Posts tagged internet
I know what you did last summer (iPhone GPS Tracking)
Apr 20th
Blog posts and new reports are starting to spread about a recently ‘discovered’ feature in iOS 4 that keeps a regular and continuous log of the GPS fix of your device, at all times. It doesn’t just use this information for location aware services, it’s not just for geotagging photos, this is permanent and retrievable log of all the GPS fixes your phone has had, stored on your phone with time stamps. As if that wasn’t bad enough, this log is also stored in an unencrypted format.
I’ve mentioned here before about how little trust I have for logging exact co-ordinates of anything to any kind of permanent or shared information, but this takes it one step further. At least with all of the technologies and uses that I have discussed so far, you have the option to select not to record or share this information, they are ‘opt in’ features. This isn’t, this is enabled by default and has no option to disable it and does it without your knowledge.
Personally I think this is a massive violation of privacy, and could potentially lead to a lot of problems later down the line, to give a few examples:
- You are suspected in a crime, the police demand and seize your phone. They can legally demand that you had over the key to any encrypted information that you have, under threat of imprisonment, so you can bet your life they can demand this information in the name of evidence.
- You make a claim on your insurance, but they think you may have been going too fast. They demand this file as proof of your location and time stamp (which can be used to factor velocity and trajectory) and refuse to pay out on the insurance without it.
- You are undergoing divorce proceedings, accused of extra curricular activities. The opposing lawyer requests to submit this log into evidence of your whereabouts. Lets say you’ve been to an ‘adult’ store, it bears no relevance in this case, but you can be sure it would be used to bring your credibility into question.
- You lose your rucksack, it has your phone, your wallet and your house keys in it. If you’re unlucky enough not to have any security on your phone then the person who has your house keys and work’s keyswipe card now also has a log that shows two clear clusters of activity around your workplace and home, they know where they keys are for and where they keypass works. Fancy spending a few hours explaining to your boss why they just had 4 laptops stolen and yours is the only keycard used to access the building that night?
- You know that app that you gave permission to access and change files on the storage of your device, and full internet access so it can store it’s pictures and upload them to the net for you to share? Yeah, you also just gave that app the opportunity to send a copy of this file back to wherever it likes for whatever use is so desired.
These are just the first ones I can think of off the top of my head, you can be sure there are more. If ever there was a reason to get rid of your apple device, and get something more open then this is surely it. This log is even included in the default set for device backup when you chose to do so, as prompted so often, by iTunes. Get a new device, or have to restore your current one for some reason and the log gets restored to the device and continues to log further.
I look forward to seeing what the justification for this is from Apple. Whilst I can understand the need to perhaps cache this information to prevent drain on the battery of constant GPS fixes from various apps, anything more than a 15 minute buffer is entirely overkill and without reason.
You can find more information about this through any one of a number of sites and news sources (google link)
~Shepy
Creepy: Interesting bit of software.
Apr 12th
I’ve made posts previously about how people are routinely sharing location information, often without even realising they are doing it, and how dangerous this can be.
Well, someone decided to take that further, and has come out with some software called Creepy – which given a twitter username or flickr username will trawl through tweets and pics, collate them all together and then present a handy map with times and dates for where that person was / is. (See screenshot in this post)
Now, historic information like this might not be too much of an issue you might think, but what about if it has a massive cluster around two places? Most likely your home and work, a bit more concerning then ?
If you want to have a look, and see what info it shares about you, get yourself along to http://ilektrojohn.github.com/creepy/ and give it a try.
~Shepy
Are spammers changing targets?
Jan 7th
Whilst I’m all for anything that decreases spam (and hopefully is sustainable) I think this decrease may just mark the re-focus of spammers to forums and other media at the moment. I am moderator / admin for a few forums covering various topics around the internet, and I’ve noticed a massive increase in spam on the forums over the past few weeks. One high traffic forum that usually would received 1 or 2 per day, is currently getting upwards of 100 a day. Whilst it’s nowhere near the billions levels that have changed in emails, it is significant enough to have quite an impact on the forums.
With much less sophisticated systems in most forum installations (as compared to email systems) for detecting and blocking spam after the initial sign up of the account, these spam postings are much more of an annoyance. Forums don’t have a ‘Junk’ folder the way your email does, and spam has to be manually deleted by the forum administrators and moderators. Even with re-captcha or other anti-bot sign up methods installed the spam accounts are still getting through, and spreading their crap. Part of the problem with systems like re-captcha etc, is the lack of timeout of the response, which can lead to the following situation:
1) Bot goes to sign up to a site and gets presented with a captcha of some format.
