Our country ‘tis of… Google?

I’m a fan of Google, always have been, but even I can tell that Google is well overstepping it’s bounds lately. First was the Google – China issue (which is still underway), you all remember that from my little bet right? This seemingly appears as a front for an NSA – Google partnership. Obviously since the NSA is involved not much information is available about the true intents and possible deals made with that little infringement on freedom. There is plenty of speculation, as well as many government conspiracy theories. This was one partnership that even got me thinking, but like a good little Google monkey, I pushed my fears aside on this one, even though the entire thing prompted EPIC to start an investigation into this matter.

Even more recently, Google has announced, and launched, “Buzz”. Buzz is Google’s new attempt at breaking into the social networking market, and they seem to be purchasing a few new companies as well as integrating existing social networks to help boost their success. Google Profiles is being pushed as well, a new way to use Google search to search through your friends Social networks and information just in case they might have posted somewhere something of value pertaining to your search. The idea of Google profiles isn’t bad, but the real world use is a bit asinine.

Next in line for Google is Google’s news about needing faster internet in the US and proposing a 1Gb fiber optic network and possibly entering in the ISP wars in order to push this. I’m extremely happy that finally someone is trying to push for fiber to home networks and not just sticking with the “last mile” fiber motto. However, the more concerning thing is Google becoming an ISP.

Gmail, Buzz, Google Voice, Google Wave, Google Profiles, Google Web-pages, Google Blogging service, Google IM, Google docs, Google Calendar, Google checkout, Google Phones, Google Books, Google Chrome (web browser and soon Chrome OS), Google web search with logging history which is also under fire and being asked for 2 years of data logging, and many many more. Google effectively controls and house’s more than it’s share of information and communications online, of which most is free for user’s. I appreciate and use many of the services Google offers, however I make no preconception that any of it truly is private. By itself, that is not that big of an issue for me, I’ve nothing much to hide and I realize how truly unsecure most information through any web provider or service really is. But that doesn’t mean there is information I want to be public or controlled by any one source.

Google’s partnership with the NSA is now becoming more alarming, as Google is heavily pushing to be become the world’s information storage bin, granting any rights to the NSA that’s not already in effect and scary enough, is truly just asking for problems. It’s pretty commonly recognized that National Security for any nation, especially Cyber Security, requires extraordinary and brilliant individuals. Most of the cyber criminals we hear about are Pirates and Hackers, usually bypassing copy-right protection, or hacking into servers like Twitter and launching DoS attacks. The type of guys hired by outfits like the NSA and the Chinese Government are the ones you don’t hear about. They are the people that develop the software and control many Botnet’s or find ways to hack TPM chips with house hold cleaners and rust removers. Providing people with any access to our Google Information as dangerous - even in a controlled industry like NSA - as these hackers is beyond scary.

Again I will recount, I was willing to let that ride unless more information became known, until I heard that Google was going to get into the ISP market. By their count, it’s only for a “testbed” and they are not intending to compete, but what kind of company puts down 1.3 billion for a fiber network and enters in a “test” ISP scenario without intent and staying there. Especially when ALL information used, obtained, viewed, or submitted online MUST first go through an ISP. We have come to realize that Google is all about information, and the control thereof. Selecting them as the gateway for this information, while having the NSA lurking in their bed, really is a rather frightening thought.

I’m not huge on conspiracy theories, even though I do like to embellish a bit. However it’s not hard to come to the conclusion that Google is entering worlds that would require FCC and FTC investigation and quite possibly go directly against their “do no evil” motto. Take from that what you will, but it looks ugly.

Google is going to be hard-pressed to remain on the good side, and keep their innocent appeal with the general public. They have started a “human rights” agenda and brought Google, the US government, and now Iran into the mix. Their Internet Freedom line of defense is extremely subjective while their are tempting fate with the NSA and jumping into the ISP market. I will be closely following this outbreak of information Nazism and look forward to watching Google walk this extremely fine line. With Apple watching and exacerbating every move Google makes I’m not sure how much of their business deals will remain secret.

