Archive for July, 2017

iRobot Won’t Sell Your Data

Posted in Commentary with tags on July 31, 2017 by itnerd

Remember that story about iRobot selling data about the layout of your home? Well, there’s a new story according to ZDNet:

First things first, iRobot will never sell your data. Our mission is to help you keep a cleaner home and, in time, to help the smart home and the devices in it work better.

That’s from the desk of the CEO of iRobot. When the ZDNet reporter tried to clarify things, this tidbit popped up:

The Reuters report indicated how iRobot was in talks to sell the data. Can you respond with whether that was a misinterpretation by the reporter or a misstatement on the part of Angle? Was there, in fact, never any monetary negotiations or discussions over data?

This was a misinterpretation. [Angle] never said that iRobot would look to sell customer maps or data to other companies. iRobot has not had any conversations with other companies about data transactions, and iRobot will not sell customer data.

Yeah. Right. Sure. I’d read the entire article as it’s a very interesting exercise in backpedalling.

 

Advertisements

A Petition To Open-Source Flash? Like WTF?

Posted in Commentary with tags on July 31, 2017 by itnerd

In a strange twist of fate, there’s now a petition to open-source Flash. Here’s where it gets weird. The petition acknowledges Adobe’s reasons for killing Flash, namely that it’s been superseded and is woefully insecure. But….:

However Flash along with its sister project Shockwave is an important piece of Internet history and killing Flash and Shockwave means future generations can’t access the past. Games, experiments and websites would be forgotten.

Open sourcing Flash and the Shockwave spec would be a good solution to keep Flash and Shockwave projects alive safely for archive reasons. Don’t know how, but that’s the beauty of open source: you never know what will come up after you go open source! There might be a way to convert swf/fla/drc/dir to HTML5/canvas/webgl/webassembly, or some might write a standalone player for it. Another possibility would be to have a separate browser. We’re not saying Flash and Shockwave player should be preserved as is.

I don’t know of anything that was made with Flash that would be worth this effort to preserve a piece of software that is horribly insecure. But that’s just me. If you have a different view of this, I would ask you to share your thoughts by leaving a comment.

Apple Removing VPN Apps From Chinese App Store… Russia Banning VPN Apps Too

Posted in Commentary with tags , on July 31, 2017 by itnerd

The news is popping up all over the place when it comes to VPNs. First to China where Apple is removing VPN apps from the Chinese app store:

The BBC understands that as many as 60 VPNs were pulled over the weekend.

Apple said it was legally required to remove them because they did not comply with new regulations.

It refused to confirm the exact number of apps withdrawn, but did not deny the figure. It added that dozens of legal VPN apps were still available.

This of course ties into a story that I’ve been reporting on for the last month or so. This of course has VPN operators nervous. Marty P. Kamden, NordVPN’s CMO, said this:

“We never had an Apple app in China as we were expecting similar issues – that’s why we didn’t get affected by the removal from the App store. NordVPN works in China on desktop apps, and we are currently developing a solution for mobile apps, including iOS and Android. Currently, our VPN works with Windows with no problems.”

“At the same time, we are shocked to see how big companies comply with China’s censorship of free word. NordVPN stands for freedom of speech, and we will do all we can to make sure Internet users in China have full access to Internet. We think that Apple might not realize full repercussions of removing VPN apps from China, since there are also many freedom fighters or those in opposition to the government who need VPNs to remain anonymous or face a serious danger to their safety.”

At the same time this is going on, Russia is going to ban VPN apps as well staring on the 1st of November:

The law, already approved by the Duma, the lower house of parliament, will ban the use of virtual private networks (VPNs) and other technologies, known as anonymizers, that allow people to surf the web anonymously. It comes into force on Nov. 1.

Leonid Levin, the head of Duma’s information policy committee, has said the law is not intended to impose restrictions on law-abiding citizens but is meant only to block access to “unlawful content,” RIA news agency said.

Now, this is likely an attempt to ban any sort of access to outside content that these two countries don’t like. But beyond that, how will this affect VPNs that are brought into China and Russia by those who travel to those two countries? If I have a VPN on my computer, will it still work if I travel to one of those countries and try to connect? That is where I can see a business getting screwed over by this. If I am protecting corporate communications with a VPN, and it is now banned and off-line what happens then? Also, what happens if you are clearing customs and there’s VPN software on my computer? Will it get seized. There’s a lot of unknowns here that I hope get answered and quickly.

