Monroe

Why don't you take a few minutes and join over at the forum link that I posted earlier. Ask your question (s) over there. Someone may have what you are looking for. My ThinkPads are the T4x series. I had a fan go bad and got some help and questions answered. I bought the wrong size fan from an eBay seller and got it all figured out with forum help. Upgraded CPUs and got help with buying the right thermal paste. Great bunch ... I need to spend more time there ... there are some nice utilities there for heat control made by forum members. There is a program utility called TPFC .62 ... TPFanControl by troubadix. There is also another fan utility that is worth checking out. I didn't even know about these programs till my fan stopped working. ...

So much for 'Doomsday' ... what about today ? ... right now ! From the article: "One of the planes is typically kept running at all times, with the engine running 24 hours a day at the Offutt base when the president is in the US. In the event of an emergency, the plane is ready to take off almost immediately." http://www.dailymail.co.uk/news/article-4634414/Pentagons-nuke-proof-Doomsday-planes-damaged-tornado.html Tornado knocks out half the Pentagon's fleet of nuke-proof 'Doomsday' planes Two E4-B Boeing 747s damaged by a tornado at Nebraska's Offutt Air Force Base Pentagon maintains a fleet of four of the 'Doomsday' flying command posts They transport the secretary of defense abroad and serve as flying fortresses Designed to remain in air for days at a time and withstand EM and thermal blasts By Keith Griffith For Dailymail.com and Afp Updated 24 June 2017 Two of the Pentagon's four specially reinforced 'Doomsday' planes, designed to withstand the heat from a nuclear blast, have been grounded after being damaged by a tornado. The Air Force said Friday that two E4-B Boeing 747s were damaged when a tornado whipped through Nebraska's Offutt Air Force Base with little advance warning on June 16. Built in the 1970s during the Cold War, the planes are essentially flying command centers that can refuel in the sky and are designed to remain airborne for days on end in times of crisis. The two damaged 'Doomsday' planes were reportedly parked in hangars during the storm, but their tails were exposed to strong winds. The Air Force has four E4-Bs, which also shuttle the secretary of defense around the world. 'Two E-4B National Airborne Operations Center aircraft stationed at Offutt AFB received storm damage,' Air Force spokesman Colonel Pat Ryder said. Not including the damage to aircraft, the tornado caused an estimated $7million to $10million in damage to the base facilities, 55th Wing spokesman Drew Nystrom told the Omaha World Herald. Additionally, seven RC-135 reconnaissance planes suffered minor damage in the tornado and another needed an inspection. The E-4B is a 747 that has been reinforced to protect against the electromagnetic pulse from a nuclear blast and is shielded from a thermal blast. The planes, also called 'National Airborne Operation Centers' when they are in-flight, have special equipment and have the capability to communicate with anyone from anywhere in the world and support analysts and strategists on the flight. ...

Yes, it is as you said ... I already had two of those five updates installed and those updates were not installed again ... but I did need three out of the five. So all is well. ...

You might also try and may actually have better luck at the ThinkPads Forum Support Community and then under the "ThinkPad T6x Series T60/T61" https://forum.thinkpads.com/index.php?sid=9831764d83f02bca0c9dd4b4b04a598f There are several people there that sell parts for various ThinkPads and may have what you want. Lots of 'ThinkPad' knowledge and help over there. Just a few topics among many. ThinkPad T6x Series T60/T61 series specific matters only ThinkPad T4x Series T4x series specific matters only Several members also have parts and older ThinkPads for sale ... good place to be if you own a ThinkPad. ...

OK ... everything is clear now. I have downloaded these five Office updates that you posted earlier. 01 KB2596904 02 KB2825645 03 KB2984938 04 KB3085549 05 KB3191830 Will install them offline ... never expected to be able to get my Office setup updated after no updates since early 2015. It's better than what I had going. Thanks Bersaglio for the assistance and download links. Thanks also to Dave-H and heinoganda. ...

