It is not the dream, not this time. I was persecuted by a Construction AI with diminishing reality capacity, but in the humour side there were a few criminals trying to get away with a golden car (like Goldfinger) and they got in the middle, so there. No, today is about Ransomware. Reuters gives us ‘Ransomware breach at Florida IT firm hits 200 businesses’ (at https://www.reuters.com/technology/200-businesses-hit-by-ransomware-following-incident-us-it-firm-huntress-labs-2021-07-02/). Like the solarwinds issue we see “The attackers changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses. They then encrypted the files of those providers’ customers simultaneously” and no one, most visibly the media is asking the questions that needs asking. The Microsoft Exchange issue, the Solarwinds issue, now Kaseya. We understand that things go wrong, but as I see it the hackers (read: optionally organised crime) have a much better understanding of matters than the lawmakers and police do, we see this with “encrypted the files of those providers’ customers simultaneously” and that is before we consider that ‘an American software company that develops software for managing networks, systems, and information technology infrastructure’ has the kind of security that can be trespassed upon. And why do I think this? It is seen “The attackers changed a Kaseya tool called VSA, used by companies that manage technology at smaller businesses” and contemplate the issue that this had been happening for the last 5 months. A lack of larger systems as well, and all this continues as the law is close to clueless on how to proceed on this. We see statements like “In their advisory and further incident communications, Kaseya said that only a few out of their 36 000 customers were affected”, yet CNet gives us “REvil, the Russia-linked hacking group behind the attack on meat processor JBS, is linked to the Kaseya attack, The Wall Street Journal reported. Security firms Huntress Labs and Sophos Labs have likewise pointed to REvil”, which gives the law the problem that a member must be a proven member of REvil and that is largely not the case, moreover they have no clue how many members are involved. When one player gives us “We are in the process of formulating a staged return to service of our SaaS server farms with restricted functionality and a higher security posture (estimated in the next 24-48 hours but that is subject to change) on a geographic basis”, all whilst one of the victims is the largest grocery store in Sweden (COOP), the setting of “only a few out of their 36 000 customers” becomes debatable and it will affect the retail stage to a much larger degree, especially when you consider that they are cloud based. I stated in the past (based on data seen) that 90% of the cloud can be transgressed upon. And they are all servicing the larger stage of people dealing with IT requirements on a global scale. Now consider that cloud systems remain largely insecure and beyond the fact that ITWire was giving us “SolarWinds FTP credentials were leaking on GitHub in November 2019” and it was a direct results from someone who thought that ‘solarwinds123’ was a good idea. Oh, I remember a situation involving Sony and stated that there might be an issue that someone (I implied the Pentagon) had a router with password ‘cisco123’, I did that in ‘The Scott Pilgrim of Technology’ (at https://lawlordtobe.com/2019/05/23/the-scott-pilgrim-of-technology/) in MAY 2019, and did anyone learn anything yet? It is now 2 years later and still we see these levels of transgressions? Some might say that IT firms are helping REvil get essential revenues, some might say that these IT firms got themselves in this mess. So when we look at some firms relying on ‘Five years of experience for an entry-level job’, or perhaps “Any of the following will be grounds for immediate dismissal during the probationary period: coming in late or leaving early without prior permission; being unavailable at night or on the weekends; failing to meet any goals; giving unsolicited advice about how to run things; taking personal phone calls during work hours; gossiping; misusing company property, including surfing the internet while at work; submission of poorly written materials; creating an atmosphere of complaint or argument; failing to respond to emails in a timely way; not showing an interest in other aspects of publishing beyond editorial; making repeated mistakes; violating company policies. DO NOT APPLY if you have a work history containing any of the above” (source: Forbes). All this in a stage of age discrimination and narrow minded thinking of HR departments. Yes that is the dynamic stage of people that have bad passwords and a stage of transgressions. So whilst we might think it is a stage of ‘Your data or your life’, there is a larger stage where the law has a bigger issue, it has the issue of IT firms cutting cost and having a blasé approach to the safety of their systems, and more important their customers. And whilst ABC New York gives us “The number of victims here is already over a thousand and will likely reach into the tens of thousands,” said cybersecurity expert Dmitri Alperovitch of the Silverado Policy Accelerator think tank. “No other ransomware campaign comes even close in terms of impact” (at https://abc7ny.com/amp/ransomware-attack-4th-of-july-cyberattack-kaseya/10859014/) we see a first stage where the statement ‘only a few out of their 36 000 customers were affected’ is as I personally see it marketing driven panic. And that is a much larger case. I get that the firm hit does not want too much out in the open, but between a few, 2% and optionally a stage that could go beyond 27% is a setting too many are unable and too uneasy to consider. And when we see that 27%, do I still sound too ‘doomsday’ when I state that there is a much larger problem? And when we see the media go with ‘MSPs on alert after Kaseya VSA supply chain ransomware attack’, all whilst I stated a few issues well over 2 years ago, they should have been on the ball already. I am not blaming the MSP’s, but I do have questions on how their systems are so automated that an attack of this kind (the stated 1000+ customers hit) all whilst some sources state 50 MSP’s, there is a stage where triggers would have been there and the alarms were set to silent because some people might have thought that there were too many false alarms. This is a different stage to the larger playing field, yet I believe it needs to be looked at, especially when the damage can be so large. I am not certain what work lies ahead of the hit customers like COOP that had to close down 800 supermarkets, but in all this something will have to give.
Tag Archives: CNET
The slammer got slammed
There is nothing so rewarding as the moment you realise that you get to slam the door on those slamming the door on you. It is an innate feeling that is in the core of all of us. It is more powerful than getting the drop on your boss or CEO with an overwhelming amount of narcissism and the overbearing feeling towards the need of being some dominant / dominatrix figure (at that point they become merely a figurine).
I made several references over the course of 2018 that this was coming, the stronger one in May 2018 (at https://lawlordtobe.com/2018/05/05/milestones/) where I made the reference: “the EU was never about everyone agreeing on everything and the economic setting that requires that to happen at present is also making the dangers of waves that sinks the barge called EU. Now, that seems like an exaggeration, but when you realise that the German anchor is the only one giving stability, you can see the dangers the EU faces and more important, the dangers of no reserves and an utter lack to keep proper budgets in place, a setting now in more danger for the reasons that I gave supported by the economic views of many others. I believe some are downplaying the impact, yet when we realise that EVERY European Union government is downplaying the economic impact (as every nation always wants to look as good as possible, which is a PowerPoint setting of the human ago) we get a much more dangerous setting“. The article ‘Milestones‘ has more, it also has references to the AfD (Alternative for Germany), and even as we see in the Financial Times (at https://www.ft.com/content/d695fff8-b838-11e9-96bd-8e884d3ea203) “It is a happy hunting-ground for the AfD: if polls are accurate, it could emerge as the most popular party in regional elections on September 1, even beating the left-of-centre Social Democrats which have governed this corner of East Germany since reunification in 1990. Two other eastern regions, Saxony and Thuringia, are also choosing new parliaments this autumn and, as in Brandenburg, the AfD is set to make big gains. That is a major problem for the eastern political elite“, I believe that this powerful eastern political elite is part of causing the headline ‘Germany: AfD surge threatened by party disunity‘, they are that scared at present. The gains cannot be stopped not to the degree some elitists are vouching for; the best that they can hope for is derailing them from becoming the majority, which is actually a political war that is allowed. The question becomes will it work?
We are 2-3 weeks away from finding out.
CNN gave us less than 2 days ago: ‘5 of the world’s biggest economies are at risk of recession‘ (at https://edition.cnn.com/2019/08/14/economy/recession-risk-economies/index.html), it is a huge part because the impact matters. Under Mario Draghi and his bond buying program, there are no reserves left, so the impact towards recession is about to get real. The shift in quality of life makes the consumer spending tactic an instant non option.
Yet, it all comes down to the Washington Post who (at https://www.washingtonpost.com/business/2019/08/14/stocks-tank-another-recession-warning-surfaces) gives us: ‘Stocks losses deepen as a key recession warning surfaces‘. It is here that we get: “after a reliable predictor of looming recessions flashed for the first time since the run-up to the 2008 financial crisis. The Dow Jones industrial average fell 800 points, or about 3 percent, and has lost close to 7 percent over the past three weeks. Two of the world’s largest economies, Germany and the United Kingdom, appear to be contracting even as the latter forges ahead with plans to leave the European Union. Growth also has slowed in China, which is in a bitter trade feud with the United States. Meanwhile, Argentina’s stock market fell nearly 50 percent earlier this week after its incumbent president was defeated by a left-wing opponent“. First of all, ‘reliable predictor‘ is not the term I would use, the dangers were clear for well over a year, it was the wrong stage of a trade war, with the Huawei 5G setting that pushed the inevitable date forward by a lot. The entire Huawei stage was a stage of stupidity, and a more dangerous post-recession part than anyone was willing to consider. We might find clarity in the footnote: “But with so many losing confidence in the near-term prospects of the economy and rushing to buy longer-term bonds, the U.S. government now is paying more to attract buyers to its 2-year bond than its 10-year note“, is looking in the wrong direction. It is merely a small symptom at present and direct consequence on risk and not the one that bites. The US is losing its footing on the global mobile market faster and faster. And even as we accept the ‘marketing’ that Huawei gives via Cnet towards 6G, the direct truth is outstanding for a longer time. It links to my own IP that is currently available to Huawei and I want my share of that market, I believe that my part after the fact will be enough to truly make me independent on several fronts. One party found my claim a $ billion market through the investment on $25m post taxation too good to be true, but it is the second wave that takes care of my needs and you gotta give a little to get a little. It is was the ‘denied’ parts of Credit Agricole and the Paris games of 2024 that gave me the final straw I needed to see that I was right all along. In all this verification that I was correct was always the biggest issue for me to deal with, and the recession is making those big business daddies of greed close to desperate, giving me a small push forward. Those people are not willing to walk away from a one billion market at the investment of 2.5%, no bank has ever offered those margins and with the Credit Agricole parts exposed to the smallest extent, I know it will work. It is there that I saw that the IP I designed was never considered by either Google or Huawei, all set to iterative paths to innovation, and the economy shows that nearly all of the other players were looking at the next quarter, whilst the quarter+3 was the game changer. The Olympics gave the option to look at inverted innovation and make it a new innovation, Paris was not the first, but certainly the clearest indicator and whilst we see through Channel News “Huawei Technologies has joined 564 other entities in the Paris Call“, the message is not that there are 565 players, it is that they are all looking in a similar direction whilst the none excavated the gold mine that was right behind them, a first lesson that the classics can inspire towards a new direction. Now that I see their direction I found two other fields that had not been considered to the degree it needed. Saudi Arabia is giving us Neom City, but there is a lack in one direction and now that this can be exploited we see even more options. You only had to be willing to get your hands dirty in the most literal of ways. And all this is pushed even more through the impact of the European economy. A French invention gets a new life after almost 2 centuries and we can see that there is more to be found.