Computer safety, Which OS?

A very long standing debate, both from experts, hobbyists, and general consumers. Which computer Operating System is the best? This question always ends up being synonymous with, which OS is more secure? The problem here is these two questions are completely and entirely independent of each other. Let’s look at both in more detail.

 Security:

This is a multilayer question. Hack attempts, malware, spyware, virus’s etc. generally have one common goal; to steal information and acquire access. Computer attacks mostly fit into 2 categories – Attacks for profit, or attacks to harm a large company, usually as a political statement.

Let’s start from the bottom and most basic. Physical access. Criminals with the intent to gain access to your computer by means of directly and physically accessing it usually do this in public areas, coffee shops, airports, stores, parks etc. They will either lift the entire machine, or quickly access it while if left unattended. Obviously this is not the most common, but does happen. I have worked for a company where several laptops storing sensitive information when missing or were stolen in public places.

In this scenario the thief has more tools at his disposal, but usually just wants to make a profit selling the machine. In cases that the machine has windows or linux, they will usually sell the machine as is, or reinstall the OS. However, if the thief does want access to the machine each is vulnerable, but I’d have to go with linux as the safest. Mac’s have a quick access account reset method that could be done in minutes. Holding Apple key + S while the system is rebooting will drop the user at a “root” prompt (root being system level access that is otherwise disabled on macs). After that it’s a few steps away from resetting the password or creating a new admin account. Windows has a similar vulnerability, ERD commander, which is used by many professionals to reset passwords or attempt to repair non-working windows machines.

OS and Web attacks:

This is really 2 parts, however they culminate into online based attacks. all 3 major OS’s have their flaws and security measures. Microsoft has by far added the most advanced and secure options as well as multiple ways to manage them. They now also offer free anti-virus software, which is as decent as any free and most paid subscription based anti-virus programs. The ads depicting Windows Vista with annoying Pop-ups asking for permission to run programs is NOT new to Mac or Linux users. Each ask for elevated privileges usually by asking for an Admin username and Password to run or install certain programs. Windows Vista did take it a bit farther by occasionally adding one extra security dialogue box, but nothing more intrusive then mac and linux already implement. Point being, when a virus or malware gains access to the system, it must also gain access to an admin account, making it a bit more difficult to infect. We can equate this to security measure to the protection you may have in your house. If the thief gets in your house without being detected, it’s up to your in-home security to block them, which most people don’t have. Anti-virus programs and these annoying security measures are a last resort step to prevent infection, and generally are not too effective on any platform. If the virus is new, or altered enough, your anti-virus program likely has not published a definition detection for it.

These leaves us with the entry point. The most important step in preventing attacks. there are 3 major points of entry with all 3 OS’s. Instant Messengers, E-Mail client (both web and module software), and the biggest being the web browser itself. Since there has been a major focus on security with all platforms it’s becoming more difficult for attackers to gain access to a computer, so the attackers must also adapt. Most attacks now use a form of social engineering in one way or another.

Instant Message attacks usually pop up in the form of a link. Bots are setup to spam as many contacts as possible usually with a saying similar to “Hey check this out”, or “Is this a picture of you?”. If the end user clicks the link they are directed to a site that instantly downloads Malware/Trojans, then infects the users IM account and sends the same link and quote out to everyone on their contact list. This results in getting what seems to be a legit IM from a friend saying they found a picture of them and to go check it out.

Email, or “Spam”, is a very common practice to infect PC’s. This can range anywhere from free or cheap medication, real estate properties, to something more convincing like spam appearing to be from fedex saying they were unable to deliver a package, or delta saying that a flight plan had changes. The latter usually containing a zip file with supposed information about the problem. Once the zip file is opened, or the link is clicked the computer is infected and begins spamming out messages from the users mail client as well as opening holes for attackers to use their computer in a “botnet”. Anti-virus programs are usually useless against these attacks, relying heavily on spam filters to block both executable files and harmful links, but they still can and will get through with enough effort.

