Tag Archives: encryption

The Apocalypticon ~ Consumer hell, code and encryption, human-rat hybrids and the war on journalism


In Consumer Hell, there are alternatives to the iPhone X — “I love the dumb notch! And the face-scanning thing I don’t want! The iPhone X is exactly the kind of absurd luxury good I crave,” you say. But you have not even scratched the diamond-encrusted surface of true decadence. Sit right there like the tiny, foolish baby you are and Bryan Menegus will tell you about an even newer, more exciting bauble, the likes of which have not been seen since Nordstrom’s leather-wrapped stone: Tiffany & Co.’s new “tin can” for a mere $US1000.

But there are bigger issues — Was there a warm plume erupting under the ice three years ago? Well, not really, as it’s probably been there millions of years.
But while we’re indulging in hyperbole, a new study from the University of Pennsylvania shows that randomness is a more powerful component of the evolution of English than previously thought. Woa, random!
Last week, a single user ‘permanently’ locked down 300M worth of ethereum. dozens of digital wallets containing nearly $300 million dollars worth of ether, the unit of exchange on the Ethereum platform, allegedly by accident. Ouch. They need a hard fork to fix this, apparently.
Crypto aint so crypto after all, is it? We think we’ve locked all this stuff up, yet … five years ago Benjamin Delpy walked into his room at the President Hotel in Moscow, and found a man dressed in a dark suit with his hands on Delpy’s laptop. A few minutes earlier, the then 25-year-old French programmer had made a quick trip to the front desk to complain about the room’s internet connection. He had arrived two days ahead of a talk he was scheduled to give at a nearby security conference and found that there was no Wi-Fi, and the ethernet jack wasn’t working. Since then, his Mimikatz code has been widely used. “Mimikatz wasn’t at all designed for attackers. But it’s helped them,” Delpy says in his understated and French-tinged English.
Thank god for walls of lava lamps, then. Cloudflare provides security and domain name services for millions of the most prominent sites on the web. The company has built a solid reputation for its secure encryption, and one of the key factors in its system is a wall of 100 lava lamps in the lobby of its San Francisco headquarters. Really! Cloudflare videotapes its wall of colourful constantly morphing lava lamps and translates that video information into unique cryptographic keys.
Watch out for the devious Netflix phish. The email says your Netflix account has been suspended, due to a problem with your billing information. It offers a link, which takes you to what looks very much like a Netflix landing page. It’s not. It’s a phishing scam that collects extensive personal data on victims. But as with all of the most pernicious phishes, the problem with the Netflix phish isn’t just its convincing look, it’s that whoever’s behind it has found new ways to bypass spam filters over and over again.

Maybe the HumanoRats will solve our problems — No! Yes! And yikes! At the annual meeting of the Society for Neuroscience starting November 11 in Washington DC, two teams of scientists plan to present previously unpublished research on the unexpected interaction between human mini-brains and their rat and mouse hosts. The human mini-brains inside the rats are starting to integratewith their hosts’ brains. Queue a new film: The Planet of the Rats. They’re touting this as “an unprecedented advancement for mini-brain research”. [I was hoping that had stopped at Trump, myself.]

The billionaire war on journalism — Newsweek offers a new reminder that internet journalism can vanish in a corporate shutdown or be “sued out of existence”. Writers at the local New York City news sites DNAinfo and Gothamist, as well as Gothamist’s network of city-specific sister sites, such as LAist and DCist,  learned this chilling lesson when billionaire Joe Ricketts abruptly shut down the publications and fired their employees. The decision has been widely regarded as a form of retaliation in response to the newsroom’s vote last week to unionise with the Writers Guild of America, East. Worse, for a full 20 hours after the news broke, Gothamist.com and DNAinfo.com effectively didn’t exist: Any link to the sites showed only Ricketts’s statement about his decision, which claims the business was not profitable enough to support the journalism…
The larger tragedy is a nationwide death of local news. Alt-weeklies are flailing as ad revenue dries up. The Village Voice, a legendary New York paper, published its final print issue in September. Houston Press just laid off its staff and ended its print edition last week. Countless stories won’t be covered because the journalistic institutions to tell them no longer exist. Who benefits from DNAinfo being shuttered? Billionaires. Shady landlords. Anyone DNAinfo reported critically on over the years. Who loses? Anyone who lives in the neighborhoods DNAinfo and Gothamist helped cover. [And over here in New Zealand, Winston Peters’ extra super payments he didn’t deserve and didn’t declare for several years seemingly went to his head, and he thinks he’s a billionaire too. Even though he paid it back, and he’s not that wealthy, he’s also trying to shut down journalists. Apart from those who leaked the information, he’s going after the journalists who released it. So, he wants the truth about those who tell the truth, but he wants to punish them for it. Weird.]

