This smart phone GPS application proves that crowd sourced navigation is working and it’s getting better.
At its core, Waze gives you voice-enabled GPS directions on your iOS or Android device. Best of all, it’s FREE. It’s still not perfect, but if you’re willing to trade a little routing efficiency for features you can’t find on other navigation apps, like real world travel times and up-to-the-minute, user-reported traffic jams, Waze is definitely worth checking out.
Here’s how it works:
Waze connects you to other drivers automatically (and anonymously) in the background. The app then pools data from everyone and channels it into more efficient, time-saving routing algorithms based on real-world trip data from other users, not just what the map data infers. This is essentially what TomTom does with its long-standing IQ Routes feature, but until Waze came along, we hadn’t seen it on a free phone app. On the display, cute little icons show you where other Waze users are as you drive.
Waze also knows that even if a route is technically shorter, you could still end up taking just as long as you would via the longer way on the highway, because of all the traffic lights. I had several instances where Waze nailed the ETA in actuality; whereas my Garmin’s GPS guessed I’d arriv earlier, only to adjust itself as the trip went on to eventually match what Waze had said all along.
Performance, Incident Reporting, and Conclusions
While en route, Waze doesn’t display the current road speed limit, and there’s no 2D or 3D lane assistance like on newer Garmin and factory supplied navigation systems. On the plus side, the colorful, animated traffic icons showing the current status and delay times looked very sharp on the map. Real-time traffic alerts worked well, and provided plenty of options throughout my trip.
Tap the exclamation point on the bottom right, and it will pop up nine icons to report an accident, police activity, heavy traffic, and other road hazards. In landscape mode, it will only show six icons, though; you need to scroll to the right to see the other three. Still, this is where Waze really shines; the app popped up plenty of real-time traffic alerts during a recent trip to northern Vermont and back. And on one leg of our trip, Waze popped up an alert that there was police activity coming up 400 feet ahead. And there was! There was a state police car at the side of the road with its lights on. Waze prompted me to either give it a thumbs up (meaning the report was correct), tell it that it was close but not exact, or tell it that there was in fact no police vehicle present.
The voice prompts were understandable, and the fact that it works via blue tooth helped greatly with low volume concerns. I also didn’t hear any pronunciation gaffes with Waze like I experience with my Garmin Nuvi.
If you want turn by turn, voice prompted navigation with real time traffic alerts, gas prices and hazard reporting – all for FREE – WAZE is the answer. Remember – this is a crowd sourced application so the more you put into it, the better it will become. Download it from the App Store or Google Play.
Yesterday – Google’s predictive search and voice recognition tool has arrived as an app on Apple’s iOS platform.
Having debuted at last year’s Google I/O conference, the Now-enabled Google Search 3.0 for iOS brings the same robust search features and visual style, called cards, to iPhones and iPads. Google Now’s product manager, Tamar Yehoshua, said that Google Now will compete well against Apple’s personal assistant Siri because of its superior accuracy.
“We think we’ve built a great experience,” she said during a conversation at Google’s headquarters in Mountain View last week. “We’re giving you an answer before you’ve even asked,” she explained. Google is “able to predict knowledge that you want before you know you want it.”
Google Now does that by taking advantage of several different technological areas. It leverages the text-to-speech output, the Knowledge Graph, and the technology stack to provide its voice recognition and predictive search combo.
Unlike Google Now on Android, which you can start using as long as your device is running Android 4.1 or later, the Google Now app on Apple’s iOS will require you to log in to your Google account first. But the defining features of Google Now, the voice recognition and the predictive search, remain intact.
The predictive search in Google Now will use your calendar, for example, to determine what information it should show you. That info can change depending on where you’re going, so it might show you traffic on your route home, or tourist sites near your hotel.
Google Now’s Voice Recognition has made some significant improvements. People got used to using keywords to search because they had to, but it’s not the best way to search. Google Voice has now implemented just the beginning phases of context and conversation, such as following a question like “How tall is Barack Obama?” with “And how tall is his wife?”
And an even more complex scenario as a future goal for Google Now would be to follow “What happened in the Red Sox game?” with “Who’s pitching? When are they playing tomorrow?” and the tricky integration of other digital services that could conclude with “Record the game for me.”
