Friday, August 16, 2013

Real news from the New Yorker:  http://www.newyorker.com/online/blogs/elements/2013/08/hard-to-crack-the-governments-encryption-conundrum.html

 E-mail “sounds like the simplest application of cryptography imaginable,” said Blaze. “I’m trying to send you a message that you can only read, and that you know definitely came from me, and we have algorithms and protocols that do exactly that. But we still haven’t figured out the basic technical ways to implement them in practice.” 

It's a user problem.  The hassle is not worth the benefit for most people.  Many are buying guns to protect themselves against a hypothetical tyranny and/or a possible armed intruder.  Some of those guns end up in tragedies.  Are those "hassles" worth the benefits? 

Thursday, August 15, 2013

License to steal

theScore is a popular app for your smartphone or tablet, providing sports news and information.  FYI, if you install the app, you agree to give theScore permissions to:
  • Add or modify calendar events and send email to guests without owners’ knowledge
  • Read calendar events plus confidential information
My guess is that most of the people who install the app are not aware that this is a license to steal your identity and your employer's trade secrets.

Be assured, however, theScore has no such evil plans.  This was posted in Twitter by Kenny @ theScore:
"We realize the permissions don’t sound the best, but this is how Google makes them sound in the Play Store.  In the new app, in order to properly add a team’s, or event’s calendar event to your calendar we were required to ask for [all these] permissions...  I can assure you these are only to improve the experience of the app."

I am NOT assured!  I have not installed the app.  Instead, I have bookmarked ESPN in Chrome so I can get the scores I want on my smartphone without exposing me, my employer, my friends and my family to dire risks.

Trusted but untrustworthy apps running on users' laptops, smartphones and tablets have the potential to be Trojan horses when they have access to corporate networks and services (e.g., Exchange email).  My guess is that most of the people who are championing "bring-your-own-device" (BYOD) in the workplace are not aware of the risk.

Friday, August 09, 2013

Privacy News

Walter Pincus has a sober and sobering column in the Washington Post today.  The gist of it is,

"Many people love the convenience of the Internet and cellphones and ever-multiplying social-media applications. What many don’t always focus on, however, is how easily outsiders can invade their lives.
"The June disclosure that the National Security Agency is collecting everyone’s telephone records and storing them for five years as part of anti-terrorism efforts has caused an uproar.
"Get used to it. The gathering of such data, whether by private commercial enterprises, hackers or governments — ours or foreign ones — is part of 21st- century life."

The comments posted by readers provide an interesting discussion of the issue.

In related news, it is reported today that a "secure email service" has shut down rather than cooperate with US government surveillance orders.  See this article from ZDNet.  NB, all the service really did was encrypt subscribers' messages stored on their servers.  Unless people encrypted their messages prior to transmission, messages would travel the Internet as plain text, readable by prying eyes.

Ironically, the US Government has recently developed bioethical rules for the handling cell lines in medical research which protects the privacy of persons related to the donors of cells for generations, eg the great-grandchildren of donors will now have a say in how the cells are used and by whom.  See this.

Thursday, August 08, 2013

Business Cases for Windows 8

Um....  there must be some.  I'm not able to think of any...  

Okay, here's one: Microsoft wants to make some more money.  With effective control of business PCs through its Windows and Office software, they can force users to buy Windows and Office upgrades and new versions. 

That's not your computer, it's Microsoft's.  If you want to keep using it, pay up!

Don't be getting smug if you own a Mac.  That's not your Mac, it's Apple's, and you'll pay more to Apple for a Mac than you will to Microsoft for a PC.