April 15, 2010
I tend to hear that a lot from people who have finally called me to come and see the computer that has at long last collapsed under the weight of the malware/spyware/viruses/trojans it’s been gathering over the last however long.
It’s also normal that I hear that the most from people who don’t want to spend the money investing in the defense programs mandatory to being a broadband internet user in 2010. A few of them have one of the free antivirus programs, and for some reason believe that is all they need. No firewall, no IM checker, no email scanner – a reactive, rather than proactive, antivirus program. One that will only pick up infections when it’s run manually.
The programs I generally use to clean these systems inevitably scan the registry file. Some of the worse infections can add their own keys to legitimate programs, in an attempt to make backdoors for them. These backdoors are then used to further compromise the security of the system.
So if the scanner detects this, and removes the damaged keys, it can cause some applications to cease working, or to display confusing information. In which case, there’s normally nothing to stop the faulty application being uninstalled from control panel and reinstalled.
I wish that peoples computer ability wouldn’t apparently totally desert them the second that happens. It’s a real pain to end up being asked to come back not once, but twice or even three times – not because I resent follow on calls, they are part of giving a good service… but I DO resent, if someone books a follow on call, them not bothering to make note of EVERYTHING that doesn’t work and then expecting other follow on calls for things they forgot. These won’t be free, people. Most engineers don’t have a Follow On Call policy – I do, and a directly related problem is free to solve. But that only goes so far, so before booking one PLEASE make sure you know all the problems you’re having, because if you think of anything later – it’s a chargeable call again.
November 2, 2009
Around six months ago, I started having a few problems with the hands free kit to my mobile phone. I took the phone into the telus mobility shop to ask their advice. The assistant took the back off the phone, pointed to a tiny sticker which was very slightly pink and said “This phone has water damage. That voids your warranty, and you will have to pay the full price for a repair or replacement.” I said thanks but no thanks, as the phone was working fine.
But I got to wondering, what IS a water damage sticker, and how accurate is it?
Well, water damage stickers are used in almost every smartphone these days. They are small stickers usually around half a centimeter in size, and are placed inside the phone. Apple actually go one further with the Iphone, and place at least one and in some cases two on the outside of the phone. Even if the outside of the phone then comes into contact with moisture, Apple will claim this voids the warranty.
But the stickers are not infallible. Look around the internet and you will see all kinds of postings about how different kinds of things affect them. One of the main things is relative humidity. I bought some of these stickers and tested them out.
One of the best places to go for high relative humidity is the exotic bird/butterfly house at Toronto zoo. We placed several stickers inside a dummy phone’s back cover, and several on the outside. The results were quite astonishing. Within five minutes, the outside stickers were no longer white. One, where the phone was in contact with clothing, turned quite a bright red – recording a very false positive. But worse was the fact that the stickers placed INSIDE also were affected, although it took longer. 90 minutes into our test, all six stickers were beginning to turn pink or red, this would be an automatic rejection by a telephone company as “water damage” – and yet our dummy telephone had never been near water.
Other places you might come into contact with high humidity in the home are if your mobile phone is in a handbag or pocket near to a shower or bath, or if you have a baby nursery and you have a humidifier in the room. Dew moisture – that is, from going from a warm room to a cold outside – can also turn a sticker if the temperature change is sufficiently fast. All of these can, over time, influence the stickers in these devices.
Which leads to a very important question: Where do they stand legally?
The answer to that depends on the country. In the United Kingdom there are much stronger safeguards than there are in the United States or Canada. The law in the UK does not yet recognize these stickers as being grounds to void a warranty, as no case has yet been brought before the courts. UK consumer law requires that the item – in this case the telephone handset – be sturdy enough to withstand reasonable wear and tear and still be “suitable for use for the purpose for which it was sold.” Thus, if a customer decides to threaten legal action the onus would actually be on the telephone company to prove that these indicator stickers were a reliable proof of direct water damage, rather than on the person suing them. If they could not prove to a courts satisfaction that the stickers were not likely to record a false postitive over time, they could find themselves required to warranty repair handsets that didn’t have more obvious water damage. This they want to avoid doing, so it would be likely they would spin the “as a gesture of good faith, and not admitting liability, as you’re such a good customer we’ll repair the phone for free just this once – but if we do, you are agreeing that should the same happen in future, you ARE liable for repair costs.” Be aware that this spin does actually change the terms of a future warranty on that device. Caveat Emptor if you accept this.
In North America it’s quite a different story. In Canada consumer protection laws are certainly stronger than in the US, but Canadian consumer law would likely leave the customer having to prove a false positive; not that difficult given our experience at Toronto zoo – maybe someone should make a YouTube video of it.
