Moloughney.com

Hardware, Software & Security…

Have you ever thought you have heard or seen it all? Well, you haven’t! But, your phone has. That’s right. A whole new crop of mobile apps are capable of turning on your phone’s microphone and camera to both listen and see what you are doing and what is going on around you.
Over The Line?
So are these developers going over the line or is this a natural progression in giving the end user a more desirable experience? We all have used apps like SoundHound or Shazam but those are user invoked. Imagine having an app that sits on your phone in the background and whenever it hears a voice it recognizes it, then does something like play a sound, display a picture, pop up an ad or even suggest something for you to do? That’s what it has come to. In an age where everyone seemingly wants everyone else to know where they are or what they’re doing developers are filling the gaps and automating these processes.
Some Apps to look out for….
ShopKick is a mobile app that senses when you walk into a certain store and presents deals or rewards to you. This is a pretty neat idea but we all know where its going don’t we? I can only imagine that it knows where you are and if you walk into a store that is a competitor of one of their vendors it could pop an ad saying “What are you doing at Burger King? Here is a coupon for McDonald’s!” Can you imagine?
IntoNow is an app that listens to what shows you are watching on TV and then posts them on Facebook or Twitter so your friends can see what you are watching. I’m not one of those people that needs to have everyone else around me up to date on what I am doing. I’m pretty sure my family and friends could care less unless of course I am doing something really cool.
Color is an app that uses your mic and your camera to keep people online up to date as to where you are, who you are with and what you are doing. A constant stream of your doings that can be uploaded to the color network and to other color users around you. Their multilens feature allows you to see all pictures and videos of other color users nearby. These photos and videos are yours to keep. So if someone videos you doing something and posts that to their color account it is there forever. Yikes.

Apple Collecting Data?
I’m not going to say they are or they aren’t but it sure seems like they could. Apple has come under fire recently for keeping a database on your phone and on whatever computers you sync that phone to. This file is unencrypted and stores GPS locations where your phone is every 10 mins (give or take a minute) and that is whether or not you turn off location service. If you would like to see where you have been with your phone there is a neat application that runs on the mac called iPhoneTracker that will present a map with points based on the data in that database.
Consequences?
This is the never ending saga of information overload. Data is where the money is and companies are coming up with newer and extremely clever ways to collect even more data about you, the places you go, the shows you watch, the people you are with, everything. This data is the backbone for companies like Google, Facebook, Twitter, and the advertising agencies that are looking to capitalize on that data. The problem is that this data is our essence, it’s what makes up who we are, we should hold it and protect it.

Sony’s PlayStation Network once again has been hit with a DDoS (distributed denial of service) attack believed to be perpetrated by the underground hack society known as Anonymous. Sony has decided to pull the plug on its PlayStation Network after it believes sensitive user information may have been leaked in the attack. According to reports Anonymous does claim responsibility for the DDoS attack but is adamant that the taking of sensitive customer data did not come under its direction. Since Anonymous is made up of individual citizens from all over the world it is possible some or one may have acted on their own accord.
What’s a DDoS Attack
A DDoS attack is essentially hundreds or thousands of users generating thousands or more requests each to a single web site or web service. Due to the cumulative enormity of such an attack the site or service becomes overwhelmed with the false requests and is unable to properly service the real requests which effectively brings the service or site to a crawl and makes it unusable. DDoS is a popular method of attack used as a form of civil disobedience and has become a very effective tool for the underground community to show its displeasure with abuse or injustices.
Who is Anonymous?
Anonymous is a massive underground movement of individuals who have organized themselves shortly after WikiLeaks came under intense scrutiny by the US and Swedish governments for releasing sensitive US government cables believed to be leaked by then Pfc. Bradley Manning. Since the leaks, Manning has been held in solitary confinement 23 hours a day, is under constant surveillance, is not allowed to exercise and has not been allowed a pillow or bed sheets despite not having been convicted of a crime. Anonymous has shown strong support for WikiLeaks by using DDoS attacks to shut down many credit card and other online payment vendors who have stopped servicing WikiLeaks, thus preventing WikiLeaks from collecting contributions and donations made online using these services.
Operation Payback – Sony and Anonymous
Anonymous’ battles with Sony began shortly after Sony brought lawsuits against PS3 hackers forcing them never to hack a Playstation even though they legally owned the hardware. This has been an ongoing licensing battle for years between hardware vendors and power users who want to improve their systems much like a car owner could upgrade parts in his/her car without getting sued by the manufacturer. Anonymous created a manifesto called Operation Payback – Sony announcing its stance on Sony’s actions and what it intends to do to make Sony pay. This is the Anonymous video associated with Operation Payback – Sony.

Stay tuned for more….