Google executives were quiet about possible plans to port Google Now to other platforms, such as Chrome. But it’s apparent that the service is big deal for Google, as evidenced by the attention that co-founder and CEO Larry Page paid Google Now during last week’s quarterly earnings call.
The goal of Google Now, he said, “is to get you the right information, at just the right time.” He noted the key features of the service, including that it provides people with their boarding passes and delivery updates as well as traffic conditions, local sports scores, and upcoming weather conditions without prompting.
“Looking for the nearest pharmacy? Just ask Google for directions, and we’ll deliver them instantly,” Page said. “No typing needed. And you can now ask conversational questions like ‘Do I need a jacket this weekend?’”
While it’s clear that Google Now is growing in its importance to Google Corporate, especially as a strong customer-facing tool for its Knowledge Graph, it’s less obvious how many people with iPhones will abandon Siri and its automatic start features in order to jump into Google’s competing app.
Around 50 million Dropbox users might soon need to give a second thought to continuing using the popular file hosting service, thanks to recently uncovered security issues.
Questions have been raised over the service regarding file security in the past, but the convenience it offers seems to have overcome security considerations.
The online storage service is offered by Dropbox Inc which provides cloud storage, file synchronization, and client software. With Dropbox users can create a special folder on each of their computers, which it then synchronises so that it appears to be the same folder (with the same contents) on all computers used to view it. Files in the folder can also be accessed through a website and mobile phone applications.
According to an article in TechRepublic by Michael Kassner, who runs IT publication consultancy MKassner Net, while perusing this year’s Black Hat EU seminar briefing website, he came across a briefing note titled ”DropSmack: How cloud synchronization services render your corporate firewall worthless.”
Penetration tester Jake Williams gave an impressive and amusing presentation at this year’s Black Hat Europe revolving around how he ended up gaining access to a client’s network via Dropbox. There’s a link to Jakes presentation at the end of this article
After being continuously stymied in all of his traditional pen testing efforts, he was able to gain access to the CIO’s laptop through some open source (Facebook) reconnaissance, and ultimately discovered corporate documents in a Dropbox folder. Score!
This led to the development of DropSmack. DropSmack leverages the Dropbox synchronization services on an owned (infected) system to act as a Command and Control (C2) channel to the internal corporate network.
In a nutshell – here’s how DropSmack works:
DropSmack is designed to monitor the Dropbox synchronization folder. The hacker creates a file using a .doc extension, puts a legitimate file header on the first line, and then adds the desired macro commands. These files won’t open in Word (MS Word says the file is corrupted); but that’s good, it makes the file less prone to investigation by a snoopy user.
When the doctored file is placed in the owned (hacked) computer’s Dropbox folder, Dropbox does it magic synchronizing all associated Dropbox folders. DropSmack detects the file meant for it, and executes the command. BAM!
DropSmack would give a hacker the ability to spread malicious code or exfiltrate sensitive data from internal systems that synchronize with the infected system via Dropbox. All of this would bypass traditional security defense mechanisms such as Firewalls, Intrusion Detection Systems, Data Loss Preventions, and AntiVirus solutions both at home and on corporate networks.
The best chance at defense?
Williams says that application whitelisting “won’t let the new application (DropSmack) execute.” The process of whitelisting every application that is allowed to execute on a computer system would be a HUGE undertaking. However, just the fact that this communication channel exists by design remains the major challenge. Companies and individuals must ask themselves if the use of Dropbox is worth the potential risk?
A few more interesting tidbits for business owners:
• More often than not, Dropbox is loaded on corporate networks whether it is approved or not — most of the time it’s not.
• It’s a good bet the bad guys know this technique, and are already using it.
The article may make it seem that DropSmack is more of a corporate concern, but that is not necessarily so. Once DropSmack or similar malware becomes mainstream in the bad-guy circles, it’s everyone’s concern.
Read the full article on TechRepublic here:
Direct Link to the BlackHat conference briefing presentation
The deadline for filing federal taxes was yesterday and Massachusetts residents have today as an extra day to file their state taxes, but cybercriminals impersonating the IRS in e-mail scams designed to steal your tax refund are just getting warmed up.
