What toy should you put under the Christmas tree this year? If you were thinking about buying a smart toy for Christmas, the Vtech hack may cause you to re-think your decision.
For many parents the thought of their children’s personal data being stolen and made available online is the stuff of nightmares. So what exactly is a smart toy and should you be avoiding them in favor of a more traditional gift this year?
What happened to Vtech? Vtech’s tablets and other connected toys are all currently unable to access the app store. The Learning Lodge app store – which provides downloads of apps, games, music and books for toys made by VTech – had its database hacked on 14 November.
The personal information stolen, which was not encrypted, included the parent’s names, email addresses, passwords, secret questions and answers for password retrieval, IP addresses, postal addresses, download histories and children’s names, genders and birthdates. It has also been reported that photos, audio files and chat-logs were stolen – something that Vtech has not yet confirmed.
The numbers involved are huge – according to Vtech, 6.4 million children’s accounts were affected and it has now employed a security firm – Mandiant – to look at the damage and fix it. Until then, the app store will remain offline.
What’s the risk? If a toy is labeled “smart” then that probably means it’s connected to the internet in some manner, whether this be via an app, wi-fi or another method.
Security has not traditionally been an area of expertise for most toymakers so combining tech and toys could lead to problems.
Hello Barbie, another net-connected toy that can share conversations, games and stories with children, has also been subject to some scrutiny from security experts. Security researcher Matt Jakubowski discovered that conversations with children stored in the cloud can be accessed by others and that the toy can also be used as a surveillance device.
The risks of internet-enabled toys don’t end with security. Children confide in dolls and reveal intimate details about their lives, but Hello Barbie won’t keep those secrets. When Barbie’s belt buckle is held down, everything your child says is transmitted to cloud servers, where it will be stored and analyzed by ToyTalk, Mattel’s technology partner.
ToyTalk states that passwords are stored in a hardware-encrypted section of the doll and that no conversation history is stored on the toy. It also said that stored data is “never used for advertising purposes.
Do connected toys destroy imaginative play? Those days many children live large parts of their lives on the internet so it seems obvious that toymakers would want to tap into that cultural shift.
And many of the toys they make are attempting to bridge the gap between the real world and the digital one. Some critics point out that tech toys – like talking dolls and dinosaurs – may limit the imaginative play element that is part of more traditional toys.
What kind of limits will you be setting for your children this year?
Free commercial-grade security for the home. Sophos Home (currently in beta) protects every Mac and PC in your home from malicious software, inappropriate websites and viruses.
It uses the same award-winning technology that IT professionals trust to protect their business systems. Best of all, you can manage security settings for the whole family from any browser.
* Please note that this free version of Sophos Home is for private and non-commercial use, letting you protect up to ten computers per account
Log in to our ridiculously simple web dashboard from any browser. In no time every PC and Mac in your home will be protected.
Sophos Home keeps nasty viruses at bay, stops malware from slowing down your computer, and helps prevent unwelcome hackers from gaining access to sensitive personal information.
Sophos Home protects you from online threats and unsuitable content. With just a few clicks, block access to sites that may contain inappropriate content or malicious software.
With the holiday season fast approaching, many of us consider making donations to charitable organizations this time of year. It’s also the time when scammers work their hardest to profit from that generosity.
There have been some truly devious scams by fake cancer charities this year. For example, organizations with names that sound reputable – such as the Cancer Fund of America and the Breast Cancer Society – were found to have cheated donors out of $187 million dollars before federal and local enforcement agencies moved to shut them down.
How To Detect Charity Scams
It may not always be easy to tell whether a caller asking for a donation is legitimate. The Federal Trade Commission says these warning signs should make you suspicious:
1: The “Charity” can’t provide details about how donations are used.
2: The caller can’t provide proof – like a Federal tax ID number – that it’s a qualified charity and that your donation is tax-deductible
3: The caller pushes you to donate immediately
4: You’re asked to wire a donation
5: The caller thanks you for a pledge you never made to convince you that you’ve already agreed to donate.
Your decision to make a donation is generous, but you need to be vigilant if you plan to make that donation online as well. Scammers are looking to steal not just your money, but also your personal information. Follow these steps to protect yourself and ensure that your money gets to the causes you wish to support.