UPDATE: Marty P. Kamden, NordVPN’s CMO reached out to me after seeing this story and gave me a comment about the Russian situation:

“The most worrying aspect of banning VPNs in Russia, the same way as in China, is the fact that many political activists would lose their anonymity and can face a very real danger. We are watching the Internet regulation developments in Russia and China with great concern, and want to express our will to continue providing access to unrestricted Internet to the people of those countries.”

Hackers Claim They Can Pwn Apple Pay Via WiFi

Posted in Commentary with tags on July 28, 2017 by itnerd

This week in Las Vegas is the Black Hat conference. This of course is the conference where hackers of all descriptions will show up to show off security related research and show how to pwn everything. Case in point is research by Positive Technologies that The Register is reporting on where they have two attack vectors for Apple Pay. The first one requires malware to be injected into a jailbroken device. Thus illustrating why you should never jailbreak a device. But the second attack vector does not require a jailbroken device and utilizes WiFi:

The first step in the second attack is for hackers to steal the payment token from a [targeted] victim’s phone. To do that, they will use public Wi‑Fi, or offer their own ‘fake’ Wi‑Fi hotspot, and request users create a profile. From this point they can steal the ApplePay cryptogram [the key to encrypting the data].

Apple states that the cryptogram should only be used once. However, merchants and payment gateways are often set up to allow cryptograms to be used more than once.

As the delivery information is sent in cleartext, without checking its integrity, hackers can use an intercepted cryptogram to make subsequent payments on the same website, with the victim charged for these transactions.

Take home message. Don’t use WiFi when you use Apple Pay. But even if you don’t use WiFi, you have to wonder how long it will be before hackers figure out how to pull off an attack like this over a cellular network. If that is in the works, they better hurry because the researchers informed Apple about these attack vectors. Which means that Apple is likely working on a fix. Though, there might be a problem with that:

Fixing the issue will require action from all points in the chain, including the banking merchants, payment gateways, and card issuers, the security firm claimed.

We’ll see if Apple gets that co-operation to close this attack vector.

Airlink Adds Wireless Support to Any Audio Device

Posted in Commentary with tags on July 28, 2017 by itnerd

If you own audio gear that isn’t equipped with Bluetooth or wireless connectivity, you could benefit from a wireless connection. Your readers may be interested in a new pocket -sized adapter called AirLink, which has taken to the Indiegogo crowdfunding website this month to raise the required funds to go into production.

AirLink is the world’s first Hi-Fi Bluetooth adapter with remote control. AirLink turns any audio device, including non-Bluetooth car stereo and powered speakers, into wireless and has inline remote control and built-in microphone to upgrade wired headphones into a wireless controller.

Answering to the latest trend in smartphones that ditch headphone jacks, AirLink is the most effective solution that lets the users use wired headphones in wireless and control the phones remotely.

Embedded with the latest Bluetooth v4.2 single chip, AirLink adds Bluetooth connectivity to any audio device and promises to deliver high-resolution sound to the users with 24bit sound codec. In addition, the built-in microphone and control button enables the users to make calls, shift a track, wake up a virtual assistant, and take pictures with ease.

Here are some of the features:

  • Add Bluetooth to audio devices;
  • Stream  music wirelessly;
  • 24bit premium sound;
  • Get hands-free calls;
  • 32-Hour standby time battery; and
  • Take selfies effortlessly.

AirLink can provide the long and enjoyable experience of being wireless. Weighing as 0.7oz, AirLink fits into any outdoor activities and makes the users tangle-free. It supports 8-hour playback time and 30-minute fast charging.

