The SDK: 2015.09.08

Consumer Awareness – Ok Nevermind I Can’t Hold A Straight Face
Hackers Can Trick Self-Driving Cars Into Taking Evasive Action, The Guardian, Sept. 7, 2015
“Automated cars use laser ranging systems, known as lidar, to image the world around them and allow their computer systems to identify and track objects. But a . . . Lidar sensor can be fooled into seeing fake people, cyclists, cars or walls with a $60 system built out of Raspberry Pi and a laser pointer.”
Note: sounds like self-driving cars just turned into really expensive cats.

This Evil Android App Holds You Hostage For Watching Porn, Fusion, Sept. 8, 2015
“Internet security firm ZScaler is urging Android users to steer clear of “Adult Player,” a third-party porn viewing application that surreptitiously snaps photos of people’s faces while they’re looking at their screens.. . . In addition to an actual photo of the victim . . . the program also collects identifying information about a victim’s phone like its model, specific OS, and network carrier.. . . Adult Player . . . can’t be disabled by simply turning the device off or rebooting it.. . . When a person launches Adult Player, the application hijacks their front camera and begins to take photos of them. The program then locks itself down while displaying a classic ransomware screen instructing the victim to transfer $500 to the developers via PayPal in exchange for their privacy.” Note: Remember how everyone keeps telling you to put tape over your camera? Yeah this is why. Okay, okay, so you can’t go back in time. Here’s how you get out:

  1. Boot device into safe mode (Please note that entering “safe mode” varies depending on your device). Safe mode boots the device with default settings without running third party apps.
  2. Uninstalling ransomware from device requires you to first remove administrator privilege. To do the same, go to Settings –> Security –> Device Administrator and select ransomware app, then deactivate.
  3. Once this is done, you can go to Settings –> Apps –> Uninstall ransomware app.

Fix is courtesy of ZScaler.

Une Protection Insuffisante
CNIL Publishes Internet Sweep Results and New Guidelines for Websites Aimed at Children, Hunton and Williams Privacy and Information Security Law Blog, Sept. 3, 2015
The report is available here. But, um, it’s in French. So Hunton and Williams was kind enough to give a break-down in their blog piece. The most important issues of note:  “The CNIL and other participating DPAs found the following:
A large collection of personal data and limited access for deleting accounts
Lack of awareness among young audience about the collection of their data
Links to other websites, including e-commerce sites
No cookie banner
No notifications or warnings provided by most sites”
Note: If this is an area you work in, be sure to at least read the blog piece. My French is just good enough to know that the blog piece article in fact links to a page where the headline says “something something of children: an insufficient protection on the Internet Sites” (and “the Internet Sites” of course probably is really “websites”). Boom! Thank you 3 weeks in France when I was 13 + one quarter of audited French in college. #Winning. But for real, Hunton and Williams did us all a favor. Thanks!

New Justice Department Policy Requires Warrant For Using Stingrays, Slate, Sept. 4, 2015
“If it seems weird to you that such a rule about warrants didn’t already exist … yeah, you aren’t the only one. The old (lack of) policy was that offices like the FBI could just set up the spoof cell towers to track and otherwise monitor users without providing a justification. Now after agencies get a warrant, they will also have to delete all the data they collect after 30 days except the stuff they were actually looking for.”
Note: There’s of course a still major lack of consistency at the local, state, and federal levels. But everyone take a moment to dance!

World War Uber: Why The Ride-Hailing Giant Can’t Conquer The Planet (Yet), Forbes, Sept. 27, 2015
“Uber is now facing opposition that’s not as easily rolled as a bunch of feckless, anticompetition governments. In the parts of the world, mostly Asia, where Uber is just getting going, the company and its pugilistic CEO, Travis Kalanick, are facing entrenched private competition on a scale it has never seen.”

The Battle Wages On
Apple’s Encryption Means It Can’t Comply With US Court Order, The Guardian, Sept. 8, 2015
“FBI criticises firm for being unable to read iPhone users’ messages after Justice Department obtains iMessage ruling.. . . Apple has rebuffed a court order to hand over in real time texts sent using iMessage between two iPhones because its encryption system leaves the company unable to comply.”

Apple’s iMessage Defense Against Spying Has One Flaw, Wired, Sept. 8, 2015
“According to [a New York Times] report, the Justice Department obtained a court order demanding that Apple provides the iMessages sent between crime suspects, in real time. Apple said that wasn’t possible, because its iMessage service was encrypted. But, the thing is, there is actually a very high likelihood that, technologically, iMessage could be wiretapped, because it does not allow users to verify encryption keys when writing or receiving messages.”
Note: If you have any interest in how iMessage encryption actually works, this article is not very long and well worth the read.

Bringing A Whole New Meaning To “National Security”
You Know What This Presidential Race Needs? John McAfee, Wired, Sept. 8, 2015
“If you didn’t think the 2016 election season could get any more batshit crazy than it already is, now, John McAfee—the self-described “eccentric millionaire,” who founded the anti-virus software company McAfee, and who once played Russian roulette with a loaded gun while WIRED writer Joshua Davis stood by—says he is considering joining the 2016 presidential race. But first, he says he’s hoping to persuade someone who is “smarter and more charismatic” than he is to run with his backing.”
Note: Anti-Virus founder for Prez?

Lessig: I’m Running For President, Politico, Sept. 6, 2015
“The outspoken Harvard Law School professor who’s been an advocate of campaign finance reform, told host George Stephanopoulos on ABC’s “This Week” Sunday that he’s formally running for president.” As far as running mate options, his website has a poll for supporters to vote on who he should pick. Among the options: “Sen. Elizabeth Warren (D-Mass.), popular astrophysicist Neil deGrasse Tyson, former Labor Secretary Robert Reich, former “Daily Show” host Jon Stewart and Facebook CEO Sheryl Sandberg.”
Note: This guy wrote Code 2.0. Trippy.

Obama Will Leave Legacy with Bay Area Federal Court Appointees, San Jose Mercury News, Aug. 24, 2015
“Koh, in particular, already has carved out a reputation as one of the most influential federal judges in the country for the tech industry, in large part for her handling of the epic patent feud between Apple and Samsung and her rulings shaping a lawsuit against Silicon Valley’s major companies involving illegal hiring practices.”
Note: That last one was just to re-assure you that the presidency hasn’t turned into a reality TV show.

This Is Very Cool, and Also One Step Away From Surrogates (starring Bruce Willis)
My Life As A Robot: How Not To Embarass Yourself In Front Of The Office Robot, Wired, Sept. 8, 2015
6f8fc1af-b3dd-435a-a9a4-866802189442low“I have been part robot since May. I’ve learned a lot about how robotic and human co-workers have to adjust to get along in the office of the future while piloting my $2500 Double telepresence robot. Here are my rules of robot human workplace interaction.”

Note: Okay how can you not want to read that? This piece is hilarious. There is a lovely video of etiquette tips. Oh and I just brought up Surrogates because of the whole telepresence thing, not because of the whole malware-murder thing. Also, you have no idea how badly I wanted to embed that video. Alas, WordPress has its limits (or I do).

Advertisements

Debug This!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s