JorgeA Posted May 13, 2014 Author Share Posted May 13, 2014 ... Personal cloud services are an important advance. To ignore them is to remain stuck in the PC era as the rest of the world moves on ... No problemo. Another great illustration! Here's a bit more about the joys of cloud computing: Warning: Dropbox and Box File Sharing Security Bug A recent report from Intralinks – a cloud storage service provider and a direct competitor of both Dropbox and Box – details how the company found a sharelink disclosure vulnerability in both Dropbox.com and Box.com. [...] ...[W]hen analyzing their latest Google Ad campaign metrics, Intralinks noticed something quite peculiar. In addition to competitor company name keywords and other common search phrases, they found direct sharelinks to sensitive documents hosted on Dropbox.com and Box.com acting as referral search terms to their website. When they pasted these sharelinks into their web browser’s navigation bar, Intralinks employees were granted direct access to individual Dropbox/Box user files. According to a statement from Intralinks’ CTO, Richard Anstey, files included “several tax returns, a mortgage application, bank information and personal photos. In one case, corporate information including a business plan was [also] uncovered.” To those just coming across this thread -- still want to keep your stuff in the cloud? --JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted May 13, 2014 Share Posted May 13, 2014 To those just coming across this thread -- still want to keep your stuff in the cloud? JFYI:http://www.techtangerine.com/2009/06/02/ten-reasons-why-cloud-computing-is-a-bad-idea/ jaclaz Link to comment Share on other sites More sharing options...
Formfiller Posted May 14, 2014 Share Posted May 14, 2014 LOVE those images!! Do you create them yourself? Here's some more about the pleasures and perils of cloud computing: 'Everything as a service': A key piece of Microsoft's push to get IT to the cloud Will these latest overtures do anything to win over IT pros and developers who are still not willing to take their first tentative steps toward the cloud? The reaction among the thousands attending TechEd in Houston this week should be a good litmus test. Judging from the comments at the bottom, they have their work cut out for them: I think Microsoft is in bed deeper with the NSA than one can possibly imagine. Operating System as a Service? LOL. Over my dead body. This comment from the article is also quite good: The whole thing stinks. Its too obvious.Ive been saying for probably close to 2 years now that this whole cloud thing is where MS and all the big players want it to go. The reasons are obvious and they are vastly to the benefit of the big IT companies, not the users.I wondered why Microsoft was so interested in the cloud. About a year ago it sunk in. Firstly, and foremost above all, Microsoft had seen the writing on the wall with XP. PC sales were slowing and that means new Windows OS licences were slipping as well. There no doubt were fewer upgrade "OS only" purchases. Improved hardware and the refusal of XP to die were the real culprits, yet the ABM crown threw the inevitable red herring in the ring claiming that new tablet purchases were the culprit because Windows was about to die entirely. Common sense said this was dead wrong. Nobody at least in any significant way was replacing their desktop or laptop Windows PC with an iPad. It just wasn't real. Sure, out of a world of seven BILLION people, there are always some who will be the exception to the rule, but there were no piles of no longer needed PC's sitting out back of businesses and I have never been in a home recently that had a PC in the past that still doesn't, even more in home PC's these days due to the broad proliferation of Windows laptops.It was a case of "if its still working, why replace it?" Many do rightly ask "don't they know that not giving up XP will open up security risks?? Well, there in exposes part of the fantasizing about problems that don't exist causes. We have heard nothing but claims of horrible security risks from the ABM crowd who claim that Windows PC's "fill up" with viruses and suffer never ending lock ups and BSOD's without end. They obviously say these ridiculous things because Windows PC's have always been much more prone to many more security risks than Linux or even Macs, and Windows machines have had the BSOD issue which did happen from time to time with Windows OS's at least up to XP, so the Windows haters played these tales like a fiddle to make it look like they were the brilliant ones for choosing ABM.The problem is, reality, as is often the case was a little different. BSOD's do not happen daily, particularly on workplace PC's that many of which do little more than keep an open line to the internet, do email and produce documents and work some fairly simple applications. While malware has always been significantly more prevalent for Windows machines its no where ever been near causing significant problems for the vast majority of users that the ABM crowd likes to complain of. The end result is that most people have been using XP for about ten years or more and have had so little problem with it, and have heard nothing but garbage about how terrible it is, now that there is genuine possibilities of widespread risk, nobody much in the countless millions of Joe Average crowd believes it. Those who suspect its true but want to continue to use XP because its been so good to them will continue to try and cope with as much AV and anti spyware they can load up on.Its been a fantastic and marvelous service the ABM crowd has done for the world in crying wolf all these years. Please attach great sarcasm to that.So, here we are, and MS and some others have figured out that when software lasts just about forever, and hardware now only slightly less if you take care of it, it really makes a dent in the repeat sales. So the cloud is now the solution for a much more regular, predictable and