Archive for the ‘Warning’ Category
Yosemite, iOS 8, Spotlight, and Privacy: What you need to know By Rene Ritchie, Monday, Oct 20, 2014 a 8:31 pm EDT
According to Landon Fuller, who collected the data in the first place, this is not just about Spotlight, and the data will continue to be sent to Apple even if Spotlight Suggestions -- or any of a number of other seemingly relevant system configuration options -- are disabled. See https://github.com/fix-macosx/yosemite-phone-home for the raw data and analysis, without either the Apple apologism of iMore or the journalistic spin of the Washington Post article they cite. Of course it is in Apple's interest to say that they care about security and privacy, to emphasize how much effort they put into minimizing data (we've heard this one from James Clapper before!), and to claim that their snooping serves to benefit users by providing more accurate answers. None of this changes the surveillance they have built into their system or how difficult it is to avoid!
Yosemite, iOS 8, Spotlight, and Privacy: What you need to know
By Rene Ritchie, Monday, Oct 20, 2014 a 8:31 pm EDT
http://www.imore.com/yosemite-ios-8-spotlight-and-privacy-what-you-need-know
A story made the rounds earlier today calling into question the new Spotlight Suggestions feature in OS X Yosemite and iOS 8. In an effort to garner attention, it reports the collection and usage of the information required to enable this feature in a needlessly scary way. As any long time reader knows, security and privacy are always at odds with convenience, yet features like Spotlight Suggestions — and Siri before it — do an excellent job balancing as much convenience as possible with maintaining as much privacy and security as possible. Here’s Apple’s statement on the matter:
“We are absolutely committed to protecting our users’ privacy and have built privacy right into our products,” Apple told iMore. “For Spotlight Suggestions we minimize the amount of information sent to Apple. Apple doesn’t retain IP addresses from users’ devices. Spotlight blurs the location on the device so it never sends an exact location to Apple. Spotlight doesn’t use a persistent identifier, so a user’s search history can’t be created by Apple or anyone else. Apple devices only use a temporary anonymous session ID for a 15-minute period before the ID is discarded.
“We also worked closely with Microsoft to protect our users’ privacy. Apple forwards only commonly searched terms and only city-level location information to Bing. Microsoft does not store search queries or receive users’ IP addresses.
“You can also easily opt out of Spotlight Suggestions, Bing or Location Services for Spotlight.”
Here’s the original charge:
Apple has begun automatically collecting the locations of users and the queries they type when searching for files with the newest Mac operating system, a function that has provoked backlash for a company that portrays itself as a leader on privacy.
The “backlash” cited by the sensationalistic story is not the result of the story but the result of sensationalism, and that’s disappointing. We depend on major publications to provide us with accurate information for our benefit, not for their own benefit. Where they could have taken the time to look into it, assess the facts, and help people understand, they chose to double down on FUD, and that’s not only disappointing, it’s distressing.
So what are the facts? Apple discloses how Spotlight Suggestions work in both the Spotlight section of System Preferences on the Mac, and in the Spotlight section of Settings > General on iPhones and iPads.
There’s also a Spotlight Suggestion check box on both so that you, the person using the device, can easily turn it off if you value privacy and security over convenience. (And if you are such a person, and have already disabled location services, Spotlight honors that setting and doesn’t send the information.)
Apple links to the following text right from the prefs/settings pane on both OS X and iOS. Not only is it simple to find, it’s plainly written and understandable:
When you use Spotlight, your search queries, the Spotlight Suggestions you select, and related usage data will be sent to Apple. Search results found on your Mac will not be sent. If you have Location Services on your Mac turned on, when you make a search query to Spotlight the location of your Mac at that time will be sent to Apple. Searches for common words and phrases will be forwarded from Apple to Microsoft’s Bing search engine. These searches are not stored by Microsoft. Location, search queries, and usage information sent to Apple will be used by Apple only to make Spotlight Suggestions more relevant and to improve other Apple products and services.
If you do not want your Spotlight search queries and Spotlight Suggestions usage data sent to Apple, you can turn off Spotlight Suggestions. Simply deselect the checkboxes for both Spotlight Suggestions and Bing Web Searches in the Search Results tab in the Spotlight preference pane found within System Preferences on your Mac. If you turn off Spotlight Suggestions and Bing Web Searches, Spotlight will search the contents of only your Mac.