An estimated 95% of the e-mail moving across the Internet in the last three months — and purporting to come from IRS.gov — was fraudulent, according to results of an e-mail traffic survey supplied exclusively to USA TODAY.
Just like the sun rises in east and sets in the west, every year, come April, phishers who specialize in tax fraud come out to try to get you.
What’s more, cyber security experts warn that e-mail messages crafted to look like official IRS inquiries, but designed to steal personal information and reroute tax refunds to accounts controlled by organized theft rings, will continue at a high rate through May and June.
They’ll send an e-mail confirming they’ve received your tax return and need more information or that your online tax payment has been rejected and you need to log in and respond immediately.
Cybercriminals are well-versed in local, state and federal tax rules throughout the U.S. and in other nations. They use bogus forms that look authentic in order to trick a victim into divulging log-on credentials for tax authority websites and bank accounts. Or they’ll entice the victim into clicking a malicious attachment or Web link that turns control over to the attacker.
Tax scammers can find out if a tax return has already been filed, note the refund amount and modify where the refund should be sent. If the opportunity arises, they’ll file a faked return and route the refund into their hands.
Part of the reason bogus IRS e-mail continues to swamp the Internet this time of year is because the agency has not yet adopted a year-old technical standard called DMARC, an acronym for Domain-based Message Authentication, Reporting & Conformance.
DMARC standardizes how major online companies, such as Facebook and Netflix, prove the authenticity of legitimate e-mail sent to customers. Major Internet Service Providers as well as the major providers of free Web mail — Microsoft, Google, Yahoo and AOL — all support DMARC.
Any “phisher” that attempts to send a bogus Facebook or Netflix e-mail that uses the free e-mail services or ISPs supporting DMARC, gets blocked. DMARC has been lobbying the IRS to adopt the standard stating that companies and organizations need to take a proactive approach to protect their consumers from phishing attacks by implementing the DMARC standard. Until that happens, these types of attacks will continue to occur.
Remember the IRS will not attempt to contact you via email. Always verify the authenticity of the “sender” of any email request before complying and potentially opening yourself up to identity theft.
Google Chrome is using data about websites, IP addresses, and domains to detect 99 percent of malicious executables downloaded by users — outperforming antivirus and URL-reputation services
The system, known as Content Agnostic Malware Protection (CAMP), triages up to 70 percent of executable files on a user’s system, sending attributes of the remaining files that are not known to be benign or malicious to an online service for analysis.
While Chrome’s system uses a blacklist and whitelist on the user’s computer to initially detect known good or bad files, the CAMP service uses a number of other characteristics, including the download URL, the Internet address of the server providing the download, the referrer URL, and any certificates attached to the download.
CAMP bridges the gap between blacklists and whitelists by augmenting both approaches with a reputation system that is applied to unknown content. The approach should improve the security of Google Chrome users because it’s interfering with one of the primary ways that cybercriminals attempt to infect systems.
Google’s own real-world test — deploying the system to 200 million Chrome users over six months — found that CAMP could detect 98.6 percent of malware flagged by a virtual-machine-based analysis platform. In addition, it detected some 5 million malicious files every month that had escaped detection by other solutions.
In many ways, CAMP is an answer to Microsoft’s SmartScreen, a technology that Microsoft built into its Internet Explorer and the latest version of its operating system, Windows 8. SmartScreen is largely responsible for Internet Explorer 8′s and 9′s superior performance in blocking malicious downloads. Yet SmartScreen has worried some privacy-conscious users because it sends characteristics of every file it evaluates to Microsoft’s servers.
Unlike Microsoft’s solution, CAMP attempts to detect locally whether any downloaded file is malicious, before passing characteristics of the file to its server-based analysis system. First, the system checks the binary against a blacklist — in this case, Google’s Safe Browsing API. If that check doesn’t returns a positive result, and if the file has the potential to be malicious, CAMP will check a whitelist to see whether the binary is a known good file.
The CAMP service renders a reputation — benign, malicious, or unknown — for a file based on the information provided by the client and reputation data measure during certain time windows, including daily, weekly, and quarterly measurements. Information about the download URL, the Internet address of the download server, any referrer information, the size and hash value of the download, and any certificates used to sign the file are sent to Google to calculate a reputation score.