So this week I would like to talk about cloud computing and the mishap last week that led to widespread web outages all because Amazon’s AWS (Amazon Web Services) had a networking glitch (haha) that sent their storage servers offline effectively dragging down all of the sites it was hosting (nearly 70 by some estimates) including the New York Times, Foursquare, Propublica, Reddit, Quora, Hootsuite and many more.
Infrastructure to the Cloud…
Everyone who knows me knows that I am an infrastructure guy. The 5 years I spent as CTO at The Money Store was mostly spent upgrading their IT infrastructure to handle expansion from 1 office to over 300. We did this all in-house. On a very slim budget. We were successful because we were persistent and creative. We were responsible with our data and didn’t trust anyone else with it. Hell, we had financial data that would be a literal gold mine for spammers and phishers.
The cloud is the effective opposite of what we were doing. Instead of building infrastructure you would essentially move all necessary services to a hosting provider. All of that proprietary information, the financial data, customer files, everything would be moved somewhere else. Term services, application servers, exchange, everything would be outsourced to the cloud.
Why Do Hackers Love the Cloud?
Hackers view the cloud as an interesting attack surface because they can maximize collateral damage through a simple DDOS (distributed denial of service) attack. Since the whole point behind the cloud is to utilize and maximize the resources of a handful of providers this creates an optimal surface for hackers to carry out a DDOS attack to bring down dozens, hundreds and in some cases thousands of websites. If your site is served from the same cloud server as say Bank of America and someone decides they want to DDOS BofA chances are your site is going to be knocked offline too.
That’s just DDOS. But what about data infiltration. Can you imagine the bevy of information, the personal customer data, the proprietary business processes, vendors and financials that could be swiped. And all in one neat place. It’s too good to be true.
What should I do?
For one, understand the risks involved with the cloud and that you may not even be a target but could suffer the ramifications of someone else who is targeted and that translates into downtime. Now Amazon says the outage they experienced last week was because of a network glitch that somehow caused their storage to go offline creating a domino effect resulting in a mass outage. Hey, you can paint me with the dummy brush if you want to but this sounds an awful lot like someone found a security hole and exploited it.
ContangoIT’s Danny Mizrahi
By the way, I contacted Danny Mizrahi from ContangoIT about this outage asking him how his company was affected by the outage and responded saying that his clients that were using EC2 were setup properly and in multiple zones and weren’t affected. He also gave me a link to another in depth blog post breaking down exactly what happened in the Amazon outage which is some great reading and located HERE. Danny is one of those non-techie PRO-CLOUD sales/marketing guys that truly believes in cloud computing even though most of his clients use traditional infrastructure technology. In any event, Danny has a speaking engagement this Wednesday from 6-8pm for CANTAB NYC titled “Navigating the Cloud”. And while I don’t totally agree that putting all your eggs in the cloud basket is such a great idea, his talk should be a worthwhile event to attend.

As we navigate through life we sometimes forget how powerful, how amazing and how completely random it really is.  MIT Researcher Deb Roy started a new project trying to figure out how his infant son learned language.  What you are about to see is the culmination in video form explaining the results of his experiment which is truly remarkable.

Please take the time to watch this entire video and I believe you will come away from it with a new appreciation for how our lives are lived and how we learn language and gain understanding visually, vocally and how it all relates to social networks.

I found this great deal today… If you have an American Express card you can register it with your iTunes account to buy 5 iTunes songs and American Express will credit you for the amount of 5 songs on your statement.

Once your register your American Express card via the link below you must then set that American Express as your credit card in your iTunes account and make your 5 song purchases.  A credit equal to the 5 songs plus tax will be applied to your statement typically within 5 business days; however, the credit may take up to two billing periods to apply to your account.  According to the website, any personal, business or OPEN account qualifies for this offer.  I did it!  So do it!

 

https://enroll.amexnetwork.com/US/iTunes2011/

 

 

More and more people are flocking to the wares that Apple is offering and it is not without reason, they totally rock.  Whether you love your iPod touch, an iPhone, a Macbook Pro or an iPad, I’m pretty sure you love it and can’t imagine life without it.  That’s great but that kind of fanfare doesn’t come without its drawbacks.  Whether or not you know it or admit it Apple is slowly but surely taking over the world.  That may sound like a sinister rant but its true.  You don’t have to look any further than the music industry to get a true understanding of how evil the Apple empire is becoming.

The music industry used to be their own evil empire.  Plundering artists of their work and royalties in the name of business and prosperity.  Tower Records, Sam Goody, Suncoast and too many mom and pop record stores to name actual made an honest living by providing the public a way to purchase music and the like.  No more.  People buy music from Apple now.  iTunes RULES!  Or does it?  Well it does.  Apple sells more than 25% of all music in the US.  That is enormous.  And while the average Joe says, who cares?  I’m going to tell you who, the artists.  Unless you are Lady Gaga or Eminem the chances you are making any really money is slim.  Even with Apple raising their prices from .99 to 1.29 to help subsidize the artists Apple just simply isn’t worried about them.