2) Bot saves a copy of the captcha, and re-issues it on a free porn site (or similar) sign in.
…Bot can then wait for as long as it takes, seconds, minutes or hours as captcha doesn’t expire till submit is hit on the form….
3) A human person tries to use free porn site, gets the captcha, and answers to porn site
4) Porn site forwards the answer back to the bot
5) Bot puts in the human answer and continues with the registration.
6) Bot starts spamming the forums
I hope I’m wrong, and the botnets are not getting re-trained on forums at the moment, and it’s just a spike in forum spam which is unrelated to the email spam decrease, because if I’m right then forums are about to become quite annoying and spam laden and I’m not sure most forums have anywhere near enough moderators to deal with any significant increase in spam postings.
I’d be interested to hear what people think in the comments, especially if you moderate any forums and can give your experience of forum spam at the moment.
~Shepy
Mr Quib – Speedy and positive response
Dec 28th
So I awoke this morning to a mail from Mukesh Singh, the managing director of Mr Quib, in response to my post about Mr Quib spamming a local hashtag, which is as follows:
UPDATE: The email from Mukesh was previously quoted here in it’s entirety, however Mukesh contacted me and requested that I remove his email from the site, which I don’t quite understand. There was a positive response from several people that they were happy he had taken action to resolve the spamming, as the comments below (which auto retrieve from twitter) show. I have removed the email from this post as requested, but that again shows a lack of understanding of all things social from Mr Quib in my opinion as it’s already in the google cache. as is the way with blog posts.
I’m really glad to see that they have responded so promptly, and have taken action to stop the spamming. I found out last night after my blog post that apparently they use an outsourced company to handle the twitter account for them, and it is this company who have been doing the hourly spamming.
Now whilst I still stand by the premise that Mr Quib will have laid out criteria and requirements for how the account should be handled and ultimately the responsibility lays at their door, I can also appreciate that sometimes the minutia of how it should be ran can get lost along the way when not handling these things internally.
Regardless of what went wrong, I’m very pleased to see that they have re-thought their stance on twitter, and the hash tag, and ultimately that we who follow the #nefollowers tag wont be getting spammed every hour. I hope Mr Quib (and customers/partners) do well, and as Mukesh says I’m happy to put this whole thing behind me now, It’s all dealt with and done as far as I’m concerned.
~Shepy
Mr Quib – Sure fire way to damage your brand
Dec 27th
Screenshot of Mr Quib
Some companies really have not got the hang of this social media thing, and the etiquette that is expected necessary to carry it out successfully. The internet is no longer a one way medium where people read information from the big sites and output little themselves, most people now have a twitter account, a blog, a tumblr or any other number of ways of making themselves heard.
It’s because of this participation and feedback system that companies engaging in social media must take care to do it correctly, or else deal with the repercussions of going at it half cocked. One such example of this is the company Mr Quib, a deals and promotional company which deals with Newcastle at the moment, but looks set to expand to other cities.
In the North East of England we have a twitter hashtag which is #nefollowers, which is typically used to share information that tweeps think would be useful to other people in the region. Typically you can expect to find news information on here, weather reports, traiffic info, job vacancies etc – you know, the kind of thing that people living in the region would like to be kept informed of. Sure, there is the odd advert on there, and as long as it is kept to a minimum then no one seems to mind too much. Then you get people who take it too far…
Mr Quib – who is on twitter as @MrQuibNewcastle, has taken to spamming their deals on this hashtag ever hour, on a loop, without fail. This gets very annoying, especially considering that even if you block a person on twitter they will still appear in any search you may do on a hashtag (such as a search column in Tweetdeck). Twitter is a follow based system, if people want to find out about the latest deals then all they have to do is follow the account, there is no need to spam a hash tag every hour. Do it sporadically to attempt to attract new followers, but not constantly.
As far as I’m concerned, this abuse of a local hashtag is wholly unacceptable, at least if you’re spamming it every hour (once or twice a day, sure I wouldn’t mind so much) and is a sure fire way to guarantee I will have nothing to do with your company. If a company chooses to advertise using such invasive and spamming methods then I will personally never use their services and will actively recommend against them. I’ve even mailed the companies I’ve seen advertised on Mr Quib to let them know this.
