay if you don’t want all the data on your phone destroyed or leaked. So thinks Chiranjeev Bordoloi, the CEO of security vendor Top Patch.

Fake meat3. Fake meat becomes a real thing – Vegetarians have been manipulating vegetable protein to make it look a little like meat and taste nothing like it. But now BusinessInsider says the race is on to produce fake meat like bacon in much more technically advanced ways.

Dutch researchers have found a way to “grow hamburger” in the laboratory from just a few bovine stem cells. Tech investors have funded companies that will create food from plants. Stealthy startup Sand Hill Foods is one such company on investors’ watch list. Beyond Meat, a startup funded by Twitter cofounders Ev Williams and Biz Stone, makes realistic fake chicken and will ramp up availability in 2013.

Your smartphone will be your personal nurse4. Your smartphone will be like a personal nurse – Ms. Bort reports there is a healthcare revolution headed to your smartphone. IBM (IBM) has promised that one day soon doctors will use tech that will scan your body. They will send that data to the cloud for a diagnosis. Companies are developing smartphones with biosensors that do everything from check your blood sugar to detect the flu. Apple (AAPL) has promoted the iPhone as a platform for health technology since 2009, but some new devices are just coming to fruition.

tech you use for work will be fun5. The technology you use for work will be as much fun as the stuff you use at home – Most of us are so used to tech at work being a source of frustration that we can’t imagine a different world. But the author predicts that’s changing. In 2013, tablets will lead software to be redesigned for touch interfaces—which will make it fun and easy to use, more like a game than a spreadsheet. Best of all, more companies are adopting tech that lets you download a “virtual work desktop” on any device, simply by logging in on a Web browser or launching a mobile app.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| December 15, 2012
Comments Off on Scan Your Sclera for Security

Scan Your Sclera for Security

Scan Your Sclera for SecurityTyping a password into your smartphone might be a reasonable way to access the sensitive information it holds, but a startup called EyeVerify thinks it would be easier—and more secure—to just look into the smartphones’ camera lens and move your eyes to the side scan your sclera for security.

EyeVerify logoMIT Technology Review says that Kansas City, KS-based EyeVerify software claims that it can identify you by your “eye-prints,” the pattern of veins in the whites of your eyes. The firm claims the method is as accurate as a fingerprint or iris scan, without requiring any special hardware.

The company plans to roll out its security software next year. CEO and founder Toby Rush envisions a range of uses for it, including authenticating access to online medical records or bank accounts via smartphones. Mr. Rush told TR that phone manufacturers are interested in embedding the software into handsets so that many applications can use it for authenticating people, though he declined to name any prospective partners. The security software allows people to bypass the security on their mobile devices just by looking at it.

The article explains that the technology behind EyeVerify comes from Reza Derakhshani, associate professor of computer science and electrical engineering at the University of Missouri, Kansas City. Dr. Derakhshani, the company’s chief scientist, was a co-recipient of a patent for the eye-vein biometrics behind EyeVerify in 2008.

Retina scanTo the users, EyeVerify seems pretty simple (though somewhat awkward in its prototype stage according to the article). To access data on a smartphone that’s locked with EyeVerify, the blog says you would look to the right or the left, enabling EyeVerify to capture eyeprints from each of your eyes with the camera on the back of the smartphone. (Eventually, EyeVerify expects to take advantage of a smartphone’s front-facing camera, but for now, the resolution is not high enough on most of these cameras, Rush says.) EyeVerify’s software processes the images maps the veins in your eye and matches that against an eye-print stored on the phone.

EyeVerify CEO Rush says the software can tell the difference between a real person and an image of a person. It randomly challenges the smartphone’s camera to adjust settings such as focus, exposure, and white balance and checks whether it receives an appropriate response from the object it’s focused on.

Biometrics

The look of the veins in your eyes changes over time, and you might burst a blood vessel one day the article speculates. But Mr. Rush says long-term changes would be slow enough that EyeVerify could “age” its template to adjust. And the software only needs one proper eye-print to authenticate you, so unless you bloody up both eyes, you should be able to use EyeVerify after a bar fight.