Protecting Yourself From Online Scams – 6 Things To Watch Out For
1: Don’t Respond To Email Solicitations
2: Delete Unsolicited Emails with Attachments
3: Be Inspired by Social Media, But Still Do Your Homework
4: Be Leary Of People Who Contact You Online Claiming To Be A Victim
5: Search Out The Charity’s Authorized Website
6: Give Through A Reputable and Secure Service
So before you write that donation check or enter your credit card information, take a minute to check out the organizations you’re considering using these online charity watchdogs. The information provided will also make it easier to see where your dollars provide the greatest impact.
They all evaluate charities by looking at a number of factors, including how much of your donation actually reaches the causes you want to support.
I’m always the first to tell people to update their technology devices whenever the manufacturer releases a new update. In many cases the updates include new security fixes as well as new “features” available for the device.
If you’ve noticed that your data usage has skyrocketed since installing iOS 9 then this may be caused by a new feature on your iPhone called Wi-Fi assist. For some of us, Wi-Fi Assist may be more of a bug rather than a feature.
Wi-Fi Assist automatically switches your iPhone to use your cellular data plan if you happen to be in a spot where Wi-Fi coverage is poor. This sounds great in theory, but if you’re not on an unlimited data plan then all this extra access on your metered data plan could result in a nasty shock when you get your next bill.
Compensating for poor Wi-Fi when you’re out and about is one thing, but with this setting you could be burning through your data allowance when sitting at home or in your office.
You can find the switch to turn off this feature under Settings > Cellular and then scroll to the bottom of the (very long) page till you see the Wi-Fi assist entry
Note that the default for this “feature” is on.
This could be a useful feature, and it’s a shame that the toggle for it is buried at the bottom on an obscure page under Settings that most people will never venture into, because it’s one of those things that would be nice to be able to turn on if the need arose.
You can keep an eye on your usage by periodically using the Reset Statistics feature, which you can find just below the Wi-Fi Assist toggle detailed above. I do this on a regular basis since I subscribe to a limited data plan that’s shared with other users. If you’re on a limited plan then doing this monthly could help you keep an eye on your data usage as well.
A few days ago Apple released the iOS 9.0.2 update to fix this and a number of other issues – If you’ve already upgraded to iOS 9 then it’s time to install the latest patch or at the very least, change the Wi-Fi Assist settings before your next billing period rolls around.
Amazon Echo, also known as Alexa, is a voice command device from Amazon.com with functions including question answering, playing music and controlling smart devices. It’s a tall cylinder with a seven-piece microphone array and speakers that include a woofer/tweeter and a remote control. The device responds to the name “Alexa”, however this “wake word” can be changed by the user. Amazon had been developing Echo inside their Silicon Valley and Cambridge, Mass labs for at least four years. The device, codenamed ‘Doppler’ or ‘Project D’, was part of Amazon’s first attempts to expand its device portfolio beyond the original Kindle E-reader.
The Echo, previously available to Amazon Prime members or by invitation only, became widely available in late June, 2015. Additionally the service behind it (Alexa Voice Service) is now available to be added to other devices and other companies’ devices and services are encouraged to connect to it (using the Alexa Skills Kit).
Amazon Echo runs on Amazon Web Services. In the default mode the device continuously listens to all speech, monitoring for the wake word to be spoken. The device also comes with a manually and voice-activated remote control which can be used in lieu of the ‘wake word’. Echo’s microphones can be manually disabled by pressing a mute button to turn off the audio processing circuit.
Echo requires a Wi-Fi internet connection in order to work. Its voice recognition capability is based on Amazon Web Services and the Amazon common voice platform it acquired from Yap, Evi, and IVONA. Echo performs well with a ‘good’ Internet connection which minimizes processing time due to minimal communication round trips, streamable responses and geo-distributed service endpoints.
Echo’s natural lifelike voices result from speech-unit selection technology. High speech accuracy is achieved through sophisticated natural language processing (NLP) algorithms built into the Echo’s text-to-speech (TTS) engine.