CAMP’s 99-percent success rate surpassed four antivirus products, which individually detected at most only 25 percent of the malicious files and collectively detected about 40 percent (Google has chosen NOT to mention the Antivirus products tested). Other detection services — such as McAfee’s SiteAdvisor, Symantec’s Safe Web, and Google’s own Safe Browsing — fared even worse, detecting at most only 11 percent of the URLs from which malicious files were downloaded.
The relevance of this solution may be limited to consumers and small businesses. While the Google Chrome results are impressive, most companies should not be allowing employees to download and run executables anyway. The weakest link in security protection is the end user!
Windows Blue – the NEXT big thing?
After an abundance of rumors we now have concrete evidence of Microsoft’s upcoming Windows Blue operating system. The leak of “Windows Build 9364″ appeared Sunday morning and news of the leak blazed across the internet like wildfire. Although Microsoft hasn’t issued a formal statement about the leak, it’s been reported by many industry news sources such as PC World, C-Net and numerous blogs and forums.
From the information currently available, here are what’s expected to be the 10 coolest features (and hints of new features) buried deep inside this build of Windows.
1. Half-screen app snapping
Windows 8′s ability to “Snap” an app to the side of the screen while another runs beside it gives the OS multitasking that Android and iOS just can’t match. The Windows Blue leak adds a 50/50 snapping option that should’ve been available from the get-go. Being able to dedicate half your screen to two separate apps makes the Snap feature much more useful for day-to-day app-based activities. (The old 75/25 split is still available if you prefer it, though.)
2. The rise of modern User Interface PC settings
One of the worst flaws of Windows 8 is the way it splits crucial settings options between the traditional desktop Control Panel and the modern-style PC Settings found in the Settings charm. Windows Blue fixes this with its vastly expanded PC Settings, which now contain many of the options hidden within the Control Panel.
Windows Build 9364′s PC Settings now let you fiddle with default apps, resolutions, networking details, and a whole lot more—including a new SkyDrive section.
3. Super SkyDrive
The modern-style SkyDrive app is not the same as the desktop SkyDrive app. That difference is glaring in Windows 8, where the modern-style app can only access files previously stored in your SkyDrive—it has no ability whatsoever to sync new files to the cloud. That may change with Windows Blue.
Hidden under the new SkyDrive section of the PC Settings is a Files submenu that hints at the addition of a file-syncing option in Windows Blue.
4. Internet Explorer 11
Also found in Windows Blue: Internet Explorer 11. It’s a very early version of Microsoft’s next-gen web browser—so much so that, functionally, it’s the exact same as Windows 8′s Internet Explorer 10. Under the surface, however, lies an intriguing hint of a new feature for the browser.
Buried inside the “More options” button in the top-most menu bar is an option dubbed Show synced tabs. Internet Explorer 10 introduced synced bookmarks and history to Microsoft’s browser. Were those just the beginning? It’ll be interesting to see if and how the new tab syncing function fits into the various IE iterations spread across Microsoft’s various platforms.
5. New apps?
Alongside the usual Mail, Maps, and Music tiles you know and love/loathe, a quadruplet of new apps appear on the Windows Blue Start screen: Alarms, Calculate, Sound Recorder, and Movie Moments.
6. New Live Tile size options
In Windows 8, you have two basic Live Tile sizing options: A medium-sized square, or a larger rectangle the size of two of those squares combined. Windows Blue ups the customization ante with the introduction of two new tile sizes. One’s an itty-bitty square a quarter of the size of Windows medium Tiles, while the other is a massive Tile as big as a pair of Windows 8′s larger rectangular tiles.
The additional sizing options afford a lot more customization flexibility, giving you the ability to craft a Start screen that isn’t quite as grid-like as what you’re limited to in Windows 8.
7. Say goodbye to accidental tile shifting
One of the biggest frustrations of the Windows 8 Start screen is how easy it is to accidentally move a Live Tile to a new location. If you move the mouse even a little bit while clicking on a Tile, the screen shifts to Semantic Zoom to allow you to move the Tile to another location, rather than simply opening it. Windows Blue eliminates that frustration with a new Customize button.
