Posts

Showing posts from July, 2014

Eschewing technology ...

I am in the midst of a three week period where the tradition of camping means that one is going to partially eschew technology. Partly as a break as modern society deems this to be a good thing. But for equal and probably more valid reasons as power will be a commodity during this time.

So, if you see any updates from me ... one word ... one word only ... automation.

Backdoor discovered in Apple iOS devices that undermines iPhone security ...

Image
By Andrew Smith, The Open University

Apple prides itself on the fact that its iOS, used on iPhones and iPads, is considered to be the most secure mobile and tablet-based operating system on the market. This is a fact that has – until now – been unchallenged when it comes to malware.

But recent research by systems security researcher Jonathan Zdziarski has highlighted some interesting and worrying “backdoors” to Apple’s operating system. Using some novel forensics techniques, he has shown how third parties can potentially gain access to users' personal data.
What are the vulnerabilities? Zdziarski discovered that there is a file transfer service that bypasses the back-up encryption offered by Apple. This may be used by Apple employees as a troubleshooting tool when trying to fix damaged devices. But it begs the question: why can this service extract unencrypted files and why is it open to remote access?

Taking each vulnerability of the iOS in turn, Zdziarski notes that some do not…

Discharging emails before holidays ...

Over the last few days I have noticed a trend of souls discharging their pre-holiday responsibilities via email. Kinda interesting isn't it.

I tend to keep a list of 'shit I must do' when I return; as I know that I am wasting my time trying to shove information down the throats of others.

Ho hum.

A juggernaut like the NHS won't find it easy to drop Windows for open source - but it should ...

Image
By Blaine Price, The Open University and Andrew Smith, The Open University

Like many large modern organisations, the NHS has grown up with constant change – not only in medical practice, but also in the systems that support the daily routine of one of the world’s largest health services. And one current issue is whether the NHS should be using more open-source software.

The challenge is twofold: how does one of the largest employers in the world, whose primary focus is medical care, ensure that the information technology it uses is current, relevant, safe and easy to use for medical staff? And how does it ensure that its vast army of IT staff are suitably skilled and capable of supporting current, and future, technology? Tackling both of these is no mean feat.
The legacy of legacy The larger you become, the more likely it is that you will have legacy systems supporting many critical services. This is not unique for the NHS – banks, defence and many retailers have to grapple with syst…

Measuring Bullshit ...

Image
In many contexts the conversation often revolves around the quality of bullshit that someone may commit and how we should measure this. After all, many of us would reason that great bullshit is an art form, like sarcasm must be preserved and developed in those showing great promise for this talent.

Consider the following simple formula:







... with b (for bullshit); that should be obvious, has three indicators, impact (i), relevance (r) and quality (q):
(i)mpact scale 0 to 10(r)elevance scale 0 to 5(q)uality scale 1 to 10 (which is an inverse, so 1 is top notch and 10 is dire) Now for the important part, each of these values are subjective. Using i as an example, zero is obvious, what is 10 and how do we agree on 5?

If I am a prime bullshitter, my score could be b=((10*5)/1)^2=2500. Whereas the worse would be ((0*0)/10)^2, which would be 0 (of course).

So, for the important questions ...

Am I missing any indices?How do we agree on the scale for each of the current indices?Do I need to use…

Naked selfies found on 'wiped' phones shows how data isn't always deleted ...

Image
By Andrew Smith, The Open University

If you’re selling an old Android smartphone on an online auction site you could be giving away rather more than you intend to, according to a recent investigation by anti-malware company Avast.

Going through phones that had supposedly been “factory reset”, the company’s researchers were able to view photos taken by the phone’s original owners. In addition to the usual harmless photos of the family cat were naked selfies that the original owners would never have wanted them to see.

What’s more, the researchers were able to do this simply by using a range of free smartphone forensic tools that are easy to use by technical enthusiasts as well as professional forensics experts.
How it works Electronic data, stored either on a solid state drive or a traditional hard disk, persist even when we think we have wiped the storage device. Many readers will naturally assume that when you delete a file, it has been removed from your phone or computer.

