Category: privacy

Detekt

A new free open-source anti-surveillance tool called was released on Thursday (Windows-only). Says :

The open-source tool, dubbed Detekt, was developed by security researcher Claudio Guarnieri. It was released in partnership with Amnesty International, Digitale Gesellschaft, the Electronic Frontier Foundation and Privacy International.

Detekt scans computers for infection patterns associated with several families of remote access Trojans (RATs): DarkComet RAT, XtremeRAT, BlackShades RAT, njRAT, FinFisher FinSpy, HackingTeam RCS, ShadowTech RAT and Gh0st RAT.

I downloaded and ran the tool. All my PCs came up clean (see screenshot below). Apparently I’m not important enough to be surveilled. I am not sure whether to be relieved or insulted.

Detekt screenshot
Detekt screenshot

Marketers know everything about us! [SARCASM]

[UPDATE June 23, 2014] In the interest of science I clicked on the Korean ad (or maybe it was the Chinese) and requested the page in Spanish (which I also don’t speak). I was curious to see whether I would start getting banner ads in Spanish. Lo and behold, three days later I get served the Honda ad in Spanish!

***

[UPDATE June 20, 2014] I now get banner ads in Korean and Chinese. Lest you wonder: No, I do not speak either language, and no, I have not somehow provoked this by visiting Korean or Chinese websites. Explanation is simple: Online advertising is broken, your privacy is not in danger, marketers know NEXT TO NOTHING about us.

Honda banner ads Korean Chinese
Honda banner ads Korean Chinese

***

[UPDATE May 13, 2014] I’ve been getting very persistent email pitches for a Jet Card. Their latest offer is for the bargain price of $179,125. How misguided. Don’t they know I’m in the market for a Maserati?

***

[UPDATE March 14, 2014] Apparently it wasn’t obvious that this post was meant to be sarcastic. So let me spell it out: What I meant was: “Marketers don’t know anything about us. ANYTHING!” Amazon — the smartest of them all — only serves me ads for either stuff that I just bought from them, or stuff I looked at by mistake with no intention of buying. The rest of them are worse. Chinese Walmart? Puh-leeze!

Don’t freak out, people!

***

I just got served this banner ad on a website I visit several times a day. Clearly, my privacy is in danger.

Walmart Chinese website banner ad
Walmart Chinese website banner ad

On the Google+/Gmail integration

[UPDATE January 26, 2014] Not to toot my own horn (actually, yes), I must note that I published this post three days before Google announced the . By acquiring Nest Google totally validated this post’s main point.

***

Google’s biggest problem in the consumer space is the perception among a growing number of users that Google knows way too much about them. A growing number of users feel uneasy about the way Google connects various facets of users’ online activities. Users are concerned about the unknowable ways Google may escalate this in the future. I know of many users who have been, or have recently begun to for that reason.

So what does Google do? As if in total oblivion, they launch a that gives legitimacy to those exact concerns. ()

What are you thinking, Google? What are you thinking? I know users can opt out, but they can also opt out of Gmail and Google+. Is this what you want?

I am available to consult on new product ideas. My first consultation is free. Here it is: Revert.

What does Android 4.4.2 fix?

Android 4.4.2 was released just a few days after the release of KitKat 4.4. Unusual. Why the rush? What horrible bugs does 4.4.2 fix? (And why was there no 4.4.1?)

Android 4.4.2 removes App Ops

The Electronic Frontier Foundation (EFF) offers an answer . It turns out Google “accidentally” released an “experimental” feature (called “App Ops”) in Android 4.3, allowing users to control application access to user information such as contact list and phone calls. This horrible oversight had to be remedied quickly by the release of Android 4.4.2, which removes this option.

I have often wondered why Facebook, Twitter, and the like need to know who is calling me and the caller’s number. I still don’t know, but apparently this is crucial for the apps’ proper functioning.

Puh-leeze!

[UPDATE December 14, 2013] InformationWeek offers a of the same issue.