I should have mentioned that I already installed the NON POS updates released in May and June by MS and posted here by Bersaglio. I installed those a few days ago ... a total of 12 updates. Windows XP SP3 Updates (06-2017) 01 Security Update for Windows XP SP3 (KB4012598) 05/13/2017 02 Security Update for Windows XP SP3 (KB4012583) 06/10/2017 03 Security Update for Windows XP SP3 (KB4022747) 06/10/2017 04 Cumulative Security Update for IE8 for Windows XP SP3 (KB4018271) 06/10/2017 05 Security Update for Windows XP SP3 (KB4018466) 06/10/2017 06 Security Update for Windows XP SP3 (KB3197835) 06/10/2017 07 Security Update for Windows XP SP3 (KB4024323) 06/10/2017 08 Security Update for Windows XP SP3 (KB4024402) 06/10/2017 09 Security Update for Windows XP SP3 (KB4025218) 06/12/2017 10 Security Update for Windows XP SP3 (KB4019204) 06/10/2017 -------------------------------------------------------------------------------- If the following updates do not exist, install them. 11 Security Update for Windows XP (KB2705219) 10/08/2012 12 Security Update for Windows XP (KB2347290) 09/13/2010 ... and then yesterday I installed: Office 2007 Compatibility Pack June 2017 01 KB3127894 02 KB3191828 03 KB3203436 04 KB3203438 I read the post by Dave-H (one hour ago) and he mentions that I may have all the updates I need. So all these May (1 update) and June updates are installed on my XP system. Bersaglio and heinoganda ... I will have more time to check out what you posted and experiment later today or tonight. With what Dave-H posted and with all the June non POS updates installed ... maybe for the little I use MS Office 2000 these days ... the four Office 2007 June updates that I installed may be OK for my setup. I will still try to see if I can get the Windows update working again. If not, then it's no big deal ... everything in my XP setup is working just fine and I have backups to recover from a failure. thanks ...

Have a question about MS Office 2000 and the Microsoft Office 2007 Compatibility pack. I decided not to get POS updates on my WinXP machine but I still would do the monthly update check. I was still getting updates for my Office 2000 setup ... until early 2015 when I could no longer get these updates. The update check no longer worked, it would run forever and the computer got hot so I decided to just quit checking for future Office 2007 Compatibility pack updates. With the Office 2007 Compatibility Pack updates that Bersaglio supplied for June ... I downloaded those and they installed just fine. My question is ... I am probably missing many Office 2007 Compatibility pack updates since March 2015. These June updates are not 'cumulative' I suppose ... so there must still be over two years of updates that I am missing on my Office 2000 setup? Am I correct on this? Now I don't think it's that important since I don't use Office 2000 that much these days ... only if I run into a Word document somewhere. Also, if I do use Office 2000, I am always (usually) 'offline' ... no internet connection. So the fact that I have missed so many security Office 2007 Compatibility pack updates is probably not a big deal in my case ... am I correct in my thinking or am I missing something? thanks ...

Something to look forward to if you live in the path. It will start in Oregon and end in South Carolina. http://news.trust.org/item/20170621100154-zx7n3 Two-month countdown begins to total solar eclipse across U.S. Irene Klotz - Reuters Wednesday, 21 June 2017 CAPE CANAVERAL, Fla., June 21 (Reuters) - Two months before the first total solar eclipse to cross the continental United States in a century, NASA on Wednesday is expected to detail its plans to study and promote a celestial show that will darken skies from Oregon to South Carolina. During the Aug. 21 eclipse, the moon will pass between the sun and Earth, blocking the face of the sun and leaving only its outer atmosphere, or corona, visible in the sky. It is the first coast-to-coast total eclipse since 1918. Weather permitting, astronomy enthusiasts can watch as the moon's 70-mile (113-km) wide shadow crosses the country, starting at 10:15 a.m. PDT (1715 GMT) around Lincoln Beach, Oregon, and ending at 2:49 p.m. EDT (1849 GMT) in McClellanville, South Carolina. The U.S. National Aeronautics and Space Administration will discuss several solar physics and Earth science experiments to be conducted during the eclipse in a news conference on Wednesday afternoon. The agency also plans live broadcasts during the eclipse from dozens of locations along the path. Total solar eclipses occur somewhere on Earth every year or so, but most cast their shadow over oceans or remote land. The last time a part of the contiguous U.S. saw a total eclipse was in 1979. All of North America will experience a partial eclipse, though the difference between a full and partial eclipse is "literally the difference between night and day," said astronomer Rick Fienberg of the American Astronomical Society. He noted that even a 99 percent eclipse will not reveal the sun's corona. And during a total eclipse, the temperature drops and the horizon is ringed by the colors of sunset. "The sky gets deep twilight blue and bright stars and planets come out," Fienberg said. "Animals and birds behave strangely, like it's the end of the day." More than 12 million Americans live in the path of the full eclipse, said astronomer Angela Speck, who heads the society's eclipse public outreach campaign. The entire U.S. population, except for northern Maine, lives within 900 miles of the full eclipse's path. Travel groups and many scientists will be heading to Oregon's northwest desert, which has the best odds of favorable weather for viewing, according to the website eclipsophile.com. Experts caution that the only safe time to look at the sun without special eclipse glasses is during totality when the surface of the sun is completely blocked by the moon. (Editing by Letitia Stein and Phil Berlowitz) ...