AirLink is live on Indiegogo, starting at $29. It has reached five times its original goal and

You can visit here for more information: https://www.indiegogo.com/projects/airlink-go-wireless-with-any-audio-device-bluetooth/

Don’t Like The TouchPal Keyboard? Here’s Are Some Options For You…

Posted in Commentary with tags on July 28, 2017 by itnerd

Some Android phones come out of the box with the TouchPal keyboard (which for the record is also available for iOS). The cool thing about this keyboard is that it allows for quick and easy typing and ease of entry of Emojis. Plus it allows for the usage of languages such as Chinese and Arabic among many others. The not so cool thing is that while it is a free keyboard, it has an ad based model. In other words, ads display as you use the keyboard and even on the lock screen. HTC got blasted by users for this recently as their phones come with the TouchPal keyboard. But this isn’t a new issue as blogger Dan Levy noted when he reviewed the ZTE Axon back in 2016. He also noted the fact that when he reached out to TouchPal on Twitter, their response to is query as to why there were ads was to say that they had to make money somehow. Seriously, they did say that and he has the screenshots to prove it.

#PRFail

Here’s the biggest problem with the whole TouchPal ad issue. I think it’s one thing if you choose to download a “free” keyboard that is ad supported. After all, Google Play tends to warn you about that sort of thing and you’re making a choice to use a product that is ad supported. But when it comes bundled with a smartphone that I just paid a lot of money for, I think you should have a reasonable expectation to get something that is ad free. After all, why should I be effectively paying a smartphone vendor to display ads on my brand new smartphone? That doesn’t make a whole lot of sense to me.

As a result, you may be thinking that you want to ditch this keyboard if you either installed it from your favorite app store, or you got it with whatever Android phone you have. The question is, what are good replacement keyboard options? I’ve complied four very replacement options for your perusal:

Google Keyboard: The best option for Android uses may be to simply use the Google Keyboard which is also free. The Google Keyboard has gesture typing, a learning dictionary that saves words you introduce to it, text expansion built-in, personalized predictive text based on your typing habits, speech-to-text features, and support for 120 languages.

SwiftKey: SwiftKey uses Artificial Intelligence to automatically learn your writing style, including the emoji you love to use (if you use emoji), the words that matter to you and how you like to type. That means autocorrect and predictive text that actually works because it adapts to you. It supports a large number of languages as well. It’s also free without relying on ads.

Swype: This was the original swipe-to-type/gesture-typing keyboard, and it still comes on a number of Android headsets by default. It supports a ton of languages and gets high praise from Android users. The company does have free and paid options. But the paid option is beyond cheap being under $2 so I would seriously recommend going that route.

Fleksy: It’s a minimalist keyboard with insanely great accuracy, high customization, and support for 47 languages. This is a keyboard that is designed for tap-typists, not people who love or are used to gesture-typing. If that’s you, the $5 that this app is worth is money well spent.

Are there other Android keyboards that you would recommend? Please leave a comment below and share your thoughts.

UPDATE: I got a Twitter direct message from Dan Levy pointing out that TouchPal is capable of taking over your lock screen and serving up ads even if this isn’t your default keyboard. He pointed me to a thread on Android Central that discusses how to disable this “feature.”

UPDATE #2: ZTE reached out to me to say the following:

The version of TouchPal’s keyboard that is pre-installed on ZTE devices does not contain or display advertisements. Users will only see ads in the TouchPal theme store if they install/update to the Google Play version of TouchPal. The two versions are different, with the Google Play version being ad-supported. Of course, users are also free to install other keyboards on any ZTE device

Apple Is Quietly Exiting Music Player Biz

Posted in Commentary with tags on July 28, 2017 by itnerd

Remember the days when you bought an iPod and you had hundreds if not thousands of songs in your pocket? Well, those days are apparently over as the iPad Nano and iPod Shuffle are dead as of yesterday if you check Apple’s website. On top of that, the iPod Touch lineup has been pared down. You can now only get the 32GB and 128GB variants. Other than that, the device has otherwise been basically unchanged since 2015. Thus you have to wonder how much longer it will be along.

This essentially brings an end to an era for the iPod. I remember when the device first popped up in 2001 with 5GB of storage which held up to 1000 songs and had a then unusual Firewire interface. It was a Mac only device at the time, but soon migrated over to the PC side of the fence. It also kicked off the iTunes software along with the iTunes store to buy music. The latter proved that digital music sales could work. I guess now that everybody and their dog has a smartphone, standalone music players aren’t a viable business. Thus it shouldn’t come as a shock that Apple has started to put an end to their stand alone music players.