Echo offers weather and news from a variety of sources, including local radio stations, NPR, and ESPN from TuneIn. Echo will play music from the users Amazon Music accounts and built in support for the Pandora streaming music service was recently added, as was support for IFTTT (If This, Then That).
Echo can also play music from streaming services such as Apple Music, and Google Play Music from a phone or tablet. Echo maintains your voice-controlled alarms, timers, shopping and to-do lists and will respond to your questions about items in your Google calendar. It also integrates with Philips Hue, Belkin WeMo, SmartThings, and Wink. Additionally, integration with Echo is in the works for Countertop by Orange Chef, Scout Alarm, Garageio, Toymail, MARA, and Mojio.
There are concerns about the access Echo has to private conversations in the home, or other non-verbal indications that can identify who is present in the home and who is not—based on audible cues such as footstep-cadence or radio/television programming. Amazon responds to these concerns by stating that Echo only streams recordings from the user’s home when the ‘wake word’ activates the device. However, remember Echo is always be listening to detect that a user has uttered the word.
Echo uses past voice recordings the user has sent to the cloud service to improve response to future questions the user may pose. To address privacy concerns, the user can delete voice recordings that are currently associated with the user’s account, but doing so may degrade the user’s experience using voice search. To delete these recordings, the user must visit the Manage My Device page on Amazon.com or contact Amazon customer service.
Echo determines its location in the user’s home by the collection of networks detected including Wi-Fi routers, the signal strengths of these routers, the type of security the routers use, and the registration information provided by the broadband carrier of these devices. Amazon and third-party apps and websites use location information to provide location-based services and store this information to provide voice services, the Maps app, Find Your Device, and to monitor the performance and accuracy of location services. For example, Echo voice services use the user’s location to respond to the user’s requests for nearby restaurants or stores. Similarly, Echo uses the user’s location to process the user’s mapping-related requests and improve the Maps experience. All information collected is subject to the Amazon.com Privacy Notice.
Purchasing merchandise or digital media such as songs, by commanding Echo to buy the song, does require manual intervention—through an alternate user interface—to complete the purchase. Echo has demonstrated hit-or-miss results when asked common questions that users would expect better answers to.
The current location of the device is set to Seattle (Amazon headquarters) by default and must be changed manually, and can only be set to a location within the USA. This is different from smartphone-based voice assistants that can get the actual location via built-in GPS locators. This restriction can lead to undesired or seemingly “wrong” results for questions that imply the location such as “What is the weather” (around here) or “Set an alarm for 1000am” (local time here).
Echo is currently available on Amazon.com for $179.99 Prime and you expect much more functionality in the future as Amazon just dropped another $100 Million in the developers pot.
Amazon Echo Video:
Facebook just filed a patent on using social network data to influence lending decisions. God help us all.
If there was any confusion over why Facebook has continually defended its policy requiring users to display their real, legal names, the company may have finally laid it to rest with its recent patent application. Earlier this month, the social giant filed to protect a tool ostensibly designed to track how users are networked together—a tool that could be used by lenders to accept or reject a loan application based on the credit ratings of one’s social network.
In short: You could be denied a loan simply because your friends have defaulted on theirs. It’s the kind of digital redlining that critics of “big data” collection have been warning us of for years. It could make Facebook a lot of money, it could make the Web even less safe for poor people and it could be just the beginning.
Many banking institutions in the US have a long history of discriminatory lending. Federal laws passed in the 1970s made these practices illegal and further protected the poor from discriminatory credit reporting and lending practices. But these laws narrowly define lenders and creditors in ways that don’t apply so neatly in the internet age.
Depending on which factors are considered and which aren’t, predictive modeling based on one’s own history and behaviors can be terribly incorrect. When there’s more and more data to choose from, that could be good or bad news for consumers, depending on the algorithm used. Despite Facebook’s self-assured patent application and the company’s apparent confidence in its “authorized nodes,” modeling based on one’s social network only presents more opportunities for discriminatory and inaccurate conclusions.
