Computer printers have been quietly embedding tracking codes in documents for decades

In 2004, when color printers were still somewhat novel, PCWorld magazine published an article headlined: “Government Uses Color Laser Printer Technology to Track Documents.”

It was one of the first news reports on a quiet practice that had been going on for 20 years. It revealed that color printers embed in printed documents coded patterns that contain the printer’s serial number, and the date and time the documents were printed. The patterns are made up of dots, less than a millimeter in diameter and a shade of yellow that, when placed on a white background, cannot be detected by the naked eye.
Continue reading Computer printers have been quietly embedding tracking codes in documents for decades

How to Encrypt an Android Device

Privacy, Security; two words that you hear a lot these days after the Snowden Incidents and with all the Govt snooping, corporate data mining and all those data leaks like Target and Home Depot. More than ever, protecting your data and privacy should be a top priority to each and every one of us. With new tactics being employed all the time, we have to keep up with the game and encrypting your devices is one way to do just that.

What is Encryption

TechTarget has an awesome article on this.

Encryption is the conversion of electronic data into another form, called ciphertext, which cannot be easily understood by anyone except authorized parties. The word encryption comes from the Greek word kryptos, meaning hidden or secret. The use of encryption is nearly as old as the art of communication itself. As early as 1900 BC, an Egyptian scribe used non-standard hieroglyphs to hide the meaning of an inscription. In a time when most people couldn’t read, simply writing a message was often enough, but encryption schemes soon developed to convert messages into unreadable groups of figures to protect the message’s secrecy while it was carried from one place to another. The contents of a message were reordered (transposition) or replaced (substitution) with other characters, symbols, numbers or pictures in order to conceal its meaning.

Why Encrypt your phone

As described above, encryption scrambles all data on your phone in an unreadable format so if you loose your phone your data will remain secure. The basics of how this works is that at boot time you will have to enter a password or pin to unscramble (un-encrypt) your phone. If someone does not know your password or pin they cannot access your device nor data. An attacker won’t be able to access the data without the encryption key. with that in mind; if someone really wanted access to your data, they could employ the freezer attack. This basically employs freezing your device’s ram so it takes longer for the encryption key to be erased from RAM. 

If you recall Snowden made light of a little project called Prism, where Verizon and the Govt were working together to allow data mining. That is, they have been going through the call records of Verizon’s approximately 99 million users looking for, well, anything! and if you think that Verizon is the only place this has been happening then I got bad news for you. 

 Some recent legal rulings have suggested that encryption can protect against warantless searches. The California Supreme Court has ruled that police officers can lawfully search your cell phone without a warrant if it’s taken from you during arrest – but they would require a warrant if it was encrypted. A Canadian court has also ruled that phones can be searched without a warrant as long as they’re unencrypted. You may want to do your own searches to better understand these legal items or contact your attorney if you have one.

How do I encrypt my Android

You should have at least a pin, password or swipe pattern or even face or voice recognition setup right? If you are using any lock screen widgets, disable them ASAP; they can disclose your location and other sensitive information about you.

Before we continue

Some forewarning before we proceed.

  • Encrypting will cause your device to work a bit slower, not by too much tho. However, depending on your actual device it may be noticeable. Most newer devices shouldn’t make that much difference.
  • Encryption is one-way so if you loose your key or would like to go back to using a non-encrypted device then you will have to wipe your phone and restore to factory settings.

The encryption process should take about an hour or more depending on how much data is on your device. So, let’s start:

  • Go to Settings
  • Click Security
  • From the options, choose Encrypt Device or Encrypt Phone
    • Note that in the Security settings screen you can also choose to encrypt an SD card.
  • Enter your password (must be at least 6 characters with 1 number)

You’ll see a progress indicator appear. After it’s done, your device’s storage will be encrypted. You’ll have to enter the PIN or password each time you boot your phone or its storage will be unreadable, so don’t forget the password! Android uses dm-crypt, which is the standard disk encryption system in the Linux kernel. It’s the same technology used by a variety of Linux distributions.

That’s it, go enjoy your newly encrypted and secured Android phone.

The singularity – Will it Happen?

What is the singularity?

I honestly was not aware of this topic so I set out to do some research to open my mind and man was my mind blown. Basically what I understand is that the singularity is a point in time when technology will surpass human intelligence and humans will start to become the minority in intelligence.

Vernor Vinge introduced the term Technological Singularity in his science fiction novel Marooned in Realtime(1986) and later developed the concept in his essay the Coming Technological Singularity (1993). His definition of Singularity is widely known as the event horizon thesis and in essence says that trans or post-human minds will imply a weirder future than we can imagine:

“Within thirty years, we will have the technological means to create superhuman intelligence. Shortly after, the human era will be ended. […] I think it’s fair to call this event a singularity. It is a point where our models must be discarded and a new reality rules. As we move closer and closer to this point, it will loom vaster and vaster over human affairs till the notion becomes a commonplace. Yet when it finally happens it may still be a great surprise and a greater unknown.” (1)

Continue reading The singularity – Will it Happen?