Sergey Brin on Sat. morning
It is what else Harmony OS can do that will push the benefits away from the US and it will hurt Google to the smallest degree (almost inevitable), Google is just too big, but now that the equation changes, it is Google who will be chasing Huawei, so well done Trump dude, you merely made everything worse for America and I will sell to the quickest bidder and the 2.5% approach gives me the edge; the two known entities Ren Zhengfei and Papa Smurf Sergey Brin can make the investment from the small change they have in their pockets and the bait would be just too appealing for them.
Al this was confirmed and accentuated through the US Senate with: “In February, the US Senate Commerce Committee held a hearing titled “Winning the Race to 5G and the Era of Technology Innovation in the United States”, to discuss what policies are required to accelerate the deployment of 5G to keep America “competitive on the international stage”” and whilst we accept the American point of view, they forgot about two elements in the 5G field and the upper echelons of decision makers showed at that point that they were working in a dimmed room without lights, giving additional evidence that they never saw the writing on the wall and now I get to make a new voice and whilst I only am willing to trust Google or Huawei in all this, there can only be one winner and the others are merely a chaser at best, it is the price of iteration over innovation. Even as Microsoft and IBM are in denial of what they are about to lose, they do know and accept their choice. Microsoft is banking on Azure and there the hindrance of Harmony will cause a void, they were ready for Android, yet HarmonyOS is another matter and China is seeing that as another opportunity. It is there where we see the talks of Huawei with the Shanghai Blue Cloud Technology taking an additional turn, and how many players in the Paris games are banking on Azure? How many lose out when they are not ready for the 5G version 2 under HarmonyOS, it will work with Android and Azure, but suddenly we will see some accidental 10% gap (latency) and that is how the game was played and all this before my elements come into play, and they will!
The big business slammers all relying on PowerPoint presentation they are given the elements and when we see the 2023 acceleration and people cannot answer the differences because they never considered looking behind them as well as looking at the corners of their eyes, the blind corners they ignored; now they no longer have one blind spot, they suddenly have three and we get all kinds of concept promises in presentation form, all whilst the data was never that unclear from the very beginning. An issue they claimed that it was being looked at.
So here I am, having to take their shit with the option to sit at the sidelines watching them fight over options because they anticipated without comprehension, sometimes the universe gets to be nice and smile at those having to take their shit. A direct zero day exploit of the applied intent of narcissism on how good a presentation looks, whilst their data never clearly supported it.
My case of exceeding expectations towards customer satisfaction trumped some short sighted ‘Ca$h is king‘ setting, because it works at the grocer, but that part has no bearing when their minimum needs exceed he budget of 80%, it was a simple equation from the very beginning. So when we are now considering the new ‘truth’ where the Washington Post gives us less than an hour ago: ‘Weak global growth likely to mean US slowdown, not recession‘, we merely see wishful thinking in the quote “Yet most analysts expect the U.S. economy to power through the rough patch, at least in the coming months, on the strength of solid consumer spending and a resilient job market. The U.S. stock market plummeted earlier this week when the bond market, spooked by the global turmoil, sent a possible early warning sign of a recession ahead: The yield on the benchmark 10-year Treasury note slipped briefly below 2-year Treasury yields“, the article (at https://www.washingtonpost.com/business/weak-global-growth-likely-to-mean-us-slowdown-not-recession/2019/08/15/1cb8d81a-bfba-11e9-a8b0-7ed8a0d5dc5d_story.html),all whilst we see the clarity of next quarter believes linked to the next Thanksgiving and Christmas, all whilst it is Q2 2020 that makes the tequila slammer which gives the drinker the sledgehammer headache stated it was one that they never saw coming. The entire trade war is taking a new turn and when the people realise on all that the US is missing out on and therefor anyone taking that path will also learn that there is a long term price to pay and it is the markets that Google and Huawei are now staging for that brings the next stage. China has too much to gain, whilst Google will try to retain losses that they will optionally get (reduced growth is clearly a loss). Even as the impact for Google is small, losing one percent is still big news and there one percent adds to a billion plus, whilst their risk to hedge will cost them a mere 1.8% of the optional loss, it is a non-issue.
Guarantee?
There is none, but the option of a new 2% market is worth so much more than that, and it is not open to the iterative industries, innovators only, because it will be about the momentum and there is too much to gain. Consider what the 565 are looking at, whilst I focused on the group that represents up to 445,000,000 SME companies in a new 5G setting. The Olympics are merely the icing on the cake. 2020 Tokyo opens the doors more clearly but the impact is abundantly seen in Qatar 20222 and Paris 2024. And at present I see that they never looked in the places where they could be, merely where they want to be.
In the end it is one of Warren Buffett’s quotes that got me there: “the great moves are usually greeted by yawns“, thanks Warren; you were absolutely right on that part!
Exploitation by the numbers
Yes, the BBC had the right idea when they gave us: ‘Bianca Devins: The teenager whose murder was exploited for clicks‘ three hours ago (at https://www.bbc.com/news/world-us-canada-49002486). The story is about a girl named Bianca Devins. So when we get: “she wrote on a gaming platform about how excited she was to be travelling the 250 miles from upstate New York to a concert in Queens. But before she could return home on Sunday morning, Bianca was dead” we see a story dipped in sadness. We see the quote: “But in the hours after his arrest, it emerged he had shared graphic photographs of the murder online. In the days since, her story has spread across the world – as have the violent images of her death. Her murder, which played out so publicly, is the latest case to place scrutiny on how social media companies police extreme content” we have seen this before, we wonder how and we wonder if it matters. We sometimes here the term ‘lives matter’ but is that really the case? Even as we accept that this was the lone act of a lone man when we get: “the suspect shared an even more graphic photograph of Bianca’s body on Discord – a popular messaging platform for gamers. This image showed the extent of injuries to Bianca’s throat and made clear her wounds had been fatal“, exploitation for clicks is not new, we have seen it for almost 200 days whilst we got exposed to this level of exploitation through the cadaver of Jamal Khashoggi, even the UN got in on it. All whilst there is no actual evidence, speculation, postulation and exploitation. I will give exemption to the Washington Post and his family, they are the two exemptions. To see just that impact we need to look at the numbers.
Yet the numbers are no longer clear, it seems that Google is actively hiding certain events actions and numbers. When I did a thorough search on December 18th, I got a result that added up to a lot “we merely get 57,000,000 search results, most of them misinformation, repeated unsubstantiated rumours and debatable facts that are anything but confirmed facts” (at https://lawlordtobe.com/2018/12/18/how-americans-lose-wars/), now that number is a mere 13,600,000. And that is seeking all. The exploiters have removed the pages, so not to impair their click manifesto, not to remain visible with all the click options out there, but they are there and as Google is extremely dependent on these clicks, they will facilitate to the largest degree possible, it merely means that we are not given the actual goods, not even close and the exploitation goes on. It’s nice that Kelly-Leigh Cooper chose a subject no one knows, yet this method of visibility has been used for a much longer time than you think.
The party-lines are all about ‘filtering’, or ‘this is what our customers want’, or my favourite ‘have you checked ALL your settings?’ The issue gets diluted; it gets smeared over issues and optional things that are being worked on. Exploitation for clicks became a reality the moment people were offered to earn money through their webpages, and everyone wanted more and everyone wanted the maximum of what was possible, yet now that need for greed is transformed into need to be illuminated, maximum visibility through minimum effort, and for too long social media pushed for this to maximise their return on investment. Now that the fence is gone, we see that the facilitators no longer have a hold on anything and even as everyone points at 4Chan, social media players like Twitter, Facebook and LinkedIn are all using it to maximise exposure of self. LinkedIn gets a partial pardon as it is limiting itself to business parts for the most and whatever exploitation we see is small and tends to be focussed from merely a few and those are often stopped by LinkedIn to the larger extent, the 2 billion on Facebook are mostly not. There it is often about extreme materials filtered and censored, or largely filtered to whatever censor has its hat primed (a personal observation).
Yet it is not the censoring, it is the focus and exploitation that is a case for worry. For Kelly-Leigh Cooper the focus is what happened to Bianca Devins and it seems an extreme case, yet it is not a new issue. Collective Hub gave rise in 2015 (at https://collectivehub.com/2015/08/21st-century-shaming/) to ‘21ST Century Shaming‘, and there we see: “Cyber-bullying and online shaming seem more commonplace than ever before and Monica highlighted some recent occurrences, like the leaked nude photos of Jennifer Lawrence; the Sony hacking scandal; and the death of Tyler Clemente, who committed suicide after his college roommate secretly filmed him with another man“, it seems that the linked “where the online humiliation of individuals results in more clicks, which means more money for the media outlet” is casually overlooked by everyone. We see how politicians are trying to bash Facebook, yet the headline from the Daily Telegraph: ‘Brit Ayia Napa rape victim tells how she ‘fainted’ after 12 Israelis ‘attacked her one-by-one for an hour’‘ gets 41,900 results in Google, they all need clicks, they all want maximised exposure and the people involved do not care how they get it, it all impacts advertisement and circulation.
When you start to look deeper, exploitation by the numbers seem to have less acceptable methods than we see used by drug dealers on a school yard, we merely have become too complacent to care. It is not until we are hit to a much larger degree that we see actions.
In 2010 Cnet gave us the 5 dangers of Facebook:
- Your information is being shared with third parties
- Privacy settings revert to a less safe default mode after each redesign
- Facebook ads may contain malware
- Your real friends unknowingly make you vulnerable
- Scammers are creating fake profiles
In all this we have seen the impacts, yet we have ignored a lot of it and it gets to be worse when we see a Telegraph article (at https://www.telegraph.co.uk/news/2018/02/05/ex-google-facebook-staff-warn-social-media-dangers/) where we see the following quotes:
“The thoughts of two billion people every day are steered by 50 people in Mountain View,” said Tristan Harris, referring to the Californian headquarters of Google.
“But these companies are also caught in a zero-sum race for our finite attention, which they need to make money.
“Constantly forced to outperform their competitors, they must use increasingly persuasive techniques to keep us glued.
The Truth about Tech campaign was about tackling the “manipulation and exploitation” of some social media companies.
These quotes are often intertwined, attention brings funds, so does manipulation and exploitation, they are linked and shown as issues that are unstoppable, yet the effort to do something about it is lacking, there is circumstantial evidence that goes back to 2010 and so far almost nothing was done, again we see evidence now in the form of the death of a journalist no one cares about (Jamal Khashoggi) and the media themselves all want to ignore it because he was a journalist, yet the speculation (not evidence) that they propagated shows that he was not their concern, propagation and clicks were. The moment you realise that part of the equation is the moment you realise that the system is flawed and broken, and whilst the media is all about showing the flaws, the defects are not tended to, making matters worse for a long time to come.
By the numbers, we are not in a good frame of mind, as I stated before, there were 57,000,000 search results (in less than 60 days) proving me right.
Facebook Folly and 5G
There was an article in the Guardian last Thursday. I had initially ignored it for all the usual reasons, yet when I sat down this morning, there was something that made me take another look and the article is actually a lot more important than most people would think. The article (at https://www.theguardian.com/technology/2019/jan/31/apple-facebook-campus-permissions-revoked-teens-access-data-iphone-app) named ‘Apple leaves Facebook offices in disarray after revoking app permissions‘ shows a different side that goes a lot further than merely Facebook. We see this with: “We designed our Enterprise Developer Program solely for the internal distribution of apps within an organisation. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple”, this statement alone shows the failing of their legal department, as well as their senior board that works under the strict sense of assumptions. We see this not merely with ‘Facebook had allegedly exploited a loophole in Apple’s approval system to bypass rules that banned the harvesting of data about what apps are installed on a user’s phone.‘ We see another level when we reconsider “Facebook Research, an app the company paid users as young as 13 to install that routed their iPhone traffic through the company’s own servers“. This is not merely about hijacking data; it is about the fact that both the IOS and Android paths are a little too transparent. Academically speaking it would be possible for Apple to distribute a similar app guiding Android people to the IOS data path.