You can turn off Location Services for Spotlight Suggestions in the Privacy pane of System Preferences on your Mac by clicking on “Details” next to System Services and then deselecting “Spotlight Suggestions”. If you turn off Location Services on your Mac, your precise location will not be sent to Apple. To deliver relevant search suggestions, Apple may use the IP address of your Internet connection to approximate your location by matching it to a geographic region.
Apple has also posted a privacy section on their website, and an updated version of their iOS 8 security document that reiterate what they’re doing and their long-standing position on privacy. Here’s the relevant parts:
To make suggestions more relevant to users, Spotlight Suggestions includes user context and search feedback with search query requests sent to Apple.
Context sent with search requests provides Apple with: i) the device’s approximate location; ii) the device type (e.g., Mac, iPhone, iPad, or iPod); iii) the client app, which is either Spotlight or Safari; iv) the device’s default language and region settings; v) the three most recently used apps on the device; and vi) an anonymous session ID. All communication with the server is encrypted via HTTPS.
The white paper goes on to explain how locations are blurred, anonymous IDs are only kept for 15 minutes, recent apps are only included if they’re on a white list of popular apps, etc. (It starts on page 40 of the above-linked PDF if you’re curious about the specifics.)
So, again, Apple is only doing what they need to do to provide the conveniences of the feature they announced — the same way they’ve needed to collect enough data to answer questions with Siri in the past, or show you locations on Maps, or find your iPhone, iPad or Mac, and the list goes on.
If you don’t like or want it, you can turn it off. That’s the real story here — education. How it works, and what you can do with it and about it.
If you have any concerns or questions about Spotlight Suggestions, let me know in the comments!
It’s Judgment Day for Killer Robots at the United Nations
It’s Judgment Day for Killer Robots at the United Nations
The Wall Street Journal (05/13/14) Amir Mizroch (from ACM tech news on 14 May 2014)
The United Nations on Tuesday began its first-ever multinational convention on “lethal autonomous weapons systems.” The meeting is taking place over three days in Geneva under the framework of the Convention on Certain Conventional Weapons, which aims to ban or restrict conventional weapons considered to cause unnecessary or unjustifiable suffering to combatants or civilians. The 117 member-states will attempt to define what an autonomous weapon is and whether it fits into the definition governed under the convention, and delve into legal and ethics questions. The meeting will hear from robotics, military, and human rights law experts, as well as from the International Committee of the Red Cross (ICRC), which held a seminar on the issue in March. The ICRC said in its report there was a sense of “deep discomfort with the idea of allowing machines to make life-and-death decisions on the battlefield with little or no human involvement.” Georgia Institute of Technology professor Ronald C. Arkin, who will participate in the meeting, believes autonomous weapons could reduce human casualties in war. However, he says the systems should not be deployed unless they can comply with international humanitarian law.
The Patent, Used as a Sword (New York Times)
The Patent, Used as a Sword By CHARLES DUHIGG and STEVE LOHR Published: October 7, 2012 New York Times
http://www.nytimes.com/2012/10/08/technology/patent-wars-among-tech-giants-can-stifle-competition.html?_r=1&smid=li-share&goback=.gde_3746653_member_173015486
“When Apple announced last year that all iPhones would come with a voice-activated assistant named Siri, capable of answering spoken questions, Michael Phillips’s heart sank…”
“For three decades, Mr. Phillips had focused on writing software to allow computers to understand human speech.
… in 2008, Mr. Phillips’s company, Vlingo, had been contacted by a much larger voice recognition firm called Nuance. “I have patents that can prevent you from practicing in this market,” Nuance’s chief executive, Paul Ricci, told Mr. Phillips, according to executives involved in that conversation.” see more in the full paper
Java has become one of the weakest links in a PC’s and Mac’s defenses
“Java, the programming language designed to make the web fun and interactive, has become one of the weakest links in a PC’s and Mac’s defenses against external threats. Consider the most recent Java vulnerability, a weakness currently being exploited by malware distributors: When Oracle, Java’s maker, released an emergency update to fix the software, security analysts reported that even the hot-off-the-presses code contains additional vulnerabilities.”
