Category Archive: Uncategorized

Your Holiday Cybersecurity Guide

Many of us are visiting parents/relatives this Thanksgiving/Christmas, and will have an opportunity to help our them with cybersecurity issues. I thought I’d write up a quick guide of the most important things.

1. Stop them from reusing passwords

By far the biggest threat to average people is that they re-use the same password across many websites, so that when one website gets hacked, all their accounts get hacked.

To demonstrate the problem, go to haveibeenpwned.com and enter the email address of your relatives. This will show them a number of sites where their password has already been stolen, like LinkedIn, Adobe, etc. That should convince them of the severity of the problem.


They don’t need a separate password for every site. You don’t care about the majority of website whether you get hacked. Use a common password for all the meaningless sites. You only need unique passwords for important accounts, like email, Facebook, and Twitter.

Write down passwords and store them in a safe place. Sure, it’s a common joke that people in offices write passwords on Post-It notes stuck on their monitors or under their keyboards. This is a common security mistake, but that’s only because the office environment is widely accessible. Your home isn’t, and there’s plenty of places to store written passwords securely, such as in a home safe. Even if it’s just a desk drawer, such passwords are safe from hackers, because they aren’t on a computer.


Write them down, with pen and paper. Don’t put them in a MyPasswords.doc, because when a hacker breaks in, they’ll easily find that document and easily hack your accounts.


You might help them out with getting a password manager (lastpass), or two-factor authentication (2FA). Good 2FA like YubiKey will stop a lot of phishing threats. But this is difficult technology to learn, and of course, you’ll be on the hook for support issues, such as when they lose the device. Thus, while 2FA is best, I’m only recommending pen-and-paper to store passwords. (AccessNow has a
guide, though I think YubiKey/U2F keys for Facebook and GMail are the best).

2. Lock their phone (passcode, fingerprint, faceprint)

You’ll lose your phone at some point. It has the keys all all your accounts, like email and so on. With your email, phones thieves can then reset passwords on all your other accounts. Thus, it’s incredibly important to lock the phone.

Apple has made this especially easy with fingerprints (and now faceprints), so there’s little excuse not to lock the phone.

Note that Apple iPhones are the most secure. I give my mother my old iPhones so that they will have something secure.

My mom demonstrates a problem you’ll have with the older generation: she doesn’t reliably have her phone with her, and charged. She’s the opposite of my dad who religiously slaved to his phone. Even a small change to make her lock her phone means it’ll be even more likely she won’t have it with her when you need to call her.

3. WiFi (WPA)

Make sure their home WiFi is WPA encrypted. It probably already is, but it’s worthwhile checking.

The password should be written down on the same piece of paper as all the other passwords. This is importance. My parents just moved, Comcast installed a WiFi access point for them, and they promptly lost the piece of paper. When I wanted to debug some thing on their network today, they didn’t know the password, and couldn’t find the paper. Get that password written down in a place it won’t get lost!

Discourage them from extra security features like “SSID hiding” and/or “MAC address filtering”. They provide no security benefit, and actually make security worse. It means a phone has to advertise the SSID when away from home, and it makes MAC address randomization harder, both of which allows your privacy to be tracked.

If they have a really old home router, you should probably replace it, or at least update the firmware. A lot of old routers have hacks that allow hackers (like me masscaning the Internet) to easily break in.

4. Ad blockers or Brave

 

Most of the online tricks that will confuse your older parents will come via advertising, such as popups claiming “You are infected with a virus, click here to clean it”. Installing an ad blocker in the browser, such as uBlock Origin, stops most all this nonsense.


For example, here’s a screenshot of going to the “Speedtest” website to test the speed of my connection (I took this on the plane on the way home for Thanksgiving). Ignore the error (plane’s firewall Speedtest) — but instead look at the advertising banner across the top of the page insisting you need to download a browser extension. This is tricking you into installing malware — the ad appears as if it’s a message from Speedtest, it’s not. Speedtest is just selling advertising and has no clue what the banner says. This sort of thing needs to be blocked — it fools even the technologically competent.

uBlock Origin for Chrome is the one I use. Another option is to replace their browser with Brave, a browser that blocks ads, but at the same time, allows micropayments to support websites you want to support. I use Brave on my iPhone.