Behavioral research consistently shows we’re more likely to seek out friends who are like ourselves, and we’re even more likely to be genetically similar to them than to strangers. If our friends are likely to default on a loan, it may well be true that we are too. Depending on how that calculation is figured, and on how data-collecting technology companies are regulated under the Fair Credit Reporting Act, it may or may not be illegal. A policy that judges an individual’s qualifications based on the qualifications of one’s social network would reinforce class distinctions and privilege. Returning to an era where the demographics of your community determined your credit-worthiness should be illegal.
Facebook’s true value comes from the data it collects on us, which it in turn sells to advertisers, lenders, and whoever else it wants to. The accuracy of that data is critical to the company’s business model success, and this patent is Facebook doubling down on the supposed truth in its networks.
But a lot of that data is bad because Facebook isn’t real life. Our social networks are not simply our friends. The way we “like” online is usually not the way we “like” in real life. Our networks are clogged with exes, old co-workers, relatives permanently set to mute, strangers and characters we’ve never even met.
On Facebook, we interact the most not with our best friends, but with those friends and acquaintances who use Facebook the most. This could lead to not only discriminatory lending decisions, but completely unpredictable ones—how will users exercise due process to determine why their loan applications were rejected when a mosaic of proprietary information formed the ultimate decision? How will users know what any of that proprietary information says about them? How will anyone know if it’s accurate? And how could this change the way we interact on the Web entirely, when fraternizing with less fiscally responsible friends or family members could cost you your mortgage?
Is Biometric Authentication Only A Heartbeat Away?
We’ve talked about biometric authentication protocols for many years now and a number of systems are available and working today. Some of the methods currently available are: Facial Recognition Fingerprint scanners Hand geometry scanners Retina and Iris scanners Voice Analysis
Body Parts Become Passwords:
Checking a user’s body parts to authenticate access to your smartphone or computer system might soon take another leap forward.
A new wave of wearable biometric security devices is going beyond facial recognition and eye-scan technologies to detect the unique physical characteristics inside your body. The breakthrough: Cardiac rhythms, finger veins and other internal biological signatures hold a wealth of differentiating features that may someday replace passwords and fingerprints, providing a sophisticated and innovative approach to security.
In short, the hardware—such as bracelets and smartphones—will simply become the vehicle for secure apps that authenticate a user’s anatomy. You won’t have to wear your heart on your sleeve, just a heart monitor on your wrist.
More Than Skin Deep
The Nymi Band, for example, senses the wearer’s heart rhythm and compares it to a stored record. A heartbeat that matches the record unlocks a smartphone or computer. Nymi’s maker, Bionym, a startup out of the University of Toronto, says its heart-monitoring bracelet is more convenient than memorizing passwords and juggling coded security cards. The technology, it suggests, could be used in payment systems and other aspects of the app economy. MasterCard has already invested in this technology.
Other companies are working on authentication that relies on a user’s internal biology, although many are still in the research labs; commercial use may be years away. AT&T has created a system to send an electro-acoustic signal through bone or skin to produce a “body signature,” then compare it to a database of signatures to grant or block access. EMC, the world’s largest provider of data storage systems, is also working on a technology that authenticates users with facial and pulse data, factoring in circadian rhythms and adjustments for age.
Although body parts show promise as security vectors, companies that want to authenticate employees or customers through their internal organs have to watch out for technological limitations and legal issues. Privacy groups such as the Electronic Frontier Foundation warn that biometrics used improperly are a unconstitutional menace to privacy.
Devices measuring internal biometrics may be harder to fool than those that rely on external features that can be altered, such as faces and fingerprints, but we won’t know until mass rollouts occurs just how safe and secure they really are.
We’re just at the cusp of these emerging technologies. In order to succeed, the technology must offer some improvement on what already exists. Right now, relying on internal organs for authentication isn’t less expensive, more accurate or more efficient than using established products that rely on eyes, faces or fingerprints. And some of these older systems are “pretty entrenched”. These new techniques will have to find a niche to get the ball rolling. Until that happens, despite their promise, emerging biometric developers are finding it difficult to get a foot—or heart or vein—in the door.
