Carriers Reject Cellphone Kill Switch

November 19, 2013

Lawmakers in San Fransisco and New York have been working with cell phone manufacturers to include a kill switch on phones that would allow a user to deactivate their cellphone if it was stolen. However, the carriers have rejected the idea.  With cellphone thefts on the rise and people actually getting killed for their phones, it seems like a reasonable request.  If the cell phone was deactivated when stolen, the thief would not be able to sell it.  This would stop future thefts.  The kill switch would require collaboration between the cellphone manufacturers and carriers, but the carries are not on board.

The carriers are claiming the kill switch is not the answer because if a hacker took control of the phone, they could deactivate it, including phones belonging to law enforcement.  They also said that if the deactivated phone was later retrieved by the customer, it would be unusable.  However, that seems like little more than a weak excuse as Apple has the new feature, Activation Lock, that allows users to disable a phone if lost or stolen and reactivate with their username and password if the phone is retrieved.

The wireless carriers have worked with law enforcement in the past in response to the growing number of cellphone thefts by creating a database of cellphones reported stolen so they could be deactivated.  Although it is contended that this database does not work because most of the stolen cellphones end up over seas where the blacklist has not meaning.  Lawmakers have contended that carriers are not on board for the kill switch because it may decrease their earnings from cell phone insurance.

This was interesting.  I had heard about the increase in cellphone thefts in the past, but did not really think much of it.  I guess I do not live in an area where I have to worry about it as much.  How interesting that the theft of Apple devices is called “Apple Picking” by law enforcement.  I can see why Apple would want to create a feature that would help deter the theft of their devices.  I would think it is bad publicity to have your consumers getting robbed and killed for your product.  It would seem that cellphone carriers do not feel the same.  It really is a shame that carriers would put the profits from insurance before the lives of their customers.  It actually does not surprise me that Apple would create a kill switch before anyone else.  They kind of do their own thing, only letting certain retailers sell their products and stuff.  It makes me glad I am team Apple.  Eventually, all cell phones will include a kill switch, they will get bad publicity if they won’t do it.  It is just a matter of time.

I also just realized that this article included security features for iPhone and the other article I blogged about tonight was about Google cookies.  The first two postings I did on the first week were about iPhone anti-theft features and Google cookies.  It looks like my blog has come full circle for my last posting.  Hope you enjoyed my blog.

Google to Pay $17 Million for Secretly Following You

November 19, 2013

Google is to pay $17 million to settle charges that it secretly tracked consumers’ activities after it had promised it did not.  The Attorney Generals of 28 states brought a suit against Google for violating state consumer protection laws and computer privacy laws when it followed users of Apple’s Safari.  Google had said that users of Safari could block Google from installing cookies on their web browsers via Safari’s privacy settings.  However, a story from last year in the Wall Street Journal showed that Google could, and often did, go around these privacy settings and install cookies on the Safari browser and then DoubleClick, Google’s ad-tracker company, could track them from website to website.  

This was not the first time that Google had to pay for violating Safari users’ rights.  Last year, Google had to pay $22.5 million on similar charges that they bypassed Safari’s privacy settings to track users.  

Of course Google would track people if they could get away with it.  So they had to pay a small amount of the revenue they make in a year’s time for getting caught, a year’s revenue for Google is $50 billion.  It is a small fine to them to have to pay a few million.  I am sure they just consider it the cost of operating.  Nothing is private on the web, even when you think it is.  If it’s not the NSA spying on us, it’s Google , if it’s not Google, it’s someone else.  I find it more disturbing the charges against Google for the illegal wiretapping they are facing in Federal Court.  That a company as big as Google would sit in a vehicle and secretly gather information from someone’s computer via Wi-Fi is almost unbelievable.  That is something hackers do to steal your information, and really speaks volumes of Google’s character.  You have to be careful when you surf the web or use your computer in public, you never know who could be gathering your information.

http://www.huffingtonpost.com/2013/11/18/google-safari-privacy_n_4296867.html?utm_hp_ref=technology

The Snowden Effect

November 13, 2013

The results of a Harris Poll, released today, show that 4 out of 5 people have changed their privacy setting on their social media accounts.  This is proof that younger people do care about privacy.  Of the 2,089 people interviewed, 40 % said they changed their privacy settings in the last 3 months and 53% in the last 6 months.  The younger groups were the largest groups to report changing their settings.  

The elevated awareness of cyber security may be the result of the documents Edward Snowden released that show the government, specifically the NSA, collecting data and monitoring phone calls from average Americans.  This has brought a lot of attention to the business practices of companies like Google and Facebook that treat their user’s privacy as a free, profit-making resource.  More and more people are paying attention to the privacy settings in their social media accounts and what they put on the web.  