The worst consumer protection is in the United States. Here the consumer would have to prove beyond reasonable doubt and through the court system that the stickers could give false positives, and even then that would not necessarily prove that their particular phone had not been water damaged. Add to that the delaying tactics a large phone manufacturer could apply which would lead the case to go on for years, and you have such a massive lawyers bill that most plaintiffs would have to drop the case – it would be just too expensive.
There are no figures which accurately show how much money these tiny little stickers save the mobile phone industry in what would otherwise be warranty repairs. Given the high traffic of discussion on the subject in forums, the figure is likely to be quite substantial. Interestingly enough, the answer to the conundrum in all three countries is to actually find and remove these stickers, since it then becomes the onus of the manufacturer to prove they were there in the first place. More savvy companies are trying to find voidable stickers that cannot be removed without leaving a trace just to stop this. Another answer is to scotch tape a cut piece of paper over the top of the sticker, as the tape would then provide a moisture barrier. This is likely to be the reason Apple build these into the case itself, as to seal these off from moisture becomes practically impossible.
But the question we SHOULD be asking is not how can we get around these stickers, but more why should we have to? As a consumer society, large companies such as cellphone manufacturers are clearly now exploiting their customers, building these things with a kind of built in obsolescence. It’s a good example of corporatism in action, shifting any blame for the failure of their devices onto the customer, with these stickers being a perfect example of the method. Either way, the solution as ever is to be informed. Know your local consumer rights, know about how these stickers can cause false positives, and be prepared to challenge your local outlet as it is with them (as provider of the equipment to you, the end user) you have a contract, and not with the actual cellphone manufacturer.
Good luck.
Further reading:
http://www.belowtopsecret.com/forum/thread510940/pg1
http://techgeist.net/2009/09/apple-iphone-abuse-detection-sensors-abusing-2/
August 20, 2009
This is absolutely fascinating:
Researchers at the Ecole Polytechnique Fédérale de Lausanne in Switzerland have found that robots equipped with artificial neural networks and programmed to find “food” eventually learned to conceal their visual signals from other robots to keep the food for themselves. The results are detailed in an upcoming PNAS study.
Although I have to wonder, is it really a lie or is it just evolved selfishness as a mechanism for “survival”? The robots are programmed to find food, a kind of “find the food or starve to death” directive. I don’t find it surprising that these robots determine they have a better chance of survival if they don’t tell everyone else where the food is. I wonder if some will “evolve” to signal where poison is, in order to bump off the opposition. If this becomes the case, it starts raising interesting ethical questions about neural networks.
Maybe all those films where the neural network decides humankind is a threat or unnecessary to its own survival aren’t too far off the mark…
July 31, 2009
Judge Gertner will instruct the jury in Sony BMG vs Tenenbaum to return a verdict of liability in the case.
I have to say, from what I’ve seen, the plaintiff’s haven’t proved anything except that the defendant may have had the ability to commit the offense.
I’ve been doing some tests over an intranet of KaZaA under Windows XP Professional SP3. And what I’ve found is very interesting, and, I believe, quite relevant. It is possible, if one is careful about how one uses the network sharing options to make a folder visible to KaZaA but not actually readable. Let me detail my experiment here.
Two laptops and a desktop, both run Windows XP SP3 on virgin installations. On two machines the same 30 tracks are placed on the hard drive. On one of the two machines file and printer sharing is set up so that files are NOT shared with the network, and this attribute is given to the KaZaA shared folder. The third machine has KaZaA loaded but no music files.
All machines then have a “packet sniffer” and bandwidth monitoring program installed.
The machine without music on it correctly reported that two peers it could see had the files I asked to search. However, no matter what, only the one without the file and printer sharing restriction ever actually served a file. If you disconnected that machine during the transfer, the transfer stalled, even though it still (correctly) said that 1 peer was connected with the files that were to be transferred.
How does this relate to the Tenenbaum case?
Well, firstly, the plaintiffs allege that the defendant’s computer SERVED files. They haven’t actually proved this, and in fact Media Sentry admitted that although they could see the files on the defendant’s computer, they couldn’t actually download from the defendant. So this whole case is about did the defendant’s machine permit the DISTRIBUTION of music. My argument would be to say no, it didn’t. It could perhaps receive, but it never sent anything. The best prosecution the plaintiffs could hope to bring would be for receiving or handling stolen goods (in the form of music files).
So, to my mind this entire case is a miscarriage of justice because the judge will order liability to be found, and not allow the jury to consider whether there is liability.
It just remains to see whether or not the plaintiffs will also get the overinflated damages they seek. My guess is, they will.
December 3, 2008
I’m sitting in companionable silence with my grandmother-in-law, reading the morning paper. The only sounds are the rustling of paper and the occasional exchanged comment about one story or another.
Then she starts going through the morning post, and she sighs.
“I must keep forgetting to pay these,” she comments, aware that she suffers from alzheimers desease. “I’m always getting them.”