The fact that we now see that others are affected through: “According to an internal memo, obtained by Business Insider, apps including Ride, which lets employees take shuttles between buildings on the company’s sprawling campus, and Mobile Home, an employee information portal, were down“. And it is not merely the Guardian, the Apple Insider gives us: “A report from December claimed Facebook had made special data sharing arrangements with other tech companies, enabling Facebook to collect more data on its users generated on Apple devices, without either Apple or the users’ permission or knowledge.” This now gives the setting that Facebook is getting desperate, when any company needs to rely on Data snooping to keep their momentum up that is the moment we see that any tower, data based or not will fall over.
Part of that came from an article last December giving us: “A damning report on Tuesday provides further details on Facebook’s shady data sharing practices, already under intense scrutiny for the Cambridge Analytica fiasco, suggesting the social media giant enabled Apple devices to surreptitiously collect information about users without their — or apparently Apple’s — knowledge” and the nightmare scenario is not merely that Facebook is gathering data, it is the ‘data sharing‘ part and more important, who it is shared with. This has over the last two months changed my position from waiting what is actually afoot into investigation into actively prosecute Facebook for their actions.
I am certain that the prosecution goes nowhere, mainly because the legal departments allowed for the loopholes to get into position in the first place. It enables the train of thought on how involved Apple was in all that. That train of thought continues when we revisit the Apple Insider quote: “It was revealed yesterday Facebook paid users $20 to sideload a VPN onto their devices, allowing the social network to monitor what participants aged 17 to 35 did online. Claimed to be a “social media research study,” the Facebook Research iOS app took advantage of Apple’s Enterprise Developer Certificates to allow the apps to be distributed separately from the main App Store, as well as effectively providing root access to a user’s device.” In all this the legal teams did not consider the usage and installation of linked VPN applications? Is that not weird?
Bloomberg is trying to water down the event with “Facebook seems clearly to have earned its latest privacy black eye, but it’s important not to overstate what’s going on here. This is essentially a contract dispute“, is it? It seems that the users are victims of deceptive conduct; it seems to me that root access clearly implies that all data and content of the mobile device was made available to Facebook, was that ever clearly communicated to the users installing that?
It is my sincere belief that this was never ever done. So as Bloomberg in trying to add more water to the wine with “Apple’s concern about it’s “users and their data” might well be sincere, but this particular dispute isn’t about the fact that Facebook collected user data; it’s about the way that Facebook collected user data.” Here we see more than merely deceptive conduct, or to use the quote: “I’m not suggesting that what Facebook has done isn’t serious. But neither is it the end of user privacy as we know it“. You see, when you had over root access it means that you had over everything and at that point you have revoked your own right to privacy. And at the top of the watering down of wine, making it impossible to distinguish between the taste of either we see: “But users seemed to know what they were getting into — and were also paid for the privilege“, likely to be Bloomberg foulest statement of the day. Not only do they knowingly hide behind ‘seemingly’ they know for certain that no one will ever knowingly and willingly hand over root access to an unknown third party. It also tends to introduce security flaws to any phone it was installed to, when exactly were the users informed of that part?
So whilst we get another version of: “Twenty dollars per month might not sound like a lot to, say, the typical Bloomberg reader. So imagine Facebook instead had promised one free local Uber ride per month” you all seemingly forget about the international community, who like all others will never get to cash in on those events, or paid responses or alleged dollars for donuts deals. That becomes for the most direct profit for Facebook, access without a fee, how many of those people were part of that event?
Cnet phrases it a lot better with: “I think it’s highly unlikely that the vast majority of the people who went through this whole process really knew the kind of power they were giving Facebook when they clicked OK to install this (app),“, which we see (at https://www.cnet.com/news/facebook-shuts-down-ios-research-app-it-used-to-access-user-data/) by Bennett Cyphers, a staff technologist for the Electronic Frontier Foundation.
And that is not the only part, not when we enlarge the circle. Two days ago, my predictions become fact after the Sydney Morning Herald gives us: ‘Optus concedes 5G service without best technology after Huawei ban‘, which is awesome, as the IP I came up with does not affect either and allows for Global Huawei (or Google) continued growth. So as we are treated to: “”From a pure technology perspective, Huawei is probably ahead of the other three “Mr Lew said after Optus unveiled plans for a $70-a-month unlimited service with guaranteed minimum speeds of 50Mbps. “But what we’ve got from the other suppliers will enable us to provide a globally competitive service.”” This is actually a lot more important than you think, when mobile app users seek the fastest solution, the more bang per gigabyte, the Huawei solution was essential in all this. So as Optus chief executive Allen Lew now concedes that those not using Huawei technology will be second best in the game at best, my solution will set a new level of e-commerce and information on a global scale and all I asked for was $25M upfront and 10% of the patents, the rest was for Google (or Huawei). It is a great deal for them and a really nice deal for me to, a win-win-win, because the consumer and SMB communities will equally profit. I merely circumvented paths that were not strictly legally required; merely a second tier to equal the first tier and when the speed map drives us forward, the players using second rate materials will end up losing customers like nothing they have ever seen. It’s good to use political short sighted policies against them. So whilst the world is listening on how Apple and Facebook values are affected, no one is properly looking on how Huawei and Google have a much clearer playing field on how 5G can be innovated for the consumers and small businesses. It will be on them to restart economies and they will. They are moving from ‘Wherever the consumer is‘ to ‘Whenever the consumer wants it‘, the systems are there and ready to be switched on, which will be disastrous for many wannabe 5G players. I am giving a speculative part now. I predict that Huawei holding players will be able to gain speed over all others by 0.01% a day when they go life. This implies that within 6 months after going life they can facilitate 2% better than the others and within a year is double that. These are numbers that matter, because that means that the businesses depending on speed will vacate to the better provider a hell of a lot faster than with other players. This effect will be seen especially in the Middle East and Europe. And before you start screaming ‘Huawei’ and ‘security threat’ consider that the entire Facebook mess was happening under the noses of that so called cyber aware place America. It happened under their noses and they were seemingly unaware (for the longest of time), so as security threats go, they are more clueless than most others at present. It boils down to the boy howling Huawei, whilst his sheep are getting eaten by fellow shepherds, that is what is at stake and it shows just how delusional the Huawei accusations have been form many nations. How many of them were aware of the Facebook data syphoning actions?
This gives us the final part where we see the growth of Huawei as we see ‘Saudi-based Telco opens joint ICT Academy with Huawei‘, you might not find it distinct and that is fine, yet this is the same path Cisco took a decade ago to grow the size it has now and it was an excellent example for Huawei to adopt. The middle East is the global 5G growth center and with Qatar 2022 introducing maximised 5G events, we will see that Huawei took the better path, feel free to disagree and rely on AT&T and their 5G Evolution, yet when you learn the hard way that it is merely 4G LTE and now that we also see that ‘Verizon likely halting its ‘5G Home’ service roll-out after test cities, waiting for 5G hardware to actually exist‘, we see the events come into play as I have said it would, America is lagging and it is now likely to lag between 12 and 18 months at the very least, so whilst the world is starting their 5G solutions, America gets to watch from the sidelines, how sad it all is, but then they could still intervene into the Facebook events. They are not likely to do so as they do not see that as a ‘security threat‘. So as we are given: “As reported by VentureBeat, Verizon has detailed that it won’t have true 5G hardware for its 5G Home service ready until later this year. That means expansion to more markets beyond Indianapolis, Los Angeles, Sacramento, and Houston won’t be likely until the second half of 2019“, how many people have figured out that ‘expansion to more markets beyond Indianapolis, Los Angeles, Sacramento, and Houston‘ implies the largest part of the USA and they are not up for anything before 2020 (and that is me being optimistic).
It is he direct impact of a stupid policy, which in the end was not policy at all, it was merely stupid and we all get to witness the impact and the carefully phrased political denials linked to all that; funny how evidence can be used to sink a politician.
This reminds me of my blog of August 2018 (at https://lawlordtobe.com/2018/08/23/liberalism-overboard/) where I opened the premise of “the topic would be ‘How to assassinate a politician‘“, I should sell it to Alibaba Pictures or Netflix, it could be my Oscar moment (and cash in the wallet). So, it is true, political folly is good for the wallet, who would have thunk it?
Tabula Rasa
Yes, the Latin name for Clean Slate. It is an expression that we got from the Romans, who used wax tablet to scribe information, they used a metal pen, or a Stylus to write on the wax. In addition, when the slate was done, it was placed near a 50 degrees Celsius hotspot (like in the kitchen, and the wax would melt, so it could be used again, that is where the clean slate comes from. This is not the only part, there is enough evidence that the Syrians were doing this too about 2500 years ago, so Apple did not start it and even now (and 1 trillion dollar value later), they still use over excessive electronics to allow you to work with a clean slate at the touch of a button, no hotspot required.
So, in this trailed and tested environment, why would others try to budge in?
That of course was a question that answers itself in greed. I got my iPad (the very first one) 7 years ago; I still have it, even as it is not starting to buckle, so the end of a 24:7 life cycle has been reached. It helped me past 3 past graduate degrees (including a Master degree), so it earned its ‘moment of recycling‘. Yet, I will be a little sad; it was a faithful companion since day 1.
I paid about $1200, for the first edition, 64 GB cellular and Wi-Fi. that same setting with a much faster processor, higher resolution and increased speed, as well as camera and video options that I did not have in my edition will set me back $799, but with 100% more storage, or $1399, with 400% more storage and additional 4K filming. On my budget it will be the normal iPad, but the full version with 800% storage Pro and the rest at $1699 is still appealing. Still, the $799 is a great option, so sticking with that (and my budget makes it an optional setting. The fact that something so much larger and more powerful is merely 65% of the version I bought gives additional satisfaction.
So in all that, why on earth is Microsoft being half baked? First they screw up their gaming dimension, sticking their heads in the sand, ignoring consumers and proclaiming that they know what they are doing, whilst at this very same debacle, we see first Cnet giving us: ‘The Microsoft Surface Go is a good computer, but a very bad tablet‘, we also get “Windows 10’s tablet interface still stinks, and there aren’t a lot of popular apps that were built for Windows 10 in tablet mode. The iPad still has the best library of tablet apps“, it is something we all should have known, when it comes to apps and the Apple solution has millions of apps as an advantage, a decent amount of them free and very useful. In addition a much larger proportion is all less than $5 each, often it is the pro version of the free app, so you can fit before you commit (like any decent relationship). Then we get “Microsoft’s bookstore lacks a lot of titles, including some on The New York Times’ best-seller list. The Times, The Washington Post and other popular publications are also missing. While I could check any website, scrolling was sometimes too jittery and annoying, especially while holding the tablet with one hand in bed at night“, which implies that there is no beating iBook, a very essential tool, not merely for reading.