A side benefit of ad blockers or Brave is that web surfing becomes much faster, since you aren’t downloading all this advertising. The smallest NYtimes story is 15 megabytes in size due to all the advertisements, for example.

 

5. Cloud Backups

Do backups, in the cloud. It’s a good idea in general, especially with the threat of ransomware these days.

In particular, consider your photos. Over time, they will be lost, because people make no effort to keep track of them. All hard drives will eventually crash, deleting your photos. Sure, a few key ones are backed up on Facebook for life, but the rest aren’t.

There are so many excellent online backup services out there, like DropBox and Backblaze. Or, you can use the iCloud feature that Apple provides. My favorite is Microsoft’s: I already pay $99 a year for Office 365 subscription, and it comes with 1-terabyte of online storage.

6. Separate email accounts

You should have three email accounts: work, personal, and financial.

First, you really need to separate your work account from personal. The IT department is already getting misdirected emails with your spouse/lover that they don’t want to see. Any conflict with your work, such as getting fired, gives your private correspondence to their lawyers.

Second, you need a wholly separate account for financial stuff, like Amazon.com, your bank, PayPal, and so on. That prevents confusion with phishing attacks.

Consider this warning today:

image

If you had split accounts, you could safely ignore this. The USPS would only your financial email account, which gets no phishing attacks, because it’s not widely known. When your receive the phishing attack on your personal email, you ignore it, because you know the USPS doesn’t know your personal email account.

Phishing emails are so sophisticated that even experts can’t tell the difference. Splitting financial from personal emails makes it so you don’t have to tell the difference — anything financial sent to personal email can safely be ignored.

7. Deauth those apps!

Twitter user @tompcoleman comments that we also need deauth apps.

Social media sites like Facebook, Twitter, and Google encourage you to enable “apps” that work their platforms, often demanding privileges to generate messages on your behalf. The typical scenario is that you use them only once or twice and forget about them.

A lot of them are hostile. For example, my niece’s twitter account would occasional send out advertisements, and she didn’t know why. It’s because a long time ago, she enabled an app with the permission to send tweets for her. I had to sit down and get rid of most of her apps.

Now would be a good time to go through your relatives Facebook, Twitter, and Google/GMail and disable those apps. Don’t be a afraid to be ruthless — they probably weren’t using them anyway. Some will still be necessary. For example, Twitter for iPhone shows up in the list of Twitter apps. The URL for editing these apps for Twitter is https://twitter.com/settings/applications.

Google link is here (thanks @spextr). I don’t know of simple URLs for Facebook, but you should find it somewhere under privacy/security settings.

Update: Here’s a more complete guide for a even more social media services.
https://www.permissions.review/

8. Up-to-date software? maybe

I put this last because it can be so much work.
You should install the latest OS (Windows 10, macOS High Sierra), and also turn on automatic patching.


But remember it may not be worth the huge effort involved. I want my parents to be secure — but no so secure I have to deal with issues.

For example, when my parents updated their HP Print software, the icon on the desktop my mom usually uses to scan things in from the printer disappeared, and needed me to spend 15 minutes with her helping find the new way to access the software.

However, I did get my mom a new netbook to travel with instead of the old WinXP one. I want to get her a Chromebook, but she doesn’t want one.

For iOS, you can probably make sure their phones have the latest version without having these usability problems.

Conclusion

You can’t solve every problem for your relatives, but these are the more critical ones.

 

via:  erratasec


Save pagePDF pageEmail pagePrint page

Apple fixes bug in new version of Mac operating system within 24 hours

A day after a researcher discovered a huge login security flaw in the latest version of Apple’s macOS High Sierra operating system, the company said that it would review its software development process. On November 29, 2017, Apple said it released a patch to fix the password bug that would be automatically installed on the vulnerable machines. The bug reportedly enabled hackers to gain access to Apple computers without using a password.