‘these’ turn out to be something I’ve not encountered before, from a company I previously considered reputable. The very company, in fact, whos literature I had been reading not five minutes ago.
She gives me the letter and I scan it briefly. It takes only moments to piece together what’s happened. At the top is an official looking bill for over sixty dollars. Below that, another reminder that “You as a valued subscriber have been automatically entered into our $50,000 draw!”. It’s at the bottom that the key to the scam is finally revealed.
“We’re sure your friend is thinking about you and is glad you’re thinking about them enough to send them a subscription” the letter reads. After a few paragraphs, it instructs me to turn over the one page letter and look at the back.
The last paragraph gives the game away. “We’ve taken the liberty of adding your friend to your gift subscription account. If you would like them to receive a free subscription, simply pay the amount on the invoice before December 30th.”
It’s an increasingly common – but entirely legal – scam, the ‘opt in’ scam. You are opted in to paying something, and unless you actively tell the company that you are not interested, then you are deemed to have agreed to pay for that something, even if you didn’t want it or didn’t order it.
“How many of these have you had?” I ask. She produces three straight away. One of them has the name of her granddaughter – my wife – on it. This angers me, since we have never received anything from Readers Digest in the fourteen months since we last moved.
My grandmother-in-law is being billed for a product that we’re not even receiving. In total the company is billing her nearly one hundred dollars a month, and they are trying to increase that in this latest mailing. In an attempt to get the bills paid by a generation that regards debt with high stigma, breaking the huge cost down into several smaller bills is an effective tactic.
I suggest that we simply rip up all but one of the bills, a suggestion greeted with a certain amount of relief and glee. The bill we don’t rip up, I take and write in large letters “FRIEND ACCOUNT NO LONGER REQUIRED OR WANTED” across it, strike out the amount, and place in the pre-paid return envelope. On my way downtown later, I post it.
As I walk away from the postbox, I feel no regret for the abrupt and even rude termination of what I consider a scam. As I told my grandmother-in-law, this season she’s given the best gift of all.
The gift of freedom from a costly scam.
December 1, 2008
November 6, 2008
I found it absolutely amazing to come across an article about Windows 7, that blamed everyone else for the bad sales of Vista.
They start of by blaming hardware manufacturers:
Microsoft has confirmed that there will be a widespread public beta of Windows 7 in early 2009, while urging device manufacturers to start immediate testing with its pre-beta release to avoid the widespread hardware compatibility problems that contributed so much to the negative perception of Vista.
Unbelievable! Hardware vendors had to get to grips with new things like tilt bits, digital rights management, user account control restrictions etc etc imposed on them by the new operating system, and when problems arose which they inevitably would, Microsoft turns around and blames them!
Then they have a go at their old favourite, apple:
As part of that scheme, Microsoft plans to co-operate with hardware manufacturers to ensure they can get their own customers to participate in the beta. “We’re looking to make that super easy,” [Windows vice president Steven] Sinofsky said. It’s hard to imagine companies like Apple — whose lateness in releasing a Vista-compatible version of iTunes was widely viewed as an attempt to derail Vista at launch — co-operating on that front.
What we had with iTunes was conflicts between Microsoft’s DRM (which they wouldn’t tell anyone about, in the paranoia that someone might hack it) and Apple’s iTunes DRM which had a proprietory music format. While Apple might shoulder a small portion of blame, the main blame is down to Microsoft, for their enforcement of paranoid DRM.
And as I wrote in the last article, there’s no guarantee anyone will want Windows 7 anyway. XP still does all most people need. By forcing games players to upgrade to Vista by making DirectX10 Vista only, they have unfortunately forced this demographic into upgrading whether or not they wanted to, but for everyone else there’s really very little motivation to spend hard earned currency on “pretties”.
Windows 7 is going to be more of the same. Very little extra functionality, much of the time spent developing “pretties” such as tactile windows movement. It’s all a lot of fun, but businesses – which make a large bulk of Windows users – don’t care about pretties. They care about the bottom line, which is affected by having to upgrade hardware and software every few years.
So, who will Microsoft blame when Windows 7 flops? It’s anyone’s guess. Probably, as here, hardware manufacturers and Apple. One thing’s for sure – at this rate, if you believe Microsoft, the only innocent party will be… Microsoft!
Way to get people on board!
September 30, 2008
The idea behind Reaganomics – which Bush and McCain believe in – is as follows. You put wise people in charge, you give them the money, and they work out how to trickle it down to everybody else.
Let me show you in one very succinct paragraph why that’s a load of rubbish.
Say you give me $10m and total control over it, and the poor under me have no ability to influence how I use it. What, from my point of view, is the sensible way to distribute this cash? Give it all to the poor? HELL no. I’ll take as much of it as I possibly can, stick it in MY high interest savings account, where it earns ME money, and to hell with the poor.
