Archive for January, 2017

« Older Entries
Newer Entries »

“The Man” Is Looking At Your Social Media Posts

Posted in Commentary with tags , on January 19, 2017 by itnerd

I want to bring you two stories from the CBC to highlight the fact that when you post to social media, nothing that you post is private. Ever.

Let’s start with this story where the Canada Revenue Agency is apparently monitoring social media to figure out if Canadian Taxpayers are cheating on their taxes. Presumably by people tweeting out pictures of their new car or boat that was bought with money that they owe to the taxman. Here’s what the Canada Revenue Agency has to say on this:

“The CRA does practice risk-based compliance, so for taxpayers identified as high risk, any relevant, publicly available information relating to the specific risk-based factors for the taxpayer may be consulted as part of our fact-gathering processes,” said spokesperson David Walters.

Among those considered high risk are wealthy Canadians with offshore bank accounts, said Jean-François Ruel, director of CRA’s Strategy and Integration Branch.

“If we go with high-risk, high-wealth individuals that do offshore [banking], then we would look at all information that is public for compliance action.”

But here’s the problem according to someone who spends all day every day looking at this stuff:

However, David Christopher, of the advocacy group Open Media, said his organization opposes government agencies monitoring what Canadians are saying on social media.

“When Canadians post something on Facebook, they believe that they are sharing that with their friends and with their family. They don’t believe that they are sharing that with some government bureaucrat in Ottawa,” he said.

“Unfortunately, Facebook’s privacy settings are notoriously complex and many people might think that they are posting something to their friends and it ends up getting shared with the whole world.”

My thoughts on this are that while this is problematic, it doesn’t cross the line into a place where it is offensive for reasons I will get to in a minute. But having said that, let’s take this discussion to the next level. This CBC story details a London Ontario based company who created software that violated Twitters terms of service to mine data on behalf of law enforcement:

A London, Ont., data mining company has been banned from Twitter and is being reviewed by Facebook for selling surveillance software to North American police services to monitor people at Black Lives Matter events and other public protests.

Media Sonar lost its Twitter privileges in October after it was revealed that the firm was in violation of the social media giant’s privacy policies.

“If Media Sonar creates other API keys [to connect with Twitter], we will terminate those as well and take further action as appropriate,” wrote Twitter spokesperson Nu Wexler. 

Public documents obtained through access to information requests show the company billed itself to police forces as the “only vendor that allows public safety agencies to view social accounts covertly.”

It also provided at least one police force in California with a list of keywords and hashtags, including #blacklivesmatter and #Weorganize, to help with “proactive policing.” 

Now this clearly crosses the line and is clearly offensive. Unlike the Canada Revenue Agency who walked up to the line because they were going after people that they would be investigating anyway through other means, Media Sonar went after anyone and turned that info over to the cops if they said the wrong thing on Twitter. Thus anyone could get roped up in this company’s dragnet. That’s a #EpicFail because while you shouldn’t expect to have privacy in a public forum like social media, you shouldn’t expect to be spied on either if you’ve done nothing wrong. Hopefully this award winning company loses some of those awards and gets the message that this is a far from acceptable as you can get.

It should also send a clear message to users of Facebook, Twitter, and other social media platforms. You are being watched. It may not be right, but it is the case. Govern yourself accordingly.

Leave a comment »

Haste & Hustle: Canada’s Most Anticipated Marketing Event

Posted in Commentary with tags on January 18, 2017 by itnerd

Open your mind and business to the technological forthcomings of Canadian marketing. On February 9-10, Niagara-on-the-Lake welcomes Canada’s most anticipated marketing event— Haste & Hustle.

From the inner workings of popular information and social platforms, to top-tier technology speakers, Haste & Hustle provides professionals the opportunity to learn, share and network with those who know tech best.

Haste & Hustle’s many tech features include:

  • What Marketers Need to Know About Chatbots: What are chatbots? How can marketers and entertainment brands use them? What are the benefits? All this and more will be answered during Erin Bury of 88 Creative Bot Boom’s keynote presentation.
  • H&H Tech Hub: A unique space where various companies will tap into delegates’ minds and brands and present new and innovative ways to use technology in sales and marketing. The Tech Hub will have an open-door policy, allowing participants to visit various exhibitors and gain hands-on tech experience throughout the day.
  • VR Showcase with Surprise Presenter: Is your interest peaked? A surprise presenter will wow audiences with a thought-provoking webcast about the future of keynotes and an exciting new Toronto technology firm.
  • LinkedIn – Where Your Sales & Marketing Meet: Get ready to have your mind blown as presenter, Paul Copcutt, reveals everything there is to know about the popular social networking site, LinkedIn. Now is the time to get your personal brand noticed.
  • Technology Discussion: Learn how to gather information and use it to your advantage. Mark Saltzman and Chris Buttenham, CEO of Tasytt, will guide delegates on an informative journey, explaining the ins and outs of information-gathering tools like Google Analytics.