That’s the music industry.  But what about other industries?  Movies?  TV Shows?  Software development?  Can anyone conceive how much money Apple is pulling out of the Software development coffers?  Software such as games and utilities would cost anywhere from $40 to $70.  People used to run down to the store and pick them up and install them.  Now depending on your device you either use the App Store for iOS devices or the Mac App Store.  And the prices of applications have come way down.  Aside from more than half of the apps being free the ones that aren’t range anywhere from 1.99 to 9.99.  This represents massive shrinkage in profits and sales for the average developer.  There is a trade off for developers.  Never has it been easier to get your app distributed but are the costs too much.  In the past when you developed a software product it took a lot of people to get it to market.  Developers to code the application and artist to refine the gui, tech support staff to support the product, a sales staff to get the market out to the public in the stores and what not, a marketing staff to make ads that would be in trade magazines and to create a website.  Nowadays, there is no infrastructure needed.  A single developer writes and designs the application and sells it through the App store.  That same developer probably also develops his or her own website to support the product.  No wonder why so many people are out of jobs.  There aren’t any anymore!

When is this model going to explode?  Is everyone just going to become a develop and further flood the market with applications we already have but make them even cheaper?

And what’s next?  I already stay home and watch NetFlix instead of spending a 100 bucks at the movie theater.  What else will Apple take over?  Step back 10 years.  Apple had computers.  Now they OWN the portable music player market, they are the #1 music retailer (or wholesaler if you want to be honest), they have the #1 selling smart phone in the world, they have Apple TV which is slowly grabbing on, they have App stores for their computer platform, their iPod platform, their phone platform and their iPad platform.

To top it off they have over $60 billion in cash.

Apple has just announced the new iPad 2… Here are some key features…

• Dual-Core A5 Processor
• Up to 2x faster CPU
• Up to 9x faster Graphics
• Same Low Power as A4
• First Dual Core tablet to ship in volume
• Dual Web Cameras (one front facing, one rear facing)
• 33% Thinner than iPad1
• Weighs 1.3lbs (iPad 1 weighs 1.5lbs)
• Comes in Black or White
• Works on both AT&T & Verizon Networks

	16 GB	32 GB	64 GB
WiFi	$499	$599	$699
WiFi + 3G	$629	$729	$829

Apple is hosting a special live event from San Francisco today starting a 1pm EST.  The company has long been rumored to unwrap its brand new version 2 of the iPad which is widely believed to include not one but 2 cameras, a slimmer build, and could possibly be available in both white and black.

The other opportunity for Apple to make big news today will be whether or not Steve Jobs makes an appearance at the event.  Jobs has been fighting pancreatic cancer since 2004 and most recently has been on leave from Apple due to a deteriorating health condition.  This latest situation has prompted Apple to put a succession plan in place in case Jobs does not make it back to Apple.  An appearance today by Jobs could send Apple’s stock skyrocketing and so Apple followers and fans wait with guarded optimism.

If you would like to following the event live you can do so at one of the following blogs…

• Engadget
• CNET
• Gizmodo

I’ll be back after the event with my thoughts… See you all later…

The AppleTV 2 is so small it fits in the palm of your hand but it packs quite a punch on the big screen.  I have 2 now.  I liked the one I bought for my office so much that I acquired another at a Christmas party this past holiday season.  And by acquire I mean stole.  You see, the party I went to is set up that every couple brings a $100 gift and everyone gets a number.  As your number comes up you can either pick a gift off the pile or steal one that has already been given.  And since that’s how I role, I now own two Apple TV 2.  Haha.

Anyways.  Here is the deal.. The Apple TV 2 will allow you to stream media from your iTunes account via wifi or ethernet cable on any computer to your TV.  Plain and simple.  But there is more.  The Apple TV 2 also have built in NetFlix, YouTube, MobileMe, or Flickr.  It’s actually quite impressive and I use it just about everyday.

If you subscribe to video blogs or are a NetFlix addict like myself then this is a product for you.  The quality is great and it is incredibly easy to setup and navigate.    You can also rent or download movies from your iTunes account and play them in HD on your big screen TV and be perfectly satisfied with your purchase.

The Remote is sleek, small and pretty easy to use.  I have slipped up a few times doing a text search but I have been getting the hang of it.  It’s the same remote that Apple shipped to control Front Row on the mac.   The Apple TV reminds me a lot of the old Front Row interface but much improved.

The unboxing and setup take virtually no time at all.  Simply open it, Connect Power, Ethernet, and HDMI and you are ready to go.  If you do not have Ethernet then you can configure it to use your wireless connection if available in your house.  You must have a wired or wireless network in your home to use Apple TV2.