steady income stream.No more "selling" software to people. Instead, everything is going to be rented by the month. Millions on millions around the world paying monthly fees, no longer just for their internet connection, but for practically everything. Its a great play. Tell people they will always have the newest OS, the newest software and can store their stuff on the most secure servers in the world; much safer than your home PC with its cut rate AV and cheapo firewall.What they don't tell you is that over all your going to pay more in the end because you will either pay each month or you will pretty much have nothing.Over the years, Ive known a few unemployed people. They were hurting and had to cut their internet connection for a couple months or more. I also know these people still had perfectly functional word processing and office programs and others on their computer and could still play their games and look at their photos and edit and store new ones. And they could make resumes and print them off to look for a new job.In a few years, if the big IT players get their way, if you loose your internet connection, for any reason, your in a world of hurt. You got nuthin.I still cant believe so many are falling for this just because of a few promises of advantages that could have largely been replicated for the few who really want them with hardware and/or software solutions.But no, we have way to many morons who think that no matter what the new invention or way of doing things is, its cool because its new and "leading edge". Even if its just more money out of Joe Averages pocket for less coming back at him.To many people that don't look at reality around here. Just like the "Windows sucks" crowd who cried wolf for so many years even the truly non-IT savvy crowd seen it for lies.So here we are.And no thanks. Link to comment Share on other sites More sharing options...
JorgeA Posted May 14, 2014 Author Share Posted May 14, 2014 Soon police will be able to trace photographs back to the camera that took them Forensic experts have long been able to match a series of prints to the hand that left them, or a bullet to the gun that fired it. Now, the same thing is being done with the photos taken by digital cameras, and is ushering in a new era of digital crime fighting. New technology is now allowing law enforcement officers to search through any collection of images to help track down the identity of photo-taking criminals, such as smartphone thieves and child pornographers. ...as well as the identity of the scumbag who took that photo of the police officer beating up the homeless guy, or of the government minister taking an envelope from a drug kingpin at a fancy restaurant... --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 14, 2014 Author Share Posted May 14, 2014 From the, "the sky is blue" news desk: The Internet of Things could encroach on personal privacy You don't say! A recent White House report on big data wonders aloud about the capability of sensors and smart meters to turn homes into fish tanks, completely transparent to marketers, police -- and criminals. Smart meters with non-intrusive load monitoring (NILM) technology, which can analyze individual power loads, make it possible to know what you are doing and using in your home. [...] Electrical devices have unique signatures, and if home metering is sensitive enough it can "distinguish the microwave from refrigerator, or even the light bulb in the bathroom from the light bulb in the dining room," said Wicker in an interview. The information these systems can discover can be useful -- and invasive. It can alert homeowners to failing appliances, as well as provide marketers with the age and make of appliances, information that can also be used to glean the socioeconomic status of a resident. [...] After describing how smart metering system might be able to tell you what someone is doing inside their house, the White House report points out that once someone leaves their connected home, "facial recognition technologies can identify you in pictures online and as soon as you step outside. Always-on wearable technologies with voice and video interfaces and the arrival of whole classes of networked devices will only expand information collection still further. "This sea of ubiquitous sensors, each of which has legitimate uses, make the notion of limiting information collection challenging, if not impossible," said the government report. A treasure trove of information for official snoops. Prohibit selling the data? It'll still be available via subpoena, or by hacking. As we go blithely marching into 1984 territory... @jaclaz may be right: humanity is doomed. --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 14, 2014 Author Share Posted May 14, 2014 This comment from the article is also quite good: Yeah, that was a fantastic analysis! Thanks for quoting it. As much as I dislike Microsoft for various things it does, I have to say that Windows has become incomparably more stable since the days of Windows 98. I have a fresh installation of Win98FE (very lightly used), and it bluescreens every single time I go to shut down the computer. I get more BSODs on it in a week than I have in 5+ years of running my Vista system crammed full of installed applications. --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 14, 2014 Author Share Posted May 14, 2014 DOJ asks for new authority to hack and search remote computers The U.S. Department of Justice wants new authority to hack and search remote computers during investigations, saying the new rules are needed because of complex criminal schemes sometimes using millions of machines spread across the country. Digital rights groups say the request from the DOJ for authority to search computers outside the district where an investigation is based raises concerns about Internet security and Fourth Amendment protections against unreasonable searches and seizures. --JorgeA Link to comment Share on other sites More sharing options...
