Category: Technology

Google’s new trick: knowing where you parked.

While people worry about privacy doing tricks like this is all about your machines tracking you, and then guessing the meaning of your daily motions through the contextual sense of multiple sensors.

If Google can do this then they can know when you get to your garage, and if there were an interface API for Genie garage door openers… well you get where this is going.

Here’s a fun new trick that Google just patched into Google Now, the company’s card-based personal assistant: it can now keep track of where you parked. While there are plenty of apps out there that can help you remember your parking space, they all require you to open them and save your spot manually. In contrast, Google’s parking tracker will save your parking location automatically. First noticed by Android Police, the new feature is part of Google Search 3.4, which is rolling out to Android devices running 4.1 and above right now.

Google Now automatically detects your parking spot through Android’s Activity Recognition system, a feature Google released at Google I/O 2013. Activity Recognition uses a mashup of GPS, Wi-Fi, cell tower location, compass, accelerometer, gyro, and barometer data to figure out what the user is doing. By using all the sensor data available to a smart phone, Activity Recognition can detect if the user is walking, driving, cycling, or sitting still, and it can trigger apps to do something when a change is detected. If Google Now detects that the user has gone from driving to walking, the car has most likely been parked, and pinging the GPS to save your location would be a good idea. All of this happens silently in the background without the user having to do anything.

More: <a href=”http://arstechnica.com/gadgets/2014/05/google-now-for-android-will-automatically-remember-where-you-parked/”>Google Now for Android Will Automatically Remember Where You Parked</a>

Security Updates

First there’s Microsoft’s new IE vulnerability revealed Saturday:

Late Saturday Microsoft revealed a vulnerability in all versions of Internet Explorer that is being used in “limited, targeted attacks.” They are investigating the vulnerability and exploit and have not yet determined what action they will take in response or when.

All versions of Internet Explorer from 6 through 11 are listed as vulnerable as well as all supported versions of Windows other than Server Core. Windows Server versions on which IE is run in the default Enhanced Security Configuration are not vulnerable unless an affected site is placed in the Internet Explorer Trusted sites zone.

via Microsoft discloses zero day in all versions of Internet Explorer | ZDNet.

Then there’s the new Flash Zero Day exploit:

A day after reports that attackers are exploiting a zero-day vulnerability in Microsoft’s Internet Explorer browser, researchers warned of a separate active campaign that was targeting a critical vulnerability in fully patched versions of Adobe’s ubiquitous Flash media player.
No patch available yet for critical bug affecting all supported versions of IE.
The attacks were hosted on the Syrian Ministry of Justice website at hxxp://jpic.gov.sy and were detected on seven computers located in Syria, leading to theories that the campaign targeted dissidents complaining about the government of President Bashar al-Assad, according to a blog post published Monday by researchers from antivirus provider Kaspersky Lab.

Ars Technica

Finally there’s also this WordPress bug for users of a popular coder plugin:

Alex Mills announced an important security update today for his SyntaxHighlighter Evolved plugin. The 3.1.10 release includes a new version of the SyntaxHighlighter 3.x library to address an XSS security issue.

WP Tavern

Last Week Tonight With John Oliver (HBO): “Oregon Spirit” (Performed By Lisa Loeb)

I’m normally averse to profanity at this website, but in this case the curses and profanity are so richly deserved that I must post it. One other thing: good recovery at the Federal health care site (Healthcare.gov,) I’m glad that they could serve the healthcare sign up needs for Oregonians.

Warning: NSFW

Last Week Tonight With John Oliver (HBO): "Oregon Spirit" (Performed By Lisa Loeb) – YouTube.

More on this IT debacle at Information Week.

Cloud done right

This Google Cloud Data center is a thing of beauty to anyone who has maintained large scale IT infrastructure long term. It’s well constructed, simply laid out, and efficient. The computing power displayed in these fully populated rows of chassis’ used to take a small army of hands-on technicians onsite to maintain and this would suck power that you would not believe and take untold miles of cable. With this layout I imagine things are much simpler and greener.

apgoogle data center
Google Data center, Associated Press Photo

The Price War Over The Cloud Has High Stakes For The Internet : All Tech Considered : NPR by 

It’s a timely topic, since there’s a price war going on as tech titans aim to control the cloud market. Amazon Web Services, an arm of the e-commerce giant, is the reigning king of large-scale cloud services. If you’ve ever watched streaming TV on Netflix, clicked on a Pinterest pin, or listened to music on Spotify, you’ve used Amazon Web Services, or AWS.