In addition there is: “The Surface Go’s bezels are so wide they’re almost comical. While it doesn’t hinder performance, it makes the tablet look dated from the get-go“, giving the implied setting that Microsoft again did not prepare for a serious war, merely a setting where they want to ‘tip their toes into the water‘, I would have thought that the Surface Pro setting should have properly prepared them in all this. And the killer in all this is “Finally, battery life is pretty bad. Microsoft advertises nine or more hours of use, but I never got close to that. I usually saw about four or five hours of use with Chrome and Spotify open“, which was countered with “I could save battery life by using Microsoft’s Edge browser — Windows 10 said Chrome was draining the battery a lot — but I prefer Chrome“, a setting that will be shared by many users, so in all this, the mere battery drain will get people to prefer the iPad, or an alternative over the Surface Go and that is merely on launch week. If there is one giggle around the corner, then it is the setting that this device will make more and more people consider the options that the $400 Chromebooks have. This is exactly what we get to see at eh end of the CNBC review. With: “You should only buy the Surface Go if you need a Windows 10 computer but think the Surface Pro is too big and expensive. I imagine most people don’t fit that profile though. If you need a tablet, go with the iPad. If you need a cheap computer, a Chromebook or cheaper Windows 10 laptop would suit you a lot better“, we see that Microsoft again comes with a device that has all the right marketing, yet in the end, the users will soon learn that a flawed approach is not a near hit, it is merely a miss. So, let’s thank Microsoft for their efforts in giving notice to the new blockbuster ‘Rise of the Chromebook‘, already available in several e-Stores near you and you can find those places with Google Chrome and Internet Explorer, or was that Microsoft Edge?
In the end, the setting becomes the iPad $799, or the Surface Go $838, in all seen there is, as far as I can tell no redeeming feature scoring for Microsoft. Even the ‘if you need a Windows 10 computer‘ does not hold enough water to spend more only to get an indecent amount less. The battery life alone makes it a nonstarter. In the end, the die-hard Microsoft fans will accept it, from all the sources I watched, it does seem to do what it needs to do, it might not do what you prefer it to do (jab at the battery life). Another source gave us that the sound is not great, I am willing to accept that this is slightly more in the ears of the beholder, yet I never heard that complaint from any of the iPads, which is another issue for prospective buyers to consider, which is funny when you consider that some of the Chromebooks (not all mind you), come with: “listening to BBC Radio live via the surprisingly good Bang & Olufsen (B&O) in-built speakers“, I tend to not go high-gear on most PC and tablet things, so I might not have given the B&O serious consideration depending on the price, yet at the $100 difference, not having B&O sound seems just crazy. In that setting, going towards something like the HP Notebook x2 10-p033tu becomes just as exciting, with optionally a much better choice as it comes with the keyboard at that point. Even the not so popular Samsung tablet becomes a decent alternative at this point (and I have never been a fan of Samsung), with options at $329, with a battery that offers 13 hours of video playback it implies to be swimming circles around the Surface Go, all issues that should not have been coming up as a serious alternative for the Surface Go, not from a tablet well over 2 years old.
This is what you can find within the hour, so in all this, the Surface Go is not only less competitive, it is merely latching on whatever it can for visibility, that is no way for a product to distinguish itself, a system that is nothing more than the runt of the litter. So, as a tablet, it is not merely in no way a decent alternative to the iPad, there are a few other choices that would make an equal if not a better alternative at this point. All this, whilst only a week ago, the website Mashable gave us: ‘Save up to 30% on Chromebooks from Samsung, Acer, ASUS, and Google‘, now I get that this is temporary, yet at this point (using Google Ads for example), Microsoft could have bid on that specific page and get students across to consider the Surface go at the ‘match price of the week‘, an opportunity Microsoft did not go for (seemingly), so whilst we are drowning in Windows Central reviews on almost every digital channel, we see Microsoft in the wrong places, or perhaps better stated, not in the right places. Missing on loads of opportunities, especially when you realise that most universities with the Spring (AUS) / or Autumn (Europe) semesters are only 5 weeks away, so whomever needs stuff, now is the time that they are getting it.
These are the days where starting with a clean slate (new data device) is important, especially in your new education, in all this the settings that I am noticing give me the distinct feeling that Microsoft has not been very serious in cornering a market, and from my point of view that is the second time where they are forgoing a serious market share on anything. I just cannot work out why someone allows for that not once, but twice in a row, it is (again, merely from my point of view) not the setting of opportunities missed, they are the setting of market shares lost and once lost, regaining them is not really an option, unless they do something so essentially ground breaking that everyone takes notice, a scenario that has not knocked on the doors of Microsoft since Windows XP.
Telecom providers & swaggering vanity
Any business has issues; the one that states that they do not is lying to you. We understand that there is mostly smooth sailing, that there are bumps in the road and that things are not always on track. We have all seen them; we might have all seen them near our desks. It is a reality, if a lumberjack is working, there will be wood chips, such is life. So when we see the Telstra ‘purpose & values’, we see: “The telecommunications industry is experiencing enormous growth; network traffic is growing faster than any other period of time and digital technology is changing our world. Telstra is at the heart of this change—and we’re helping make it happen by connecting everything to everyone“. That might be true, yet when you price yourself out of a market, there tend to be consequences.
So when the Business Insider gives us merely 2 days ago: “It looked like there were national problems with the Telstra network again today, but the Telco says no” (at https://www.businessinsider.com.au/telstra-is-down-nationally-2018-6), we see a troubling setting. So the quote “The Telstra network appeared to have another national meltdown, with services in most of the major capitals disrupted in the first half of Tuesday, but the company denies there were any problems with its mobile network.“, concessions on social media were made and the services were back up in the afternoon. Yet the damage was done. Not the fault, the disruption or the faulty service. The fact that Telstra was in denial is the issue. So when we also see: “Telstra said there was no issue for Telstra customers and the Telco’s 3G and 4G networks. “There was a vendor platform issue that impacted mobile virtual network operating services for a small number of wholesale customers,” a spokesperson said“, we see the issue that Telstra has moved on through carefully phrased denials. It is a tactic to use, it is however the wrong tactic, because it takes away trust and Telstra did not have that much left to begin with. One source gives another view entirely; it is the view that makes CEO Andy Penn too confused for his own good and the health of the company. In regards to the question that ABC host Leigh Sales asked, which was: “How can shedding 8000 jobs, not make your service worse?“, the response “Mr Penn deflected the question and talked about the complexity of a Telco network and the inevitability of network interruptions when dealing with such sprawling physical technology assets and software. After the host tried once more to ask the question, the Telstra boss steered clear of the jobs losses and moved the conversation back towards his message of increased simplicity for customers“, we merely see the fact that Telstra is playing a dangerous game of stupidity. Deflection is bad and shares will get slammed (and they did). You see, the proper answer (or better stated a proper answer) would be: “As we are moving to a flatter organisation, management is now directly in touch with the workforce, management will get the full scope of issues in their area of responsibility. There is no longer a delay of information trickling on the path of 2-3 managers deciding where what goes, the buck stops with the manager in charge. Basically the lower managers get more responsibility and as they resolve the issues also a much better reward. The direct exposure to issues and answering the questions of staff members and consumers will lead to a much better understanding and also decrees the timeline of issues and questions requiring a resolution“. You see? I resolved that question, I gave an answer, I exceeded the expectation of the current customer base and I did not deflect. So perhaps I might be the better CEO Andy? Now, we can add that this is a work in progress and as any company needs to adjust settings; with a flat organisation structure it is much more direct and easier to adjust. So yesterday’s interview, published today, I merely required seconds to set the stage in a more positive way. Yet Telstra has more issues. Their mobile plans are still horrendously expensive; in some cases placed like Optus will offer 20 times the data at the same price and that was merely a month ago. So Telstra needs to realise that unless they truly become competitive with some of their competitors. In addition when we look at IT News, we see (at https://www.itnews.com.au/news/telstra-completely-changes-how-it-sells-enterprise-services-494853) the issues that some expect. Issues like ‘Confirms it took ‘too long’ to revamp enterprise core’, yet the revamping is not the issue, actually it is as there was no ‘real’ revamping, merely adjust the tailoring to fit other elements (as I personally see it). You see, the danger offered through: ““It is the ability to provide fixed voice, unified communications and messaging with add-ons for mobile and applications on a per seat pricing basis for our midmarket customers. “It will be all digital.” It will be ordered in minutes, provisioned in minutes to hours, and everything will be billed electronically with the ability for the customer to flex up and down in volume in real time“. This is what I call the folly setting. It starts with ‘our midmarket customers‘, which translate to ‘corporations and those with money’, which is fair enough, yet the economy is still in a place where the cost of living is way too high. The rest is merely a statement of ‘buy on our website or through a phone app’; there will be no negotiating, no personal touch, not a warm touch to any of it. Merely a ‘buy this by clicking or go somewhere else’. You can rephrase it again and again, but that is where it is heading and the people have no real high regard for an automated Telstra, so that will hammer the share prices for at least an additional 2%-3% in a negative direction. So as more and more people go towards the ‘Yes’ oriented Optus stores, we see that in some places Telstra is setting up movable selling points (Westfield Burwood), yet in the direct cold light of day, it is not merely a transforming business, it is the setting where Telstra looks less appealing than before. That requires addressing and Andy Penn did not go the right way about it from the beginning, yet in the setting we now see it, it is even less appealing than ever before.
It goes further than all this, a mere 3 hours ago, ABC gives us ‘Is this really the end of Telstra’s ‘confusopoly’?‘ (at http://www.abc.net.au/news/2018-06-21/telstra-what-is-in-it-for-customers/9891076), there we see: “Andy Penn says the job losses will largely come from management so presumably consumer-facing staff will remain”, so why is Andy Capp hiding behind ‘presumably‘?