Check out the Nymi Biometric Band here: https://www.nymi.com/
Windows 10 is here and it’s faster, smoother and more user-friendly than any Windows operating system that has come before it. Windows 10 is everything Windows 8 should have been, addressing nearly all of the major problems users had with Microsoft’s previous operating system in one fell swoop.
But there’s something you should know: As you read this article from your newly upgraded PC, Windows 10 is also spying on nearly everything you do.
“It’s your own fault if you don’t know that Windows 10 is spying on you.” That’s what people always say when users fail to read through a company’s terms of service document, right?
Well, here is Microsoft’s 12,000-word service agreement. Some of it is probably in English. I’m pretty sure it says you can’t steal Windows or use Windows to send spam, and also that Microsoft reserves the right to take possession of your first-born child if it so chooses. And that’s only one of several documents you’ll have to read through.
Actually, here’s one excerpt from Microsoft’s privacy statement that everyone can understand:
Finally, we will access, disclose and preserve personal data, including your content (such as the content of your emails, other private communications or files in private folders), when we have a good faith belief that doing so is necessary to: 1.Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies;
2.Protect our customers, for example to prevent spam or attempts to defraud users of the services, or to help prevent the loss of life or serious injury of anyone;
3.Operate and maintain the security of our services, including to prevent or stop an attack on our computer systems or networks; or
4.Protect the rights or property of Microsoft, including enforcing the terms governing the use of the services – however, if we receive information indicating that someone is using our services to traffic in stolen intellectual or physical property of Microsoft, we will not inspect a customer’s private content ourselves, but we may refer the matter to law enforcement.
If that sentence sent shivers down your spine, don’t worry. As invasive as it is, Microsoft does allow Windows 10 users to opt out of all of the features that might be considered invasions of privacy. Of course, users are opted in by default, which is more than a little disconcerting, but let’s focus on the solution.
First, you’ll want to open Settings and click on Privacy. There, you’ll find 13 different screens — yes, 13 — to go through, and you’ll want to disable anything that seems at all intrusive or worrisome. Most of the important settings can be found on the General tab, though other tabs are important as well. For example, you’ll definitely want to adjust what types of data each app on your system can access.
Next, users should consider dumping Cortana. Yes, the voice-driven assistant is easily one of the best new features in Windows 10, but it also plays fast and loose with your data. As a result, many users will find that the benefits do not outweigh the risks.
To complete the third task, you’ll have to venture outside the confines of your PC and hit the web. Perhaps this is a good opportunity to check out Microsoft’s nifty new Edge browser. In it, click on this link and set both “Personalized ads in this browser” and “Personalized ads wherever I use my Microsoft account” to off. This will disable Microsoft’s Google-style ad tracking features.
The last tip is one that most users will likely skip, as it is a bit excessive. Some users are removing their Microsoft account from Windows 10 completely and using a newly created local account instead. This way, Microsoft doesn’t grab hold of all your data to sync it across machines. To me, that’s a pretty good feature so I’ve opted to keep it.
Here’s another tool in the never ending battle against malware, drive-by and infected webpages – and this one is FREE
CISCO is currently in the process of buying OpenDNS to the tune of $635 million. That means very little to most people who probably haven’t even heard of OpenDNS until today. What’s important here is that even with that market valuation – YOU can still get this valuable service absolutely FREE!
OpenDNS is a company and service which extends the Domain Name System (DNS) by adding features such as phishing protection and optional content filtering to traditional recursive DNS services.
The OpenDNS Global Network processes an estimated 70 billion DNS queries daily from over 65 million active users across 160+ countries connected to the service through 24 data centers worldwide. Previously OpenDNS was an ad-supported service showing relevant ads when they show search results and a paid advertisement-free service. The free service has since evolved to no longer showing advertisements.
DNS services for personal/home use Back on May 13, 2007, OpenDNS launched a domain-blocking service to block web sites or non-Web servers visited based upon categories, allowing control over the type of sites that may be accessed. The categories can be overridden through individually managed blacklists and whitelists. In 2008, OpenDNS changed from a closed list of blocked domains to a community-driven list allowing subscribers to suggest sites for blocking; if enough subscribers (the number has not been disclosed) concur with the categorization of the site it is added to the appropriate category for blocking. As of 2014 there were over 60 categories. The basic FREE OpenDNS service does not require users to register, but using the customizable block feature requires registration.