EyeVerify still needs to do more to prove that. Mr. Rush says that in tests of 96 people, the eye-print system was 99.97 percent accurate. The company is working with Purdue University researchers to judge the accuracy of its software on 250 subjects—or another 500 eyes.

Mr. Rush’s favorite application is for voters on Election Day. “Being able to vote from the convenience of my house, I can already send in a mail-in ballot, why not verify biometrically here and simply vote?” he told Fox News.

rb-

The end-user will be the fundamental roadblock to any eye-based biometrics.   Traditionally, anything related to eye recognition has received strong resistance, because it is just human nature to be squeamish about having our eyes scanned.

I covered the challenges of biometrics here, as long as this technology is limited to smartphones, some but not all biometrics issues remain:

  1. What is the real-world sensitivity/specificity trade-off i.e. quantified False Positive and False Negative Error Rates?
  2. Revocability. What happens if the mobile device is lost? What is the strategy to cancel and reissue a pair of eyes?

Despite the concerns scanning your sclera for security is coming to an iPhone near you.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
| December 8, 2012
Comments Off on OMG Texting bday

OMG Texting bday

OMG Texting bday20 years ago this week, one of the largest phenomenons of web 2.0 emerged. On December 3rd, 1992, a 22-year-old Canadian test engineer sat down and typed out a very simple message, “Merry Christmas.” Gizmodo says the text flew over the Vodafone (VOD) network to the phone of Richard Jarvis, and since then, we just haven’t been able to stop texting.

Texting is a major staple of communication now,Texting is a major staple of communication now, and by far the main use of a phone for many, but it didn’t start out that way. In the very beginning, texts were just a way to send network notifications, namely to let you know you had a voice mail. In 1993, Nokia (NOK) became the first company to make GSM handsets capable of person-to-person texting, but it still didn’t skyrocket to popularity for several years.

Growth of texting

ComputerWorld reports that in late 1995, three years after Papworth’s first text message, users were only sending an average of one text every two and a half months. In 2000 the industry counted 17 billion text messages, according to data from Ericsson. In 2010, the world sent over 6.1 trillion SMS messages or roughly 193,000 per second.

POTUS TextsToday, upwards of 7 trillion text messages are sent every year—that’s more than 200,000 per second.  So while you’re launching your daily flurry of textuals, take a second to consider the fact that your inane contributions are part of zeta-flood of data.

Digital Trends claims that texting is becoming obsolete. They cite data from Chetan Sharma, an independent mobile analyst and wireless carrier consultant, who reports that the number of text message exchanges in the U.S. had dropped by about 2 percent in the third quarter. This is a sharp difference from the steady growth that text messaging had previously seen. Sharma says it’s the first time that text messaging has begun to dwindle in the United States.

rb-

Texting is still a huge part of the way people communicate via mobile devices, but the emergence of new messaging options has led to the first decline in SMS volume.

Apple‘s (AAPLiMessage, which operates almost Texting is becoming obsoleteexactly like a text message but only communicates between Apple devices. iMessage completely bypasses the carrier when sending text messages between iPhones.

Facebook‘s (FB) Messenger app, which essentially exists as the mobile presence for the social network’s instant messaging feature. Facebook’s Messenger app can be used across multiple platforms, which could give it an advantage when it comes to text messaging alternatives.

Hopefully, the competition will force AT&T (T) to stop overcharging its customer. Gizmodo claims AT&T’s New Text Plan Overcharges You by 10,000,000 Percent. Literally lead the way toward cheaper texting plans.

The history of SMS

Related articles
  • Text messages direct to your contact lens (telegraph.co.uk)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| December 4, 2012
One comment

Is Cloud-Based Anti-Virus Ready?