I am not sure if it was all the talk of government spying or a certain class I am currently taking, but I have noticed I pay attention to security more than I did before.  I was never one to put a lot out there about myself on social media, but I have really been watching what I do on the web and what could be a possible security threat.  Edward Snowden took a big risk to do what he did and I think it’s a good thing that it has raised a lot of awareness about privacy on the web.  Maybe it can help save some people from becoming the victims of hackers or even just prevent some high school student from ruining their future by posting damaging pictures to Facebook.  If nothing else, Snowden got people talking and thinking about privacy and how important it really is.  

http://www.usatoday.com/story/cybertruth/2013/11/13/snowden-effect-young-people-now-care-about-privacy/3517919/

App to Test Broadband Speed

November 10, 2013

The Federal Communications Commission is expected to hear a presentation this week on a speed test app for Android. This app will record smartphone users’ data speed for the commission to analyze.  This data could help consumers determine whether they are getting the mobile data speeds that they are paying for from their cell phone providers. This app is currently only available for Android, but the FCC said that it is working on a version for iPhone, Blackberry, and Windows phones.  The 4 major US wireless carriers have agreed to cooperate with the app.  

The new FCC chairman, Tom Wheeler, is a former telecommunications lobbyist.  He believes that there should be market competition as opposed to market regulation.  This app will allow consumers to evaluate their service and go elsewhere if that service is not as good as stated.  

I found this to be interesting.  I did not really think about it before, but there is really no way to measure how good your cell phone service is.  I have had a few cell phone companies in the past, and there is not a lot of difference, that I can see.  How can a consumer make an informed decision if they are not able to see how good the service is?  You can guess and say that it seems like I get better service and my downloads are an ok speed, but it is not really something you can realistically evaluate.  Maybe this app and the FCC will help to push the cell phone providers to improve their service if there truly is a measurement of how good the service is.  It may also bring down prices.  Right now you just see the 4 major companies’ commercials stating that they have the best service, but how can you really know?  If there was a way to actually tell how good the service is, you would know which company to go to.  You would also know if you are not getting the service you are paying for, which I have the feeling happens a lot.  It will be interesting to see the effects this app may have on the market in the future.  

http://news.cnet.com/8301-1035_3-57611680-94/fcc-app-taps-masses-for-mobile-broadband-speed-research/

Pre-Loaded Apps cause Security Risks to Android Phones

November 6, 2013

It turns out that the apps downloaded from Google Play aren’t the only apps you need to worry about.  New research shows that the biggest security weaknesses in most Android smartphones are the apps that come pre-installed on the device.  The research, performed at NC State, said 60% of all vulnerabilities they found on popular Android devices were due to the apps the manufactures customize and package with the device.  Even newer models aren’t completely secure, researchers stated.

The team of researchers studied older 2.X models and newer 4.X models from Samsung, HTC, LG, Sony, and Google, specifically:  Samsung Galaxy S2 and S3, HTC Wildfire S and One X, the LG Optimus P350 and Optimus P880, Sony Xperia Arc S and Xperia SL, and the Google Nexus S and Nexus 4.  Of the apps downloaded on these phones, 80% were preloaded and customized by the smartphone manufacturers and all 10 devices were vulnerable due to these preloaded apps.

The reason for most of these vulnerabilities was because 85% of these apps have too many privileges, due to vendor customization.  The apps have permission to send SMS messages, record audio, or make phone calls without user permission.  The Android 2.X versions contained an average of 22.4 vulnerabilities and the newer 4.X versions contained an average of 18.4 vulnerabilities.  Newer versions are not always more secure, the operating systems may be upgraded and fix the vulnerabilities from the older devices, but vendor customizations only create more vulnerabilities in the newer phones.  Of the 4.X phones studied, the Google Nexus 4 did the best with just 3 total vulnerabilities and the Galaxy S3 fared the worst with a total of 40 bugs.

I hate these preloaded apps.  They are so annoying and get in the way.  They take up memory on your phone and they try and jump in when you are trying to do something, even when you do not use them.  The worst part is, you can’t get them off your phone unless you go through the process of jailbreaking or rooting your phone, voiding your warranty and making it so you can not download any updates.  Then you see this research that says these annoying apps are actually the cause of the majority of the vulnerabilities on your phone.  What is the point of these apps?  If we want an app that is not on our phone, we can just download them, why do phone companies have to install these permanent programs on your phone.  Maybe if they cause enough of a problem, companies will stop forcing these apps annoying and vulnerable apps on us.

http://www.darkreading.com/vulnerability/custom-features-incur-security-flaws-in/240163598

 

Apple Gives Details on Government Requests

November 5, 2013

For the first time since the huge controversy over the intrusion and collection of personal information by the government, Apple publicly disclosed the number of information requests it received from governments around the world.  Apple is the last big technology company to disclose this information publicly.  Microsoft, Google, Facebook, and others have already made this information available to the public.