I guess this can be said for the clock and especially the battery or batteries. Not sure if it has one or two or a rechargeable type battery ... still an amazing story. The battery or batteries haven't corroded or starting leaking yet. I would think it would kind of be 'like an old friendly sound' now ... probably would miss it if it does finally stop one day. Pennsylvania Alarm Clock Stuck in Wall for 13 Years Goes Off Every Day http://www.foxnews.com/us/2017/06/20/pennsylvania-alarm-clock-stuck-in-wall-for-13-years-goes-off-every-day.html June 20, 2017 - Fox News A Pennsylvania homeowner is reminded of the alarm clock that's stuck in the wall of his home when it goes off -- every day for the last 13 years. Jerry Lynn told KDKA that he dropped the alarm clock in September 2004 while trying to drill a hole in the living room wall of his home in Ross. Lynn said he was using the alarm clock to pinpoint the spot where he could run a wire to connect his television. "As I was laying it down, all of a sudden I heard it go ‘thunk!’ as it came loose," Lynn told the news station. "I thought, well, that’s not a real problem. You know it’s still going to go off. And it did." Lynn and his wife Sylvia thought the clock's battery would run out in three or four months, but 13 years later, they're still hearing the beeps. "It is still going off every day. And during Daylight Saving Time it goes off at ten minutes ’til eight. And during standard time it goes off at ten minutes to seven at night," Lynn said. The couple said the alarm starts off as soft "beep, beep, beeps" and increasingly gets louder and closer together. "That will set people like, 'What is that?'" Sylvia Lynn said. The couple said for them, the alarm has become a routine sound they hear every night. ...

I suppose the only sure way to stop everything is for a person to have their phone turned off. It's not a good fix when seconds may be important for an emergency ... and if you have a password also to type in, more seconds involved. ...

This is a whopper ... 25 Terabytes of Data Exposed. From the article: "The databases were part of 25 terabytes of files contained in an Amazon cloud account that could be browsed without logging in. The account was discovered by researcher Chris Vickery of the security firm UpGuard. The files have since been secured. Vickery is a prominent researcher in uncovering improperly secured files online. But, he said, this exposure is of a magnitude he has never seen before "In terms of the disc space used, this is the biggest exposure I've found. In terms of the scope and depth, this is the biggest one I've found," said Vickery." -------------------------------------------------------------------------------------- http://thehill.com/policy/cybersecurity/338383-data-on-198-million-us-voters-left-exposed-to-the-internet-by-rnc-data Data on 198M voters exposed by RNC contractor By Joe Uchill - 06/19/17 A data analytics contractor employed by the Republican National Committee (RNC) left databases containing information on nearly 200 million potential voters exposed to the internet without security, allowing anyone who knew where to look to download it without a password. "We take full responsibility for this situation," said the contractor, Deep Root Analytics, in a statement. The databases were part of 25 terabytes of files contained in an Amazon cloud account that could be browsed without logging in. The account was discovered by researcher Chris Vickery of the security firm UpGuard. The files have since been secured. Vickery is a prominent researcher in uncovering improperly secured files online. But, he said, this exposure is of a magnitude he has never seen before "In terms of the disc space used, this is the biggest exposure I've found. In terms of the scope and depth, this is the biggest one I've found," said Vickery. The accessible files, according to UpGuard, contain a main 198 million-entry database with names, addresses of voters and an "RNC ID" that can be used with other exposed files to research individuals. For example, a 50-gigabyte file of "Post Elect 2016" information, last updated in mid-January, contained modeled data about a voter's likely positions on 46 different issues ranging from "how likely it is the individual voted for Obama in 2012, whether they agree with the Trump foreign policy of 'America First' and how likely they are to be concerned with auto manufacturing as an issue, among others." That file appears in a folder titled "target_point," an apparent reference to another firm contracted by the RNC to crunch data. UpGuard speculates that the folder may imply that the firm TargetPoint compiled and shared the data with Deep Root. Another folder appears to reference Data Trust, another contracted firm. UpGuard analyst Dan O'Sullivan looked himself up in the database and writes in the official report that the calculated preferences were, at least for him, right on the money. "It is a testament both to their talents, and to the real danger of this exposure, that the results were astoundingly accurate," he said. The Deep Root Analytics cloud server had 25 terabytes of data exposed, including 1.1 terabytes available for download. Over the 2016 election season, the RNC was a major client of Deep Root, one of a handful firms it contacted for big data analysis. Firms like Deep Root Analytics use data from a variety of sources to extrapolate social and political preferences of voters to determine how best to market to them. According to Ad Age, the RNC spent $983,000 between January 2015 and November 2016 for Deep Root's services and $4.2 million for TargetPoint's. "Deep Root Analytics builds voter models to help enhance advertiser understanding of TV viewership. The data accessed was not built for or used by any specific client. It is our proprietary analysis to help inform local television ad buying," said Deep Root Analytics in their statement. Misconfigured cloud servers and online databases are a common way for data to be accidentally left exposed to the public. Vickery has found everything from military engineering plans to databases of believed terrorists in exactly this way. What is uncommon in this case is the size and scope of this exposure. If its records are accurate, the Deep Root Analytics exposure contains information on more than half of the American population. It dwarfs the second-largest exposure of voter information — 93.4 million records of Mexican citizens — by more than 100 million voters and tops the largest data breach of voter information — 55 million records of Philippine voters — by more than 140 million. Anyone who knew the files' web address could have accessed them. But without that knowledge, they are much harder to find. Even armed with a search for unsecured databases, finding exposures of any magnitude is tough work. Vickery sifts through a large number of unsecured databases to find ones that interesting enough to publish research. Deep Root has contracted the security firm Stroz Friedberg to perform a thorough investigation of the exposure. The exposure, between June 1 and June 14, was sealed shut shortly after Vickery made the discovery during the night of June 12 and notified relevant regulatory bodies.