 Haste & Hustle’s two-day event goes above and beyond to create a comfortable learning environment. The conference offers lunch, a marketing crawl, keynote presentations, wine tasting, learning sessions, creative marketing experience, and more.

Additional Keynote Speakers include: Entrepreneur and Best Selling Author, Gary Vaynerchuk; Beme Co-Founder and YouTuber of the Year, Casey Neistat; and Entrepreneur and Dragons’ Den Star, Manjit Minhas; among others.

To register or obtain more information on Haste & Hustle, please visit www.hasteandhustle.com. ‘Like’ them on Facebook or follow @HasteandHustle.

Leave a comment »

Guest Post: AI Will Supercharge Spear-Phishing

Posted in Commentary with tags on January 18, 2017 by itnerd

By: Dave Palmer, Director of Technology at Darktrace

Imagine a piece of malware hidden on your boss’ computer. It watches her every move, quietly listening; learning. It sifts through her emails, calendar, and messages. In the process, it doesn’t just learn her writing style. It learns the unique way she interacts with everyone in her life.

It picks up on the inside jokes she shares with her husband. It knows the formal tone she employs with the CEO. And it recognizes the familiar cadence she uses with her favorite employee — you.

Her emails to you are often casual, even jokey. She signs her emails with ‘Cheers’ and sends you corny jokes on occasion. And before important meetings, she writes you an encouraging email.

One day — on your way to a morning meeting — you get an email from her. It reads:

Hi there!

I’ll see you at 9 for our meeting. You’re gonna kill it today.

See attached for a map to their office.

Cheers,

PS why did the refrigerator need a bandaid?

……….. for the cold cuts! 

You smile, but suddenly you remember that you don’t know where their office is. Would you open the map?

Most people wouldn’t give a second thought. But the attached ‘map’ is really a malicious payload that, if opened, would start rapidly encrypting data and hold your company’s files hostage for a $30,000 ransom.

Artificial intelligence won’t just be used for good — it will open the door for sophisticated cyber-attacks like this. AI will supercharge spear-phishing with automated, intelligent technology. Hyper-realistic, machine-written emails are not some distant fiction. Indeed, the technology already exists.

Between Google’s DeepMind and voice-recognition software like Amazon’s Alexa, machines can now recognize and copy subtle patterns in human behavior. Recently, an intelligent machine even learned how to write a dystopian sci-fi novel. An email from your boss would be child’s play for an even moderately advanced AI.

Artificial intelligence won’t just power phishing attacks either. It will augment every kind of cyber-attack — including those we don’t even know about ­— with advanced decision-making capabilities. To keep pace with intelligent, unpredictable threats, cyber security will have to adopt an intelligent security of its own.

Want to learn more about the future of AI? Read about how machine learning will fight back against AI.

Leave a comment »

Microsoft Making Privacy Related Changes To Windows 10

Posted in Commentary with tags on January 18, 2017 by itnerd

If you want to run an OS that constantly spies on you, look no further than Windows 10. I’ve written about how invasive this OS is and how it should bother users. I guess that Microsoft has heard that loud and clear as they are preparing changes to the OS to better ensure that users have some degree of privacy. These changes were announced in a blog post and include:

  • A new Microsoft privacy dashboard on the web that lets you easily see and manage your activity data.
  • New privacy controls and settings, which will “help ensure you are in control of your privacy.”

Here’s the thing. This announcement coincides with  a statement by the Swiss data protection and privacy regulator, the FDPIC, which said it would drop its threats of a lawsuit after the company “agreed to implement” a string of recommendations it made last year. So in short, Microsoft wanted to avoid being slapped by the Swiss and did this to make them go away. The problem is that none of the changes that Microsoft has detailed completely turns off Windows 10’s ability to phone home as per this from the blog post:

Second, we’ve simplified our Diagnostic data collection from three levels to two: Basic and Full. If you previously selected the Enhanced level, you’ll have the option to choose Basic or Full with the Creators Update.

Third, we’ve further reduced the data collected at the Basic level. This includes data that is vital to the operation of Windows. We use this data to help keep Windows and apps secure, up-to-date, and running properly when you let Microsoft know the capabilities of your device, what is installed, and whether Windows is operating correctly. This option also includes basic error reporting back to Microsoft.

#Fail.

The Creators update of Windows 10 which also is known as “Redstone 2” is the next major update of the OS and is due out in April. It will be interesting to see if there are additional tweaks based on the feedback of users, or governments who don’t like Microsoft’s data collection policies.