I’d urge anyone getting into the social media advertising space to think carefully about what they are doing, what the likely reaction will be from the target audience, and what the potential damage to the brand could be if their advertising is handled badly.
(and yes, I realise I have tagged this post with #nefollowers, but more so that the people annoyed by this constant spamming can see the post and have their say, I’ll only be posting it once)
~Shepy
UPDATE: I got a response from Mr Quib, which is on it’s own post: Mr Quib – Speedy and positive response
New browser Rockmelt, first impressions
Nov 23rd
I saw a link a few days ago on twitter to information about a new browser called Rockmelt about to launch, with emphasis on the ever more connected world we live in, and social media. I headed along to the site, and it was invite only beta, so I signed up for an invite, and today that invite arrived so I downloaded it to give it a quick whirl.
I opened the browser after install, and was immediately asked for permission for it to link to my Facebook account, which I provided, and then the browser launched. The first thing you will notice is the two side bars, or edges as they are called in Rockmelt, which you can see in the screen shot:
The two edges allow you to keep more up to date with what is going on with your favourite sites and interact with people as you browse. The two edges are:
Is Facebook gearing up to get smarter?
Nov 15th
I, like many people, have my Twitter and Facebook accounts synchronised through the use of the Twitter application for Facebook. Every tweet I make get’s automatically posted as my status on Facebook within a few seconds. Whilst this doesn’t suit everyone I find it works well for me as I check twitter far more often than I do Facebook (barring notification email driven visits).
This evening I posted a comment to Twitter about Tiger Bread, which someone quickly responded to on Facebook. As the notification popped up to tell me so, I clicked it and was taken to Facebook, where I saw the following:
The most interesting bit of which being that last line stating “See 1 more post from twitter”. This isn’t something I have noticed previously (though I may be late to the party, as I say I don’t check Facebook much), and it doesn’t actually seem to function at the moment. Clicking the link does nothing, despite trying this in 3 different browsers.
Whilst having no immediately visible purpose or servicing any real need, this could be an interesting addition to Facebook.
- If it is based on the text of the update, then it could be interesting to show how many retweets.
- If it is based on the URL (if any) in the tweet, then it could show how far the link has spread.
- Aggregating Twitter in like this means those people only using Twitter sparingly have even less reason to leave Facebook now.
It is entertaining to watch this cross pollination of the various social media platforms, and seeing them integrate and try to draw in the users of other platforms by making the transition easy and seamless like this. With the recent announcement that Gmail wont allow API connectivity for Facebook to suck out your contact list unless Facebook is willing to open up their data in return, and the impending launch of a Facebook email service (which imo will have many plus points, like for example being able to mark things as important or spam more reliably based on those people you talk to often from the data Facebook already has about you), things are about to heat up in the social and communications space. I personally am all for it, as competition such as this inevitably drives innovation and improvement.
Comments and suggestions welcome.
UPDATE: Seems there are a few changes underfoot at Facebook HQ. I’ve used the remove post tool a few times to get rid of a Facebook sync when I have made a typo on Twitter, but I’ve never noticed these new options before allowing you easier granular control about what can and cant post to your wall without having to delve into the account settings screens:
~Shepy
TSA airport security has gone too far
Nov 14th
I’ve just read a worrying article, in which an American was refused flight and then threatened with a civil law suit, on the basis that he refused to subject to an advanced-imaging technology scanner x-ray (sometimes named the naked body scan) and then explained that he would consider it sexual assault if his genitals were touched during the subsequent pat down. This lead to him not only being refused on board his flight, but also in him being threatened with a civil law suit for $10,000 if he didnt submit to the pat down. The blog post of this can be found here (new window)
A quick image for people who are not familiar with the backscatter machines might help you understand why one might want to opt out of these;
Move your mouse over that, for an invert of the image. That’s an invasive image if ever I saw one, likely recognisable to anyone who know’s that girl, and far beyond what someone should be expected to subject themselves to in order to gain passage through a country’s border. Now whilst we are assured that this type of image is merely to show the capabilities of the machine, and that in actual use the resolution will be dialled back to preserve privacy, there is no 100% guarantee this is done in every airport & installation, and the trust in this statement is damaged more with other statements being proved wrong about their operation;
When these AIT scanners were rolled out there was assurance that no images could be stored, saved or transmitted from these machines (even if you ignore for a moment the ‘Analogue Hole’ of someone being able to photograph the screen), despite a report and spec sheet months prior to launch asserting that they would need these features for ‘training purposes’. Then a few months ago, a federal agency admitted that it routinely saved and transmitted these images; news article here (new window). One guy has even be charged with assault after his co-workers at the airport where he worked at started a tirade of abuse about his genitals after they were seen during training on the device; news article here (new window)
Here is a quick CNN video on the machines:
httpv://www.youtube.com/watch?v=muYh8d70yow
So what happens if you don’t want to go through an AIT machine? Well then you can opt to have a pat down to be checked for concealed items, as has been done for years by police and security officials, right? Wrong, things just got a whole lot worse.