I forgot about the old Wellness Card ... probably still have it in a box somewhere. Well, that's my problem with the Plenti Card ... I only got it to get savings at checkout. I never went online to complete the whole process with Plenti ... so the card was only good at Rite Aid and not at any other stores in the system. So last year a nice clerk at Rite Aid asked if I would like to 'complete' my signup with Plenti ... she said she could do it right there at the register. I decided to let her finish the setup instead of me fooling around online but I did not get a password to log into my Plenti account for later on. I didn't think I really needed one, I was only going to use the card at Rite Aid ... I get a monthly statement (e-mail) from Plenti but yesterday morning I wanted to check something and I had to log in but I had no password. So at most sites you can request a temporary password to be sent to log in and then set your own password. This is where all the trouble started. I put my email in the space and hit next and then this stupid CAPTCHA popped up with street signs and cars and or store fronts. I just went around and around and never could get the CAPTCHA correct to get a temporary password sent and I left pi$$ed off and frustrated. It wasn't so much Rite Aid and Plenti but more about this CAPTCHA junk. I was curious to see if others are also frustrated with this new type of CAPTCHA. It's been around for awhile but more web sites seem to 'adopting' this particular one. I just can't seem to find all the cars, street signs or whatever. For instance when street signs are involved ... do you also check the street sign poles in the other squares? It's not a 'street sign' square picture but it's part of the street sign. I've tried the check marks both ways and most of the time it's a no go. ...

Today I went around and around with the Rite Aid and Plenti points site they are affiliated with. These are the new stupid CAPTCHA windows where a person has to check all the squares with 'street signs', 'store fronts' or 'cars'. I never seem to be able to get any of these correct and you maybe waste ten minutes or more of your life before you can move on ... sometimes you can never get it right. This is what happened to me this morning ... over 40 minutes and two different log ins and the Rite Aid - Plenti CAPTCHA was a no go. I am going to call Rite Aid later today on their 800 number and try to change my password over the phone with a human ... or I will ask if I can write it on a slip of paper and mail it to them. My last recourse is to print it right here with the 'hope' that someone affiliated with the Rite Aid - Plenti program is a member of MSFN or will read my post and go into my account an change my password for me. Here is my brand new Rite Aid - Plenti password ... Monroe's new password : 90cY=f5cBb+r Please change it for me at your first opportunity so I no longer have to find all the 'street signs' or 'cars' at your online web site. No matter how many boxes I check, it's never correct ... life is too short to waste time this way in 2017 ! I will probably visit my local Rite Aid - Plenti a lot less after my experience this morning at your web site. After thirty minutes of 'pure frustration' I felt like I was going to have a stroke ... and you're supposed to be a 'health and wellness' corporation ... I don't think so ! I will go to store across the street. ... this seems to be a real problem for others also ... with many online sites. “Images with Street Signs” CAPTCHA Impossible to Solve https://meta.stackexchange.com/questions/267214/images-with-street-signs-captcha-impossible-to-solve ...