jaclaz Posted May 15, 2014 Share Posted May 15, 2014 Soon police will be able to trace photographs back to the camera that took them Forensic experts have long been able to match a series of prints to the hand that left them, or a bullet to the gun that fired it. Now, the same thing is being done with the photos taken by digital cameras, and is ushering in a new era of digital crime fighting. New technology is now allowing law enforcement officers to search through any collection of images to help track down the identity of photo-taking criminals, such as smartphone thieves and child pornographers. ...as well as the identity of the scumbag who took that photo of the police officer beating up the homeless guy, or of the government minister taking an envelope from a drug kingpin at a fancy restaurant... --JorgeAAs often happens, unfortunately, the peep that wrote the title has not understood anything of the actual paper, which is essentially non-news. It is years (and pre-dates the advent of digital photograph) that in most cases you can link an image to the camera that took it.The concept is very simple, every camera has slightly different "signatures". In the case of film, the rolling mechanism scratched the film with a recognizable pattern or the lens had a scratch or a tiny optical defect that often allowed the match.With digital images, what is used is the pattern of "malfunctioning" or "errors/noise" of the sensor, this concept is as old as digital photography.What the paper proposes: In this paper, we present a novel usage of the SPNfor digital image forensic purposes. We propose to ex-ploit SPN fingerprints to find social network accountsbelonging to a certain person of interest, who has shota given, known photo. We name this task Picture-to-Identity linking. It can be useful in a variety offorensic cases, e.g., on-line child abuse, defamation,finding stolen camera devices. To the authors’ bestknowledge, this application of the SPN has never beenproposed in the literature so far. We developed an im-plementation of Picture-to-Identity linking based onthe SPN extraction method proposed by (Lukas et al.,2006), and tested it on a benchmark data set of socialnetwork accounts collected from the Internet. The re-ported results are promising and show evidence of apractical usefulness of such technique for forensic in-vestigators. is simply to use this known technique on public photos on the internet's social network accounts.Something that may well be "news" in the academic world, but that not represents in itself anything but a "way of use" of a known technology. The usually lower quality of images published on the internet+the various manipulations done either by the user before publishing or by the site (to resize/strip metadata/etc.) give to this technique a very low rate of certainty, and as such - as the authors correctly state - can be used at the most as a triage method: The probability of correct recognition at the firstrank is above 56%, which is far higher than the ran-dom guess, but obviously not enough for a preciseidentification. One could argue that these scoring re-sults do not qualify data as evidence for its admissi-bility in court. It is correct to state that an evidence assuch shall be 100% attributable, as level of accuracy,to a subject (e.g. the victim, the suspect, etc.). How-ever, a ranked list of candidate identities can be valu-able for the forensic practitioner in the investigationphase (Casey, 2009). In fact, there are circumstanceswhere evidences lead to a pool of several people undersuspicion. For example, if law enforces are not ableto identify and seize cameras belonging to each ofthe suspects, images taken from their social networkaccounts could be used as a set of candidates to testagainst the probe picture, using the ranking techniqueproposed in this paper. Another scenario is when theinvestigator knows, from other trails, that the personof interest has certain characteristics (e.g., age, na-tionality, or ethnic group); accordingly, he/she can ex-clude the non-relevant identities in the ranked list re-turned by the proposed technique. E.g., in all suchcases the proposed method would help to skim offthe number of candidate identities related to the case,which, in conjunction with other facts, may speed upthe investigation and increase its accuracy. additionally (IMHO) the test image sets represent a scenario that is limited to a rather narrow hypothesis.The testing was made largely with a "many-to-many" comparison - as an example #3 is Flickr (93), Google + (70) - i.e. analyzing 93 images it was possible - still with a rather low confidence - to connect them to an account by finding the similar patterns on 70 "directly attributable" images.If either of the two sets is smaller (i.e. you fall in the few-to-many or one-to-many comparison) the accuracy lowers much. All in all an interesting use of known methods , but little more than that. jaclaz Link to comment Share on other sites More sharing options...
JorgeA Posted May 16, 2014 Author Share Posted May 16, 2014 Adobe Creative Cloud suffering extended outage Nope, it's not just you. Adobe's Creative Cloud is down for the count and has been for several hours, after suffering a cascade of escalating issues late Wednesday. The most recent status update, published 16 hours ago, simply says "We're currently investigating an issue affecting users trying to sign in to Creative Cloud services. We'll update again when we know more." The Creative Cloud homepage says the service is currently undergoing maintenance, simply imploring subscribers to check back later. Gotta wonder how many of these mass outages it's going to take before enough people decide it's actually more convenient (yes) to keep your files and programs on your own computer. That threshold number came a little more within reach thanks to this Adobe issue: Adobe ditched software licenses to go all-in on Creative Cloud subscriptions last May, to the chagrin of many users who didn't want their ability to tinker with local files tied so intricately to the whims of an Internet connection. Surprise! Those unhappy people are out in full disgruntled force today. A couple of the comments on Twitter: The Cloud - bringing you the computing reliability of the 1970s... today. "enjoy your teletyping terminal, users. One day we'll reinvent VT100, promise. --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 16, 2014 Author Share Posted May 16, 2014 Soon police will be able to trace photographs back to the camera that took them...As often happens, unfortunately, the peep that wrote the title has not understood anything of the actual paper, which is essentially non-news.[...] Thanks jaclaz, that was a good and informative analysis. --JorgeA Link to comment Share on other sites More sharing options...