The bug was discovered by a Turkish software developer, Lemi Orhan Ergin, who took to the micro-blogging site Twitter to report the issue. He tweeted “Dear @AppleSupport, we noticed a *HUGE* security issue at MacOS High Sierra. Anyone can login as “root” with empty password after clicking on login button several times. Are you aware of it @Apple?”

Ergin’s tweet went viral within no time and it got 12,744 retweets at the time of publishing this report. In an article on Medium.com, Ergin elaborated the story behind “anyone can login as root” tweet. He wrote “On Nov 23, the staff members informed Apple about it (bug issue). They also searched online and saw the issue mentioned in a few places already, even in Apple Developer Forum from Nov 13. It seemed like the issue had been revealed, but Apple had not noticed yet.”

With prompt action, Apple fixed the patch within 24 hours after security engineers learned of the bug issue on November 28, 2017, following Ergin’s tweet.

In a statement, the U.S. technology giant said, “We greatly regret this error and we apologize to all Mac users. Our customers deserve better. We are auditing our development processes to help prevent this from happening again. Security is a top priority for every Apple product, and regrettably we stumbled with this release of Mac OS”.

Immediately after the bug report was spread, the U.S. and German governments issued alerts advising Mac users to install the patch. In tech stocks, Apple stock was reported to be down to 2.6 percent at $168.55 on November 29, 2017.

Earlier this month, Apple was left red-faced when its newly launched iOs 11.1 and Safari were hacked several times by security researchers at a hacking competition called Pwn2Own in Tokyo.

 

via:  cisomag


Save pagePDF pageEmail pagePrint page

Coinbase Ordered to Hand Over Details of 14,355 Users to the IRS

A judge has ordered digital currency broker Coinbase to hand over the details of 14,355 users to the Internal Revenue Service (IRS).

Filed on 28 November with the U.S. District Court in the Northern District of California, the court order (PDF) demands that Coinbase provide information on 8.9 million transactions involving more than 14,000 of its users to the United States’ federal revenue service. The Summons applies to accounts that completed at least a single transaction involving at least $20,000 in Bitcoin between 2013 and 2015. It does not pertain to users who merely bought Bitcoin and did nothing with it or to those for whom Coinbase filed Forms 1099-K during the same period.

The information covered in the order includes account activity, periodic invoices, and key identifying information such as a wallet owner’s name, address, tax identification number, date of birth, and copies of their passport or driver’s license.

IRS filed the request to reconcile a tax disparity. Users are supposed to pay capital gains tax on cryptocurrency transactions, with such currency listed as property by the IRS. However, the IRS has documentation indicating that not everyone who engaged in a cryptocurrency transaction paid their dues.

The court order makes this legal purpose clear:

The Narrowed Summons serves the legitimate purpose of investigating the “reporting gap between the number of virtual currency users Coinbase claims to have had during the summons period” and “U.S. bitcoin users reporting gains or losses to the IRS during the summoned years.” (Dkt. No. 65 at 11:4-6.) Coinbase is the largest U.S. exchange of bitcoin into dollars with at least 5.9 customers served and 6 billion in transactions while only 800 to 900 taxpayers a year have electronically filed returns with a property description related to bitcoin from 2013 through 2015. This discrepancy creates an inference that more Coinbase users are trading bitcoin than reporting gains on their tax returns.

This decision is the latest development in a lawsuit filed by the IRS in November 2016. At the time, the federal revenue service demanded information on all U.S. Coinbase users. The digital broker sued and a judge agreed, which led the IRS to file this narrower summons. Coinbase sued once again, but this time, the courts ruled against its position.

At this time, it’s unclear how Coinbase will proceed with handing over the information.

News of this ruling follows several months after a U.S. District Court in the District of Connecticut ordered two Bitcoin mining companies to each pay a $10 million penalty for conducting a Ponzi scheme orchestrated by their principal.