Onto the browser attacks. Browser attacks are the absolute most common and devious attacks, spawning arguments, debates, and development cycles commonly known as the “browser wars”. The vast majority of attacks on a computer come from browsers and always implement a certain level of social engineering. A website may clone a legitimate website, appearing to the user to be exactly where they wanted to go. Upon entry, or clicking on a link, will start downloading and infecting the users machine. Other attempts will advertise a video, game, download, or other such material enticing the user to visit based on the user assumption that they would truly like to view or use the advertised product. There is almost no end to the number of infected sites falling in this range and often requires great care and scrutiny from the user to avoid these traps. This type of attack usually exploits a security hole in the web browser or 3rd party plug-in to gain access, especially when the site includes Flash or Java content. All browsers developers work extremely hard to prevent security holes and patch their software, but they do require the user to constantly update their software.

In the end, attacks come down to very basic elements. if a user is not allowing automatic updates, or downloading updates that require manual updates, they are more prone to attacks. Every OS, browser, mail client, and IM client require regular updates to remain safe and must be attended to. In a more fundamental aspect, since these attacks on the general public are aimed at money and pure numbers. The most common OS/browser/IM client used are quite obviously going to be the most common attacked which sheds a very real light on what advertisers would rather you not know. It’s not a matter of what OS is more secure, it comes down to what OS holds the largest user base that will be most frequently attacked. If windows was the minority in the OS wars, it was suffer far less attacks then a Mac.

In an article from Cnet, Jeremiah Grossman from WhiteHat Security put it best, “from a consumer's perspective you probably should be using the word 'safe' rather than 'secure'; two completely different things. 'Secure' is a supermax prison. 'Safe' is a playground in suburbia. Follow?”

In the end, consumers should not be looking at their choice from a security perceptive. The choice should be summed up by what you need from your computer, and what options each has to meet your needs. State of security will be a combined effort between software updates and extreme caution. Until Software developers are able to remove the human element and social engineering aspect of security vulnerabilities, nothing will ever be secure on the net.

Cellular Networks – or lack of

In terms of coverage and availability, it seems like most users don’t really know, or care about the differences in networks that each carrier provides. That has recently started changing as competitive ads have target network type and network coverage. A good example is the lawsuit AT&T filed against Verizon over the “map” ads.

Recent news indicates that cellular companies, particularly AT&T are now struggling to catch up with society. Let’s take a more in-depth look at what is really out there over what cellular companies would like you to think is out there.

in 2007, Apple released it’s first iPhone. Before this release there were many “smartphones” on the market providing much of what the iPhone did at the time, linking to many online services to provide more content. But it wasn’t until the release of the iPhone that cell networks exploded by consumer frenzies. Users were consuming all forms of media on the iPhone at a staggering rate and AT&T’s 3g network choked. Why? Was it not enough towers? was AT&T just not prepared for the Apple invasion?

I can’t say I fault AT&T for being ill-equipped to handle the data usage the iPhone produced. At least not in the beginning. I do remember the lines of people standing hours at the store waiting to get their first iPhone. I’m not a fan of Apple, or any of their products, but I have to hand it to them. Their fanboy appeal seems to alter lifestyles of consumers. The trend of apple seems to sell despite their failed innovations. They don’t provide anything really new, or produce quality above any other company. It’s their logo and status appeal that gets the money.

Anyway, enough of my tangent, back to AT&T. To better understand what really happened. let’s look at the network as a whole. a Cellular networks mainframe is hooked into a channel, usually a T1 copper line that runs to their cell towers. On the towers is a transmitter that functions in the same similar fashion that a wireless router or wireless phone base unit does. Obviously without many towers in the area a device connecting to them is going to have a harder time getting a good signal, so in essence, yes AT&T failed on the iPhone release with lack of towers, but what about urban areas with good tower ratios and good connections? That boils down to the “backhaul”. As stated earlier most of AT&T’s backhaul was comprised (and still is in most areas) of T1 lines. T1 lines were not originally intended to support large amounts of data traffic that the iPhone was so obviously being used for. A t1 provides roughly 1.5Mbps (about a 1/4 – 1/2 an mp3 per second), when congested with hundreds or even thousands of users that network real estate is eaten pretty quickly and the network chokes.