Apple stated that it received between 1,000 to 2,000 account information requests from U.S. Law Enforcement bodies that affected between 2,000 and 3,000 Apple accounts.  Apple stated they disclosed data on 0 to 1,000 accounts.  By law, companies are only allowed to report these numbers in increments of 1,000 and they must combine law enforcement and national security requests.  This makes it impossible to know exactly how many requests have been made and how many were made by the NSA.

Microsoft, Google, and other tech companies are challenging the U.S. Department of Justice’s stance on restricting the disclosure of survalance court orders.  Apple said they filed a letter with the Foreign Intelligence Surveillance Court supporting a group of cases that wants greater transparency.  Tech companies have been trying to at least look like they are pushing for greater transparency in their dealings with U.S. Intelligence Agencies since the Edward Snowden documents were released that suggested the NSA has direct access to servers that contain customer data.

I can understand that if the government needs to collect sensitive and important information from tech companies, that it would need to have some protection.  Information is most valuable when the other side does not know you have that information.  I have looked into the Edward Snowden documents and what information was being collected, although not in depth.  If it is true that the NSA had complete access to Apple’s servers and its customer’s private information, they went too far.  The restrictions on disclosure only help to disguise the depth of the invasion of privacy by the NSA.  There is nothing that we will be able to do about this, the government will never lift the restrictions and will never come out and fully disclose how far they actually went.  After 911, we gave the government an immense amount of power in the name of fighting terrorism and it will be nearly impossible to take that power back.  That is just something we must live with.

I was a little perturbed at Apple when I heard the government had complete access to their servers.  It felt to me like Apple allowed the NSA to have whatever information they wanted.  I was still irritated last week when I wrote the blog about Apple coming out with the OS X Mavericks upgrade that blocked one of the ways the NSA exploited information from users.  Especially when they gave this new upgrade away for free, the first time making an OS X upgrade free, without explaining why. I felt like they were hiding their complicity in divulging customer data to the government.  When I read this article, it made me think about the position that Apple, and all the tech companies, are in.  They have no choice if the NSA tells them to give them information, they have to do it.  I guess they could fight it in court, but ultimately, the NSA would just state national security concerns and they would get what they want.  I am also sure that Apple, or any other company, would not want anyone else to access their servers.  Apple was simply trying to save a little face when they made the update that corrected a hole in the OS X security and gave it away for free.  This article made me realize that the tech companies are most likely as much victims of the government spying as anyone else.

http://www.reuters.com/article/2013/11/05/us-apple-security-report-idUSBRE9A41BT20131105

FFA to Allow the Use of Electronics the Entire Flight

October 31, 2013

The FAA, The Federal Aviation Administration, announced today that is will allow the use of electronics, including smartphones, tables, computers, and other devices, to be used at all stages of a flight.  Passengers will now be able to watch videos, read e-books, or play games during the entire flight.

Previously, passengers had to turn off all electronic devices before the plan could take off.  They  were only allowed to be turned on when the plane was above 10,000 feet.  When the plane descended below 10, 000 feet again, the electronic devices had to be turned off.  Travelers have been complaining about this for years.  In response to the numerous complaints, the FAA will allow flyers to use their devices at all stages of the flight, on qualified airlines.  The FAA has asked all airlines to test its planes tolerance to the radio waves of the electronics as the planes take off or land.  Many people have argued that the radio waves from an electronic device could hardly effect a big passenger jet’s electronic systems.  

There will be a few exceptions to the relaxing of the rule.  Electronics must be placed in the seat back pocket prior to take off and when landing.  Cell phone calls while in the air will still be prohibited.  Also, if the plane offers Wi-Fi, passengers will be prohibited from connecting to the internet under 10,000 feet.

I find this very interesting.  I never knew the reason why electronics were banned on planes during takeoff or landing.  I actually wondered about this the few times that I flew.  I thought it might have something to do with terrorism.  I am among the 30% of passengers that did not remember to turn off the cell phone.  I am also among those people that think it is nonsensical to think a personal electronic would have any effect on a jet engine.  Maybe all of the electronics together would have some effect, who knows.  However, I will say that when it comes to being over 10,000 feet in the air, I would rather ere on the side of caution and not use my electronics if there is even a small chance of the engines being effected.  I can imagine the complaints the FAA received from the electronic ban.  It is not even like passengers can not use them at all, just not in the few minutes it takes to take off or land.  But in the world we live in today, where people are so glued to their phones and other devices, I can see them making such a big deal over this that the FAA would put safety second.  I think I may not fly for a while until I am pretty sure that the plane is not going to go down because of some radio wave from someone’s iPad or cell phone.

http://www.huffingtonpost.com/2013/10/31/electronics-on-airplanes_n_4181355.html?utm_hp_ref=technology