The AFR takes it in another direction. There we see ‘Telstra’s strategy is all about killing Optus, Vodafone and TPG‘. So (at https://www.afr.com/brand/chanticleer/telstras-strategy-is-all-about-killing-optus-vodafone-and-tpg-20180620-h11mtt), we see ” competitors are clearly going to be most obvious victims of his 2022 strategy, which prioritises mobile above everything else in Telstra’s sprawling portfolio of businesses”, yet with the website as it is and the announced 5G rumours that are nowhere near 5G we wonder how much trouble they are in. so even as we see the boastful “Telstra’s mobile business currently earns about $4 billion a year on revenue of $10 billion“, it will have little effect until the data offered is a hell of a lot higher than they currently offer. It might have been a good moment of timing for me, I ended up with twice the data ant half the price. The largest population really cares about a deal that is 75% better and that is not merely me, it includes well over 60% of all households and pretty much 99.43% of all students. Even if Telstra proclaims that they only care about midmarkets, the shareholders will not understand how they lost out on millions of customers and that change is not reflected in anything we heard. It does not stop there. With the setting of the quote “Telstra said on Wednesday that the number of Australian households with no fixed broadband service is between 10 and 15 per cent. It expects this to rise to 25 to 30 per cent as 5G is rolled out around the country“, we see that Telstra is to lose out on more markets. The shear fact that Vodafone figured out in the EU is an optional gain of momentum for Vodafone, yet the hybrid options that Telstra failed to see could cost them even more in the 2020-2024 period. In addition, when we see “Penn’s decision to adopt an aggressive roll out strategy for 5G plays into the established trend of greater use of mobile networks relative to fixed line, much of which is driven by the widespread frustration caused by the poor performance of the NBN Co”, considering the part I discussed yesterday in ‘Telstra, NATO and the USA’ (at https://lawlordtobe.com/2018/06/20/telstra-nato-and-the-usa/) alerted us to a previous stunt played with 3.7G, yet the setting is reflective here. In part it is expected to be merely temporary. So when we see on the Telstra site “Verizon and Ericsson recently decided to test the 5G network on a moving target — a car being driven around a racetrack — and were able to record a 6.4gb/s connection”, now I get it. It is a test setting yet the speed is still off by almost 40%, which is not good. It is better than what we have now, but getting out in front before the technology is truly ready is very dangerous. In addition CNet had another issue that also reflects in Australia, as well as a league of other nations. With “Cybersecurity for 5G networks had been a top priority for the previous FCC under Tom Wheeler, a Democrat appointed by President Barack Obama. But the current Republican-led agency believes the FCC should not have authority to ensure wireless providers are building secure networks. “This correctly diagnoses a real problem. There is a worldwide race to lead in 5G and other nations are poised to win,” FCC commissioner Jessica Rosenworcel, a Democrat, noted in her statement. “But the remedy proposed here really misses the mark.””
You see, I have been writing for the longest time on the benefits and powers that 5G will give on a whole new range of options, yet the overly non-repudiation ignorance in Telecom town is staggering. Their view is almost on par where the NSA decides to set the admin rights to the guest account and leave the password blank. The dangers that people will face on that level cannot be comprehended. The moment the ball is dropped, the damage to people will be beyond comprehension. It boils down to Cambridge Analytica times 50, with all privacy set to public reading. The business will love the amount the amount of data; the people will be less enthusiastic as their consumer rights and needs are no longer in stock with any shop using the internet for sales. I raised issues on that field in March 2017 (at https://lawlordtobe.com/2017/03/13/the-spotlight-on-exploiters/), yet that was merely the lowest setting. At that point, the Guardian (the writer that is) raised: “The mass connectivity it allows for will also help expand the so-called internet of things (IoT), in which everyday appliances and devices wirelessly connect to the internet and each other“. Yet, this is in equal measure the danger. You see as Telstra gave visibility to ‘Lessons from CES 2018: everything is connected‘ (at https://exchange.telstra.com.au/after-ces-2018-everything-in-tech-is-connected/) and Huawei is giving us ‘Huawei Connect 2018: Activate Intelligence’ (at http://www.huawei.com/en/press-events/events/huaweiconnect2018), they will likely all miss out on giving proper light to non-repudiation. It needs to be the cornerstone, yet for now there seems to be the global ‘understanding’ that someone is working on it, or that ‘block chain solves it’ and a few other hype responses that merely are deflections of a situation not understood and even less properly attended to. To better understand it, I found a promising paper (at https://arxiv.org/pdf/1708.04027.pdf) from Mohamed Amine Ferrag, Leandros Maglaras, Antonios Argyriou, Dimitrios Kosmanos, and Helge Janicke. In the conclusion we see: “Based on the vision for the next generation of connectivity, we proposed six open directions for future research about authentication and privacy-preserving schemes, namely, Fog paradigm-based 5G radio access network, 5G small cell-based smart grids, SDN/NFV-based architecture in 5G scenarios, dataset for intrusion detection in 5G scenarios, UAV systems in 5G environment, and 5G small cell-based vehicular crowd sensing“, which gets us to the real setting that this part is still some time ahead and even as telecoms are rushing to get 5G first to get the better market share, it appears that the players have no clue on the time they will lose by not properly investigating and setting the steps to get non-repudiation on the proper path, it will be seen the moment some CEO decided to listen to marketing and give a first roll out of 5G, whilst not listening to support as they are a cost and not an asset. At that point the situation will unfold where the clever hacker ends up having an optional access to 100% of the available data on several floors and at that point the people attached to any of that will have lost whatever choice they had in the first place regarding their privacy, their accounts and their data. It had all been denied to them.
This was seen in the Economist last year where we saw: “The flaw lies largely with the weakest link: the phone system and the humans who run it. Mr Mckesson and the bitcoin victim, for example, suffered at the hands of attackers who fooled phone-company employees into re-routing the victim’s phone number to a device in the attacker’s possession“. You see this is not about non-repudiation, it is about authentication and that is not the same. There is a whole league of issues and in part because the solution is still not a true given, it is in its initial stage and even as we accept that non-repudiation is sometimes essential, it is not always essential, there is a larger issue on where and when it is needed and it cannot be when the user decides because roughly 92.556% is too ignorant on the subject. The impact on a personal life can be too far stretched and that is where the problem starts. Telstra fails here, in their Cyber security White paper 2017 it comes up once and there we see: “Transaction approval should satisfy certain characteristics – including but not limited to integrity, non-repudiation and separation of duties“, that is it! In a ‘Cyber Security White Paper‘ that give s on the front page ‘Managing risk in a digital world‘, non-repudiation needs to have a much higher priority and in a 52 page paper that gives ‘acknowledgements’ all kinds of high priced firms mentioned in the end, with the ending of “We can assist your organisation to manage risk and meet your security requirements“, so what happens when customers want clear answers on non-repudiation? What is currently in play and available?
The non-acknowledgment that even, if not practised in 2017, or 2016, might be fine, this is about what comes next? That part we see on page 45 with ‘The increased adoption of incident response drives the growth of the after breach market‘ and “In Australia, the highest usage for emerging security solutions is in ‘incident response’, and Cloud Access Security Brokers (CASB) are used the most in Asia. 47 per cent of organisations surveyed in Australia and 55 per cent in Asia have adopted ‘incident response’ toolsets or services“, as well as “announcement of legislation around mandatory data breach notification by the Australian Government“, so how long until non-repudiation makes it to the main focal area? I reckon one incident too late, at that time Telstra becomes a ‘responsive telecom‘ nothing pro-active about it. When the first victim comes and the 99% realises that there is no actual non-repudiation properly in place, how many will remain with Telstra? And it is not merely them, a much larger global Telecom provider pool has that same flaw, the one who did think ahead will be gaining exponential growth the day after someone got hit and we have seen the growth of non-repudiation need for almost 4-5 years, so it is not coming out of the blue.
So, when we see the sales pitch called executive summary in the beginning, the mention of “That organisations are prepared to take such acknowledged risks speaks to the urgency of their move to cloud services“. So is non-repudiation addressed there? and the start of that page with “Organisations and individuals are dealing with new security and business opportunities, many of which are fuelled by mobility,” which of these sides are giving in that you and only you bought the 50,000,000 shares at $29.04 and the loss of 63.223% (roughly) we saw in the 45 seconds after that. At that point, or a boss that you and only you bought them, would that perhaps be good, bad, or perhaps was blaming a hacker the solution?
so in that report, where we saw ‘Mobile malware‘, ‘Advanced Persistent Threats‘ and ‘Web and application vulnerabilities‘; When we realise that the report gives us ‘Number of days compromise went undiscovered (median)‘ with the average value of 520 days (almost 18 months), would the flag that ‘not an employee’ had access helped perhaps in finding it sooner than 18 months?
It all read like a cloud sales paper as security is less complex. It does not solve the non-repudiation issue which would soon be at the footsteps of telecom companies and as they are in denial (for too long that something needs to be done, whomever solves it, that will be the winner of the 5G race and they will gain the 5G business from those claiming to have any non-repudiation and those who did not bother. It is not sexy, it is not limelight, but it will be the cornerstone of personal and corporate safety lot sooner than most people realise.
It all matters because flattening the organisation means that there is either space provision for that branch of security or it falls in the gaps and is forgotten until too late. Andy Penn can deflect all he can at that point (or his successor), but at that point the impact of such an event will be too devastating to respond to or correct for.
The issue remains complex, and if people remember the issues I have with Microsoft, will also accept the part I now give them, because one quote on this from Microsoft is bang on: “Can we say we have non-repudiation by putting a check in a box on a certificate template? Absolutely not, we must first jump through many hoops to be sure that only the owner of a private key associated with the certificate ever has access to it. This involves many controls, policies, procedures and security practices, some of which are listed above“, it is a much harder field, but an essential one and even as financial services are eager to embrace it, data handlers need to start doing this too.
We need to acknowledge that: ‘authentication is easy, non-repudiation is hard‘, and as 5G, automation and cloud systems evolve, the legal need for non-repudiation grows almost exponentially for every day that the three are active in a corporate and personal environment. Those who ignored that essential need end up having no legal foothold on any claim whatsoever. In my mind companies who ignored it will lose their IP and most legal options to get it back the moment it gets downloaded to another place. That IP will soon thereafter be owned by someone else, or it ends up in public domain where anyone can use it free of charge, both are nightmare scenarios for any firm relying on IP.
The gaming E-War is here
The console operators are seeing the light. Even as it comes with some speculation from the writers (me included), we need to try and take a few things towards proper proportions. It is a sign of certain events and Microsoft is dropping the ball again. The CNet news (at https://www.cnet.com/news/xbox-big-fun-deals-e3-week-starts-june-7/) gives us “Microsoft’s big E3 sale on Xbox consoles, games starts June 7“, where we see “Save 50 percent or more on season passes, expansions and DLC and other add-ons“, which sounds good, yet in opposition, some claim that as Microsoft has nothing really new to report (more correctly, much too little to report), they want to maximise sales now hoping to prevent people to move away from the Xbox. I do not completely agree. Even as the setting of no new games is not completely incorrect, the most expected new games tend to not get out in the first month after the E3 (they rarely do), so Microsoft trying to use the E3 to cash in on revenue is perfectly sound and business minded. Out with the old and in with the new as some might say. Yet, Microsoft has been dropping the ball again and again and as more and more people are experiencing the blatant stupidity on the way Microsoft deals with achievements and now we see that these scores are too often unstable (I witnessed this myself), we see that there is a flaw in the system and it is growing, in addition, I found a flaw in several games where achievements were never recognised, implying that the flaw is a lot larger and had been going on for more than just a month or so. The one massive hit that the Xbox360 created is now being nullified, because greed made Microsoft set what I refer to ‘the harassment policy’ of ‘always online‘, this is now backfiring, because it potentially drives people to the PlayStation, who fixed that approach 1-2 years ago (some might prefer the Nintendo Switch). Nintendo needs to fix their one year calendar issue fast before it starts biting them (if they have fixed it, you have my apologies).
Sony is not sitting still either as Cnet reports (at https://www.cnet.com/news/sony-isnt-waiting-for-e3-2018-will-reveal-3-playstation-games-early/), with the quote “Starting Wednesday, June 6, the company will spoil one announcement each and every day for five days in a row. Sony is being tight-lipped about the details, but those announcements will include [censored]“. Yet getting back to Microsoft, they do need and should get recognition for “Up to 75% off select games including Monster Hunter: World, Sea of Thieves and PlayerUnknown’s Battlegrounds“. I admit that a game like monster hunter is an acquired taste, yet 75% off from a 95% rated game like Monster Hunter is just amazing and that game alone is worth buying the Xbox One X for. I only saw the PlayStation edition, yet the impression was as jaw dropping as seeing the 4K edition of AC Origin, so not seriously considering that game at 75% discount is just folly.