8. New gestures
That doesn’t mean the All Apps screen was eliminated from Windows Blue, however. The Verge reports that Windows Blue includes new gesture controls, including the ability to swipe up from the bottom of the Start screen to reveal all of your installed apps. Swiping up from the bottom of the desktop reveals a hidden app bar that includes snapping and projector options, amongst other things.
9. Easier personalization
While we’re on a Start screen, it’s worth mentioning that Windows Blue makes it much easier to change the look of the user interface. In Windows 8, the personalization options are banished to the darkest corner of the OS, buried deep in submenu after submenu. In Windows Blue, a Personalization option appears in the level of the Settings charm, right above the familiar Tiles and Help options.
10. Simple screenshot sharing
Maybe it’s because I love anything that streamlines the process of taking and sharing operating system screenshots. Windows 7’s “Snipping Tool” is/was the best thing since sliced bread in my opinion. Windows Blue adds the ability to share a screenshot of the app you’re working in using other modern-style apps you have installed, similar to Android’s sharing function. Again, it’s a simple change, but an awesome one.
The more things change, the more they stay the same
The most telling takeaway has nothing to do with features or functionality, however: It’s the very nature of Build 9364 itself. Previously, there was some debate about whether Windows Blue was a whole new OS or an update to Windows 8. Now we know it’s clearly the latter, as evidenced by the incremental improvements found in the leaked operating system.
And while we’re talking notable non-features, the Start button still doesn’t make it into Windows Blue. Looks like it’s really gone for good!
That said, Windows Blue is a clearly a step in the right direction, addressing many of the basic interface complaints leveled at Windows 8 and Windows RT as they stand today. Will it be enough to woo Windows 7 enthusiasts to Microsoft’s platform of the future? We’ll just have to wait and see.
Want to see a video of Windows Blue new features? Visit our friends at the Verge
Ready or Not – Windows 7 Service Pack 1 is Coming
If you’re a Windows 7 user and you’ve been dragging your heels when it comes to that Service Pack 1 upgrade, then prepare to get an extra dose of encouragement from Microsoft.
Starting today, March 19th, 2013, Microsoft will begin deploying SP1 via Windows Update to all neglected PCs, and just so you’re aware, the update won’t require your consent. The push will happen during a phased rollout over the next few weeks, and as for the consequence of not upgrading, Microsoft will no longer support Windows 7 RTM as of April 9th 2013. As usual, PCs that are managed by system administrators can be shielded from the deployment, but for everyone else, it seems that you’d best prepare for the inevitable.
Here’s a snippet from the Microsoft “Blogging Windows” blog post:
“The installation will be fully automatic with no user action required for those who already have Automatic Update enabled. SP1 will be released gradually over the coming weeks to all customers on the RTM version of Windows 7. The service pack will take slightly longer to install compared to other updates. To ensure Service Pack 1 is installed without issue, customers should check for sufficient free disk space and that AC power is present on a laptop. If additional space needs to be created, we recommend using the Disk Cleanup tool to delete some files so that the service pack will install. If the service pack installation is interrupted, it will reattempt to install automatically after the next restart.”
What’s included in Windows 7 Service Pack 1 (SP1)
Windows 7 Service Pack 1 (SP1) is an important update that includes previously released security, performance, and stability updates for Windows 7. SP1 also includes new improvements to features and services in Windows 7, such as improved reliability when connecting to HDMI audio devices, printing using the XPS Viewer, and restoring previous folders in Windows Explorer after restarting.
Installing SP1 helps keep Windows 7 up to date.
The recommended (and easiest) way to get SP1 is to turn on automatic updating in Windows Update in Control Panel, and wait for Windows 7 to notify you that SP1 is ready to install. It takes about 30 minutes to install, and you’ll need to restart your computer about halfway through the installation.
To find out if Windows 7 SP1 is already installed on your computer:
Click the Start button, right-click Computer, and then click Properties. If Service Pack 1 is listed under Windows edition, SP1 is already installed on your computer.
Microsoft recommends that customers use Windows Update to install the service pack as it will provide the best experience but if you just can’t wait to get SP1, see this link on how to install Windows 7 Service Pack 1 (SP1) manually.