Over a Billion Internet Passwords Hacked

A Russian crime ring has amassed the largest known collection of stolen Internet credentials, including 1.2 billion user name and password combinations and more than 500 million email addresses, security researchers say.

The records, discovered by Hold Security, a firm in Milwaukee, include confidential material gathered from 420,000 websites, including household names, and small Internet sites. Hold Security has a history of uncovering significant hacks, including the theft last year of tens of millions of records from Adobe Systems.

Hold Security would not name the victims, citing nondisclosure agreements and a reluctance to name companies whose sites remained vulnerable. At the request of The New York Times, a security expert not affiliated with Hold Security analyzed the database of stolen credentials and confirmed it was authentic. Another computer crime expert who had reviewed the data, but was not allowed to discuss it publicly, said some big companies were aware that their records were among the stolen information.

“Companies that rely on user names and passwords have to develop a sense of urgency about changing this,” said Avivah Litan, a security analyst at the research firm Gartner. “Until they do, criminals will just keep stockpiling people’s credentials.”

Websites inside Russia had been hacked, too, and Mr. Holden said he saw no connection between the hackers and the Russian government. He said he planned to alert law enforcement after making the research public, though the Russian government has not historically pursued accused hackers.

So far, the criminals have not sold many of the records online. Instead, they appear to be using the stolen information to send spam on social networks like Twitter at the behest of other groups, collecting fees for their work.

Big Data Is Just a Big Scam

The newly emergent “big data” meme has never been defined in any meaningful and definitive way. It’s the most amorphous new buzz-term that I’ve seen for a decade. It’s one of those “eye of the beholder” terms used to liven up a seminar and eventually soak investors.

Let’s start by asking what does big data mean? Lots of data? More data than you can handle? Amorphous data? Out of control data? Useful data for analysis? Useless data? Information overload?

If you read enough about big data, it is all of the above and more. The key is not the data, but the challenge of how to handle the data and what to do with the data itself.

In other words, how can we make this huge pile of data, that we have managed to accumulate, be useful in new and profitable ways? The data pools can come from anywhere via various computing mechanisms such as Facebook posts, NSA logs, mailing lists, customers, etc.

I would argue that most readers of this column are themselves repositories of big data. I just bought a 3 Terabyte drive for backup. I have a lot of data to back up! Big data!

From what I can tell, what Big Data does best is spy on individuals.

A useful tool I can imagine would be a big data analysis tool that the police could use to find you guilty of some random crime by going through your files. Or at least find something that would embarrass you. Big data!

This all harkens back to a comment made by a former CEO of American Express, who told an audience that if the company wanted to (and this applies to all credit card companies) it could use your personal buying habits and tendencies to put together a complete dossier and definitely tell if you are having an affair or not. Big data!

None of this sounds good or healthy for the society. Jumping to conclusions, making assumptions, acting on false assumptions. Hounding the public with useless advertisements.

Full Article

eBay Hacked, Change Your Passwords Now

`If you have an eBay account, it’s time to change your password. The company released a statement today saying their internal and customer databases were compromised earlier this year, and starting today they’ll prompt everyone to change their passwords.

Attackers made off with names, addresses, email addresses, phone numbers, birth dates, and of course, encrypted passwords. eBay explained that financial info like credit card numbers and other sensitive data (like PayPal accounts) are kept in a separate encrypted database which wasn’t compromised. They also said they’ve found no evidence of unauthorized access or activity by registered eBay users—which is code for “we don’t think anyone’s used these passwords yet.” According to the statement, intruders compromised employee accounts first, and used their access to get the data they really wanted. They discovered the breach about two weeks ago, but the actual attack took place back in late February and early March.

To change your eBay password:

  • log into your account
  • click your name in the upper left corner
  • select Account Settings
  • click Personal Information on the left side of the page
  • click edit next to your password.

Complete Story

Relationship drama: “Ask” button controversy shows Facebook is for stalking, not interrogations

Facebook can sometimes seem like a digital microcosm of your entire life. It’s where you share snippets of personal information with your friends (and the company’s advertising network), chat with everyone you’ve ever met, and make any major life development “Facebook official.” But the harsh dismissal of a new feature allowing Facebook users to ask friends if they are in a relationship when they haven’t told Facebook yet, shows that the service still has its own rules of etiquette — and that it’s not a perfect replica of the real world.

