Now we have to worry about whether or not we are being tracked when we leave the house. Not that we didn’t already have to worry about that, but now we know that passwords for businesses and users of a vehicle tracking company have been stolen. These records were at risk due to the fact that the encryption for these passwords were weak in the first place. The encryption used by the companies storing these passwords has been around for a large number of years (speaking in terms on computer encryption, in general terms, this level of encryption is as old as many of us). There has been ample time to figure out ways to crack this hash. Security is a many-headed monster, and each time you cut one off, ten more grow back in it’s place.
More user control over permissions allowed
We all accept most of the permissions asked for by an app we download, whether the app is in Apple Store, Google Play Store, or now the Windows Store. With the most recent Windows 10 update, Microsoft is allowing the users to determine what permissions to allow. Before the users were given the choice, Microsoft gave implicit permission to most of the required permissions. The only permission that users had control over was whether or not their location was shared. Microsoft has decided to change this. However, how much choice do the users have when accepting permissions in the first place? Not accepting certain permissions may prevent use of the app like not accepting the terms of the End User Licensing Agreement (EULA) of a program prevents a user from using the program. Check out what is going on with Microsoft decision in the article at this link: http://thehackernews.com/2017/09/windows10-app-permissions.html
DolphinAttacks
We have gotten used to the fact that technology is in our lives everyday. There are several different programs that allow us to use our voice to look for things. Examples are Microsoft’s Cortana, Apple’s Suri, Amazon’s Alexa, among others. It’s getting to where each technological company has their own, such as Samsung S voice. Even Audi is getting in on the action. Of course, hackers are going to find ways to get into new technologies. They are now using frequencies outside the human hearing range to hack into these services. This attack is called a “DolphinAttack”. It is called this because the hackers use ultrasonic frequencies to hack their way in. There is currently no patch against this type of attack. The only way to prevent someone hacking into your phone using this attack is to turn these programs off. If the hacker gains access to your iPhone using Suri, they can call phone numbers or send inappropriate texts. Check out the article on this information: http://thehackernews.com/2017/09/ai-digital-voice-assistants.html
Writing for the Information Professions, Fall 2017 