The left most port is the power connector, next to it moving right is the HDMI connector, beneath the HDMI connector is a Micro USB connector for restoring your Apple TV 2 in case you screw it up trying to jailbreak it, the next port is an optical audio connector and finally the right most port is an ethernet connector.

The same Micro USB port can be used to jailbreak the Apple TV 2 but you need a special Micro USB cable that can be found on eBay.  It looks exactly like this…

Articles on jailbreaking the AppleTV2 can be found all over the web.  It’s just not the purpose of this blog so please google jailbreaking the Apple TV 2 for more info on that process.  That said you can add more functionality to the Apple TV 2 such as installing the XBMC Media Center to allow you access to all different types of video formats and content.

When all is said and done I highly recommend the Apple TV 2 to my friends, family and colleagues.  It is a great piece of engineering and for $100 how can you go wrong?

Have you ever googled yourself?  What did you find?  Try googling your address, your phone number, your email addresses.  Find anything?  More often than not you did find something and it is probably something that alarmed you.

Gone are the days of being anonymous.  All you had to do in the past is refuse to list your phone number in the phonebook and you were pretty safe.  Nowadays though, every part of your life is being recorded and there is no one to blame but yourself.

Social networks like facebook, myspace, linkedin, flickr, twitter, blogger and many more are making it increasingly difficult to prevent the distribution of your life.  Everything you type on these sites is being harvested.  Google saves all this data and they use it to sell you things and if you think the others aren’t catching on you are wrong.

Do a google on web mining and social networking and see what you get.  It’s a cottage industry and it’s exploding.  Hundreds of articles, techniques and “opportunities” abound.  Can you imagine?  What are your kids going to school for now?  I think by the year 2020 or 2025 the latest every single job will be social network or ad revenue based.   The revolution has begun.

Unless of course you are trying to get away from all of that.  And people are.  It’s called getting off the grid.  Returning to normalcy and real life.  This isn’t just removing yourself from social networks its removing yourself from society the way it has evolved.  It’s about getting off the power grid as much as going anonymous on the internet.

Anonymity is pretty big today with many thanks to the collective efforts of the group known as “Anonymous.”  For those of you who have been living under a rock, Anonymous has been waging wars on all those who oppose WikiLeaks.  Collective in that it has no head, no individual running the show, just a group of like-minded people who their PCs (through proxies of course) to carryout massive DDOS (distributed denial of service) attacks against the enemies of WikiLeaks.

Personal anonymity on the web starts with a proxy.  And for those who are unfamiliar with this term should think of it as an internet switching station, your computer connects to the web through your provider but every request you make goes out through that switching station where it is assigned a different IP footprint.   So if it is traced back it only goes as far as the proxy.

Everyone on the web has their own IP address so masquerading or spoofing your IP as a different number by way of a proxy is the first step in claiming your anonymity.  If you are looking for a secure proxy, try googling anonymous web proxy.  Surely that will come up with something.

The second in a long list of techniques for going anonymous is secure email.  Actually its really securing everything you do.  Encryption goes a long way in protecting your data whether it be email, text chat, video chat, or through a web phone vendor such as Skype, Ooma, Vonage, etc.  Securing your internet connection starts with your router, if you are using wireless make sure you lock it down with nothing less than WPA2 encryption.   Everything else short of WPA2 can be cracked rather quickly.  This is no good.  If your router only supports WEP, then its time for a new router.  You have been warned.  For those of you without any encryption at all on your router please email your coordinates in case I need an internet connection and I am in your area.  Next, secure your computer.  I will be honest, I use a make and I lock it down manually, but on my Windows boxes I use Kaspersky and/or NOD32 as well as some custom monitoring apps for port management.  Make sure you have a solution.  I do not use symantec because I find it very invasive, but that is just me.  As far as securing your email look into private anonymous email accounts from HushMail.com or PrivacyHarbor.com.

Third, lock down your social nets.  Get off the ones you do not use.  Remove all information from them first including your education info, your personal life, your photos, your music, your friends, your jobs, your kids, your phone numbers, etc etc and when all of that info is gone try to change your username and personal info so it is no longer relating to you.  Open a dummy email account with one of the privacy based email providers I mentioned above and change your account email to the this one.  Once that is all complete abandon it.  Do not delete it.  Just abandon it.   Do this for all the networks you do not want to be on or use.  Chances are your old data will still show up in searches but over time your current (abandoned) profile will write over that search data and you will become more anonymous.

Like I stated earlier though.  If you are on the web and/or connected to a power grid you can never really be totally off the grid.  You probably pay bills on line, you may have EZ-Pass, credit cards in your name, and if you do, you can be tracked, watched and have your identity stolen.

Since this topic is always evolving and new techniques are discovered everyday I will revisit this topic over the coming months to help you become, just a little more anonymous than you were.

Adios for now…