Android 4.4.2 System Update screenshot
Android 4.4.2 System Update screenshot

Snapchat exposes severe Android 4.3 bug

[UPDATE October 10, 2014] It turns out Snapchat messages don’t self destruct, after all.

Hackers have warned that thousands of nude images sent via the mobile-messaging service Snapchat, many of which users believed self-destructed after being sent, are to be released online in a searchable database.

Messaging boards on the notorious website 4chan have been filling up with news of the imminent leak, already being referred to as “The Snappening”. –

I found out about this story from  (via ). Cuban’s startup develops and markets the Snapchat competitor .

***

[UPDATE August 02, 2014] I have replaced Snapchat* with — the product of Marc Cuban’s latest startup. I thank my friend for the suggestion.

Described as “WhatsApp meets Snapchat,” texts sent via Cyber Dust automatically disappear 24 seconds after being read. Importantly, these messages cannot be traced and are not stored anywhere – not even on Cyber Dust’s servers – assuring all users a high level of privacy and security. –

*As I was sending a final Snapchat message to my contacts, Snapchat crashed and rebooted my device, as if to eliminate any doubt about the appropriateness of my decision.

***

[UPDATE August 01, 2014] Crash. Reboot. Been happening on my Google Nexus 4 since August 5, 2013. #WTF. Read below for detailed account of year-long experience and fixes attempts. (SPOILERS: There are no fixes, unfortunately.)

***

[UPDATE July 02, 2014] Snapchat just crashed and rebooted my Google Nexus 4 phone (now running Android 4.4.4). Which means that my previous conclusion that Android 4.4.3 had fixed the problem was wrong. Or that Android 4.4.4 reintroduced the problem (the device never crashed under 4.4.3).

Whatever the cause, and whatever the solution, this saga is a sad testament to how buggy all software is.

***

[UPDATE June 21, 2014] In the twelve days since my Google Nexus 4 device updated itself to Android 4.4.3, Snapchat has not crashed once. I received a report from another Google Nexus 4 user that Snapchat crashed once on his device, but unlike before, it DID NOT TAKE DOWN THE DEVICE with it.

There is little doubt in my mind that Android 4.3 introduced a security vulnerability, which Android 4.4.3 patched 308 (!) days and 4 OS updates later. Many questions remain, some of which will be addressed in a future post. This is the final update to this post.

***

[UPDATE June 10, 2014] I got the Android 4.4.3 update last night. Waiting for Snapchat to crash. It hasn’t yet. I hope it won’t. We all know what it means if it does not, right? ;)

I will report here in a few days.

***

[UPDATE June 06, 2014] I got a Snapchat update overnight, and now in addition to crashing (which it just did), Snapchat does not let me send snaps. The “Send” button just doesn’t work. Does nothing.

For the record, a new Android version (4.4.3) was released yesterday, which I didn’t yet get. I’m willing to give Snapchat and Google the benefit of the doubt and assume that yesterday’s Snapchat update was meant to work with 4.4.3. I’ll report here after I get 4.4.3, which I expect to happen in the next few days.

***

[UPDATE June 06, 2014] The crashes continue. Who do you think is at fault — Snapchat or Google? Vote in this quick poll.

***

[UPDATE June 06, 2014] Snapchat just crashed and rebooted my Google Nexus 4 for the umpteenth time. This has been going on for 305 days and counting. Running all latest software versions, applying all patches as soon as they are released. Still crashing. Shame on you, Google and Snapchat, for not being able (or not willing) to work together to fix this!

***

[UPDATE February 7, 2014] Snapchat crashed and rebooted my Google Nexus 4 twice yesterday. This has been going on for OVER SIX MONTHS, and apparently neither Google nor Snapchat can or would do anything about it. Legitimizes my conspiracy theory perhaps?

[UPDATE December 21, 2013] Snapchat update this morning. Will this stop the Snapchat/Android phone crashes/reboots? And if it does, does that mean that this has been Snapchat’s fault all along? Come back in a few days to read my report.

