Apple Isn’t Your Friend

Apple has been steadily positioning itself as the anti-Facebook for a while now, and between verbal jabs aimed at the social media giant and privacy-focused product decisions, the patient goodwill campaign seems to be working. Unfortunately, Apple isn’t going to save us, and now’s the time to keep your guard up. Continue reading Apple Isn’t Your Friend

Advertisements

Computer printers have been quietly embedding tracking codes in documents for decades

In 2004, when color printers were still somewhat novel, PCWorld magazine published an article headlined: “Government Uses Color Laser Printer Technology to Track Documents.”

It was one of the first news reports on a quiet practice that had been going on for 20 years. It revealed that color printers embed in printed documents coded patterns that contain the printer’s serial number, and the date and time the documents were printed. The patterns are made up of dots, less than a millimeter in diameter and a shade of yellow that, when placed on a white background, cannot be detected by the naked eye.
Continue reading Computer printers have been quietly embedding tracking codes in documents for decades

How to Encrypt an Android Device

Privacy, Security; two words that you hear a lot these days after the Snowden Incidents and with all the Govt snooping, corporate data mining and all those data leaks like Target and Home Depot. More than ever, protecting your data and privacy should be a top priority to each and every one of us. With new tactics being employed all the time, we have to keep up with the game and encrypting your devices is one way to do just that.

What is Encryption

TechTarget has an awesome article on this.

Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties. The word encryption comes from the Greek word kryptos, meaning hidden or secret. The use of encryption is nearly as old as the art of communication itself. As early as 1900 BC, an Egyptian scribe used non-standard hieroglyphs to hide the meaning of an inscription. In a time when most people couldn’t read, simply writing a message was often enough, but encryption schemes soon developed to convert messages into unreadable groups of figures to protect the message’s secrecy while it was carried from one place to another. The contents of a message were reordered (transposition) or replaced (substitution) with other characters, symbols, numbers or pictures in order to conceal its meaning.

Why Encrypt your phone

As described above, encryption scrambles all data on your phone in an unreadable format so if you loose your phone your data will remain secure. The basics of how this works is that at boot time you will have to enter a password or pin to unscramble (un-encrypt) your phone. If someone does not know your password or pin they cannot access your device nor data. An attacker won’t be able to access the data without the encryption key. with that in mind; if someone really wanted access to your data, they could employ the freezer attack. This basically employs freezing your device’s ram so it takes longer for the encryption key to be erased from RAM. 

If you recall Snowden made light of a little project called Prism, where Verizon and the Govt were working together to allow data mining. That is, they have been going through the call records of Verizon’s approximately 99 million users looking for, well, anything! and if you think that Verizon is the only place this has been happening then I got bad news for you. 

 Some recent legal rulings have suggested that encryption can protect against warantless searches. The California Supreme Court has ruled that police officers can lawfully search your cell phone without a warrant if it’s taken from you during arrest – but they would require a warrant if it was encrypted. A Canadian court has also ruled that phones can be searched without a warrant as long as they’re unencrypted. You may want to do your own searches to better understand these legal items or contact your attorney if you have one.

How do I encrypt my Android

You should have at least a pin, password or swipe pattern or even face or voice recognition setup right? If you are using any lock screen widgets, disable them ASAP; they can disclose your location and other sensitive information about you.

Before we continue

Some forewarning before we proceed.

  • Encrypting will cause your device to work a bit slower, not by too much tho. However, depending on your actual device it may be noticeable. Most newer devices shouldn’t make that much difference.
  • Encryption is one-way so if you loose your key or would like to go back to using a non-encrypted device then you will have to wipe your phone and restore to factory settings.

The encryption process should take about an hour or more depending on how much data is on your device. So, let’s start:

  • Go to Settings
  • Click Security
  • From the options, choose Encrypt Device or Encrypt Phone
    • Note that in the Security settings screen you can also choose to encrypt an SD card.
  • Enter your password (must be at least 6 characters with 1 number)

You’ll see a progress indicator appear. After it’s done, your device’s storage will be encrypted. You’ll have to enter the PIN or password each time you boot your phone or its storage will be unreadable, so don’t forget the password! Android uses dm-crypt, which is the standard disk encryption system in the Linux kernel. It’s the same technology used by a variety of Linux distributions.