The way i…

A dead phone may stop you entering the US – here's how to keep it alive on the move ...

Image
By Andrew Smith, The Open University

I find international travel tedious. While the destination is always exciting, the journey is simply a chore to be endured. Watching a movie on your laptop or browsing the internet on your phone can make the process easier, but this now leaves you open to a major risk: what if your device dies and then gets confiscated?

The new security advice from US customs officials threatens exactly this. Passengers flying to the US may be asked to switch on their devices, and those that do not power up will not be allowed onboard.
This move is possibly a reasonable response to gathered intelligence. But most average travellers are now worried that they could be caught with a flat battery during their travels and lose that precious smartphone, tablet or laptop.

So what do you do, how do you cope? Here are the best ways to survive these journeys and ensure that you still have enough electronic juice during your security frisk.
Develop good habits Smartphones an…

Speaking at a Science Club ...

Yesterday evening I had the privilege of being able to give a talk at the Adstock Science Club ... a group of wonderful enthusiasts in a small village in Buckinghamshire.

The subject ... a potted history of Linux, was more tech, demo and talk rather than a detailed nerdy exploration. But, saying that, what a nice, enthusiastic and capable bunch of souls.

So dear colleagues, while not a mainstream event, if you want to talk to the large audiences about the 'clever stuff' you do. Why not also share what you know with small groups such as these. In the past, I have spoken to two different writers groups. Where this science group has been a refreshing and useful addition to my overall experience of speaking.

Teaching the Internet over the Internet ...

Earlier this week, I presented the following video cast to a face-to-face as well as web audience on our KMI stadium system.


Teaching the Internet over the Internet: Lessons Learnt and Future Scenarios from the Cisco Networking Academy from FORGE project on Vimeo.


Email vs Voice ...

The asynchronous nature of my life means that often calls are less convenient than email. I still value the benefit of a phone conversation, but often these need to be agreed in advance as calling me when it works for you rarely does for me, and of course vice versa.
I like email ... you can think about your response and prepare for any conversation, rather than entering it cold. I do get a considerable tumult of electronic communication. But find that rules on my email client makes that burden somewhat easier.
But ... the same goes ... simply emailing me with a demand and deadline that works for you tends not to work either. Especially if it is not something that has not had prior agreement.
So, on the whole I prefer email ... liking voice to be a thing that is planned. I know that this is not always the case and will try and answer calls that I get. But often sitting in meetings, I can equally chat to you via email, able to handle multiple conversational threads at the same time.


I like geek teachers ... who wouldn't ...

I am thinking of getting a badge made OU-Nerd and proud of it. Why not ... its great being a nerd/geek as well as computing anorak. Life could not be better.

Then there are the nerds/geeks who teach. While I take great pleasure in disparaging the semi-illiterate IT types. There is a uber-class of nerd out there that can, do; and will engage our youth into some of the darker arts of tech, programming, security, networking and just plan clever stuff.

Taking them to places no boldly split infinitive has gone before; teaching our youth to look after systems which many of us depend on for our infrastructure, airflight, financial transactions or defence. Its no mean feat.

So, if you wonder why I am in it for the geek teacher and do much of what I do to support the 'right' education. Think next time you are 33,000 feet in the air, lets hope that the air traffic control network is working at optimal performance.


Had an odd text on your Android device? Time to watch out for SMS worms ...

Image
Google’s Android now dominates 80% of the smart phone market. Of the major phone operating systems, Android is the most vulnerable to security breaches and yet perceptions haven’t caught up with reality. People simply aren’t as worried, or as careful, as they ought to be.

If you’re using an Android and aren’t too concerned, maybe a recent announcement by a leading anti-malware company will make you stop and think. When were you last suspicious of a text from a friend?

Well, now is the time to start checking your messages with more scepticism as a virus known as “Andr/SlfMite-A” has been spreading throughout the Android world, transmitted by text messages, also known as SMS.

If you are fooled into clicking on a link embedded within the SMS, and if your phone is unprotected, the virus will in turn be installed on your own phone. The virus will then attempt to send text messages to your first 20 contacts. The message may look something like this:




Sophos
By making your contacts think this…