 

via:  tripwire


Save pagePDF pageEmail pagePrint page

Time-Warners Turner opts for AWS as its preferred cloud provider

All of the hyper-scale cloud providers love to tout their new customer acquisitions: Google talking about Spotify; Microsoft signing up various Adobe services for Azure; or AWS working with the likes of GE. That’s a sign of how competitive this market is, despite AWS’s continuing market share leadership.

At its annual re:Invent conference in Las Vegas, Amazon’s cloud service today announced that Turner, Time-Warner’s entertainment, sports and news company, is making AWS its preferred cloud provider. Turner’s brands and partners include channels like TBS, TNT, Cartoon Network, CNN and Adult Swim.

Turner says that it is bringing “decades of content” to the AWS cloud, including CNN’s 15-petabyte video archive. The company is also moving thousands of virtual machines to AWS and expects to use a wide range of Amazon’s AI technologies to better analyze and extract video metadata to offer its viewers enhanced personalized experiences and, of course, to help its advertisers, content creators and analysts better understand viewing trends (the emphasis here is probably on the advertisers).

“We’re changing our broadcast technology stack to a fully digital, cloud environment built on AWS, which will enable us to adapt to new video delivery models, as well as provide our viewers with more personalized content and advertisement,” said Turner CTO Jeremy Legg in a canned statement. “Our relationship with AWS and the services they provide are essential to our success. Given that we reach over 80 percent of adults and 70 percent of millennials every month, we needed a cloud provider that has the ability to support massive-scale media businesses like ours which often have spikes in demand across our diverse portfolio.”

AWS stressed that Turner isn’t the first media company to make the move to its cloud. Others include the BBC, C-SPAN, Hulu, Netflix, PBS, GoPro, Lionsgate and Spotify (which still keeps a presence on the AWS platform).

 

via:  techcrunch


Save pagePDF pageEmail pagePrint page

Bitcoin price soars above $11,000 as central bankers seek to calm fears

Bank of England and Fed officials say cryptocurrency is too small to threaten world economy amid warnings of bubble.

Bitcoin topped $11,000 on Wednesday, less than 24 hours after hitting $10,000 for the first time, as central bankers on both sides of the Atlantic sought to ease fears that a potential bubble in the cryptocurrency was a threat to the global economy.

The digital currency continued on its record-breaking streak, rising to $11,150 just as analysts were digesting the news that it had made it through $10,000. However, it then fell back below $10,500, again highlighting its volatility.

Bitcoin has risen tenfold in value so far this year, the largest gain of all asset classes, prompting sceptics to declare it a classic speculative bubble that could burst, like the dotcom boom and the US sub-prime housing crash that triggered the global financial crisis.

“The madness of crowds is well documented, but it is quite something to behold in the flesh. It’s hard to keep up with this – bitcoin just flew past the $11,000 mark, leaping $200 in barely five minutes before taking another big leg higher,” said Neil Wilson, senior market analyst at ETX Capital.

“It’s up more than 14% today alone and the year-to-date chart is simply staggering. There are no fundamentals or technical that explain this other than it being a massive speculative bubble.”

The rapid growth in the value and popularity of the virtual currency, which emerged in the aftermath of the financial crisis and allows people to bypass banks and traditional payment methods to pay for goods and services, has forced central banks, financial regulators and institutions to consider how to respond.

Sir Jon Cunliffe, a deputy governor at the Bank of England with financial stability, said bitcoin was too small to pose a risk to the global economy.

He told BBC Radio 5 Live: “This is not a currency in the accepted sense. There’s no central bank that stands behind it. For me it’s much more like a commodity.

“This is not at a size where it’s a macroeconomic risk to the global economy, but when prices are moving like that, my view would be investors need to do their homework.”

Over in the US, William Dudley, the president and chief executive of the Federal Reserve Bank of New York, said bitcoin is “more of a speculative activity” than a currency.

“I would be pretty cautionary about it. I think that it’s not a stable store of value,” he said at an event in New Jersey. “I would be, at this point, pretty skeptical of bitcoin,” he added.

Dudley echoed Cunliffe’s point that the bitcoin is still relatively small. “Bitcoin is tiny relative to the amount of payment transactions that are executed in the United States.”

