All posts in “computing”

What security pros need to know from Black Hat & Def Con 2019

Black Hat and Def Con came and went as quickly as it ever does. The week-long pair of back-to-back conferences, referred to as “hacker summer camp,” draws in the security crowd from across the world onto Las Vegas, where startups tout their technologies as hackers and researchers reveal their findings.

This year we saw ordinary-looking charging cables that can hack your computer, we found out that cloud backups are easily exposed, robocall blocking apps aren’t as privacy-focused as you might think, and your corporate VPN and office printer are targets for hackers (and if they fail there they’ll just ship a hardware exploit to your mailroom.) Even students can easily hack their own school systems.

The obvious takeaways might be to never plug anything into your computer and that all your data is already ‘pwned’.

But what does that all mean to the average security professional, let alone the CISO at the top of the corporate chain? Between the villages and the many speaker tracks — not to mention the darting between hotels — it’s tough to know exactly what we should take away from the shows.

We spoke to four security experts who were there and asked them what their primary takeaways were for security decision-makers.

Internet of Things is a risk factor

Every TC Sessions: Enterprise 2019 ticket includes a free pass to Disrupt SF

Shout out to all the savvy enterprise software startuppers. Here’s a quick, two-part money-saving reminder. Part one: TC Sessions: Enterprise 2019 is right around the corner on September 5, and you have only two days left to buy an early-bird ticket and save yourself $100. Part two: for every Session ticket you buy, you get one free Expo-only pass to TechCrunch Disrupt SF 2019.

Save money and increase your ROI by completing one simple task: buy your early-bird ticket today.

About 1,000 members of enterprise software’s power-house community will join us for a full day dedicated to exploring the current and future state of enterprise software. It’s certainly tech’s 800-pound gorilla — a $500 billion industry. Some of the biggest names and brightest minds will be on hand to discuss critical issues all players face — from early-stage startups to multinational conglomerates.

The day’s agenda features panel discussions, main-stage talks, break-out sessions and speaker Q&As on hot topics including intelligent marketing automation, the cloud, data security, AI and quantum, just to name a few. You’ll hear from people like SAP CEO Bill McDermott, Aaron Levie, Box co-founder, Jim Clarke, Director of Quantum Hardware at Intel and many many more.

Customer experience is always a hot topic, so be sure to catch this main-stage panel discussion with Amit Ahuja (Adobe), Julie Larson-Green (Qualtrics) and Peter Reinhardt (Segment).

The Trials and Tribulations of Experience Management: As companies gather more data about their customers and employees, it should theoretically improve their experience, but myriad challenges face companies as they try to pull together information from a variety of vendors across disparate systems, both in the cloud and on prem. How do you pull together a coherent picture of your customers, while respecting their privacy and overcoming the technical challenges?

TC Sessions: Enterprise 2019 takes place in San Francisco on September 5. Take advantage of this two-part money-saving opportunity. Buy your early-bird ticket by August 16 at 11:59 p.m. (PT) to save $100. And score a free Expo-only pass to TechCrunch Disrupt SF 2019 for every ticket you buy. We can’t wait to see you in September!

Interested in sponsoring TC Sessions: Enterprise? Fill out this form and a member of our sales team will contact you.

The ClockworkPi GameShell is a super fun DIY spin on portable gaming

Portable consoles are hardly new, and thanks to the Switch, they’re basically the most popular gaming devices in the world. But ClockworkPi’s GameShell is something totally unique, and entirely refreshing when it comes to gaming on the go. This clever DIY console kit provides everything you need to assemble your own pocket gaming machine at home, running Linux-based open-source software and using an open-source hardware design that welcomes future customization.

The GameShell is the result of a successfully Kickstarter campaign, which began shipping to its backers last year and is now available to buy either direct from the company, or from Amazon. The $159.99 ($139.99 as of this writing on sale) includes everything you need to build the console, like the Clockwork Pi quad-core Cortex A7 motherboard with integrated Wi-Fi, Bluetooth, 1GB of DDR3 RAM, but it comes unassembled.

GameShell Clockwork Pi 3

You won’t have to get out the soldering iron – the circuit boards come with all components attached. But you will be assembling screen, keypad, CPU, battery and speaker modules, connecting them with included cables, and then installing them in the slick, GameBoy-esque plastic shell. This might seem like an intimidating task, depending on your level of technical expertise: I know I found myself a bit apprehensive when I opened the various boxes and laid out all the parts in front of me.

But the included instructions, which are just illustrations, like those provided by Lego or Ikea, are super easy to follow and break down the task into very manageable tasks for people of all skill levels. All told, I had mine put together in under an hour, and even though I did get in there with my teeth at one point (to remove a bit of plastic nubbin when assembling the optional Lightkey component, which adds extra function keys to the console), I never once felt overwhelmed or defeated. The time-lapse below chronicles my enter assembly process, start to finish.

[embedded content]

What you get when you’re done is a fully functional portable gaming device, which runs Clockwork OS, a Linux-based open-source OS developed by the company. It includes Cave Storyone of the most celebrated indie games of the past couple of decades, and a number of built-in emulators (use of emulators is ethically and legally questionable, but it does provide an easy way to play some of those NES and SNES games you already own with more portability).

There’s a very active community around the GameShell that includes a number of indie games to play on the console, and tips and tricks for modifications and optimal use. It’s also designed to be a STEM educational resource, providing a great way for kids to see what’s actually happening behind the faceplate of the electronics they use everyday, and even getting started coding themselves to build software to run on the console. Loading software is easy, thanks to an included microSD storage card and the ability to easily connect via WiFi to move over software from Windows and Mac computers.