The issue is mainly what Microsoft is aiming for (and optionally not telling the gamers). They never made any secret of their desire for the cloud, I have nothing against the cloud, yet when I play games in single player mode, there is no real reason for the cloud (there really is not). So when I see that Microsoft bought GitHub for a little less than 10 billion, we should seriously consider that this is affecting the Xbox One in the future, there is no way around it. Even as we see the Financial Times and the quotes of optional consideration “Microsoft is a developer-first company, and by joining forces with GitHub we strengthen our commitment to developer freedom, openness and innovation,” a claim from CEO Satya Nadella. He can make all the claims he like, yet when we consider that this is a setting of constant updates, upgrades and revisions, we see the possible setting where a gamer faces the hardship that the Oracles DBM’s faced between versions 5 and 7. A possible nearly daily setting of checking libraries, updates and implementations to installed games. Yes, that is the real deal a gamer wants when he/she gets home! (Reminder: the previous part was highly speculative)
As we get presentations from the marketeers, those who brought us ‘the most powerful console on the market‘, they are likely to bring slogans in the future like ‘games that are many times larger than the media can currently hold‘, or perhaps ‘games with the option of bringing additions down the track without charge‘, or my favourite ‘games growing on every level, including smarter enemies‘. All this requires updates and upgrades, yet the basic flaw on the Xbox needing extra drives, extra hardware and power points, whilst increasing the amount of downloads with every month such a system is running is not what we signed up for, because at that point getting a gaming PC is probably the better solution. A business setting aimed at people who wanted to have fun. This is exactly the setting that puts the AU$450 PS4, AU$525 and AU$450 Nintendo Switch on the front of the mind of every gamer soon enough.
The elemental flaw that the system holds is becoming an issue for some and when (or if) they decide to push to the cloud to that extent the issues I give will only grow. Now, I will state that in a multiplayer environment, a GitHub setting has the potential to be ground breaking and my making fun with the slogans I gave in Orange, could be the true devastating settings that will form an entirely new domain in multiplayer gaming. Yet we are not there yet and we will not be there yet for some time to come. Even as Ubisoft is getting better and they did truly push the edge with AC Origin, you only have to think back to The Division, the outages and connection issues. The moment that this hits your console for single player that is the moment when you learned the lesson too late. In similar view we can state that the lessons that we learned with Ubisoft Unity, what I call clearly bad testing and perhaps a marketing push to get the game out too early ‘to satisfy shareholders‘, whilst gamers paid AU$99 for a game needing a ‘mere’ patch, which was stated in the media in 2014 as: “The fourth patch for Assassin’s Creed: Unity arrived yesterday as a sizable 6.7 GB download. At least, that’s the case for non-Xbox One players; some players using the Microsoft console are facing 40 GB downloads for the patch“. Think of that nightmare hitting your console in the future, and with the cloud the issues actually becomes more dangerous as patches were not properly synched and tested. That was the fourth, and that was before 4K gaming became the 4K option on consoles, which would have made the Unity download a speculated 80GB, over 10% of the available space of an empty Xbox One. Now, you must consider that such patches would be enormous on the PS4 pro as well, that whilst Microsoft could have prevented 40% of the issues of the issues we are faced well over a year ago, now consider how you want your gamer life to be. Do you still feel happy at present?
Oh, and Sony is not out of the woods either, even as some are really happy with the PS4Pro, it must be clearly stated that there are enough issues with frame rates on several games, all requiring their own patch, which is not a great setting for Sony to face. Even as the new games are more than likely up to scrap and previously released games like Witcher 3 are still getting patches and upgrades, the fact that God of war had issues was not a great start; the game looked amazing on either system. Still, when it comes to fun, it seems that Nintendo has the jump on both Sony and Microsoft. The Splatoon 2 weapons update (lots more weapons) is just one of the setting that will entice the Nintendo fans not put away their copy of Splatoon 2 any day soon. In addition, Amazon implied that Fallout 76 will be coming to the Nintendo switch, which is a new setting for both Sony and Microsoft. For those imagining that this is a non-issue because of the graphics need to play Metroid Prime on a GameCube and watch it being twice the value that Halo one and two gave on an Xbox (with their much higher resolution graphics). The mistaking belief that high-res graphics are the solution to everything clearly has never seen how innovative gaming on a Nintendo outperforms ‘cool looking images‘ every single time. Now that Bethesda is seeing the light, we could be in for a new age of Vault-Tec exploration, but that is merely my speculated view. That being said, the moment we see Metroid Prime 1 and 2, as well as Pikmin and Mario Sunshine on Switch that will be the day that both my Xbox One and Ps4 will be gathering dust for weeks. These games are that much more fun. I just do hope that it will not overlap with the release of some PS4 games I have been waiting for (like Spiderman), because that in equal measure implies that I need to forgo on hours of essentially needed sleep. Mother Nature tends to be a bitch when it boils down to natural needed solutions (I personally do not belief in a red bull life to play games).
So as we are in the last 4 days before the E3 begins, we are more and more confronted with speculations and anticipation. Cnet was good enough to focus on released facts, which is awesome at present. Yet we are all awaiting the news. That being said, the leaks this year has been a lot larger and revealed information has been on overload too. It might be the first sign that the E3 events could be winding down. There had been noise on the grapevine a few weeks ago, yet I was not certain how reliable that information was. The leaks and pre-release information does imply that E3 is no longer the great secret basket to wait for as it was in previous years. We will know soon, so keep on gaming and no matter which console your heart belongs to, make sure you have fun gaming!
Dangers of Android?
Today I got confronted with a danger that Android poses. Yet, is this truly an Android issue? An Apple user will of course nod yes in a very rapid way. My Huawei is not the only one hindered by this. At Android central the following was found: “Are the apps definitely being removed from the App Drawer, or is it just that the shortcut is disappearing from your home screen?”
This is of course a fair question, it still is not OK, but the difference between an app and a shortcut is quite the difference.
It turns out that the apps are on my phone, but they no longer run, they are now called ‘com.spyfox.tripletown‘. The apps seem to have gotten themselves damaged. The question no becomes why. At this point I also notice a program called ‘Li emotion’. The kanji next to it gives it away. My question now becomes ‘what is this and what does it do? This is because it is a separate app, I never installed it (as far as I can tell) and the rights it does have are massive. Yet there is no indication what it is, why it is on my phone and why it is allowed to do many things without my permission. It does not take too long that this is part of the Huawei Emui, so there is no real issue as the operating system needs to be able to do all this. Comprehension was the mere element that resolved everything.
This does not solve my app issue (which actually fixed itself) and gets us to the Guardian video (at http://www.theguardian.com/silent-circle-partner-zone/video/2015/aug/17/smartphone-users-read-their-app-permissions-out-loud-video). So yes, when we see the rights and speak them out loud, they sound very disconcerting. But why is it such an issue? ‘Modify calendar events and send e-mails without my knowledge‘ sounds extremely offensive, but now realise that you set up a meeting, you change the meeting and all parties are automatically updated through messages. Did you know that they got another mail stating that the meeting had changed? There you go, mystery solved. Apps ‘reading your text message‘ sounds like a worry, but is that program actually comprehending the information, or does ‘reading’ mean ‘parsing’, processing the text in all this? Computer lingo for the layman is not the easiest task.
In all this the one that stood out for me was ‘I give this app permission to automatically turn of airplane mode‘ if airplane mode was there for safety reasons (the airplane message no one ever believed that mobile phones interfered with airplane instruments), than the option to turn that off should not be allowed, but in all that, this could be as simple as the dialogue box ‘Would you like to deactivate airplane mode?‘ The video ends with ‘the biggest risk to you and your privacy is your smartphone‘, this is a decent claim to make. In all this, it is actually about users and consumers who do not understand (read comprehend) what they are agreeing to. They do not understand what they have consented to. That is always dangerous, because the things you do not realise are the issues that turn you into the greater fool. Here we can paraphrase the greater fool theory which states that “the price of an object is determined not by its intrinsic value, but rather by irrational beliefs and expectations of market participants” into “the security of your environment is determined not by the borders you mentally erect, but rather by naive believe that the applications on your smartphone will respect them“.
You see, I believe that people should be worried about privacy, and #Privacynow is a valid need, but what is your actual privacy? The way that they are getting there is a little bit of a worry, yet the path is not without valid reason. Consider the quote “It’s common for users to employ the same username and password across systems, so if someone compromises that particular password, the potential also exists for them to compromise additional user accounts“, this is a worry in one way, because is this about the safety of the phone and its apps or is this about Common Cyber Sense? Something I have been advocating for about 2 decades. So how is this a danger for Android? That is part of the issue. In my view the danger to IOS is not smaller and the danger is nor subsiding any day soon. One of the earliest sources is around 2008, in 2010 Computer world, CNet and other sources stated “About 20 percent of the 48,000 apps in the Android marketplace allow a third-party application access to sensitive or private information, according to a report released on Tuesday“, there are two sides here. In the first, is this like the earlier issues in the video and stated, ‘a form of feigned transgression?’ Or is this in the second ‘leaky security that leads to open access of information?’ There is however a third option, apps that were created that are intent on creating a backdoor that allows access to all data. It is the third that is a true danger, yet how realistic is this danger?
Computerworld stated this from a Google representative: “This report falsely suggests that Android users don’t have control over which apps access their data. Not only must each Android app gets users’ Permission to access sensitive information, but developers must also go through billing background checks to confirm their real identities, and we will disable any apps that are found to be malicious“, this is not just clearly the case, there is supporting evidence on several levels that this is true. In addition, these parts are quotes from 2010 and since then both Apple and Google have upped the security game by a lot. Still, it is the news from last week (at http://www.wired.com/2015/10/iphone-malware-hitting-china-lets-not-next/) ‘iPhone Malware Is Hitting China. Let’s Not Be Next‘ is the issue today. The quote “Unlike previous spates of iOS-targeted malware, many of those victims hadn’t jailbroken their phones to install unauthorized apps. The two back-to-back attacks—one far more sophisticated than the other but both unprecedented in iOS’s history—suggest that complacent iPhone users around the world could be in for the same nasty shock“, the issue has now become the fact regarding ‘non jailbroken systems’, which implies that either a flaw has popped up in the Apple device, or overall a new level of access has become a worry. It is the quote that follows which now is centre in all this “Apple has said that only iOS 8.3 and earlier were left open to the attack. Later versions limited access to the APIs it exploited to plant its ads“, so we can accept that we all install the latest versions, yet what happens to those who have an older device (like the iPhone 4)? There are plenty of things people can do that prevent these issues, and in all this ‘Common Cyber Sense’ remains the big issue. So is China hindered by a massive lack of Common Cyber Sense?