Glad you have confirmed everything is right again. I still think a large part of it had to do with something in the 'ocean' or some signals coming out of the Bermuda Triangle. If only Captain Nemo were still here ... he had a great understanding of the ocean and it's mysteries !!! ...

sdfox7 ... thanks for the link and the information. I usually look for the term 'NPAPI' for the K-Meleon and Pale Moon download. Getting harder to find all these correct flash player downloads. I don't remember that 1.1 MB short download from earlier downloads, maybe it was there last month. Thanks again ...

I got the download link and download for the IE version but I don't see any download link for Firefox and Pale Moon ... NPAPI. I want the link for one complete download and not the small 1.1 mb download. thanks .... this should have been placed in the 'Newest Adobe Flash and Shockwave, and Java, too!' thread ... please move it there.

dencorso ... just installed the new Shockwave update and I had no ads popping up. It installed as it always has. I was using your download link that I had save from before. Shockwave Player Link This link always points to the current (latest) non-adware English version. It's actually a permanent link. sw_lic_full_installer.exe http://fpdownload.macromedia.com/get/shockwave/default/english/win95nt/latest/sw_lic_full_installer.exe ... this is the link I used with no ads. Maybe another 'mystery of the sea' .

Just noticed there is a new Shockwave update dated 13 June 2017 ... Shockwave Player 12.2.9.199 ...

I don't want to hijack this thread dealing with my older computers ... so I will make this my last post here and start a new thread for more questions. I'm looking at this on Amazon ... PCMCIA https://www.amazon.com/TOOGOO-Port-Express-PCMCIA-Laptop/dp/B00UFJ014Q/ref=sr_1_3?ie=UTF8&qid=1497115072&sr=8-3&keywords=USB+3.0+PCMCIA TOOGOO(R)3 Port USB 3.0 Express Card 54mm PCMCIA Express Card for Laptop NE Price:$10.41 & FREE Shipping The card is suitable for the interface ExpressCard 54 mm. With this USB 3.0 ExpressCard you can provide two additional USB 3.0 ports for your notebook easily and comfortably. ... I'm not sure what the 54mm is exactly ... need to read and figure all this out. Will keep reading for more ideas. this is also USB 3.0 and it looks like it has a USB standard plug but it does not take flash drives ... just various cards. TNP USB 3.0 SuperSpeed All-in-1 Multi Memory Card Reader for Compact Flash/ Micro SD / SD/ CF / XD / M2 / MS Cards with USB 3.0 Cable Black/Silver Price:$16.99 & FREE Shipping on orders over $25 https://www.amazon.com/TNP-SuperSpeed-Memory-Reader-Compact/dp/B013JP4PAS/ref=sr_1_2?ie=UTF8&qid=1497115072&sr=8-2&keywords=USB+3.0+PCMCIA ... as for Pale Moon, I have tried Firefox and just don't care for it ... it really eats my memory up at times and my computer starts running hot ... Pale Moon seems to be a little 'easier' on my notebook for heat 'most' of the time. Just to add ... I don't use Pale Moon all that much, mostly for banking and other password sites. Most of the time I use: K-Meleon 18.24 K-Meleon 75.1 K-Meleon 76 Pro ...

OK ... two fast replies already. It was too much to hope for that USB 3.0 might work ... but with this new information I can do further research. I can live with the 2.0 speed but the faster speed would be really nice on larger downloads. My computers are old as you guessed, around 2004/2005 timeframe ... T41 and two T42s ... still working great in 2017. Still a great project happening here. I am also interested in seeing if the newer Pale moon versions will work in XP ... my last XP version is from Nov 2016 ... when XP was dropped. ...

This is probably a dumb question but the possibility of having USB 3.0 working on WinXP sounds great. I have older computers (IBM Thinkpads) that are USB 2.0. I do have a couple of newer flash drives that are listed as USB 3.0 but on my computers they work as USB 2.0. So the question would be ... if ExtendedXP does have USB 3.0 working later on ... and I'm sure it will ... will these USB 3.0 flash drives work as USB 3.0 flash drives on my computer? I'm thinking the USB 3.0 will only be for WinXP on a newer computer with USB 3.0 ports ... but maybe I'm wrong. ...