Everything about the GameShell is programable, and it features micro HDMI out, a built-in music player and Bluetooth support for headphone connection. It’s at once instantly accessible for people with very limited tech chops, and infinitely expandable and hackable for those who do want to go deeper and dig around with what else it has to offer.

Swappable face and backplates, plus open 3D models of each hardware component, mean that community-developed hardware add-ons and modifications are totally possible, too. The modular nature of the device means it can probably get even more powerful in future too, with higher capacity battery modules and improved development boards.

I’ve definitely seen and used devices like the GameShell before, but few manage to be as accessible, powerful and customizable all at once. The GameShell is also fast, has great sound and an excellent display, and it seems to be very durable with decent battery life of around three hours or slightly ore of continuous use depending on things like whether you’re using WiFi and screen brightness.

Facebook could face billions in potential damages as court rules facial recognition lawsuit can proceed

Facebook is facing exposure to billions of dollars in potential damages as a federal appeals court on Thursday rejected Facebook’s arguments to halt a class action lawsuit claiming it illegally collected and stored the biometric data of millions of users.

The class action lawsuit has been working its way through the courts since 2015, when Illinois Facebook users sued the company for alleged violations of the state’s Biometric Information Privacy Act by automatically collecting and identifying people in photographs posted to the service.

Now, thanks to a unanimous decision from the 9th U.S. Circuit Court of Appeals in San Francisco, the lawsuit can proceed.

The most significant language from the decision from the circuit court seems to be this:

We conclude that the development of face template using facial-recognition technology without consent (as alleged here) invades an individual’s private affairs and concrete interests. Similar conduct is actionable at common law.

The American Civil Liberties Union came out in favor of the court’s ruling.

“This decision is a strong recognition of the dangers of unfettered use of face surveillance technology,” said Nathan Freed Wessler, staff attorney with the ACLU Speech, Privacy, and Technology Project, in a statement. “The capability to instantaneously identify and track people based on their faces raises chilling potential for privacy violations at an unprecedented scale. Both corporations and the government are now on notice that this technology poses unique risks to people’s privacy and safety.”

As April Glaser noted in Slate, Facebook already may have the world’s largest database of faces, and that’s something that should concern regulators and privacy advocates.

“Facebook wants to be able to certify identity in a variety of areas of life just as it has been trying to corner the market on identify verification on the web,” Siva Vaidhyanathan told Slate in an interview. “The payoff for Facebook is to have a bigger and broader sense of everybody’s preferences, both individually and collectively. That helps it not only target ads but target and develop services, too.”

That could apply to facial recognition technologies as well. Facebook, thankfully, doesn’t sell its facial recognition data to other people, but it does allow companies to use its data to target certain populations. It also allows people to use its information for research and to develop new services that could target Facebook’s billion-strong population of users.

As our own Josh Constine noted in an article about the company’s planned cryptocurrency wallet, the developer community poses as much of a risk to how Facebook’s products and services are used and abused as Facebook itself.

Facebook has said that it plans to appeal the decision. “We have always disclosed our use of face recognition technology and that people can turn it on or off at any time,” a spokesman said in an email to Reuters.

Now, the lawsuit will go back to the court of U.S. District Judge James Donato in San Francisco who approved the class action lawsuit last April for a possible trial.

Under the privacy law in Illinois, negligent violations could be subject to damages of up to $1,000 and intentional violations of privacy are subject to up to $5,000 in penalties. For the potential 7 million Facebook users that could be included in the lawsuit, those figures could amount to real money.

“BIPA’s innovative protections for biometric information are now enforceable in federal court,” added Rebecca Glenberg, senior staff attorney at the ACLU of Illinois. “If a corporation violates a statute by taking your personal information without your consent, you do not have to wait until your data is stolen or misused to go to court. As our General Assembly understood when it enacted BIPA, a strong enforcement mechanism is crucial to hold companies accountable when they violate our privacy laws. Corporations that misuse Illinoisans sensitive biometric data now do so at their own peril.”

These civil damages could come on top of fines that Facebook has already paid to the U.S. government for violating its agreement with the Federal Trade Commission over its handling of private user data. That resulted in one of the single largest penalties levied against a U.S. technology company. Facebook is potentially on the hook for a $5 billion payout to the U.S. government. That penalty is still subject to approval by the Justice Department.

Google launches ‘Live View’ AR walking directions for Google Maps

Google is launching a beta of its augmented reality walking directions feature for Google Maps, with a broader launch that will be available to all iOS and Android devices that have system-level support for AR. On iOS, that means ARKit-compatible devices, and on Android, that means any smartphones that support Google’s ARcore, so long as ‘Street View’ is also available where you are.

Originally revealed earlier this year, Google Maps’ augmented reality feature has been available in an early alpha mode to both Google Pixel users and to Google Maps Local Guides, but starting today it’ll be rolling out to everyone (this might take a couple weeks depending on when you actually get pushed the update). We took a look at some of the features available with the early version in March, and it sounds like the version today should be pretty similar, including the ability to just tap on any location nearby in Maps, tap the ‘Directions’ button and then navigating to ‘Walking,’ then tapping ‘Live View’ which should appear newer the bottom of the screen.

Live View
The Live View feature isn’t designed with the idea that you’ll hold up your phone continually as you walk – instead, in provides quick, easy and super useful orientation, by showing you arrows and big, readable street markers overlaid on the real scene in front of you. That makes it much, much easier to orient yourself in unfamiliar settings, which is hugely beneficial when traveling in unfamiliar territory.

Google Maps is also getting a number of other upgrades, including a one-stop ‘Reservations’ tab in Maps for all your stored flights, hotel stays and more – plus it’s backed up offline. This, and a new redesigned Timeline which is airing on Android devices only for now, should also be rolling out to everyone over the next few weeks.