Onto the problem. AT&T received exclusive rights, and still maintains those right, to the iPhone. However, they have done very little to actually resolve the problem caused by mass data use. Some cellular providers have already recognized this problem and started using fiber channels for their backhaul, which raises the bar from 1.5Mbps to anywhere from 2.5Gbps - 10+Gbps (depending on channels used). AT&T (and many others) reserved their hand and estimated they a few years before the upgrade must be in place. It wasn’t until 2009, and the release of the 3rd generation iPhone, that AT&T started to cough up some change to improve their networks backhaul with a plan to revise starting in 2009 and expected to end in 2015. Verizon, while also committing to upgrade their backhaul, took a different route and purchased all the unused 700MHz TV traffic that now lay dormant with the HDTV mandate in 2008. Sprint poured about 5 Billion into it’s 4g network AKA WiMax, and allowed Clearwire access.

This year AT&T expects to place 2 billion into their network to stay in terms with upgrading their network. Unfortunately it seems like they have waited too long. With the major E-Readers (nook and Kindle among them) using AT&T’s 3g network for updates and data traffic. A new iPhone slated for release in later this year, and the iPad using only AT&T’s 3g network. AT&T stands to take a MAJOR hit to data traffic only a year into their upgrade attempts. However, AT&T is still hiding in the closet with regards to a quickly changing social norm saying, “We believe, though, the device, based on where we believe it will be used in homes, in offices, coffee shops, bookstores, airports, so on and so forth will be used a substantial amount of time in a Wi-Fi environment.”

Hopefully the relationship between Apple and AT&T holds firm when their network chokes after the launch of the new devices coming out. I personally enjoy not having Apple Fanboys tying up my cell network.

Do you think AT&T will be able to handle the anticipated iPad and new iPhone? Will Apple’s trend start to fail with the iPad, or will they be forced to open their devices up to all networks? Leave your feedback.

What’s in a name?

iPad – The joke of the week. Whether or not the product is any good seems to no longer be the point of discussion.

Now I wasn’t even going to bother writing about the iPad because of the hundreds of articles on the web already discussing it’s qualities, or lack thereof in some cases. However I’ve noticed the trend go from it’s ability to simply remarks about it’s name. I recently stumbled across this article stating that apple may just end up being at the end of a lawsuit over rights to the name “iPad”.

Above the blatant disregard for trademarked names apple obviously cared little about. I can see the need for some companies, like Fujitsu, to defend the name it’s already released a product under. The question I have after this epic failure in brand naming, why would anyone want to retain a products name that even resembles the joke line that has followed this launch? There are times when any press is NOT good press, especially when it results in consumers opinion of a product to be associated with toiletries or hygiene products (unless of course that is your line of business).

I pose this question, why spend thousands of dollars and hundreds of hours of wasted man power to fight for a name that has, within days, become a huge public joke? Someone that knows nothing about the product will now start with a poor first impression that has to then be overcome just to reach a neutral stance before they can be sold.

All companies associated with this name should likely second guess their brand name, entertain the idea of simply settling in court to avoid further “comments from the peanut gallery”. Making a public mess over it will bring press around, but that’s not necessarily a name any of these companies should want being tweeted about. Except loss, take or give credits and hold a board meeting about changing the name.

Stephen Hutcheon of the Sydney Morning Herald stated "Slate is a little bit 'Flintstones,' " referring to the buzz that the iPad may have been called iSlate. Well, Flinstones is far better then Max-iPad. Australia is already commenting on the iPad name. World Wide joke it seems, and that’s good? Apple seems to already hold the license for iSlate, why not put it to better use?

What is your take? Do you think apple should fight to hold the title of iPad? Do you think the joke will just “fade away” as Hutcheon suggests, or is internet buzz still driven by high school like jokes?