This article is from last year (2016) dealing with 'dog whistle beacons'. From the article: "The technology, called ultrasonic cross-device tracking, embeds high-frequency tones that are inaudible to humans in advertisements, web pages, and even physical locations like retail stores. These ultrasound "beacons" emit their audio sequences with speakers, and almost any device microphone—like those accessed by an app on a smartphone or tablet—can detect the signal and start to put together a picture of what ads you've seen, what sites you've perused, and even where you've been." Beacons and hackers: "Ideally the beacons would authenticate with the receiving apps each time they interact to reduce the possibility that a hacker could create phony beacons by manipulating the tones before sending them. But the beacons need to complete their transmissions in the time it takes someone to briefly check a website or pass a store, and it's difficult to fit an authentication process into those few seconds. The researchers say they've already observed one type of real-world attack in which hackers replay a beacon over and over to skew analytics data or alter the reported behavior of a user. The team also developed other types of theoretical attacks that take advantage of the lack of encryption and authentication on beacons." https://www.wired.com/2016/11/block-ultrasonic-signals-didnt-know-tracking/ How to Block the Ultrasonic Signals You Didn't Know Were Tracking You ly Hay Newman - security 11.03.16 Dystopian corporate surveillance threats today come at us from all directions. Companies offer "always-on" devices that listen for our voice commands, and marketers follow us around the web to create personalized user profiles so they can (maybe) show us ads we'll actually click. Now marketers have been experimenting with combining those web-based and audio approaches to track consumers in another disturbingly science fictional way: with audio signals your phone can hear, but you can't. And though you probably have no idea that dog whistle marketing is going on, researchers are already offering ways to protect yourself. The technology, called ultrasonic cross-device tracking, embeds high-frequency tones that are inaudible to humans in advertisements, web pages, and even physical locations like retail stores. These ultrasound "beacons" emit their audio sequences with speakers, and almost any device microphone—like those accessed by an app on a smartphone or tablet—can detect the signal and start to put together a picture of what ads you've seen, what sites you've perused, and even where you've been. Now that you're sufficiently concerned, the good news is that at the Black Hat Europe security conference on Thursday, a group based at University of California, Santa Barbara will present an Android patch and a Chrome extension that give consumers more control over the transmission and receipt of ultrasonic pitches on their devices. Beyond the abstract creep factor of ultrasonic tracking, the larger worry about the technology is that it requires giving an app the ability to listen to everything around you, says Vasilios Mavroudis, a privacy and security researcher at University College London who worked on the research being presented at Black Hat. "The bad thing is that if you’re a company that wants to provide ultrasound tracking there is no other way to do it currently, you have to use the microphone," says Mavroudis. "So you will be what we call ‘over-privileged,’ because you don’t need access to audible sounds but you have to get them." This type of tracking, which has been offered in some form by companies like Silverpush and Shopkick, has hardly exploded in adoption. But it's persisted as more third party companies develop ultrasonic tools for a range of uses, like data transmission without Wi-Fi or other connectivity.^1^ The more the technology evolves, the easier it is to use in marketing. As a result, the researchers say that their goal is to help protect users from inadvertently leaking their personal information. "There are certain serious security shortcomings that need to be addressed before the technology becomes more widely used," says Mavroudis. "And there is a lack of transparency. Users are basically clueless about what’s going on." Currently, when Android or iOS do require apps to request permission to use a phone's microphone. But most users likely aren't aware that by granting that permission, apps that use ultrasonic tracking could access their microphone—and everything it's picking up, not just ultrasonic frequencies—all the time, even while they're running in the background. The researchers' patch adjusts Android's permission system so that apps have to make it clear that they're asking for permission to receive inaudible inputs. It also allows users to choose to block anything the microphone picks up on the ultrasound spectrum. The patch isn't an official Google release, but represents the researchers' recommendations for a step mobile operating systems can take to offer more transparency. To block the other end of those high-pitched audio communications, the group's Chrome extension preemptively screens websites' audio components as they load to keep the ones that emit ultrasounds from executing, thus blocking pages from emitting them. There are a few old services that the extension can't screen, like Flash, but overall the extension works much like an ad-blocker for ultrasonic tracking. The researchers plan to post their patch and their extension available for download later this month. Ultrasonic tracking has been evolving for the last couple of years, and it is relatively easy to deploy since it relies on basic speakers and microphones instead of specialized equipment. But from the start, the technology has encountered pushback about its privacy and security limitations. Currently there are no industry standards for legitimizing beacons or allowing them to interoperate the way there are with a protocol like Bluetooth. And ultrasonic tracking transmissions are difficult to secure because they need to happen quickly for the technology to work. Ideally the beacons would authenticate with the receiving apps each time they interact to reduce the possibility that a hacker could create phony beacons by manipulating the tones before sending them. But the beacons need to complete their transmissions in the time it takes someone to briefly check a website or pass a store, and it's difficult to fit an authentication process into those few seconds. The researchers say they've already observed one type of real-world attack in which hackers replay a beacon over and over to skew analytics data or alter the reported behavior of a user. The team also developed other types of theoretical attacks that take advantage of the lack of encryption and authentication on beacons. The Federal Trade Commission evaluated ultrasonic tracking technology at the end of 2015, and the privacy-focused non-profit Center for Democracy and Technology wrote to the agency at the time that "the best solution is increased transparency and a robust and meaningful opt-out system. If cross-device tracking companies cannot give users these types of notice and control, they should not engage in cross-device tracking." By March the FTC had drafted a warning letter to developers about a certain brand of audio beacon that could potentially track all of a users' television viewing without their knowledge. That company, called Silverpush, has since ceased working on ultrasonic tracking in the United States, though the firm said at the time that its decision to drop the tech wasn't related to the FTC probe. More recently, two lawsuits filed this fall—each about the Android app of an NBA team—allege that the apps activated user microphones improperly to listen for beacons, capturing lots of other audio in the process without user knowledge. Two defendants in those lawsuits, YinzCam and Signal360, both told WIRED that they aren't beacon developers themselves and don't collect or store any audio in the spectrum that's audible to humans. But the researchers presenting at Black Hat argue that controversy over just how much audio ultrasonic tracking tools collect is all the more reason to create industry standards, so that consumers don't need to rely on companies to make privacy-minded choices independently. "I don’t believe that companies are malicious, but currently the way this whole thing is implemented seems very shady to users," says Mavroudis. Once there are standards in place, the researchers propose that mobile operating systems like Android and iOS could provide application program interfaces that restrict microphone access so ultrasonic tracking apps can only receive relevant data, instead of everything the microphone is picking up. "Then we get rid of this overprivileged problem where apps need to have access to the microphone, because they will just need to have access to this API," Mavroudis says. For anyone who's not waiting for companies to rein in what kinds of audio they collect to track us, however, the UCSB and UCL researchers software offers a temporary fix. And that may be more appealing than the notion of your phone talking to advertisers behind your back—or beyond your audible spectrum. ^1^Correction 11/3/2016 6:20pm EST: An earlier version of this article stated that the cross-device tracking companies 4Info and Tapad use ultrasonic tracking. Both companies say they don't use the form of tracking the researchers describe. ...