That’s why this “bailout” plan Bush keeps pushing can’t work.
September 5, 2008
I was talking with someone a few days ago who raised a very interesting point about anti-abortionists. The fondness they have of referring to themselves as “pro-choice” promotes the concept that they want to let the fetus have a ‘vote’ in its termination.
Well, guess what: it’s totally irrelevant.
Why? Because of that thing called the “age of majority”. No, it’s not a computer roleplaying game, it’s the age which, by law, a person becomes able to make their own decisions. Some places it’s 16. Others it’s 18. Still others it’s 21. Nowhere is it within the first nine months. Up to that point in time, the decision legally rests with the parent or guardian of the underaged child. So even if you regard a fetus still developing and unable to exist outside the womb without medical miracles as a child, it still legally has its decisions made for it by its parents.
The point of anti-abortion is to make up the parents mind for them – by legislation and making abortion illegal if possible – and try to somehow claim it’s all “giving the unborn a voice”. But when a baby is born it still doesn’t have any legal rights to have its voice heard until it reaches the age of majority.
Just another example of the sham that is anti-abortionism, and what Sarah Palin and John McCain are fighting to force on parents throughout the United States.
July 8, 2008
On Monday the Washington Times carried an article about an exchange of letters between the Department of Homeland Security and a company called Lampert Less Legal. The purpose was to investigate the viability of disposing of airport check in passes in favour of something entirely more sinister. RFID chipped bracelets for all passengers. While that in itself is worrying, the bracelets have a capability that is downright scary: On command they can administer a taser shock of up to 200,000 volts.
So is the DHS interested in making every man, woman and child wear their own shock collar just in case they are a terrorist?
Apparently the answer is yes.
According to the article:
This bracelet would:
• take the place of an airline boarding pass
• contain personal information about the traveler
• be able to monitor the whereabouts of each passenger and his/her luggage
• shock the wearer on command, completely immobilizing him/her for several minutes
By linking the luggage with the passenger at check in, any suspicious luggage found by airport staff could facilitate the immediate detention of the passenger the luggage belonged to. While this in itself is not a bad idea, there are no clues in either the promotional video or the website about the extent of personal information these bracelets may store – or how it could be retrieved.
It is obvious from the articles and video that RFID chips are the popular media here, but how secure are they from hand held hacking devices? While there are undeniable benefits to airport security, what guarantees are there that within a few months an RFID receiver that can read and clone the identity information won’t start to become available on the black market?
In England, the London Transport system have been using RFID equipped cards (known as ‘Oyster transit cards’) for a while now. The idea is that you buy credit by touching the card to an RFID receiver at a pay point, then each time you make a journey you do so by touching the Oyster card to the receiver panel on the top of the entry and exit gates. The computer then works out how much your trip costs and debits the amount. An easy system to use. But is it secure? Apparently not. Last month articles began to appear on the internet discussing how Oyster cards had been hacked.
The other major concern has got to be how to protect the bracelet from tampering, while protecting the wearer from “false positives” to such an anti-tampering system. The last thing air crew want is the bracelet to be removed in flight from someone who genuinely is a risk, but by the same token bored children waiting at the departure gate are going to be playing with their bracelets purely because they’re a new novelty. This raises the issue of what to do in the event the bracelet believes it’s being tampered with. As well, if the taser function can be activated by a radio signal, there is always a danger that it can be set off accidentally, which also has to be balanced with ease of use. Take the scenario where there actually is a madman armed with a weapon that wants to attack an air crew – if triggering the bracelet requires the entry of a complex code, the steward or stewardess is going to be assaulted before they can trigger it, or worse going to trigger the wrong bracelet trying to enter the code. If it’s too easy to trigger there’s a danger it might be triggered by a simple wrong keypress.
The final thing I want to mention in this diary is something that is becoming increasingly important to me as a father-to-be in October – what will I allow for my child in the name of “security”? I have to say that I don’t think I’m alone in saying that I’d rather find an alternative method of transport than let someone strap a taser to my child. Naturally the promotional video claims that “most people would prefer” their system. I wouldn’t. I would balk at wearing one of these things myself, but there is absolutely no way I would inflict that upon my child.
So will this ever come to pass?
According to a letter from DHS official, Paul S. Ruwaldt of the Science and Technology Directorate, office of Research and Development, to the inventor whom he had previously met with, he wrote, “To make it clear, we [the federal government] are interested in…the immobilizing security bracelet, and look forward to receiving a written proposal.” The letterhead, in case you were wondering, came from the DHS office at the William J. Hughes Technical Center at the Atlantic City International Airport, or the Federal Aviation Administration headquarters.
In another part of the letter, Mr. Ruwaldt confirmed, “It is conceivable to envision a use to improve air security, on passenger planes.”
Coming soon to an airport near you.