Other free, built-in features include a phishing filter and a service called Phish Tank for users to submit and review suspected phishing sites.
The OpenDNS service consists of recursive nameserver addresses as part of their FamilyShield parental controls which block pornography, proxy servers, and phishing sites as well. The service works with any device connected to a single home network after the user makes a simple DNS change in their router. Instructions for making this change in all the popular routers and modem can be found on their support forums link below.
How does OpenDNS work?
- Instantly blocks access to adult websites No complicated configuration FamilyShield is pre-configured to block adult websites across your Internet connection. Just turn it on and go. The filter is always up-to-date, adding new sites 24/7.
- Flexible parental controls that protect every Internet-connected device in your home, instantly. When you set up FamilyShield on your router, every device in your home gets protected. That means everything: your kids’ Xbox, Playstation, Wii, DS, iPad, and even their iPhone.
- Built-in anti-fraud and phishing protection Take the guesswork out of identifying fraudulent sites. FamilyShield automatically blocks phishing and identity theft websites.
- Makes your Internet faster and more reliable Setting up FamilyShield frees you of frustrating, intermittent Internet outages and makes Web pages load faster, which makes your overall Internet connection faster.
Visit the following links for additional information:
The best tool for protecting your kids (or employees) from malware and porn: http://www.techrepublic.com/article/the-best-tool-for-protecting-your-kids-or-employees-from-malware-and-porn/
Getting Started Forums and FAQ’s https://support.opendns.com/home
After nine months of waiting, Windows 10 is almost here. Tuesday night at midnight, Microsoft will release the first full release of Windows 10, the biggest change in PC software in nearly three years. It’s kind of a big deal! We’ve been getting previews of Windows 10 since October, and the rollout of the actual software will happen in stages, but midnight will still be zero hour for answering a lot of the questions that have swirled around Windows 10 since it was first announced. How do you build a single OS for laptops, tablets, and smartphones? Tuesday night, we’ll find out.
First thing’s first: how do you get it? Microsoft is sending out Windows 10 in waves, starting with Windows Insiders and then moving through preorders gradually. The waves are designed to make the release more stable — issues that pop up in one wave can be fixed for the next one — but it means it could be days before you actually get the chance to download the new OS. The good news is that, unlike Windows 8, Windows 10 is designed to work as a straight upgrade, so as long as your computer meets the specs, you should be able to install it right away. Still, we definitely recommend doing a full system backup before you install. If you’ve got Windows 7 or Windows 8, you’ll be able to upgrade free any time in the next year. Otherwise, the official price is $119, although third party sellers like NewEgg are already offering cheaper versions for pre-order, scheduled to ship at the end of the month.
What will Windows 10 look like when it arrives? When Windows 10 does arrive you won’t have to wait days to find out. Many PC magazines and Tech Support forums are going to be putting the OS through its paces as soon as it becomes public, which means Microsoft fans will have a lot to piece through on Wednesday morning.
To start with, there’s a whole new interface to work through. Based on developer previews, Windows 10 seems to be a combination of the best features from 7 and 8, but it also comes with a lot of new ideas that have never been implemented at this scale. Cortana will be everywhere in Windows 10, available in the Start Menu and through voice commands. It’s also the first big stage for Microsoft’s new Edge browser, a fully revamped notification center, and for PC gamers, a deeper Xbox integration than we’ve ever seen before.
The biggest question of all: is Windows 10 ready for prime time? As recently as June, there were still some troubling and persistent upgrade bugs kicking around the developer preview. The Windows team had a lot of sleepless nights throughout June and July to ensure the quality is high across the vast amount of PCs out there. After Vista and Windows 8, there’s a lot of pressure to make sure this launch goes smoothly. Still, we won’t know for sure until Windows 10 goes live on Tuesday.
Finally – will the new Cortana outpace Siri? It seems like Cortana will definitely give Siri a run for the money. Obviously, you’ll need a microphone in order to communicate with Cortana – so if you want to join the voice revolution now would be a good time to pick one up…