Here we now see the evolution that is the danger. It is the assumption of the user. The laziness of their usage and the ignorance of the effects that they easily embrace. The quote “Don’t install strange apps that appear in pop-ups online and aren’t found in Apple’s App Store” is the big part we must adhere too (well Apple users anyway), for most people like you and me, we use the Google Play Store sources only! Both Google and Apple have their methods in place. Would a three pronged app remain the issue as implied in the article? That is hard to state, but what is clear is that 99% of the dangers can be averted by using the reliable source and that reliable source only. The application of ‘Common Cyber Sense’ can aid you in averting another 0.9999%, which means that if you install 10,000 apps, there is a one in 10,000 chance of you ending up having a chance of being in danger.
Yet in all this, we should never relax about the technology we use and the danger it could bring. It is that fear that is driving people in all kinds of corners they never need to be in. When you have sex, not the committed relationship one, but the quickie with that girl next door for some slap and tickle. In that case do you practice safe sex? When you live in the city, do you go to work leaving the front door to your apartment wide open? In that same sense, when you use any technology that has your personal information, you use more than the minimum safety. That last part requires Common Cyber Sense. To the previous generation it is a harder thing to do, but it can still be done, to my generation it is an additional side to my workflow. It is the next generation that is now the part that matters. Many are taking the casual approach their parents (or bigger siblings) have, whilst not realising that Common Cyber Sense will be at the foundation of their lives. So, any OS will come with its own perils. Be it Windows, LINUX, Android, IOS or any other OS. They will face a new area that is on the move with such high speed that there is no way to predict where they will be in 7 years’ time. The dangers of a complete rewrite in an iterative world. You see until 2000, both hardware and software remained highly innovative, it was after 2003 that the iterative world was set in high gear. First Hardware and now to a larger extent Software has been in iterative mode. Yet the world behind all this, the security part has made leaps and bounds and to some extent not in a good way. Here we can make a connection to an article by Tarleton Gillespie from 2014 called ‘Facebook’s algorithm — why our assumptions are wrong, and our concerns are right‘. The quote “I will say that social science has moved into uncharted waters in the last decade, from the embrace of computational social scientific techniques, to the use of social media as experimental data stations, to new kinds of collaborations between university researchers and the information technology industry“. In addition there is “Those who are upset about this research are, according to its defenders, just ignorant of the realities of Facebook and its algorithm. More and more of our culture is curated algorithmically“. This is not upsetting or ground breaking, but it is the next part that links to all this. It is a blog article called ‘Analytic Suspicions‘ (at https://analyticsuspicions.wordpress.com/2013/02/25/metric-failures-and-data-assumptions-4-myths-of-social-analytics/), he is looking at a few myths in social media, in all this (it is a nice read and well written), I personally see one point that is not a myth, it is a worry and it seems to me that many remain ignorant on that danger. You see, the myths whether all Social Media is analysed, that Social Media data is clean enough to Analyse, Influencers should be targeted and sentiments analyses works. In all this we forget the 5th issue (this being the non-myth). The interaction of apps and data. The dangers that we interact our apps and the data that is linked to all this that is now becoming the true issue. You see, even with all the common cyber sense no matter how safe our mobile is, the data is still somewhere and that data becomes available, more data than we agreed on. Yet in all this is the mobile OS Android/IOS the weak link?
That is the part that is not addressed by many speakers in this realm. Some get scared by places like ‘life hacker’ and some are ignoring the woeful text that passes us by, yet when places like Forbes report that ‘Report: 97% Of Mobile Malware Is On Android‘ (at http://www.forbes.com/sites/gordonkelly/2014/03/24/report-97-of-mobile-malware-is-on-android-this-is-the-easy-way-you-stay-safe/) people get worried (even though the article is more than a year old). Yet the article enlightens us in many ways. The most important quote here is “here’s the part Google’s rivals don’t want you to know: the figures are misleading“, which is one side of the foundation. The second on is the part I already discussed “stick to buying apps on the Play Store and every one in 1000 apps you buy may have had malware for a brief period“, the word ‘may’ is essential and ‘brief period’ is also essential, in the end, the chance of you getting the winning lottery ticket could be slightly higher, odds I’ll take any day.
Yet in all this, with all the protection these providers offer, the number one danger is you!
Common Cyber Sense is the essential step of reducing that danger to almost zero (like 0.0001% chance).
In the end the danger of Android is almost the same as the danger to IOS, both large players presenting into the margins, which is where the mobile phone user (you know that pesky consumer) does not tend to be. Which takes us to the final part in all this. It was my blog article from the 4th of October (at https://lawlordtobe.com/2015/10/04/cisa-and-privacy-are-not-opposites/) ‘CISA and Privacy are not opposites‘, we get confronted with Silent Circle and their Blackphone 2. I have no doubt that Phil Zimmermann and Mike Janke are men of knowledge, determination and possibly even innovation. Yet, these skills do in my humble opinion not match up to the killer skills of the Google engineers with their keyboards. So when we see the quote in the Guardian (see previous blog link) “Google didn’t support the initial software build, something that probably helped make the phone more popular, rather than less“, do you think that this was done in envy by Google, or because their build did not hold up to scrutiny? That last part is speculation because I have no data or any evidence going one way or another. The Blackphone is marketed by intelligent people with skills, no one will doubt that, and it is also clear that Silent Circle is now tapping into a direction that is gaining traction, which means the market will most definitely grow in this direction. Yet in all this, considering all the facts, in how much danger is your data?
Sit in a quiet corner and let that questions sink in for a minute. I have been in the data field since 1989, in all that time the biggest threat was ‘data at rest’ (data saved on a device), meaning that this implies that you have strong passwords on your hotspot and Bluetooth capabilities, or just switch these options to ‘off’, not data that is moving from point A to Point B. Today both areas are a ‘threat’ and the second one only since very recent.
Since November 2012 I have had 2 phones, the second one I got this year because only now, my Android needs had grown beyond a 1 GB RAM phone. As far as I can tell I have only faced one issue and that was due to an ignorant third party developer and their dim witted approach to synchronisation. The simple use of Common Cyber Sense is all I needed. Basic steps that nearly anyone can adhere to. The threat of criminals and organised crime will not go away. Common Cyber Sense will keep them at bay and common sense should do the rest.
Which now takes us back to the title, you see, the dangers of Android are largely between your ears. The only dangers you face are the ones you open yourself up to! You should never stop asking questions on where things are and what you sign up to, that is common sense, but also feel free to question what certain things mean, it is in the comprehension that you find the answer. If there is one conundrum to leave you with then it is not android or IOS, consider the idea that a Facebook game wants you to give them access to your religious views, whatever for?
To pray for ammunition?
Well, so be it: ‘halleluiah’, now die you zombie master and give me my 10 points towards a high score!
When you BS the customer
I have had three issues on that matter, all in one week, so I reckon that I am slightly agitated in regards to projected presenters of misinformation with intent (also known as recruiters). If that was not enough, in the tech sector Verizon added to this with the article in the Guardian (at http://www.theguardian.com/technology/2015/apr/14/mobile-malware-report-verizon-smartphone-adnoyance). The article is interesting for more than one reason, so let’s get to it.
The title is a valid question as it states ‘Is mobile malware a lot of fuss over nothing?’, some will say yes, a lot more will say no. Yet, how much of an issue is mobile malware? That is in the end a valid question. Verizon, a telecom provider goes for the ‘adnoyance’ key. They are depending on people relying on a provider as without it there is no phone, but is malware just the annoyance of advertisement? Many, including me are not convinced.
One source http://securityxploded.com/demystifying-android-malware.php, gave us clear goods. The article is very ‘techie’, but also very clear, showing step by step the issue in play.
At step 8, we get the part where we see what is going on: “The application sends an SMS to the premium number 1066185829 with the text 921X1. In the background, it blocks any incoming delivery report from this number so that the victim does not get any response regarding the SMS that the application sends in the background. Also, the SMS is sent only once and never again so that the victim has no suspicion of what caused the SMS charges to be sent to him“, premium numbers are a lot more expensive, which could be around $0.75 for one SMS. Now many will not care, thinking it happened once. So what is the deal? Well, see what it amounts to when it is done a million times. We all funded one criminal $750,000 for being clever. When we go back to the beginning of the article we get “McAfee’s first quarter threat report [Reference 1] stated that with 6 million unique samples of recorded malware, Q1 2011 was the most active first quarter in malware history“. Now, not all of them were about money, advertisement annoyance is a chunk here, but the casual air of Verizon becomes slightly offensive, or so it should be when we consider that dozens of creative souls are trying to spike their bank account in this way.
Yet, the one-time loss of $0.75 is not really an issue for the consumers at large, but what is?
Now, I get back at the issue I illustrated a long time ago, when we suddenly got those issues with Facebook messenger. Where you were giving it the right to record Audio. Before I continue, I must be fair to Facebook to and add an article here (at http://www.androidcentral.com/facebook-messenger-permissions-not-scary-stories-might-have-you-believe), it goes over many rights and it does try to suss a few issues (in a good way). There were however a few other issues, mainly connected to Facebook messenger draining the battery in massive ways. My issue here is that if it drains the battery, what is it using the energy for? Just to keep the mobile out of a sleep state?
Gizmodo (at http://gizmodo.com/facebooks-messenger-app-logs-way-more-data-than-you-rea-1633441673) gave us this: “Ever since Facebook first started pushing users over to its standalone messaging app (whether they liked it or not), there have been cries of outrage over what’s seemed like an inordinately large amount of required permissions. And while there’s still no indication that Facebook has any sort of bad intent, the company is collecting a startling cache of data, according to security researcher Jonathan Zdziarski“.
In addition we get “In an email, Zdziarski said that Messenger is logging practically everything a user might do within the app, from what and where they tap, to how often a device is held in portrait versus landscape orientation; even time spent in the Messenger app, versus the time it spends running in the background. …”[Facebook is] using some private APIs I didn’t even know were available inside the sandbox to be able to pull out your WiFi SSID (which could be used to snoop on which WiFi networks you’re connected to) and are even tapping the process list for various information on the device,” he wrote in an email.
Now, like Jonathan Zdziarski, I feel compelled to believe that Facebook is not doing anything wrong or illegal, but they are collecting huge amounts of data, by the way, when this is transmitted, will that be taken of your monthly data allowance? Seems to me that Verizon is downplaying the pressure on the monthly data allowance bill.
Now we get back to Brightcloud, who is giving us ‘Android Malware Exposed‘ (at http://www.brightcloud.com/pdf/Android-Malware-Exposed.pdf). The paper has a part on Spyware. On page 12, they state “Other types of threats are those that spy on you or steal your data. There are a number of apps that are the equivalent to commercial keyloggers found on PCs. These apps offer their services to ‘track’ your kids, spouse or employees. These behaviors are easy to incorporate into an app and this begins with the easy task of requesting the necessary permissions. For example, requesting ACCESS_COARSE_LOCATION, ACCESS_FINE_LOCATION, and READ_SMS will grant you access to SMS messages and GPS location“. This is the issue. It was not the $0.75, but the massive amounts of data that mobiles are working with nowadays. How long until these malware solutions get access to some of the larger collectors like Facebook? It is not that far a leap of suspicion is it?