2 Comments »

Court Docs Show That “Connected” Cars Have Been Targets Of Spying By Cops For Years

Posted in Commentary with tags on January 18, 2017 by itnerd

Hacker News has an interesting report that illustrates the fact that cars that are “connected” in some way have been the targets of spying by law enforcement. Now I put the word “connected” in quotes because some of the cases that are cited pre-date the times when cars became “things” on the Internet. Instead, the cars were “connected” in other ways. For example, cops have leveraged SiriusXM radios in cars to get evidence:

In 2014, satellite radio and telematics provider SiriusXM provided location information of a Toyota 4-Runner following a warrant by New York police, which was recently unsealed.

The warrant asked SiriusXM “to activate and monitor as a tracking device the SIRIUS XM Satellite Radio installed on the Target Vehicle” for ten days, and the company admitted to Forbes that it complied with the order.

How did SiriusXM achieve this? The company simply turned on the stolen vehicle recovery feature of its Connected Vehicle Services technology on the target vehicle, Toyota 4-Runner. It’s like Apple turning on the Find My iPhone feature to track a customer’s location, the court documents [PDF] says.

SiriusXM said it worked with law enforcement periodically to provide such information on its customers with just a valid warrant. The company receives an estimated five valid court orders a year to monitor a suspect, though it declined to offer on-record comment.

If you have a GM vehicle, you likely have OnStar which cops have leveraged as well to get evidence. Here’s one example:

According to Forbes, police asked GM to hand over OnStar data in December 2009 from a Chevrolet Tahoe rented by suspected crack cocaine dealer Riley Dantzler.

OnStar’s tracking is so accurate that even after the feds had no idea about Dantzler’s car, it’s able to “identify that vehicle among the many that were on Interstate 20 that evening,” followed him from Houston, Texas, to Ouachita Parish, stopped Dantzler and found cocaine, ecstasy and a gun inside the car.

Lovely. Another example is cited as well. The interesting part about that is the fact that the target of this was not an OnStar subscriber, but the hardware was still live. Something that I wrote about in part a few years ago. For the record, here’s GM’s stance on this:

“We don’t monitor or otherwise track the location of OnStar-equipped cars unless required by a valid court order in criminal procedures or under exigent circumstances; and we don’t release the number of those requests. We take our customers’ privacy, safety, and security very seriously, and we assist them on average more than 600 times each month in North America with some form of Stolen Vehicle Assistance.”

Now if all of this is going on, one has to wonder what would happen if a hacker was able to leverage this for some nefarious purpose. Never mind the fact that there’s data inside your car that someone could use against you legally. This illustrates the need for substantive rules around this sort of thing. The question is whether those who make those rules see this as a priority.

Leave a comment »

A Text Message Can Crash Your iOS Device

Posted in Commentary with tags on January 18, 2017 by itnerd

A few months ago, I came across a video that showed how to crash an iOS device via a video link. Now the same site is back telling you that there’s an exploit that will crash a iOS device. Here is the video:

The previous exploit was fixed by Apple in iOS 10.2. One can hope that iOS 10.2.1 which is still in beta at the moment addresses this. In the meantime, I have to wonder if this has to do with the fact that people have way too much time on their hands, or is there an unpatched exploit in iOS that makes these sorts of things possible?

1 Comment »

Oh Noes! A Samsung Galaxy G5 Caught Fire In Toronto

Posted in Commentary with tags on January 18, 2017 by itnerd

If you thought the story of Samsung phones catching fire was over and done with, think again. The CBC is reporting that a Samsung phone caught fire in his bedroom. But it wasn’t the infamous Galaxy Note 7. It was the G5:

Mario Jakab went to bed around midnight on Tuesday, and woke up from the heat and firework-like sounds coming from his bedside table.

“I jumped out of bed, alerted my girlfriend because I wasn’t sure if anything was going to catch fire,” said Jakab. “I waited for the fire to go out, because I’m not touching a flame.”

Samsung has recalled batteries on the Galaxy Note 7 models, after the devices started catching fire. The S5 model is not included in the recall. This appears to be one of the first reports of an S5 catching fire, though a lawsuit filed in the U.S. alleges the exploding phone problem extends to several other smartphones.

Samsung sent out an engineer to see the remains of the phone. They didn’t respond to CBC’s request for a comment. Even before we know what the cause of this is, the optics suck for Samsung as it will likely be perceived by those who read this that they have a systemic problem with all their phones. Now that might be true, but it could also be a single phone with an issue. After all, this sort of thing happens to the odd iPhone. But I will point out that  I covered exploding Samsung smartphones twice in 2013 and 2014. So this isn’t new. Thus Samsung needs to explain this before this becomes a bigger problem.