Starting October 29th the TSA in America have began a new pat down procedure, entitled ‘Enhanced Pat Down’ in which the subject will be essentially groped and felt all over to check for suspicious items, which will include genitals and breasts etc being checked.
Here is a video that shows you a little bit more about the new procedures:
httpv://www.youtube.com/watch?v=hrq86qV2x2s
In my opinion, this has gone too far and has firmly overstepped the line from security into an invasion of privacy and affront to the dignity of the passengers, to quote an oft used line:
Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety. – Benjamin Franklin 1755
It is for this, and other security measures in place such as iris / retina scanning that I refuse to visit the USA, and will continue to do so until (if ever) there is a change. One group is working to try and bring about that change, and is encouraging people to opt out of the AIT scans on November the 24th, which is when a lot of Americans fly home for their Thanksgiving celebrations. I sincerely hope that this protest has an effect, and starts the ball rolling to bring about changes in these policies, though the realist in me rather worries that it wont, and things will continue unchecked.
If you want more information on the November 24th National Opt Out Day, that can be found here (new window).
Comments and suggestions always welcome.
UPDATE: A friend on facebook commented, to object to TSA intrusion call state senator before Nov 17th hearing – info @ http://is.gd/h1YWd
~Shepy
If your captcha isn’t human readable, it’s broken!
Nov 13th
I’ve been signing up a new gmail account for someone tonight, and forgot just how bad Google’s captcha system is, as thankfully I haven’t had to use it in a long time. Take a look at these:
|
|
|
|
Those are just three examples from page refreshes. Dont get me wrong, I hate spam as much as the next guy, but if your captcha is so bad that it is unreadable, or even causes someone to have to stop for 20 seconds to try and read it, then your system is broken. At least with systems like re-captcaha there is a refresh button so you can quickly and easily get a new one if the current one is too bad, but no such option exists with google other than refreshing the page.
Come on google, sort it out.
~Shepy
Win a year’s salary with Paypal
Nov 11th
How does sitting about for a year, doing nothing, but still getting paid £40,000 for that year sound? Sounds bloody good to me, and that's basically exactly what PayPal are offering the chance of right now, just by shopping between now and the 5th of December and paying with PayPal you will be entered into a draw, with one every week to Win £40000 over at www.paypal.co.uk/win
As a person who buys an insane amount of things on eBay at times (including over £350 one night on Jack Daniel's merchandise after consuming a bottle of Jack!) I'm keeping my fingers crossed for my chances on this one. Ok, ok, so i may just be looking for an excuse to buy more stuff, but who cares, it's worth a shot!
That said though, I'm not entirely sure that £40,000 would quite cut it, i mean a whole year sitting at home not working is far too much time for gadget shopping, that money could soon run out! You could guarantee that within hours of the money hitting my account I'd be on a site trying to spend it as quickly as possible. I'm one of those people with a penchant for buying gadgets, usually stuff that i didnt know i needed till i saw it, then i cant live without; for example just browsing for 5 minutes through iwantoneofthose.com can make me want:
Messless Gadget Charge Kit – ideal for the OCD side of me that hates a messy desk
Night Vision Binoculars – Ideal for seeing way round dark urbex trips
Wrap 280 iWear – Great for watching movies from laptop / ipod touch on train journeys
Nighthawk Gyro RC Helicopter - I'm a sucker for remote control toys, I've got cars, boats, boats that turn into planes, robosapien, etc :P
NeoCube Alpha – I've already got one set of these, and I've pretty much exhausted the list of things i can make with them , i want more!
Anyway, if you're interested in finding out how to win the £40k, then just head over to paypal to find out more and make sure you enter now for your chance to win, and remember terms and conditions apply.
~Shepy