The feature works like this: someone notices that a friend hasn’t filled out the “relationship status” section of their profile, then messages that friend by clicking on a special “ask” button. After the initiator of the request explains why they want to know if the friend is single or not, the friend decides whether to respond, either privately or publicly. It’s basically a private messaging tool made for one type of conversation.

That question wouldn’t seem strange outside of Facebook. People ask each other about their relationships all the time — it’s hardly a taboo subject. But according to the reaction to the feature from sites like Slate, Time, and Jezebel, a feature made for asking Facebook users about their love lives is stranger than Facebook’s new drone-powered future. A betting man probably would have thought that a social network using flying robots to provide Internet access would be stranger than this “ask” button, but it looks like he would have been wrong.

Continue reading

And now we introduce you to Cortana for your Windows Phone

A few months ago we did an article on Cortana citing that she may make a return as your personal assistant, much like her character was to Master Chief in the acclaimed Halo Series. Read that article here. And Microsoft kept Cortana true to her character by ensuring that Jen Taylor who voiced Cortana in the Halo series did the voice over here as well.

Before we show you your personal Cortana, here is the video showing her off through the halo series and her relationship with the Chief.

Continue reading And now we introduce you to Cortana for your Windows Phone

Chrome Eavesdropping, Balkanized Internet & More…

Is your Chrome browser spying on you?

It’s convoluted and unlikely, perhaps, but there’s a way that websites can trick the Chrome browser into leaving the mic open, allowing who knows whom to eavesdrop.

In Chrome, whenever a website wants to access a visitor’s microphone the browser prompts the user for permission which, if granted, is for that session only. Move to another site or close that tab and the mic is disabled. However, PCWorld reported on Wednesday, there is a way for a site to keep the mic turned on.

“But as Web developer Tal Ater discovered, malicious sites can use pop-under windows to keep listening even after the user has gone to another site or closed the main browser window. Unlike a regular browser tab, pop-under windows don’t show the recording status icon, and can continue to listen in for as long as the pop-under window stays open. The exploit can also stay dormant until the user utters certain key phrases.”

Techworld reported Thursday that although Google had a patch readied to fix this vulnerability on September 24, they decided not to use it.

“‘We’ve reinvestigated and still believe there is no immediate threat, since a user must first enable speech recognition for each site that requests it,’ it [Google] said.”

This kind of makes the case for just using a plug-in mic instead of having one built-in, doesn’t it?

Is the balkanization of the Internet at hand?

It’s no longer news that quite a few countries are concerned enough about the NSA’s actions that they’re taking steps to protect themselves from our spying. This is leading some to suspect this might eventually result in a system of national Internets, as noted by IEEE Spectrum on Thursday.

To a degree, this is already happening. Germany is taking steps to assure that data packets originating in-country to be delivered in-country are never routed outside of Germany. In South America, Brazil’s president Dilma Rousseff is seeking legislation that will force companies, including Facebook and Google, to store all data on servers located within Brazil.

In addition, the NSA’s actions have resulted in a revival of the Open Root Server Network (ORSN), a system of root nameservers operating independently from ICANN. Taken offline in 2008, the system was put back in service in June as a result of Edward Snowden’s whistle-blowing.

Complete Story

Cortana dies in Halo but may come back for new battle against Siri and Google Now

The Halo franchise has gone through a very prosperous run with the Master chief / Cortana duo revolutionizing FPS (First Person Shooters). After going through numerous battles together, Cortana says goodbye in Halo4 and it seems she is making a come back in your real life universe, as your personal assistant.

Who is Cortana

To give you a quick overview of Cortana we will hit gaming for a bit…

Cortana is an AI (Artificially Intelligent) character in the Halo universe, designed by Dr. Halsey with a flash clone of her brain through a process called Cognitive Impression Modeling. She is very adaptive and learns as she progresses thereby expanding her knowledge and capabilities. In the game she is the AI that controls the Pillar of Autumn and is later teamed with Master Chief Petty Officer John 117 … the lone remaining UNSC Spartan II Commando. He is the most decorated war veteran in the UNSC and has earned every medal except Prisoner of War. Cortana had genuine, not merely programmed, loyalty to humanity and the UNSC (United Nations Space Command), but exhibited devotion to John-117 beyond that which her programming or mission required.

Cortana was designed to infiltrate computer systems and she is excellent at the task. She has become so intelligent that she understands Covenant technology far more than her makers and in some cases, the Covenant themselves and got to a point where there was no Covenant security measure she could not bypass. She can be transferred among various computer systems and can move in and out of various networks. One of Cortana’s other abilities was that she could control a variety of starships and stations and act as their AI. Continue reading Cortana dies in Halo but may come back for new battle against Siri and Google Now