The New Tech Order (NTO)

There has been some growing speculation as to whether the NSA was aware of the Heartbleed vulnerability in advance. The story was raised and reported by Bloomberg, denied in the New York Times, and then sort of questioned again by the New York Times.

But the thing that strikes me the most is a quote from former NSA Head Michael Hayden who is on record as saying:

Some vulnerabilities are such that they marginally (but importantly) weaken a system but exploitation still depended on skills, systems and technologies that few, if any, can match.  If the judgment is what is called NOBUS (nobody but us could do this), the risk management decision is pretty easy.  Of course, that judgment could change over time and still requires continuous due diligence. (Security Current)

Given the ramifications that Heartbleed could potentially have on the fundamental infrastructure of the Internet, if the NSA was involved I think there needs to be some holding of account.

Google Art Project

Launched recently with next to no publicity is Google’s interesting new application of the technology perfected with Google Street View call the Google Art Project (http://www.googleartproject.com/).

Instead of driving down your street taking photographs, Google have removed the Street View rig off the van (hopefully!) and gone into a number of world renowned art galleries.

The concepts is the same as Street View, only applied to the gallery and the art displayed within. The site will give you the opportunity to take a tour around the selected art gallery in the same way you could tour around a select street.

As I said, this has been fairly under reported in general and the news that you can find on the site seems to be a little picky about the implementation and the concept in general (see Google Art Project is underwhelming, Google Art Project is second rate and Is the Google Art Project the best thing since real eyes: Critics respond). Also let’s not forget that in this day and age there is little that is genuinely new; Synethescape have also come up with a similar and very functional concept themselves.

But when all is said and done, I think there are two things that should be noted about this project. Firstly, art should be for everyone and not just those in close proximity to it. This isn’t a replacement for a trip to an art gallery by any means, but makes far away galleries and artwork more accessible to anyone with a computer or a local Internet cafe. Also, like most Google project I would expect that this takes a similar “beta” approach. Try it out, throw it to the public and see what works. It has served them well so far (minus a few exceptions…. Wave does come to mind!)

Secondly, and I think more importantly this demonstrates a potentially lucrative commercialisation of the Street View technology. Taking the camera off the street and into a building can provide a number of opportunities for business of all kinds. Imagine being able to virtually enter the world’s biggest and most famous stores from the comfort of your own keyboard. Being able to buy “off the rack” from Harrods or London, or Bloomingdale’s of New York. Being able to click on a store item and then be redirected to an online shopping portal to purchase the product that you just virtually selected.

I don’t think we are there yet, but I do believe it presents and interesting amount of scope for the future of the online shopping experience. As altruistic as the Art Project may be, remember Google likes making money too!

At first glance this could be some talented computer animators take on Google. However, when you add the fact that it was a paid commercial shown in Times Sqaure on the Jumbotron it takes on a bit of a new meaning.

Essentially this is a fight between a privacy advocate group and Google (who appear to have snubbed them at their own peril) over liberties taken with the use of user (i.e. most of the Internet) personal information.

While I think their intentions may be noble, I think they are fighting a battle that has been fought, lost and celebrated by the victor over a few generations! If you wanted privacy on the Internet, around 1995 was the time to put these mechanisms in place.

Two refuges exist for the true privacy seeker:

1. Stay offline
2. Get to know Tor, BetterPrivacy for FireFox and PGP

(Oh, and slight irony alert. I wonder how much YouTube found out about you and your viewing preferences while watching this video?)

Someone in the US Cyber Command HQ at Ft Meade has a slight sense of humour. Check out their logo

US Cyber Command

Can you spot the hidden message (hint….you may need to click on the image to enlarge it)?

I will reveal it only because anyone with the ability to Google will no doubt be able to get the answer. Look at the text around the inner circle of the logo. You will see the following numbers and letters:

9ec4c12949a4f31474f299058ce2b22a

What does it all mean? Try running the string through a md5 decoding utility like the one located here and see what you get.

Listen…….can you hear the sound of Dan Brown working on his new novel as we speak?

It would seem that Apple have now gone into damage control with the Antennagate problem touched upon in the last New Tech Order post. It appears that Apple have announced that they will be providing free bumper cases to disgruntled iPhone 4 owners or providing refunds for those who have already purchased one.

Too little too late? Hard to say at this point, at least it seems that Apple PR are starting along the right track. However, will this be the advantage need for those nipping at Apples heels to take?