Advertisements

Review ~ Cargo VPN


Cargo VPN by Eltima Software

Cargo VPN, left, follows the layout convention used by another VPN service, VPN Unlimited (right – click the image to see it in more detail). Both offer the option to add more service via the apps directly.

More VPN options are coming on stream every week, it seems, while China and Russia move to ban these services. What it VPN? A Virtual Private Network was initially used by companies to keep their internal communications secure. In the age of Wikileaks, voter fraud, hacking and malware, and various agencies tracking searches and information exchanges for political and social reasons, VPN services have become more widely available. Basically, with a VN running, I can sit in Auckland New Zealand but make it seem I am connecting from Sydney, Paris, Singapore … making it hard (or impossible) for anyone to nail down my actual location.
Another benefit is that it allows you to use ‘geolocked’ content. Can’t watch a US hosted video because you are located in New Zealand? Use VPN to connect from Miami or somewhere more hospitable to its geolocation options. Once upon a time, you could get a New Zealand Netflix account but then virtually locate yourself in the US to get a much wider array of content to watch – this became so widespread that Netflix was forced to put a stop to it (dang!).
If you don’t want governmental organisations to collect your data, use a VPN to prevent them from getting your online activities, communications, geographical location, IP address etc.
This bouncing around the world’s servers has a downside of course, and that’s speed, as we found in the review of Norton’s recent VPN offering. The impact can be dramatic, even under ideal conditions (more about this below).

Eltima software has been making handy Mac utilities for a while, like Folx which is a torrent downloader with search with a very usable interface, Commander One (a dual-pane Mac file manager), PhotoBulk resizer and watermarker,  and SyncMate. Now the company has chosen to enter the increasingly crowded VPN market with Cargo. This has a couple of extra features: it can automatically detect when you are connected to an insecure public network and encrypt your traffic.
Cargo VPN opens with a handy overlaid guide to what each option does, to get you up and running (below).

Security — While at home or in the office, like any VPN Cargo guards your privacy for paying bills online, or when you check your account balance, log in to social networks or enter your billing address while shopping online. Based on your location you may notice different prices for airfares, car rentals, software subscriptions and even for online streaming services. Try shopping for these things with different country settings using a VPN service and you may be surprised how dramatically different prices can be depending on your geo location. For example, I have heard that if you use a service like Trivago or Hotels.com, if you go there once to check out a price and then return later, perhaps having made up your mind, the prices will have gone up because they have figured out you are returning. I honestly don’t know if this is true, but if it is, returning with VPN on means you won’t be marked as a return visitor.
There’s only one question I have – can anyone answer it? That’s this: does the VPN provider get to see your activity across their servers? Because if so, and they in turn get hacked … (Eltima reckons no). Speed — As I said, all this bouncing around the world’s servers impacts on connection speed, and how far away the server you end up using is, and traffic and the efficiency of that server all impacts further on speed.. The new Apple TV with 4K requires at least a 15mbps connection. Most broadband is better than that these days, but even 1 Gigabit Fibre can get choked down to near that low level via WiFi with VPN on as well. Quite why you’d want to use an Apple TV under those conditions is anyone’s guess. Streaming video content illegally? Sure. But public WiFi is usually slower than optimum, partly because it’s choked and/or old and partly due to heavy use.
However, Cargo promises access to over 1000 high-speed servers in more than 70 locations across the world, which ensures instant and constant access through Cargo VPN to any website or service from any continent. I tested it with Ookla’s SpeedTest utility. Via ethernet with WiFi turned off, I was getting a ping of 2 (low number is good), download Mbps of 938 (higher numbers are better for these categories – I have Gigabit Fibre through Vodafone, when it’s working) and 472Mbps upload (above image, left).
With Cargo VPN on, I got a very impressive Ping result of 3, but download of 59.1Mbps and upload of 55.5 Mbps (above image, centre). Another VPN I have, VPN Unlimited (I got this service on one of those cut-price online deals a year or so back) had a pretty hefty Ping of 267, download of 56.5 and upload of 54.8 (above page, right) – I hitched them both to servers in France for this test. As as you can see, quite dramatic speed drops, and roughly conversant with each other apart form the Ping, but there are so many variables involved it’s really not that fair to compare them. Internet traffic and conditions varies wildly second by second. At least we can see a rough parallel – using VPN, even over a fast ethernet connection, cuts speed to about a sixth.

Costs — Cargo VPN is a free app in the Mac App Store, (and there’s a version for iDevices) but you pay to add service. As this type of service becomes more commonplace, it has actually got more expensive. This isn’t cheap. On the good side, you could add a month just before that big trip.
A month of Cargo VPN costs (I assume US) $15.99. 1 year $80.99 (or $6.75 a month) and a three-year subscription costs 149.99 9 (or $4.17 a month). But note that one subscription includes up to 5 Macs in one account. Under ‘Additional slots’ you can add in an iPhone for $1.69/month, or 5 additional deices for $499/month, or 10 for 9.49/month, or click Yearly for yearly options. You can also buy a Personal IP (personal static IP) by region (Canada, Germany, France, UK, Bangalore India, Netherlands or USA and, safest of all, the Personal Server option for the Americas, Europe, Asia & Pacific or click the Special Offer button (currently there are deals for London at $52 per month, or $400/year for 1TB space on your own server, plus similar for Bangalore, San Francisco or Seattle).

Extras — One of the extras available that sets this software apart from others is the Censorship Test. Click this button to initiate the test that gathers anonymous stats on web resources to see what’s blocked in different countries, available to see at the Censor Check website. You get a free day of the VPN subscription added to your account for running it – but you can only run it every 7 days. when I did so, 45 locations were returned as a result with no blockages.

Conclusion — Cargo VPN seems a worthy contender in this increasingly busy field, but out on the road, you’re basically paying to have an even slower connection. I’d have to ask myself, how many times have I actually heard of people getting their data hijacked while they’re sitting in internet cafés, airports or hotels? I can’t actually recall any. It makes more sense to use one because you’re exploring the Dark Web, looking at things you shouldn’t be looking at, making statements and/or plans that security services might find interesting or exchanging privileged information. Not just to keep it secure from security agencies, of course, but also from hackers and scammers.
And here’s a sobering thought for you: while it’s true that internet surveillance by various agencies the world over is increasing, and while various agencies and governments are trying to curtail the use of VPNs (thus proving its effectiveness), you can be damned sure that the denizens of those governments and agencies are all using VPN themselves.

What’s great — A solid contender with some nifty extra features.
What’s not — Subscription costs soon mount up.
Needs — International spies and those with more in their bank accounts than me  (actually, anyone with reason to be worried about their online activities and tracking)

Cargo VPN by Eltima Software, free in the Mac App Store and App Store for iPhone/iPad. One month subscription US$15.99, 1 year $80.99 (or $6.75 a month) 3-year subscription 149.99 9 (or $4.17 a month) plus additional services available, explained at the bottom of this page.

More info — Eltima Software.

Start Something New with Apple, nose, encryption, lawsuit, Lucky Bags


Apple wants you creating with Apple products this year
Apple wants you creating with Apple products this year

New Apple Store displays show off art created with Apple products — The intersection of technology and liberal arts has taken on a new approach at Apple’s retail stores, where some locations are now doubling as public galleries to showcase art created with Apple hardware and software. This is part of the Start Something New campaign.

Designer uses her nose and an Apple Trackpad to create these incredible compositions — Designer Michelle Vandy had to get creative with her tools when she lost the use of her hands after developing a repetitive stress injury in her arms. In a profile by Core77, Vandy explains how she learned to draw and design using her nose and an Apple Magic Trackpad.

Lock your cloud backups away with an encryption key — Glenn Fleishman explains it’s generally easier to keep safe the files we have under our control, on our internal and external drives, than those that waft far away from us on cloud-storage backup systems. But these can be encrypted four ways, as he explains.

Judge dismisses Apple employee lawsuit demanding compensation for time spent in security checks — In July of 2013, Apple was hit with a lawsuit from retail employees alleging they were not being compensated for time spent taking part in security checkouts. The case has now been dismissed on account of a similar case recently presented before the US Supreme Court.

Apple hands out MacBook Airs, iPads, Beats headphones in 2015 Lucky Bag promotion — For its New Year’s Fukubukuro ‘Lucky Bag 2015’ promotion in Japan, Apple doled out big-ticket items like 11-inch MacBook Airs, iPads, iPods, Apple TVs, Beats headphones and more to buyers paying an entry fee of about $300.