From the article: "Samsung’s beacon technology lets it watch EVERYTHING you’re browsing – even porn." Someone in the comments says that 'all' smartphones do this ... I don't know, I don't have one. SPY-PHONE - Samsung’s ‘peeping Tom’ smartphones can listen and watch what you do on the web while monitoring your emails to target you with ads The Sun can exclusively reveal that many Brits have no idea they've allowed Korean manufacturer Samsung to monitor them through their smartphone https://www.thesun.co.uk/tech/3751944/samsungs-peeping-tom-smartphones-listen-and-watch-what-you-do-on-the-web-while-monitoring-your-emails-to-target-you-with-ads/ Exclusive By Margi Murphy Updated: 8th June 2017 SAMSUNG phones use technology which can spy on what you’re reading and watching online – and monitor emails in your inbox. The phones switch onto spy mode after they are alerted by a “beacon” often embedded in web pages or sent as an ultrasonic signal hidden in telly or online adverts. Samsung have been using beacons or pixels to track your phone use for some time – and YOU agreed to it After learning of the Sun Online investigation, Jim Killock, Executive Director of Open Rights Group warned that “Samsung want to get to know you – but they are behaving like a peeping Tom”. He added: “Samsung have taken spying on their customers to a whole new level. “What you can’t see, and can’t hear, won’t worry you — or so it hopes. “It needs to own up and switch it off before their customers wise up and ditch them.” If you use a Samsung phone, it’s likely that you’ve already agreed for the phone maker to snoop on you. The Korean manufacturer makes reference to it on several pages in on its privacy policy. It writes: “We, along with certain third parties, also may use technologies called beacons or pixels that communicate information from your device to a server. “Beacons can be embedded in online content, videos and emails and allow a server to read certain types of information from your device, know when you have viewed particular content or a particular email message, determine the time and date on which you viewed the beacon and the IP address of your device.” They explain that they are doing this for a “variety of purposes” including to analyse how the phones are being used and “to provide content and ads that are more relevant to you”. Google recently removed apps that used ultrasonic beacons to track users after hero computer scientists discovered 230 apps that secretly tracked Android smartphone owners. The German government-sponsored group warned that “device tracking is a serious threat to the privacy of users, as it enables spying on their habits and activities”. Apple clearly states on its privacy policy that it uses pixel tags and web beacons on its websites, online services, interactive apps, emails and adverts but says it will not share your IP address (which can identify your location, name and personal details) with third parties. There are many different kinds of beacons, including ultrasonic, media tracking and location beacons. Location beacons can be incredibly helpful – like in the case of Gatwick airport where it is using the technology to help guide passengers to their boarding gates. The beacons provide a Google Maps-style service which helps navigate from Duty Free to your departure gate. But they are more commonly used to create intrusive profiles of a user so they can be sold customised advertising. Samsung’s beacon technology lets it watch EVERYTHING you’re browsing – even porn. German researchers claimed these ultrasonic beacons can “link the watching of even sensitive content such as adult movies or political documentations to a single individual – even at varying locations. “Advertisers can deduce what and how long an individual is watching and obtain a detailed user profile to deliver highly customised advertisements,” they wrote. Tristan Liverpool, Director of Systems Engineering, F5 Networks told The Sun Online that smartphone manufacturers used beacons as a way to promote their devices and nab a cut of any sales for retailers made using their phones. He said: “Beaconing is an inconspicuous way of marketing and apps have increasingly incorporated ultrasonic tones to monitor consumers. “They ask permission to access your smartphone microphone, then listen for inaudible ‘beacons’ that emanate from retail stores, advertisements and even websites. “If you’re not paying attention to the permissions you grant, you could be feeding marketers and other entities information about your online browsing, what stores you go to and your product preferences without realising it. “Smartphone manufacturers can use this method as another way to promote their devices, and as another revenue stream by taking a percentage of any new business generated for retailers.” Samsung has not answered the Sun Online’s requests for comment.