[UPDATE December 23, 2013] Snapchat just crashed and rebooted my device.

[UPDATE December 24, 2013] Another Snapchat update. This doesn’t make any sense any more. Or does it… New blog post to follow. [UPDATE: Published.]

***

Android 4.4.2 does NOT fix Snapchat crash bug

[UPDATE December 18, 2013] Snapchat just crashed and rebooted my Google Nexus 4 running Android KitKat 4.4.2. So it is still happening. Quite disconcerting that Google hasn’t squashed that Android bug. This is undoubtedly Google’s fault, not Snapchat’s. The OS should not crash due to a “misbehaving” app.

No word from Google on when (or how) they plan to address this issue.

***

Android 4.4.2 is here

[UPDATE December 12, 2013] Last night my Google Nexus 4 updated itself to Android 4.4.2 (strangely skipping 4.4.1). Will this stop the Snapchat crashes? Come back in a few days to read my report.

***

Android 4.4 KitKat does not fix Snapchat crash bug

[UPDATE December 09, 2013] After a relatively smooth (no crashes) period, last night Snapchat crashed/rebooted my device again. It is disturbing that Android — after three updates — still allows itself to be taken down by a legit application that was already on the 4.2 device and operating smoothly until 4.3 came out and the crashes began. Imagine what a rogue, malicious app could do.

***

[UPDATE October 14, 2013] Android still allows itself to be taken down by Snapchat. This began on August 5, 2013 with the release of Android 4.3, and continues to this day. Just how secure is Android?

***

With a message to users delivered with their most recent Android update, Snapchat goes on the record to say that the Nexus 4 device restarts, seemingly caused by Snapchat, are due to a bug in the Nexus 4 Android 4.3 operating system — an issue that is out of Snapchat’s control.

Some history: As soon as my Nexus 4 phone updated itself to Android 4.3, Snapchat started crashing. And not just crashing the app itself — it took the device down with it. This was annoying, but also troubling. Why would an OS upgrade allow a previously-installed app to crash the device? Subsequent updates to Android 4.3 (this is not a typo — Android 4.3 updated itself to Android 4.3) did not fix the problem.

I was not alone in this experience, which generated . I maintained that a robust OS shouldn’t allow an app — rogue or legit — to take down the device. I was in the minority. Many were quick to blame Snapchat, because this can’t be Google’s fault, right? Wrong!

Below is a screenshot of the Snapchat message to users, and a full transcript. I hope Google fixes the bug soon, and goes on the record to explain what had happened.

Snapchat message Nexus 4 Android 4.3 bug
Snapchat message Nexus 4 Android 4.3 bug

Dear Nexus 4 user,

Recently, you may have experienced device restarts while using Snapchat. Unfortunately, this behavior is caused by a bug in the Nexus 4 Android 4.3 operating system and is out of Snapchat’s control. If you would like to let Google know that this issue is important to you, please visit Nexus 4 support. Thank you for your patience.

PRISM and a Soviet-era joke

Generations of Eastern Europeans grew up with jokes like the one below. As a result, this Eastern European isn’t surprised in the slightest by the current PRISM “revelations” — just amused by the ensuing tempest in a teapot. Friends: Develop a sense of humor.

USSR, 1975: Arkady Ivanov travels on business. He must share a hotel room for the night with two strangers — Boris and Vadim. Arkady wants to sleep, but Boris and Vadim keep telling political jokes, laughing hysterically after each one, keeping Arkady awake. Arkady asks them to stop, Boris and Vadim won’t.

Arkady leaves the room to go to the bathroom (one on each floor), and asks the concierge: “Can you please bring some tea to room 307 in ten minutes?” Arkady returns to his room, and after a while leans into the ashtray and says: “This is Major Ivanov. Please bring tea to the room.” In a minute the concierge knocks on the door and brings in the tea.

Boris and Vadim look at each other, then at Arkady. Dead silence sets in. Arkady finally falls asleep.