“We delivered computing power as if it was a utility,” says Matt Wood, Amazon Web Services’ chief data scientist.

A decade ago, startups and other Internet companies had to set up their own data centers and computing backbones, which meant a serious capital investment up front and fairly fixed computing resources.

via The Price War Over The Cloud Has High Stakes For The Internet : All Tech Considered : NPR.

Future of Technology survey from Pew Research Center’s Internet & American Life Project

A majority of Americans are optimistic about technology’s potential impacts on our future even after the last couple of decades of dystopian future films from Hollywood. Most of them when asked about specifics like personal implants or robots caring for elderly were against those notions of technology.

When asked for their general views on technology’s long-term impact on life in the future, technological optimists outnumber pessimists by two-to-one. Six in ten Americans (59%) feel that technological advancements will lead to a future in which people’s lives are mostly better, while 30% believe that life will be mostly worse.

Demographically, these technological optimists are more likely to be men than women, and more likely to be college graduates than to have not completed college. Indeed, men with a college degree have an especially sunny outlook: 79% of this group expects that technology will have a mostly positive impact on life in the future, while just 14% expects that impact to be mostly negative. Despite having much different rates of technology use and ownership, younger and older Americans are equally positive about the long-term impact of technological change on life in the future.

Read the full survey here Future of Technology – Pew Research Center’s Internet & American Life Project.

Intelligence Gathering and the Unowned Internet – NSA, Berkman Center Panel Discussion

A good discussion on what’s right and what’s wrong with the current NSA rule sets and oversight. It starts dry but gets very interesting, please stick with it to the end.

The long-term viability of an unowned, open Internet remains in question. Any analysis of where the Internet is headed as a protocol and a platform must take into account the activities of both public and private entities that see the Internet as a source of intelligence — and a field of contention. Yochai Benkler, Bruce Schneier, and Jonathan Zittrain of the Berkman Center are joined by John DeLong and Anne Neuberger of the National Security Agency in a conversation moderated by Berkman Faculty Director Terry Fisher on the future of an open internet in the face of challenges to privacy in an unsecure world.
More info on this event here: http://cyber.law.harvard.edu/events/2…

This talk was co-sponsored by: the Berkman Center for Internet & Society, the Harvard Law School American Civil Liberties Union, Harvard Civil Rights-Civil Liberties Law Review, National Security Journal, and National Security and Law Association.

License

Creative Commons Attribution license (reuse allowed)

via Intelligence Gathering and the Unowned Internet – YouTube.

‘Electronic skin’ equipped with memory

This is merely the beginning — nano-technology razor thin wearable and/or implantable sensors coupled with computer on a chips wearing highly accurate medical devices that track everything will become the norm as these devices will become printable or otherwise available for mass production. Forget about those bulky android watches, this is the real future to come.

From : Nature News & Comment
Researchers have created a wearable device that is as thin as a temporary tattoo and can store and transmit data about a person’s movements, receive diagnostic information and release drugs into skin.Similar efforts to develop ‘electronic skin’ abound, but the device is the first that can store information and also deliver medicine — combining patient treatment and monitoring. Its creators, who report their findings today in Nature Nanotechnology1, say that the technology could one day aid patients with movement disorders such as Parkinson’s disease or epilepsy.The researchers constructed the device by layering a package of stretchable nanomaterials — sensors that detect temperature and motion, resistive RAM for data storage, microheaters and drugs — onto a material that mimics the softness and flexibility of the skin. The result was a sticky patch containing a device roughly 4 centimetres long, 2 cm wide and 0.003 millimetres thick, says study co-author Nanshu Lu, a mechanical engineer at the University of Texas in Austin.

via ‘Electronic skin' equipped with memory : Nature News & Comment.

What’s the best encryption method for security?

This question is getting asked a lot, and the answers you see out in the public sphere of the internet range from pathetically underwhelming to just plain wrong in some cases. So this is my attempt to point people in the right directions. When you do see people who know what they are talking about discussing security the talk can turn towards holy wars, philosophical rabbit holes, or just become so overburdened with acronyms that a layman has to give up. So I’m going to point you to some concise and comprehensive web documents to help solve the problem.