Is Cloud-Based Anti-Virus Ready?Cloud computing technology is one of the most disruptive technologies in recent history. Xath Cruz at CloudTimes argues in a recent article that cloud computing is also disrupting security software such as anti-virus and he asks how effective are cloud-based anti-viruses?

malwareThe article, How Effective are Cloud-Based Anti-Viruses? claims the demand for cloud-based anti-virus software has gone up steadily as more cloud-dependent computing devices have invaded the market. Cloud-dependent computing devices like iPads, Nooks, iPhones, and Galaxy’s are as susceptible to malware as their big desktop brethren.

In order to fight the malware threats to cloud-dependent computing devices, cloud-based anti-virus has evolved.  Cloud based anti-virus works differently than popular cloud-based document editors like Google Docs, where you only need a web browser and internet access. The blog post explains that cloud-based anti-virus software can’t function if it’s only in the cloud, since your PC won’t easily give the right kind of administrative access needed by antivirus software to programs hosted remotely, as that would leave your PC at risk of being intruded upon by other programs.

small native app that runs on the deviceIn order to protect a PC, tablet, or smartphone, a cloud-based anti-virus software requires a small native app to run on the device. When downloaded, the app acts as the anti-virus, with its database and heuristics data being hosted on the cloud. There is also cloud-based anti-virus software that use web browser extensions or Active X and Java to gain proper access to your PC.

Like any technology, cloud-based antivirus software has specific pros and cons when compared to native anti-virus suites, Mr. Cruz lays out some of the pros and cons of cloud-based anti-virus:

Cloud advantages

cloud based anti-virus1. No Installation Required – The first advantage of cloud-based anti-virus is that there’s no need to install them on your PC. Cloud-based anti-virus does not eat up hard disk space, with its storage and memory footprint being a fraction of what local anti-virus need. Additionally, you can get them up and running immediately, and there’s no likelihood of messing up the installation (which usually results in a non-working antivirus or corrupted file volume).

2. No Updating Necessary –  With cloud-based anti-virus, there is no need to update data files, since it’s hosted on the cloud, and will automatically be patched or updated by the provider. This will offer the latest in protection when it becomes available.

3. Double Security Layer – With cloud-based anti-virus software, it is possible to run a locally installed anti-malware app and run another different cloud-based antivirus without worrying about conflicts or PC slowdown. Different anti-virus software are better able to catch or inoculate different viruses.

collective intelligence4. An advantage of cloud-based anti-virus software the author missed is collective or community intelligence. SearchSecurity reports that when a system identifies malware, it’s able to give feedback to the cloud anti-malware provider, thus providing a wider surface area for rapidly detecting 0-day attacks.

Cloud disadvantages

1. Won’t Run in the Background – Cloud-based anti-viruses are not effective against viruses that run on startup. Cloud-based anti-viruses are not TSR (terminate and stay resident) programs and only run on an as-needed basis.

2. Limited Scan – Cloud-based anti-viruses risk missing dormant viruses in unopened or archived files. Windows’ security protocols will prevent some cloud anti-viruses from scanning the computer. They will only be able to scan core windows files and what’s currently loaded in the memory.

Network connection3. It Requires an Internet Connection – Cloud-based anti-virus is useless without access to the Internet. This is a problem for portable device users who can’t be connected 24×7. Without an Internet connection viruses will be free to do whatever they want.

rb-

The author concludes for the best protection your PC can get, you need to use the services of both a locally installed anti-virus software and a cloud-based one.

The main concern I have about cloud-based anti-virus apps is downtime. Cloud providers like Microsoft, Amazon, and Amazon have had issues lately providing their services. Downtime at the upstream ISP on the LAN can also play havoc with cloud-based anti-malware apps.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| November 20, 2012
Comments Off on Voice Mail Open to Hacking

Voice Mail Open to Hacking

Voice Mail Open to HackingMobile carriers ‘proven’ to be open to surveillance and customer ID theft. The New York Times reports on a study by Karsten Nohl, a Berlin hacker and mobile security specialist who found that many mobile operators provided poor protection of voice mail from hacks.

Original mobile phoneIn a study of 31 mobile operators in Europe, Morocco, and Thailand, Mr. Nohl, found that he could hack into mobile conversations and text messages. The NYT says he used an inexpensive, seven-year-old Motorola mobile phone and free decryption software available on the internet.