In addition on that same page we see: “Threats which have used these spying techniques are NickySpy, Spitmo, GGTracker and GoldenEagle. NickySpy is interesting in that it utilizes the MediaRecorder() class to turn on the microphone and discretely record and save conversations to the SD Card. It is also able to send captured data to a remote server, although this functionality is not hard wired in. Below is a snippet of the function responsible for voice recording“. Now we get to the good part. The malware can be capturing events on audio without your consent and stream it. So, it was not just about the rights, it is about the ability that is unlocked to use. We focus on the big player like Facebook and Google, but we forget that data collecting is on the minds of governments, big corporations as well as organised crime and those into identity theft.
There are millions of examples, and Verizon trivialised it as ‘adnoyance’. The truth (as I see it) is that there is an entire echelon of dangers that people remain (intentional or not) oblivious to. One of the conclusions given in the article is “Trojans will continue to be bundled in repackaged APK’s and disguised as legitimate applications. With 900,000 daily Android activations worldwide, social-engineering tactics will continue to be used to trick users into installing malware“, so that friend you know that gave you the location of that free game, might in the end not be that good a friend. Unknown to him or not, that little freebee could be the start of your data going somewhere else.
Verizon might light of an issue, as it does not harm them, but it harms their customers. Instead of heralding Common Smartphone Sense, by making sure that people only download from reputable sources only (like Google Play Store), we see trivialisation. The added sentence ‘it’s unlikely to be the source of disastrous data breaches such as the Sony hack any time soon‘ adds to the failing of this article.
Malware is an issue, malware will continue to be an issue with added dangers over time and Yes, Android (as an open platform) has a larger issue to deal with. Yet, Common Smartphone Sense could reduce the dangers by 80% which is a huge diminishment of the risk the user has. In addition ‘the company estimates that just 0.03% of mobile devices are infected with “higher grade” malicious code each week’, sounds like a small number, but that implies that it is well over 600.000 phones each week. This makes it a clear issue, not a minute part. In the end, we are at 2,000,000,000 smartphones on the planet, and as that group grows, then so will the desire from some to infect that realm with higher grade malware.
In addition, two days ago, the Business Insider (at http://www.businessinsider.com.au/thousands-of-people-can-do-sony-hack-2015-4) stated ““There are probably a couple thousand, three, four, five-thousand people that could do [the Sony] attack today,” Miller told “60 Minutes.” He went on to explain that the technology used by the perpetrators of the Sony hack isn’t a custom-made program. Instead, Miller says it can be purchased online from Russian hackers for around $US30,000“, so if that is a fact, then how is North Korea still seen as the Cyber Boogieman? This issue is a lot bigger and the Smartphone is just adding to a Cyber world that is lacking security all over the place. Telecom operators will have to change the way they play the game, the moment that they are no longer seen as simple data provider through innocent dissemination. When the telecom companies are held to account, we will see a shift, one that will be a costly one for those who allowed massive amounts of data theft to remain unmonitored.
Verizon should be ashamed of itself!
Trolls are real
No, this is not an episode of Grimm, where we see the Hässlich as they collect their fee. This is not the case of David Giuntoli, beheading reapers and taking care of the trolls. This is today, the trolls are real and the fee goes up by hundreds of millions. This is the case of SMARTFLASH LLC, et al. v. APPLE, INC., et al. The article was from Cnet, but I got wind of it through EpicTimes. All this got to blows not because of the amount, but because this issue has been allowed to fester for well over two decades. The issue takes a legal leap into the unknown, which is still unmanaged at present. The questions that we have to pose is in two parts.
- Is this a festering scene?
You see, it is nice for Apple to cry wolf, but is it a valid scene of the crying? The fact is that Smartflash LLC has 7 patents, the first one filed Oct 25, 2000, with a Foreign Application Priority date (UK) of Nov 25th 1999, and this makes it a patent that was filed before the initial release of Apple’s iTunes, which was January 9th, 2001.
The Apple response we see (at http://www.cnet.com/news/apple-ordered-to-pay-533-million-over-alleged-itunes-patent-infringement/)
“Smartflash makes no products, has no employees, creates no jobs, has no U.S. presence, and is exploiting our patent system to seek royalties for technology Apple invented. We refused to pay off this company for the ideas our employees spent years innovating and unfortunately we have been left with no choice but to take this fight up through the court system”, so let’s take a look at the slightly empty response as I see it:
‘Makes no products‘, is not a prerequisite for a patent;
‘Has no employees‘, is also not an issue, someone filed for this case and someone filed for a patent. Whether this is an employee is not an issue;
‘Exploiting our patent system to seek royalties for technology Apple invented‘, is slightly moot. The patent was filed before iTunes existed, hence, we could argue that Apple did not invent what they did, the latter statement is an incorrect one, but I will return to this.
Now let me rephrase the Apple statement in a very unflattering way: “Smartflash had an original idea, the idea was not novel because this is the direction the world was moving to”. This notion was a clear given ever since day two that Napster got active. The people understanding these technologies would innovate and come up with ideas. Unlike me, who was a Patent Virgin in 1999 (and unaware of the power they hold) would see that the future is all about IP, so some of these people would file the ideas and they would stick. Now we see that Apple might have reinvented the wheel, but reinvention is no invention at all. It becomes a license and Smartflash LLC only had to wait for their chooks to grow and grow. Now pay day has arrived.
So as we go back to the initial part, questions come to mind. Questions many (including Apple) might not want an answer to, because the answer might be a lot scarier than we all imagine. You see, in previous blogs I discussed the dangers of a faltering and collapsing economy, because those in charge remained too flaccid to actually act on issues. The consequence is that if a monetary system collapses, what will replace it? In my view, the new currency for any corporation and government is Intellectual Property. If that is true, than those who own the property will become the new true wealth.
This makes Patrick Racz a visionary of massive fortune, if we see the first fee that Apple will end up paying, what will happen to the next step? What will the Samsung invoice become? Beyond that, Apple now has a choice to make, the entire DRM future is now no longer in the hands of the large industrials, so that coin will be making massive waves soon enough.
So where is the festering part? Well, Patent Trolls are not a new group. This ‘valid’ group has existed since the early 90’s. So over the last two decades, this groups had not been dealt with. The valid question becomes, should Patent Trolls be dealt with? You see, patents get bought all the time, someone goes bankrupt, the patent is bought, perhaps sold by a bank trying to limit its losses. This market evolved, because the issue as is, is that corporate ‘losses’ due to patent trolling has been exceeding 20 billion a year from 2010 onwards. So, why not act against trolling?
The question becomes is it wrong to be a troll? The Hässlich might disagree if we say yes. The fact is that those with the novel idea, might not have the means to pursue the real deal. So they might want to file their original idea. To give you an example, which you might not believe, is that I came up with the idea around 1994. Now, it could be seen as a DPod (Data Pod), my idea was not in that direction, you see. In my past I was confronted with the ‘joke’, that was known as a tape streamer. It was a backup solution that never properly worked in households. So I had the idea to make the Minidisc a backup device. To connect it to computers, so that we could copy files, the Minidisc looked like a 3.5″ floppy, but could hold hundreds of megabytes. It could have evolved the need for diskettes and it would have propelled data halve a decade earlier. I would have been decently wealthy. So, I should have patented the idea (although, in those days I did not realise I could). So as such, Patrick Racz was the clever one. Yet, in view of all this, did Apple lag? That becomes the cornerstone in all this. Does it matter? Is a more apt question. A patent was filed, Apple did not do its homework as I see it a cost comes into play.
So now we get a new issue, will Apple et al ‘force’ a change in patenting? Will capping be imposed? All decent questions that are for tomorrow. For today, Apple gets to admire its own armour, which is not as shiny as it was yesterday. I must however state, that I personally do not think that Apple did anything wrong. Now I return to the initial exploiting part I promised to revisit. They came up with an idea and they designed it. In 1370, a Dutchman named Laurens Janszoon Coster came up with an idea, it was the printing press. He came up with the idea around the same time Johannes Gensfleisch zur Laden zum Gutenberg came up with the same idea. They both had similar (not identical) ideas in a time when the need for a cheaper solution was needed. The Dutch and the Germans all state that their citizen discovered the idea, which is fair enough. I think that this is a similar situation. In all fairness it seems to me that the patent system did not allow for such a situation, it does not make it right or wrong, the situation just is. In a land (US) where it is all about number one, it must now bite that this patent is in hands of a non-American. So as we realise that any system is flawed, is it flawed enough? If patents are about innovation, are the little people the solution? I have always believed that true innovation will survive, big companies will need to consider the age old situation, having the person with the ‘nice’ PowerPoint, does not mean that they have the innovation.
- Is it unmanaged?
Like any legal system, the Patent system is good, but is it good enough? This one case is calling for visibility, but one case does not a change make. If we go back to 2013 we see the following in Forbes (at http://www.forbes.com/sites/toddhixon/2013/10/04/for-most-small-companies-patents-are-just-about-worthless/). “But, TechCo will need to use a lot of other technology to build and deliver a complete product, e.g., the product design might be protected by a patent, but the manufacturing process might be subject to another company’s “blocking” patent“. Here is the kicker, there has been a lot of noise on how large corporations have the ability to block others. If we accept Business Insider (at http://www.businessinsider.com.au/chart-of-the-day-the-totally-useless-patent-wars-2014-10) “In other words, based on patent cases brought to court by Apple, Samsung, Microsoft, Nokia, Motorola, and a host of others, litigation is, more often than not, a serious waste of time and money for all parties involved“. The question is, should the system change? Because these big boys are in disagreement, does not mean that the system should just fall away. Are these patent cases valid to begin with? If we look at the quote “As it turns out, only 20 or the 222 patent assertions (9%) were able to establish liability, but even in that small sample, only 10 of those 20 cases resulted in “lasting injunctive relief.” Mueller says that number would be even smaller if “the patents underlying Nokia’s German injunctions against HTC had come to judgment in the Federal Patent Court.”“. My question is that if the numbers are this skewed, why take it to court in the first place? What was the tactic behind it? Delay? A mere pissing contest or was this about satisfying the need for additional costs? I have no idea, but the result data speaks for itself. Is the score so impressive that pursuing a 10% chance is essential, worth the effort or it is something else?
I do not proclaim to have the answer, but the questions are not getting asked, moreover, the press at large have all quoted Apple on their ‘indignation’, but answer me this, how many papers gave any view, brought any decent quotes from Brad Caldwell apart from the one liner victory? In addition, when we see Reuters (at http://www.reuters.com/article/2015/02/25/us-ip-apple-verdict-idUSKBN0LT0E720150225), the quote “Apple, which said it would appeal, said the outcome was another reason reform was needed in the patent system to curb litigation by companies that don’t make products themselves“, that sounds nice in theory, but that leaves only the large companies in charge of it all, it takes out the small innovators whilst large corporations are left choking those small innovators for a mere tuppence to get complete control. Patents were never designed to give power to the manufacturers, they were an exclusive rights granted by a sovereign state to an inventor or assignee for a limited period of time in exchange for detailed public disclosure of an invention. However, as the world became all about shore term goals and iterative exploitation, in that regard patents are a massive impropriety to the need of large corporations.
Time will tell what direction the legal industry makes, for now, as Apple and Google are so about non tax accountability, the danger of actual change remains not too large (only for now).
Lawrence van Rijn - Law Lord to be 