That’s it, go enjoy your newly encrypted and secured Android phone.

The singularity – Will it Happen?

What is the singularity?

I honestly was not aware of this topic so I set out to do some research to open my mind and man was my mind blown. Basically what I understand is that the singularity is a point in time when technology will surpass human intelligence and humans will start to become the minority in intelligence.

Vernor Vinge introduced the term Technological Singularity in his science fiction novel Marooned in Realtime(1986) and later developed the concept in his essay the Coming Technological Singularity (1993). His definition of Singularity is widely known as the event horizon thesis and in essence says that trans or post-human minds will imply a weirder future than we can imagine:

“Within thirty years, we will have the technological means to create superhuman intelligence. Shortly after, the human era will be ended. […] I think it’s fair to call this event a singularity. It is a point where our models must be discarded and a new reality rules. As we move closer and closer to this point, it will loom vaster and vaster over human affairs till the notion becomes a commonplace. Yet when it finally happens it may still be a great surprise and a greater unknown.” (1)

Continue reading The singularity – Will it Happen?

Over a Billion Internet Passwords Hacked

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.”

Websites inside Russia had been hacked, too, and Mr. Holden said he saw no connection between the hackers and the Russian government. He said he planned to alert law enforcement after making the research public, though the Russian government has not historically pursued accused hackers.

So far, the criminals have not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work.

Big Data Is Just a Big Scam

The newly emergent “big data” meme has never been defined in any meaningful and definitive way. It’s the most amorphous new buzz-term that I’ve seen for a decade. It’s one of those “eye of the beholder” terms used to liven up a seminar and eventually soak investors.

Let’s start by asking what does big data mean? Lots of data? More data than you can handle? Amorphous data? Out of control data? Useful data for analysis? Useless data? Information overload?

If you read enough about big data, it is all of the above and more. The key is not the data, but the challenge of how to handle the data and what to do with the data itself.

In other words, how can we make this huge pile of data, that we have managed to accumulate, be useful in new and profitable ways? The data pools can come from anywhere via various computing mechanisms such as Facebook posts, NSA logs, mailing lists, customers, etc.

I would argue that most readers of this column are themselves repositories of big data. I just bought a 3 Terabyte drive for backup. I have a lot of data to back up! Big data!

From what I can tell, what Big Data does best is spy on individuals.

A useful tool I can imagine would be a big data analysis tool that the police could use to find you guilty of some random crime by going through your files. Or at least find something that would embarrass you. Big data!

This all harkens back to a comment made by a former CEO of American Express, who told an audience that if the company wanted to (and this applies to all credit card companies) it could use your personal buying habits and tendencies to put together a complete dossier and definitely tell if you are having an affair or not. Big data!

None of this sounds good or healthy for the society. Jumping to conclusions, making assumptions, acting on false assumptions. Hounding the public with useless advertisements.

Full Article

eBay Hacked, Change Your Passwords Now

`If you have an eBay account, it’s time to change your password. The company released a statement today saying their internal and customer databases were compromised earlier this year, and starting today they’ll prompt everyone to change their passwords.

Attackers made off with names, addresses, email addresses, phone numbers, birth dates, and of course, encrypted passwords. eBay explained that financial info like credit card numbers and other sensitive data (like PayPal accounts) are kept in a separate encrypted database which wasn’t compromised. They also said they’ve found no evidence of unauthorized access or activity by registered eBay users—which is code for “we don’t think anyone’s used these passwords yet.” According to the statement, intruders compromised employee accounts first, and used their access to get the data they really wanted. They discovered the breach about two weeks ago, but the actual attack took place back in late February and early March.

To change your eBay password:

  • log into your account
  • click your name in the upper left corner
  • select Account Settings
  • click Personal Information on the left side of the page
  • click edit next to your password.

Complete Story