He tested each mobile operator more than 100 times and ranked the quality of their defenses. He presented the findings at a recent Chaos Computer Club convention. While his research focused mostly on Europe, Mr. Nohl, a German with a computer science doctorate from the University of Virginia, said the level of security provided by network operators in the US was on a par with that provided by European operators, meaning there was room for improvement.

Voice mailIn Asia, the Middle East, and Latin America, mobile security varies widely and can be much lower. Operators in India and China, Mr. Nohl said, encrypt digital traffic poorly or not at all, either to contain operating costs or to allow government censors unfettered access to communications.

In 2009 Mr. Nohl, who runs Security Research Labs in Berlin, published the algorithms used to encrypt voice and data conversations on GSM digital networks, used in Europe and elsewhere.

Cell phne towerAccording to the NYT article, Mr. Nohl focused on deciphering the predictable, standard electronic ”conversations” that take place between a mobile phone and a mobile network at the start of each call. Typically, Nohl said, as many as 40 packets of coded information are sent back and forth, many just simple commands like, ”I have a call for you,” or ”Wait.” Most operators vary little from this set-up procedure, which he said allowed him to use hacking software to make high-speed, educated guesses to decipher the complex algorithmic keys networks use to encrypt transmissions. (rb- seems like the same problem that WEP has)

Once he derived this key, he said, he could intercept voice and data conversations by impersonating another user to listen to the user’s voice-mail messages or make calls or send text messages on the user’s mobile accounts.

Software patchThe author claims operators could easily end this vulnerability in the GSM system, which is found in older 2G networks used by almost every cellphone, including smartphones, with a simple software patch. His research found that only two operators, T-Mobile in Germany and Swisscom in Switzerland, used this enhanced security measure, which involves adding a random digit to the end of each set-up command to thwart decoding. For example, ”I have a call for you 4.”

This is a major vulnerability in most networks we tested, and the irony is that it costs very little, if nothing, to repair,” he said.

really old mobile phonePhilip Lieberman, CEO of Lieberman Software, a LA company that sells identity management software to large businesses and the US government, said much of the digital technology that protects the privacy of mobile calls was developed in the 1980s and 1990s and is ripe for attack.

The researcher found that Telefonica’s O2 network in the Czech Republic, Belgacom Proximus in Belgium, and Orange Switzerland provided the least security preventing the impersonation and use of another’s mobile account details for calling, texting, or other purposes. T-Mobile Slovakia, T-Mobile Germany, and SFR in France had the best.

least effective in guarding against the trackingThe study reports that T-Mobile Slovakia and the Moroccan operators Wana and Medi Telecom were least effective in guarding against the tracking of a cellphone user’s geographic position through the Internet and global positioning satellites had the weakest safeguards; Vodafone Italy, T-Mobile Germany, and Vodafone Germany had the best.

Protect your voice mail

The author concludes that voice mail security does not seem to be a priority for mobile phone networks. Hence, users should be proactive about their privacy. Anyone’s phone can be hacked, if it was easy for Rupert Murdoch’s journalists, it would be easy for anyone to do…

In order to prevent your mobile voice mail from being hacked set an unlock password on your phone. Experts urge you to avoid the following  popular passwords on mobile phones:

  • 1234
  • 0000
  • 2580 (the middle column of numbers on a telephone keypad)
  • 1111
  • 5555Monkey typing
  • 5683 (Spells “LOVE”)
  • 0852 (the middle column of numbers on a telephone keypad in reverse)
  • 2222
  • 1212
  • 1998

Set a secure voice mail password. You shouldn’t need to memorize it as your phone will store the information. In most cases you should be able to do this manually, but if not contact your mobile network.

Maintaining completely different passwords for all of your various telephone and online accounts is vital, if slightly tricky to do.

Change your passwords regularly.

Hang on to your cell phone. Voice mail hacking can be done from your own phone if the device is left unsecured and there is no unlock PIN setup.

Related articles

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , ,
« Older Entries   Recent Entries »