Arkady wakes up next morning to see that Boris and Vadim are gone. “Where are the other two?” — he asks the concierge. “Oh, Major Ivanov took them. He was supposed to take you, too, but he liked your joke very much so he cut you a break this time.”

Yandex Browser blocks malware

After I made Yandex Browser my default browser, many social media friends poked fun at me, as expected. Jokes about Russian hackers started flying (at least I think they were jokes).

Yandex Browser honeymoon continues

Today Yandex Browser justified my trust. After clicking on a Twitter link from a very reputable source, Yandex Browser navigated to The Atlantic, then instantly threw a malware warning (screenshot below). I have seen similar warnings from Google Chrome.

Yandex browser malware warning
Yandex browser malware warning

Full text of warning:

Visiting www.theatlantic.com
may harm your computer

A webpage on www.theatlantic.com is attempting to download information from cdn.komoona.com, which contains malware. The owner of the site may be completely unaware of any malware installed on the site by hackers.

You can see more detailed information about the threat or a cached version of the site on the threat information page.

Ignore warning Leave this page

Two paths to online privacy

Eric Schmidt, the Google executive chairman, tells us . This is like warning us about the dangers of .

There are two paths to online privacy. Path One: Do not participate, in any way shape or form, ever. Good luck with that. I know exactly one person who has taken Path One.

I am here to tell you about Path Two

Path Two was discovered by . It involves populating the social networks’ databases with fake data. It took me a while to warm up to it.

At first I didn’t understand it. It felt childish and disingenuous. Why would anyone want to disguise their gender or home town? Don’t my friends already know my gender and where I live? Why would I post a fake phone number? Don’t my friends already know my real number?

Yes, yes, and yes! That’s exactly the point. My friends already know all they need to know about me. Why do I also have to give it to Facebook? I don’t. I can take Path Two.

If you go to , you will see that I like cycling, Coors Light, Diet Pepsi, and sailing. You will also see that I was recently at the Playboy Mansion, by the Great Beds Lighthouse, and at the Cannes Film Festival. My friends will know what’s real and what’s fake. I wonder if Eric Schmidt can figure it out.

Why Google Glass will fail

There are many reasons Google Glass will fail:

  • They identify the wearer as a dork
  • They create a host of unresolvable privacy issues
  • [ADDED April 29, 2013] “Men don’t make passes at … [girls who wear Google Glass]” — blog reader and commenter , channeling 

But the realest, simplest, most fundamental reason why Google Glass will fail spectacularly is that nobody likes to wear glasses. Take it from someone who has had to wear glasses since 1996. Wearing glasses is awkward, cumbersome, limiting. I take mine off every chance I get. And I can’t imagine wearing glasses if I don’t have to.

The caveat here is that the majority of the Google Glass demographic – young people in their teens and early twenties – have not had to wear glasses, and are thus unaware of the limitations and inconveniences that go along with glass-wearing. They are understandably excited about this new contraption, and can’t wait to get their hands on it.

But mark my words: Their excitement will be short-lived. Once these new Glass-wearers encounter the cumbersomeness of wearing glasses, they will kick Google Glass to the curb, never to look at (through?) it again.

The only question is who at Google will eat crow.

Google Glass presentation, Google I/O 2012
Google Glass presentation, Google I/O 2012
Image credit:

***

[UPDATE April 28, 2013] Robert Scoble wrote a lengthy Google+ post titled , which gave me the analogy that had been eluding me: Google Glass is just like the Segway — a weird contraption that very few people want or need.

***

[UPDATE May 2, 2013] Today Wired published an excellent piece on the subject. Two excerpts:

  • “While nerdiness implies a certain social awkwardness that’s ultimately endearing, dorkiness connotes social obliviousness that opens you to deserved ridicule.”
  • “Google Glass, like the Segway, is what happens when Silicon Valley spends too much time talking to itself.”

Read the full article, titled “” (referring to Robert Scoble).