“Outsmarted: Captcha security not much of a gotcha”

Image

Captchas

I’m sure you have all been to a website to register and you get to the spot where they make sure your human by typing in the string of text in the box. right? Well this step is there not to see if you can read obnoxiously small numbers with a background that disguises the letters, but it is there to minimize accounts that would be created by bots. It has now been brought to our attention that this filter to stop bots might be UN-beneficial as of today, as researches have found a way to do it.

Continue reading

Advertisements

Flash Cards in Phones

Many phones don’t have encryption software or specific flash chip protection. In my opinion this is a huge blunder in an age where storage requirements is constantly increasing. People can store pictures, documents, even excel and word files in these flash chips often times with sensitive information. If you get your phone stolen, a small subset of phones actually have the capability to be wiped remotely, and a lot of those that do, you can’t wipe the flash memory. Flash chips are plug and play, you don’t even need any technical ability to to abuse someone else’s information. This is one of the reasons I like the iPhone, sometimes it’s convenient to have everything locked down and no capability for extra flash memory. In many ways it’s more secure because you can just wipe it remotely and not worry about someone taking out the flash memory and viewing all the documents. The cloud is also very attractive because of this reason, physical storage is susceptible to crooks that are often just after the hardware… But to you and I the data is probably more valuable.

Facebook Privacy

It is rumored that Facebook stores user data indefinitely and will sell it… Here are some quotes from the privacy policy to consider.

“We only provide data to our advertising partners or customers after we have removed your name or any other personally identifying information from it, or have combined it with other people’s data in such a way that it is no longer associated with you. Similarly, when we receive data about you from our advertising partners or customers, we keep the data for 180 days. After that, we combine the data with other people’s data in a such way that it is no longer associated with you.” (Privacy Policy, Information we receive about you)

-Yes they will store data about you and possibly sell it, But it is not associated with you. However, this does not mean it is impossible to trace back, and it says nothing about how they will disassociate it.

“While you are allowing us to use the information we receive about you, you always own all of your information. Your trust is important to us, which is why we don’t share information we receive about you with others unless we have:

  • received your permission;
  • given you notice, such as by telling you about it in this policy; or
  • removed your name or any other personally identifying information from it.”

    (Privacy Policy, How we use the information we receive about you)

-I will Highlight, “you always own all of your information.” again, they reserve the right to share it after disassociation your identity from it.

“When you delete an account, it is permanently deleted from Facebook. It typically takes about one month to delete an account, but some information may remain in backup copies and logs for up to 90 days. You should only delete your account if you are sure you never want to reactivate it.”(Privacy Policy, Deleting and deactivating you account, Deletion)

-Most data is removed in a month, and all is removed from logs within 90 days. This seems very black and white.. it again doesn’t specify how the information will be removed, but says it will be.

Overall these few quotes make me much more comfortable using Facebook, but I remain weery. I do not completely understand privacy policies and how closely they must be attended to, but it does increase my confidence in Facebook non the less.

 

 

One of the worlds unsolved encryptions.

Linear A

In 1900 the archaeologist Sir Arthur Evans (1851-1941) discovered a large number of clay tablets inscribed with mysterious symbols at Knossos on Crete. Believing he had discovered the palace of King Minos, together with the Minotaur’s labyrinth, Evans dubed the inscriptions and the language they represented as ‘Minoan’.

Evans spent the rest of his life trying to decipher the inscriptions, with only limited success. He realised that the inscriptions represented three different writing systems: a ‘hieroglyphic’ script, Linear A and Linear B The hieroglphic script appears only on seal stones and has yet to be deciphered. Linear A, also undeciphered, is thought to have evolved from the hieroglyphic script, and Linear B probably evolved from Linear A, though the relationship between the two scripts is unclear.

Notable features

  • Linear A was used between about 1800 and 1450 BC.
  • Linear A is mixed script consisting of 60 phonetic symbols representing syllables and 60 sematographic symbols representing sounds and concrete objects or abstract ideas.
  • Many of the symbols resemble those used in Linear B and have been assigned the same pronunciation.
  • Linear A was written in horizontal lines running from left to right on clay tablets which were probably used for keeping records of transactions.

Linear A

There is no concensus on how to transliterate the Linear A symbols – the method shown below is one possible transliteration.

Linear A

Government requests to Google for information on users has spiked.

 

 

 

The number of requests from the government to Google for information on its users has increased by 29% in the last 6 months.  Google is one of the few companies that release these kinds of statistics to the public. The reason they give for doing this is that they want to raise awareness about the ECPA.

The ECPA is the Electronic Communications Privacy Act and it was enacted 25 years ago. It was set to provide people with protection and privacy against government intrusion but hasn’t been updated since it was made to reflect new advances in technologies. Because of this people are still massively vulnerable to government intrusion, with their ability to get access to users online information with out having to go through a judges approval like they would need to with a warrant. Google is just  one of many high tech companies that have formed the Digital Due Process coalition to advocate reform.

This isn’t the first time Google has attempted to rock the boat over government monitoring. Most of you probably remember back when Google refused to censor search results in China. Their refusal of this demand caused them to close up shop in a much of China. On the other hand companies like yahoo have no trouble with censoring or even monitoring and giving information on political dissidents.

http://www.digitaldueprocess.org/index.cfm?objectid=37940370-2551-11DF-8E02000C296BA163

http://m.wired.com/threatlevel/2011/10/google-data-requests/