TELVM Posted May 17, 2014 Share Posted May 17, 2014 This comment from the article is also quite good: The whole thing stinks. Its too obvious ... ... ^ Epic comment. ... I still cant believe so many are falling for this just because of a few promises of advantages that could have largely been replicated for the few who really want them with hardware and/or software solutions ... ^ Exactly my thoughts. And I'm just a humble tinkering user, not a pro. But it's so blatantly obvious that everyone with a tad of common sense should be able to spot it from a mile away. Link to comment Share on other sites More sharing options...
JorgeA Posted May 17, 2014 Author Share Posted May 17, 2014 On the one hand... Microsoft awarded with top honors for trying to protect customer data from the government Microsoft has earned top honors from the Electronic Frontier Foundation (EFF) for the company's efforts to protect customer data from the government. The rating was included in the Electronic Frontier Foundation’s fourth annual report grading technology companies on their approaches to customer data access requests by government. According to the report, titled "Who has your back," Microsoft has met all six factors needed by a company to rank high in the report. These factors include the stringency of the legal demands companies require before providing data, the efforts used to notify customers about government demands, transparency in reporting the demands, type of demands received, and the efforts to fight for consumers' privacy rights in court and in Congress. ...on the other hand... Microsoft openly offered cloud data to the NSA Microsoft’s cooperation with the NSA and FBI on the controversial Prism program has been laid bare in a new book written by an American journalist who brought it to public attention in the first place. Glenn Greenwald, the American journalist who worked extensively with Edward Snowden, wrote in a new book that Microsoft’s cloud services allowed the National Security Agency [NSA] to collect data from a range of its different cloud options. I actually tend to put more credence in the first headline. Cooperation with the NSA on the front that the second article discusses is, I suspect, likely to have taken place under orders by authorities authorized to authorize official snooping authorization. "Nice little multibillion-dollar business you have there. It'd be a shame if it had to shut down..." --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 17, 2014 Author Share Posted May 17, 2014 This comment from the article is also quite good: The whole thing stinks. Its too obvious ... ... ^ Epic comment. ... I still cant believe so many are falling for this just because of a few promises of advantages that could have largely been replicated for the few who really want them with hardware and/or software solutions ... ^ Exactly my thoughts. And I'm just a humble tinkering user, not a pro. But it's so blatantly obvious that everyone with a tad of common sense should be able to spot it from a mile away. I concur with every word you wrote there, down to the "I'm just a humble tinkering user, not a pro" part. --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 17, 2014 Author Share Posted May 17, 2014 More fallout from Glenn Greenwald's new book on Snowden: Photos of an NSA “upgrade” factory show Cisco router getting implant A document included in the trove of National Security Agency files released with Glenn Greenwald’s book No Place to Hide details how the agency’s Tailored Access Operations (TAO) unit and other NSA employees intercept servers, routers, and other network gear being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they’re delivered. --JorgeA Link to comment Share on other sites More sharing options...
JorgeA Posted May 17, 2014 Author Share Posted May 17, 2014 Rumor: Microsoft to offer a preview release of Windows 9 between Q2 and Q3 of 2015 Similar to the Developer Preview or Consumer Preview of Windows 8, Microsoft is rumored to offer a public preview build of Windows 9 sometime between Q2 or Q3 of 2015 (around February or March of 2015) - giving consumers a chance to play with the new operating system before it's official release. This information comes from a leaker by the name of "Faikee," who was recently responsible for dropping the Windows 365 name, along with other tidbits. Considering that the Windows 8 Developer Preview came out in September 2011, this would put Win9 on a slower track than the three-year cycle Microsoft has been keeping since Vista. By then, though, maybe the major issues stemming from Win8 will have been fixed in Windows 8.1 Update 1+1 (or whatever they decide to name this fall's expected pack). Or maybe it'll be too late and nobody will care anymore what MSFT does or doesn't do. --JorgeA Link to comment Share on other sites More sharing options...
Recommended Posts