Remembering Nikola Tesla: Lessons for Today’s IT Leaders
Very good paper about Tesla and his life from http://www.cioinsight.com by By Marc J. Schiller 2012-07-09
“Nikola Tesla was born 156 years ago on July 10. Tesla’s contributions to the world of technology are vast, including the Tesla coil, modern radio, the induction motor, and most famously the alternating current (AC) electrical supply system that powers the world. His life and experience hold lessons for all aspiring technologists who, just like Tesla, are eager to bring the benefits of technology to a large community of people.”
This is for me only, to remember that life have many surprises and many of them are not positive.
More than 6 million LinkedIn passwords stolen (By David Goldman @CNNMoneyTech June 7, 2012)
More than 6 million LinkedIn passwords stolen By David Goldman @CNNMoneyTech June 7, 2012: 9:34 AM ET
Surprise! I thought that LinkedIn has a good security. They have a lot of IT professional and they have probably not a bad budget for IT. Sorry for them. I already changed my password for new one, but need to update all passwords on other sites. I think this is a time when we should use only generated passwords and store them in an online system, which has very good protection and security. It’s difficult but possible. At least one company or one organization should have a good security and even not for free.I think everybody will be agree to pay couple dollars per year to protect all accounts and all passwords. We have hundred millions users in Internet. I think this is a good multi-hundred million business for one web-site.
Youry
N.J. Mayor, Son Arrested for Computer Hacking By CIOinsight 2012-05-28
N.J. Mayor, Son Arrested for Computer Hacking By CIOinsight 2012-05-28:
“Felix Roque, mayor of West New York, NJ, and his son have been charged with conspiring to bring down a Website calling for the mayor’s recall and intimidate anyone involved with it.”
What could I say. Surprised.
“Twenty reasons why your coworkers don’t like you” from Elizabeth Bromstein
I like this “Twenty reasons why your coworkers don’t like you” from Elizabeth Bromstein published on May 23, 2012 10:24 AM at Workpolis. The language is not the best, but some advises are good.
Security and again Security, now for emails and web-browsers
As I already mentioned in the past, all these posts are for myself only. But if my posts could help with something to somebody else, I’ll be happy as well.
In this post I’m starting to collect information how to improve security for everything on personal computers, smart phones and in other digital devices. My laptop was stolen in December 2011 from someone, who should not leave it in a store cell. Nobody is protected from such stupid situations. I had encrypted hdd, but not emails and as you probably know, a microsoft windows can be opened easily. I still keep my emails on my smartphones, but again emails are not encrypted on any smartphone. We should do something to increase our privacy protection. I’ll add to this post new links and new my thoughts in time.
1. Emails:
- Six Tips for Protecting Your Email Privacy: “Sending an email message is certainly more private than posting on a social networking site, but email has its own dangers. Here are six tips to help you communicate without risking your privacy” By Neil J. Rubenking.
Good paper, but nothing really new. Good to read for the general understanding of the email problems. But has couple good links for encryption product like PrivateSky or Enlocked. - “U.K. Police Capturing Suspects’ Cell Phone Data” – good to know. Don’t keep very personal emails in your smartphones, or encrypt each message if you want to keep them in your email archive.
- will be added later
2. Browsers (see some in emails), but later will be added specifically for browsers as well, when I have a time or see something new.
Microsoft’s Ballmer worst US CEO: Forbes – from http://www.stuff.co.nz
Microsoft’s Ballmer worst US CEO: Forbes Last updated 17:12 17/05/2012
Very interesting. Please read at list this:
“The reach of his bad leadership has extended far beyond Microsoft when it comes to destroying shareholder value – and jobs.”
“Ballmer is at 19 on Forbes’ list of billionaires. JP Morgan Chase CEO Jamie Dimon, who admitted the investment bank had lost US$2b in risky trades, and Yahoo CEO Scott Thompson, who inflated his resume to include a computer science degree he did not receive, did not actually make the list. Those who kept company with Ballmer were John Chambers of Cisco Systems, Jeffrey Immelt of General Electric, Mike Duke of WalMart and Edward Lampert of retail giant Sears. These 5, frequently honored for their position, control of resources and personal wealth, are doing horrific damage to their companies, hurting investors, employees, suppliers and the communities that rely on their organisations. They should have been fired long before this week.”
and this:
“Not only has he singlehandedly steered Microsoft out of some of the fastest growing and most lucrative tech markets (mobile music, handsets and tablets) but in the process he has sacrificed the growth and profits of not only his company but ‘ecosystem’ companies such as Dell, Hewlett Packard and even Nokia. ”
Youry
Youry's Blog 