Disclaimer: I’m not an authority, nor am I speaking for my employer, or any other group; this is entirely my own humble opinion.

You must use a combination of security protocols, practices, and standards to truly secure your data and network into the next decade. The brute force hacking ability available to individuals has been greatly extended and enhanced the past few years. By strapping together a high-powered computer and some high-powered video cards hackers can have the power of one of yester year’s supercomputers in their hands without spending the equivalent of a small nation’s budget to get there. Everything, including the methods in the links I’m going send you to, is theoretically hackable given enough computing horsepower and time. Your task is to make the time and horsepower curve too steep for hackers anytime in the immediate future and to persistently upgrade as these methods and standards evolve.

The first stop is Cisco and their next generation encryption white paper. Pay attention to the tables in the document first – upgrading to the recommended Next Generation encryption levels is best, but where circumstance, budget, or hardware capacities prevent that you should go to the “acceptable” levels, and if even that’s not possible, then at least try to meet the minimums in appendix A at the bottom and then add some controls to protect or mitigate your weakly encrypted data. Pay the most attention to tables one and two, which are pretty self-explanatory, and please read the caveats in the text, the heavier overhead encryption methods can cause hardware and software processing overload if you don’t engineer to right capacity. Also note that there’s an NSA paper linked if you need to see what’s needed for Government encryption security.

Next stop is the National Institute of Standards & Technology PDF http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf – this document tells you what our best standards body thinks.

The next stop  is W3C – since so much of what we do is web centric, it’s very important to make sure Developers are securing data locally, through web encryption standards, and for cross site vulnerabilities. If you are following modern web standards then you’ll be using a bit of XML to share data & you will find sub links for encrypting XML as well as other protocols, and since it’s important to follow standards to prevent hacking, you should use the W3C validation tools against your pages regularly.

All of this is for naught however if you don’t layer your security – encrypting is just one part of protecting data. You must also consider physical layers, process deterrents, and prevention of social engineering attacks. When all is said and done remember that you must still be able to work – don’t make yourself so secure that you can’t.

Meet Randroid, My Galaxy S4

Normally I don’t say good things about wireless phones because I work in the industry, I read lots of science fiction, and I know what’s possible now – so the typical smart phone underwhelms me more often than not.

Not so the new Androids – I have the Samsung Galaxy S4, and it lives up to my expectations. I use it to track my walks just to start with – not only does it count my steps for my 10k daily goal, it also maps my walks via GPS and measures the miles I’ve hiked. During the walk or just anytime for that matter, I can measure my pulse with the camera. I can also play tunes from it while I walk, but mostly I use my Ipod touch for that — I still have this notion that phone battery needs to be conserved for calling, even though the battery in the S4 holds up fine all day long even with all of the features turned on.

I’m also able to keep all those bar code cards stored in it for grocery check outs, I can use it at near field credit card stations, my library card is also in it, along with my email, my calendar,  and all my social apps. I tapped my wife’s phone to mine to pick up the video she took of Devin, and I can just speak to my phone to command it.

Searching with voice, or typing with voice is also easy, so that feature has come a long way since inception. (I used to work with text to speech and speech to text for Deaf Relay centers – a long time ago the single user version took special hardware from IBM and most of a PC’s horsepower, while the industrial versions used banks of servers with specialized cards for interactive voice response units.)

The browsers, cameras, streaming video, and other features work just fine so I can honestly and wholeheartedly recommend this phone to all my friends – no reservations. I like it so much I had to give it a name … Randroid.

 

 

Post Panamax? What’s that?

IMG_2433-2
The Sanko Royal passes through the narrow Gatun Locks in 2008

Great things are happening all around us, but the average person is not noticing them. How many have heard about the widening of the Panama canal, or the effects that will have on shipping? Slated to complete in 2015 the “Post-Panamax” shipping world will be different, and three US ports are making ready, including the port of Miami.


One of the biggest drills in the world finished drilling the second of two underwater tunnels in Miami. The project aims to boost the city’s seaport, and give Miami an economic lift when the Panama Canal is widened.