Internet Explorer 10 is not compatible with many online banking sites and a host of other websites not yet upgraded to render properly in this brand new browser release.
During the month of March, Microsoft will be making its Internet Explorer 10 browser available for Windows 7 and 8. This browser update will be automatically propagated and installed as part of the next Microsoft Windows update.
Preliminary testing has identified compatibility issues between the new Internet Explorer browser and many online banking sites.
Since many banking sites do not support Internet Explorer 10 at this time, we STRONGLY RECOMMEND THAT YOU DO NOT install the new browser on computers that access any cash management or banking sites.
If you insist on installing IE 10 or the Microsoft auto-update gets past you and find that you can’t remove it to roll back to IE9, there is a workaround.
To force a webpage you are viewing in Internet Explorer 10 into a particular document compatibility mode, first open F12 Tools by pressing the F12 key. Then, on the Browser Mode menu, click Internet Explorer 10, and on the Document Mode menu, click Standards.
This special mode will allow most incompatible sites to work for you. This is by no means guaranteed and your success with this workaround may be limited.
Information on using IE 10 in Compatibility Mode:
Additional info here:
Avoiding the constant barrage of email security threats has become a challenge for even the most savvy internet users. These emails may be used to install a Trojan program on a computer to collect data that will be used in Internet fraud, identity theft or allow a hacker to gain control of your computer.
Two of the threats currently circulating are:
UPS – sends you an email stating “Unfortunately, we failed to deliver the package you have sent on the 27th of February in time, because the recipient’s address is not correct. Please go to the nearest UPS office and show your shipping label to collect the package.” The email includes a submit button that, supposedly, will print a shipping label.
FedEx – someone masquerading as FedEx sends you an email stating that your parcel has arrived. Courier was unable to deliver the parcel to you at… To receive your parcel, please, print this receipt and go to the nearest office.
Both of these emails are bogus and with a little detective work you can identify the problems.
There are 3 very important and easy to distinguish warning signs with these types of emails:
1: The first warning sign is that the message is not written in clear English, contains improper punctuation and just doesn’t make sense.
2: The second warning sign is that the “senders” email address is obviously NOT a FedEx email address
3: And finally, if you hover your mouse cursor over the “Print Receipt” link you’ll see that it points to a website that has absolutely nothing to do with FedEx.
Many people are tricked into clicking the links because they may be waiting for a package delivery or have recently sent something to someone. That’s what the hackers are counting on when they send these types of emails.
Once you’ve clicked the link, the damage is done so be very vigilant in verifying every minute detail in these types of email scams. Also keep in mind that FedEx and UPS don’t usually email their customers about anything having to do with deliveries.
The BEST course of action is to immediately delete these emails without clicking any of the links. If you have reason to believe or “think” the email might be legitimate – simply pick up the phone and call the carrier involved.
With the Consumer Electronics Show (CES) all wrapped up for another year its time at look at another industry technology showcase – South By South West Interactive (SXSW for short) for future technologies.
One company that has caught my eye is offering a product that just might change the way you and I interact with our computers. Reminiscent of technology shown in the movie, The Minority Report, which allowed actors to control their computer with simple hand motions, LEAP MOTION, Inc. has developed a gadget that will allow you to do that yourself.
The possibilities are endless really. Art, Healthcare, Engineering, Gaming – pretty much any application can work with the technology and LEAP is shipping over 10,000 controllers to developers across the globe so they can develop apps for the LEAP apps store
You might expect this level of technology to set you back a pretty penny. You can pre-order your LEAP MOTION controller for only $69.99 – priced at less than a decent wireless keyboard and mouse combination. Just plug it into an open USB port, install the software, do a quick wave to calibrate and off you go.
Raise your hands and wave hello to the future. The controller senses your individual hand and finger movements so you can interact directly with your computer. The device gives you 8 cubic feet of intuitive, 3D interaction space. Tom Cruise has nothing on you! LEAP works with MAC’s and PC’s
According to LEAP they will be filling pre-orders of over 140,000 units. Looks like this technology might catch on.
Take a look at the video to see many ways to use this technology right out of the box.
Additional information from InfoWorld: