Posts tagged could

3 Loopholes In Android Lollipop Encryption That Could Expose Your Phone Data

Android 5.0 Lollipop, the latest version of Google’s mobile operating software, will indeed shield files, photos and other user information on Android phones from prying eyes. But that protection isn’t quite as all-encompassing as the company’s earlier statements might have led you to think.

A month ago, Google announced that Lollipop would automatically encrypt user data on Android phones, essentially scrambling it so that the police, spies and jealous lovers can’t read your texts and email or snatch up your private pictures. “[E]ncryption will be enabled by default out of the box, so you won’t even have to think about turning it on,” the company’s statement read.

See also: Understanding Encryption: Here’s The Key

On Tuesday, Google provided some more details about how that encryption actually works. New phones that ship with Lollipop will begin encrypting data once they’re turned on, using encryption keys generated internally by Android software and phone hardware (technically, chip-based random-number generators).

Those master keys, according to Adrian Ludwig, Android’s lead security engineer, never leave the device. That means Google has no access to them and can’t provide them to law enforcement or other authorities even if presented with a legal order to do so.

Lollipop’s encryption scheme greatly speeds up the process of protecting users’ stored data, since it starts off with a largely empty phone and then encrypts new data as it’s added. Android has actually allowed users to encrypt their phones for roughly three years, but it didn’t draw attention to the option, which was buried in the settings menu.

See also: Why Google Wants To Padlock The Web

Worse, encryption was irreversible, somewhat clumsy to use (it requires you to enter a decryption password when your phone or tablet starts up, a step Lollipop eliminates) and very slow to initialize. It can take an hour or more to encrypt the data on a typical phone.

But There’s A Catch

Make that three catches, actually.

First, the encryption doesn’t help much if you haven’t set a passcode. Ludwig said studies have shown that roughly have of users don’t set passcodes on their devices, largely because they find it inconvenient to keep entering them dozens of times a day. Lollipop will still encrypt your data, but it will also automatically decrypt it in normal use. So if you don’t have a passcode, much of your information will be available to anyone who picks up your phone.

See also: How Apple Made Its Users Vulnerable To iCloud Theft

Lollipop’s encryption still offers some limited protection even under those circumstances—for instance, by protecting stored data against anyone who tries to read it directly from the phone’s memory. That could shield user passwords and other sensitive data from attackers.

Ludwig said Google is trying hard to address the usability issues with encryption. For instance, Lollipop has another feature that will let you unlock your phone with a trusted device such as a smartwatch. But most users probably aren’t set up to use that sort of feature yet—and it may have drawbacks of its own.

See also: Put Away That Passcode: Android Devices Will Soon Unlock One Another

Second, the encryption process only protects files and photos that are stored in a specific location known as the /data partition. It will not protect anything stored on a removable microSD storage card.

Many Android apps store data directly on the SD card; if you want to protect that, you’ll need to find a separate encryption program. (Some manufacturers such as Samsung include SD-card encryption as an option on their phones.)

Finally, even Lollipop won’t encrypt your data by default if you upgrade to Android 5.0 instead of buying a new phone. That’s by design, since otherwise you could end up waiting 45 minute to an hour or more while the operating system encrypted your files. But it could leave you with a false sense of … well, security, if you upgrade to Lollipop thinking that it will encrypt all your files automatically.

Lead image by Tim RT

View full post on ReadWrite

The Mac Is Trouncing The iPad—And That Could Spell Trouble For The Apple Watch

The Wall Street Journal just declared that Apple’s “surprising growth driver” is none other than the humble (and seemingly post-PC passé) Mac. While it’s true that the Mac is driving growth, it’s anything but surprising.

See also: Apple iPad Sales Continue To Tank, Though The iPhone Is Doing Great

What is surprising is that the iPad has managed to hang on for so long as the second-largest revenue driver at the Cupertino company, given that it doesn’t really serve much of a need. And the Mac’s eclipse of the iPad might well be a warning for the Apple Watch.

Who Needs An iPad?

The biggest problem with the iPad is that it doesn’t do anything particularly well. Most anything I’d want to do with an iPad I can more easily do with my Mac or iPhone. I’ve seen people lugging their iPads around on hikes to take pictures of scenery and I’ve noticed people with portable keyboards hacking out blog posts, so I know some people think their iPads are useful.

But come on: those and most other activities are generally better on Apple’s other hardware. The WSJ’s Christopher Mims captures this feeling:

I tried using my iPad—yes, I have two—for reading on trips, but I found it to be a distant runner-up to my Kindle Paperwhite. As such, my iPad gets used once each week—for church, of all things. (It’s easiest to pretend to be reading scriptures while actually checking Arsenal soccer scores.)

I’m clearly not alone. According to IDC, market demand for tablets has slowed, with Apple hardest hit. As consumers fumble for reasons to buy a tablet, cost trumps brand, hurting Apple’s premium sales strategy.

Meanwhile, Back In Mac Land …

Apple’s other products don’t run the same risk. At least, not the ones that are currently available for purchase.

Though tablets threatened to displace desktop and laptop computers, they haven’t even dented them. The reason is utility. The WSJ notes several reasons for the Mac’s steady rise, even amid an industry-wide slump in Windows PCs:

Several factors have contributed to the Mac’s steady rise in the last eight years: a halo effect conferred by popular Apple devices like the iPhone and iPad; a decision to stop charging for updates of Mac operating software; high visibility through the company’s own retail stores; and Apple’s introduction of innovative designs like the MacBook Air at lower prices than the company usually charges.

Meanwhile, phones are actually threatening to displace tablets. Christopher Mims enumerates a long list of things the smartphone has replaced. My Kindle Paperwhite has replaced physical books for me, but that’s the only thing tablets have done better for me—and it’s a special-purpose tablet, not the iPad’s jack-of-all-apps approach.

So, About That Apple Watch

Which brings me to Apple’s forthcoming Watch. Like a tablet, Apple’s Watch risks being a nice-to-have, but not a must-have. Once it adds GPS, I can envision it being an excellent replacement for my iPod/iPhone (music) and Garmin (GPS/heartrate) while exercising, but is that a big enough market for Apple? 

See also: Without GPS, Apple’s “Sport” Watch Is A Non-Starter

There are, after all, only so many people who want to track every mile and every calorie of their exercise regimen. It will definitely be bigger than the market for the Apple TV streaming box, but I can’t see it sustaining iPhone-worthy sales for more than a year or two. Then the excitement will die down and people realize will that there was a good reason they’d already ditched their watches to tell time using their iPhones.

Apple’s iPhone revolutionized what a phone meant. It changed the way we communicate with each other, get directions on trips, book restaurant reservations and more. The Mac, 30 years in, doesn’t revolutionize anything but the tired PC experience.

For the iPad and the soon-to-be-released Apple Watch, it’s unclear how they materially change our lives to the point that we’ll shovel money into Apple’s bank.

Lead photo courtesy of Apple

View full post on ReadWrite

Apple Sent Porn To A Developer To Prove His App Could Be Used To Find Porn

Pornographic content is forbidden in the Apple App Store, but Apple seems to be OK with sending porn to developers who submit their apps for review, according to one who received an inappropriate pic. 

“It turns out Apple thought the best way to tell us our app could be used to surf porn was to surf for porn using our app,” Carl Smith, a Florida developer for nGen Works, wrote in a blog post on Medium (NSFW link). 

The email, which Smith shared with ReadWrite, appears to be from the Apple app review team and includes an attached photo of a man’s genitalia, but no warning of the enclosed content. This is the kind of thing that can create a hostile work environment for nGen employees whose jobs necessitate reading emails from Apple. 

See also: The Majority Of Porn In The United States Is Viewed On Smartphones

Smith suggested a number of alternatives he thought Apple could have used to indicate a concern about explicit content. The team could have sent nGen Works a search term to try, or even warn in advance what the emailed photo was of. Instead, Smith said the developers who opened the email had no warning that it would be graphic.

“What I want from Apple is for them to address the issue and put a policy in place that prevents an App store reviewer from sending pornographic images as an example of a issue,” he said. “They could have easily masked out the bad part of the photo or told us a phrase to search. At the very least warn someone before they open the attachments that they aren’t safe for work.”

“Specifically, we noticed your app contains objectionable content at time of review. Please see the attached screenshot/s for more information,” the Apple review team email reads, before offering a downloadable file that turned out to be the genitalia photo in question.

Smith said solution is hypocritical of the company. Of course nGen’s app, which allows users to enlarge, save, and search for Instagram photos, would be capable of browsing any photo that exists on Instagram already.

“This is a double standard,” Smith told ReadWrite. “If I type bad words into Safari I am going to see bad things. So I think Apple needs to address that.”

Smith said he doubted Apple’s “upper echelons” would approve of this action, and encouraged readers to spread the word.

We’ve contacted Apple for a comment on this allegation.

Photo via Shutterstock

View full post on ReadWrite

[#SESDENVER] Could Google+ Be the Future of SEO? – Search Engine Watch

[#SESDENVER] Could Google+ Be the Future of SEO?
Search Engine Watch
As Google's Hummingbird update places more weight on social signals for search rankings, Google+ could become more important for marketers looking to boost SEO. In an SES Denver panel discussion titled "Insights Into Future Search Trends," Merry …

View full post on SEO – Google News

[#SESDENVER] Could Google+ Be the Future of SEO?

At SES Denver, Merry Morud and Cindy Krum explained that as Hummingbird places more importance on social signals for ranking, Google Plus could be the key to boosting SEO rankings.

View full post on Search Engine Watch – Latest

3 Reasons Native Advertising Could Replace Guest Blogging by 2016 by @CopyPress

Official FTC recognition and adoption by The New York Times leaves no doubt in my mind: 2014 is native advertising’s break-out year. Concurrently, the Google Oracle stuck a fork in guest blogging and declared it dead. Coincidence? I won’t discuss Mr. Cutts’ delineation between guest spammers and legitimate contributors. (The subject is well covered here.) Instead, I’ll discuss why 2014 is the year native advertising could begin to replace guest blogging in the content marketing universe. Comparison of Native Advertising and Guest Blogging Before diving into the reasons, let’s compare native advertising and guest blogging as it pertains to legitimate […]

The post 3 Reasons Native Advertising Could Replace Guest Blogging by 2016 by @CopyPress appeared first on Search Engine Journal.

View full post on Search Engine Journal

5 Ways Social Media Could Hurt Your Business by @albertcostill

There’s no denying that social media is a powerful resource for brands. With 74% of online adults on social media, it’s an effective way to reach and interact with your audience and share information about your brand. However, social media can also do harm to your business if you don’t understand how to properly manage your social media channels. Check out the examples below to learn more about the pitfalls many business owners run into. Spam Sandwich Those new to the concept of social media often get a rude awakening once they get started. Most business owners are used to traditional […]

The post 5 Ways Social Media Could Hurt Your Business by @albertcostill appeared first on Search Engine Journal.

View full post on Search Engine Journal

SPONSOR MESSAGE: Test your social marketing intelligence – you could win a free trip to SMX Social!

Enter the first annual SMX Biggest Social Geek Contest, sponsored by Marin Software, and see how you stack up against your peers. Take the SMX Social Media Marketing quiz. First prize is a trip to SMX Social in Las Vegas and your choice of an iPad mini, Playstation 4 or an Xbox One! So play…

Please visit Search Engine Land for the full article.

View full post on Search Engine Land: News & Info About SEO, PPC, SEM, Search Engines & Search Marketing

What Oracle Could Learn From Microsoft About The Cloud

Has this man seen the cloud?

Oracle still doesn’t get cloud computing. At Oracle OpenWorld this week, there were signs that Oracle was making serious changes to its business model, embracing cloud computing in a way that it hitherto hasn’t. Unfortunately, a review of what Oracle announced suggests that it has a long way to go before Oracle’s cloud becomes anything more than Larry Ellison’s derisive “water vapor.”  

Of course, Oracle was never going to be able to compete with Amazon in the cloud. That’s a bridge too far for a company that has spent decades licensing software. Lots of it.

Even so, if Oracle truly wants to better understand how to turn a massive, legacy data center business and orient it to the cloud, it need look no further than Microsoft. 

Oracle’s “Inconceivable” Cloud

Give points to Oracle chairman Larry Ellison: he knows how to put on a good show. Accuracy, however, isn’t always his strength. 

In the midst of his keynote, he slagged SAP for not powering any clouds but then went a bit too far, as CSC’s Simon Wardley points out:

Ellison, of course, referred to a few software-as-a-service applications. But when most people think of “cloud,” many (most?) think of the infrastructure-as-a-service (IaaS) or platform-as-a-service offerings that applications run on. Those overwhelmingly do not run on Oracle. 

But that’s semantics. The real problem with Oracle’s cloud announcements wasn’t the smearing of competitors or the grandiose boasts. It was the cloud, or lack thereof. 

For example, what Oracle calls a database-as-a-service (DBaaS) really … isn’t. It’s actually a hosted compute environment with software and support rented by the month. It’s also not fully managed, though Oracle suggests this will change in the future. 

Most bizarrely, one of the cardinal advantages of true cloud computing is the way it lets developers set up virtual servers themselves. Perhaps more than any other feature, such convenience has driven the adoption of AWS and other cloud services. Developers don’t want to have to talk to a salesperson in order to get stuff done. Yet clicking on Oracle’s “buy now” button on the DBaaS page reveals this “feature”:

All of which leads developer Jeff Waugh to channel The Princess Bride

It doesn’t have to be this way. Just ask Microsoft.

Microsoft’s Cloud Moment

Microsoft is very similar to Oracle in many ways. It, too, has a large software business that it wants to protect, even as it searches for ways to be relevant for an increasingly cloud-centric world. 

But Microsoft’s approach has been very different from Oracle’s. Unlike Oracle, Microsoft has actually delivered a host of software services that aren’t simply its old licensed software business dressed up in cloudy clothes. One area that is particularly impressive is Microsoft’s different databases it runs as services, including SQL Server and a new DocumentDB.

Of the latter, which has the potential to eat into Microsoft’s legacy database business, DataStax and Windows Azure MVP Kelly Sommers indicates that Microsoft built it right:

In a series of other tweets, she goes on to confirm that “The Microsoft Azure DocumentDB folks really know what they’re doing. Some really great database and distributed systems engineering in there.” 

But more than the engineering, Microsoft got the business model right. Microsoft’s cloud services, including its database services, are just that: services. Users self-provision. The databases are fully managed. 

And unlike Oracle, Microsoft has made open source a first-class citizen on its Azure cloud (the list of open-source software on Azure is impressive).

Competing In The Cloud

All of which is why I continue to believe Microsoft has a real chance to compete effectively in the cloud. Despite its legacy, Microsoft has demonstrated the ability to transform itself. Oracle, at least on the basis of its recent cloud announcements, has not.

Just as important, however, is Microsoft’s commitment to lowering the bar to computing. Just as Steven Pinker says of bad writing—”The curse of knowledge is the single best explanation of why good people write bad prose. It simply doesn’t occur to the writer that her readers don’t know what she knows”—so, too, is it with software. 

Too many software infrastructure developers assume too great a familiarity with the underlying code. Not so Microsoft, as Bill Bennett highlights: “Microsoft has created a cloud computing service that makes creating a server as simple as setting up a Word document.” 

Not everyone will want this, of course. But Microsoft keeps demonstrating that it understands the cloud and its developer audience very, very well. Oracle could learn a thing or 20 from Microsoft.

Image courtesy of Shutterstock

View full post on ReadWrite

How The Apple Watch Could Change The World Of Local SEO – Forbes

How The Apple Watch Could Change The World Of Local SEO
The most popular feature of the new device, and the most significant for local SEO, is its new mapping feature. Rather than showing a map and speaking audible directions, like smartphones and older navigation systems, the SmartWatch will use a system …

and more »

View full post on SEO – Google News

Go to Top
Copyright © 1992-2014, DC2NET All rights reserved