Leave a comment »

‘Ancient’ Mac Backdoor Discovered

Posted in Commentary with tags on January 18, 2017 by itnerd

It seems that a backdoor to macOS has been out there for years and nobody noticed it until now. Malwarebytes posted a blog post on it and speculates that it was probably created years ago but has only been used in targeted attacks which is why it escaped detection. The malware features antique system calls, some dating back to pre-OS X days. In addition, the binary also includes the open-source libjpeg code, which was last updated in 1998. The latter implies that it pre-dates macOS and has been out for a while. The malware is primarily geared towards screen captures and webcam access on compromised Mac boxes. It is also capable of remote control and mapping the local network.

Apple is likely to update the internal anti-malware system on macOS to protect users in the next day or two. But you might want to download the Malwarebytes Mac scanner to make sure that you’re not infected.

 

Leave a comment »

Vancouver Man Uses Siri To Dial 911 After Medical Emergency

Posted in Commentary with tags on January 18, 2017 by itnerd

I’m a Siri addict. I use the virtual assistant to do everything to respond to text messages, play music, make appointment and the like. But nothing that I use Siri for tops what Andrew Cho of Vancouver used Siri for:

The 29-year-old began experiencing dizziness and numbness in his neck and limbs while out for dinner with friends Jan. 6.

After returning to his apartment early to rest, he collapsed face-down and was completely paralyzed from the neck down. Unbeknownst to him, Cho had burst a blood vessel in his C3 and C4 vertebrae.

His best friend believes where he fell saved his life: Cho’s phone landed just 10 inches away from his body, and he was able to drag his body to it using only his chin.

“He should have been dead. He was able to get to his phone by inching towards it. It took five tries with his tongue – but he got Siri and used voice command to call 911,” Danny Brody said.

Firefighters had to pry his apartment door open to get to him.

I have to admit that when I read that, I was floored. This is a great example of how a piece of tech that we just take for granted or do party tricks with can make a huge difference. I for one hope he makes a speedy recovery. But to accelerate that, you can support the crowdfunding campaign that is meant to support his recovery.

Leave a comment »

Updated Roku Mobile App For iOS And Android Now Available

Posted in Commentary with tags on January 17, 2017 by itnerd

Today Roku is releasing the latest version (v4.0) of the popular Roku mobile app for iOS and Android devices that delivers a fresh new look and an exciting new feature! This update to the Roku mobile app has been designed to make your mobile device an ultimate streaming companion by giving you one-tap access to features that make streaming what you love fast and simple. Navigation to popular mobile features, including the remote control and search, is easier than ever. And starting today, you’ll be able to quickly browse a selection of great movies and TV shows that are available to stream by simply tapping the new “What’s On” tab.

The FREE Roku mobile app comes packed with useful features that are sure to make your phone a great addition to movie night. You can use it as a remote control, plug in headphones for private listening, search for movies, shows and more with a keyboard or your voice, and share your own videos, music, and photos to your TV.

image001.jpg

Here’s what’s new today on the Roku mobile app for iOS and Android devices: 

Simpler navigation and sleek new look

The new navigation bar found across the bottom of the Roku mobile app makes many of our most popular features more accessible. With just one tap you can view and launch your installed streaming channels, browse What’s On, use the remote or share photos and videos to your TV. In addition, a quick tap of the Roku Search icon located at the top of the “Channels” and “What’s On” tabs makes it easy to quickly find the entertainment you want to watch.

When you launch the Roku mobile app you’ll see a scrollable view of all of your streaming channels – now it just takes one tap to get to Netflix, Cineplex Store, or any other channel you have installed. Roku knows that getting to the channel you want is only the first half of streaming the content you want to watch. To make this transition easier and faster, once you launch a streaming channel the remote control will automatically appear on the app giving you a seamless experience to find the show you were looking for. Now you can quickly go from deciding where you want to watch to finding what you want to watch without additional taps.

image002.png

See What’s On

Never spend another minute wondering what to watch next. Simply tap the “What’s On” tab to browse a selection of popular entertainment available to rent or buy, or follow movies that are currently in theatres to be updated when they’re available for streaming. With a few taps, you can watch a blockbuster movie or a hit TV show.

image003.png

Controlling your Roku device with your phone just got easier 

The on screen remote within the Roku mobile app has always been a great way to navigate the Roku OS. And today, Roku has made it better! The new remote tab now more closely matches the buttons on your Roku device remote, with the buttons and directional pad moving closer together so it’s easier to press the onscreen buttons with one hand. Roku has also included a channels icon at the top left of the remote screen so you can quickly access your installed streaming channels and navigate from one channel to another.

image004.png

Leave a comment »

« Older Entries
Newer Entries »