Facebook wants to spy on people through their smartphone camera and analyse the emotions on their face https://www.thesun.co.uk/tech/3738170/facebooks-plans-to-watch-you-through-your-smartphone-camera-as-you-scroll-through-social-network-revealed/ Social network patents technology which monitors users' reactions to the posts, messages and adverts they see on its app By Margi Murphy Updated: 6th June 2017 FACEBOOK has been secretly developing creepy technology which spies on people and automatically analyses their facial expressions. The social network applied for a patent to capture pictures of a user through their smartphone. CBI Insights found a patent granted in May which lets Facebook determine your emotion using pictures through your smartphone camera The creepy designs, which date back to 2015, were discovered by software company CBI Insight, which has been analysing Mark Zuckerberg’s “emotion technology”. Patent documents contain illustrations showing a person holding a smartphone with a camera taking a picture from which “emotion characteristics” like smiling or frowning are detected. If the person appears to like what they’re seeing, Facebook could place more of the same type of content in front of them. Patents don’t always make it through to the end product- so it’s not clear whether Facebook will bring out this new feature. Researchers at CBI Insights warned that the plans could put a lot of people off using the service. “On the one hand, they want to identify which content is most engaging and respond to audience’s reactions, on the other emotion-detection is technically difficult, not to mention a PR and ethical minefield,” it wrote in a blogpost. But that’s not all. Facebook appears to have tested out similar technology to work out which emoji to send to people using a selfie. If you’re smiling, it could automatically send a smiley face and vice versa. Its most recent emotional patent – which was granted on 25 May this year – aims to tackle a dilemma many of us will have faced. It can be difficult to make your text messages come across exactly as you mean them to, and sarcasm or jokes are often lost in translation – leading to some awkward conversations. A new tool lets the social network to give your texts more feeling – so they won’t be misconstrued. The system picks up data from the keyboard, mouse, touchpad, touchscreen to detect typing speed and how hard the keys are pressed. Facebook will accordingly change the text font and size, before shaping to make it more emotive and relevant to your mood. Facebook said that it does not currently offer tools to detect emotion. If you want to check what Facebook sees and shares about you, check out its privacy policy here. https://www.facebook.com/about/basics ...

Yes you are right ... I thought I had remembered seeing all that some time back but I went to page 4 or 5 and never spotted it. I will move the content over to that thread and maybe someone can delete my post. thanks,