And on the topic of Apple troubles, it would seem that my upgrade to iOS 4.0 and the subsequent 4.0.1 seems to have been a lucky one. Widespread reports are filtering through of massive performance issues post upgrades for iPhone 3G and 3GS users! Lucky me…I guess.

I love reading some of the public service type publications from 1950’s America….they just stand the test of time so well! A good example is the following little gem from archive.org entitled Atomic Bombing. How to protect yourself.

This is a book covering in excruciating and graphic detail (I really can’t think of anything else that you might want to know) what to do in the event of an A-bomb attack. It even comes with lots of illustrations to make it an easy read for the kiddies (I guess? Must have been some really traumatised kids in the 50’s).

It is a fairly large file (about 25 MB PDF) and it isn’t on the greatest of servers, but worth it for historical-humour value alone.

There are many choice amusing segments which I will let you discover on your own, however this is one of my favourites so far. Important information to help make your home safer!

HOW TO MAKE YOUR HOME SAFER
There are a number of things you can do to make your own home safer. Few will go to the extreme of building a two-foot-thick, reinforced-concrete wall around the house, although this would provide almost complete protection. But you can remove overhanging cornices, heavy indoor light fixtures which might fall, false ceilings and the like. Light, combustile curtains and draperies are a serious fire hazard at your windows. Such ornamental fabrics should be fireproof — or removed completely.

If you home is within three miles of a possible A-bomb target and you have a picture window in the living room, you  might substitute plastic for plate glass. Wired glass would also make your windows safer…

EDIT: 13/2/2011, It would seem the server this document was hosted on finally gave up the ghost. The link is dead, but the original document can be found here for your reading pleasure.

First up let me say; I own an iPhone, I like the iPhone and will probably use one until a smart phone alternative appears that has the application eco-system developed to a level I am comfortable. I generally fall into the category of smart phone users who use their device as a phone and portable ultra-mini computer.

Now that said, I do have concerns about the security of the device and the way it is slowly creeping into the corporate arena. The the following link from www.h-online as an example; Vulnerability in iPhone data encryption.

I will let you read the page for yourself, but in brief bypassing iPhone encryption can be as easy as turning it on! Add this to the amount of personal information that can be stored in 8 GB or more, and I would really recommend changing every password you have if your phone gets stolen, lost or even out of your possession for a matter of minutes.

Coming soon: iPhone in-Security Part #2: adventures with iPhone data theft

Reviewing patents is really seeing the ideas before they even become ideas. More of a pre-idea really. A good case in point is the following:

Odd LCD Screen Patent from Nikon

This is the subject of a patent recently filed by Nikon for products yet unknown. The full details are available from the patent itself or at least a shortened version from Nikon Rumours.

Watch this space I guess?

Opera Mini's Dirty Little Security Secret

The recent release of Opera Mini for the iPhone has seen it shot straight to the top of the Free Apps charts. This in general is good. The Safari iPhone browser is a little lacking in feature and competition is always generally good in such a regimented environment.

Now here comes the but. One thing that isn’t widely known by the majority of the consumer market (I am excluding those with some technical knowledge here) is how Opera Mini works and the ramifications on visit any secure site such as online banking (which should be noted a few banks are now offering mobile device friendly websites and I am sure more to follow).

One of the big selling points is the speed that Opera Mini achieves. Unfortunately it achieves this via proxying all content, compressing it for mobile platform delivery and then passing it on. On the average website this isn’t such a huge problem, however on a secure site such as a banking website, this will expose your details to the servers that are acting as the proxy.

On the whole this itself may not even be a problem, I am certain that Opera have security around this infrastructure to prevent disclosure of information. However I think this does raise a few general questions:

• How about full disclosure to your customer’s Opera? Yes, this information is available, but to the general punter downloading Apps via the App Store
• I trust the people employed by services that offer secure connections such as banks. Granted this isn’t iron clad but on the whole any business (such as a bank) that relies on a secure connection for its business will makes efforts to ensure that security is maintained. Opera isn’t in this business and as such don’t really have a stake in protecting your information

Am I saying not to use Opera? No, it is a viable option as a web browser. All I want to point out here is that you need to be aware exactly what is happening to your information and the fact that Opera should be making this fact a little more accessible to the average user

Calling a tech support radio show…..an interesting action in response to losing your stolen WiFi access.

Leo does take it in his stride however.