Commenting on the idea that the Fed could potentially offer it own digital currencies, he said: “I think at this point it’s really very premature to be talking about the Federal Reserve offering digital currencies, but it is something we are starting to think about.”

Banks and other financial institutions have been concerned about bitcoin’s early associations with money laundering and online crime, and it has not been adopted by any government.

The JP Morgan chief executive, Jamie Dimon, has described bitcoin as “worse than tulips”, in reference to a famous market bubble from the 1600s. Speaking in September, Dimon said the digital currency was a fraud that would ultimately blow up, adding it was only fit for use by drug dealers, murderers and people living in places such as North Korea.

However, according to reports last week, JP Morgan is considering whether to help its own clients bet on the price of bitcoin through proposed futures contracts to be offered by CME Group. The bank would collect fees for providing such a service.

Dennis de Jong, the managing director at the online currency broker UFX, said the value of the cryptocurrency was likely to rise further.

“Until bitcoin becomes a commonly used payment source, it’s very possible that it could hit $15,000 and beyond based on its current desirability,” he said. “If bitcoin falls into wider circulation, and becomes accepted into more conventional funds and exchanges, we are likely to see a normalization of its value.”

 

FYI—the price does fall and at the moment :

 

image

 

 

via:  theguardian


Save pagePDF pageEmail pagePrint page

McAfee acquires cloud security startup Skyhigh Networks, last valued at $400M

After spinning out as a standalone security business from Intel earlier this year, McAfee has made its first acquisition. The company has acquired Skyhigh Networks, a specialist in cloud security, the companies announced today.

The financial terms of the deal have not been disclosed, but here are a few data points: Skyhigh had raised over $106 million in funding, according to Crunchbase, most recently a Series D round a year ago, with its investors including Sequoia, Greylock and Salesforce. PitchBook, meanwhile, puts its most recent funding round at $400 million, one marker for the potential value of this deal.

The deal is a sign of the ongoing trend for consolidation in the security industry, where smaller players are coming together under larger businesses to provide more security services under one roof. This makes sense on a couple of levels.

For one, the issue of cybersecurity has become one of the most persistent in the market today, with malicious hacking a nightmare not just for businesses but individuals as more and more of our personal and not-so-personal information becoming digitized and moving to the cloud, putting it in the reach of both criminals and destructive pranksters.

In the case of Skyhigh, McAfee — whose legacy business is in endpoint security — is specifically acquiring the company for that cloud expertise. Skyhigh CEO Rajiv Gupta will head McAfee’s cloud business unit.

The other is the nature of how security services is evolving: we’re seeing a big shift to the use of data analytics and machine learning and other kinds of AI to be able to identify, track and stop cybercrime. Bringing together different services that can use and improve the bigger data pool makes all of those services stronger, potentially.

“Skyhigh Networks had the foresight five years ago to realize that cybersecurity for cloud environments could not be an impediment to, or afterthought of, cloud adoption,” Chris Young, CEO of McAfee, said in a statement. “They pioneered an entirely new product category called cloud access security broker (CASB) that analysts describe as one of the fastest growing areas of information security investments of the last five years – where Skyhigh continues to innovate and lead. Skyhigh’s leadership in cloud security, combined with McAfee’s security portfolio strength, will set the company apart in helping organizations operate freely and securely to reach their full potential.”

It’s not clear if Skyhigh was profitable, and where it stood on its funding, but this will be coupled with more investment into its business by McAfee, which was valued at $4.2 billion at the time of its spinout from Intel in April.

“Becoming part of McAfee is the ideal next step in realizing Skyhigh Networks’ vision of not simply making the cloud secure, but making it the most secure environment for business,” Gupta said in a statement. “McAfee will provide global scale to further accelerate Skyhigh’s growth, with the combined company providing leading technologies and solutions across cloud and endpoint security – categories Skyhigh and McAfee respectively helped create, and the two architectural control points for enterprise security.”

Skyhigh Networks already has produces in the areas of SaaS, PaaS and IaaS and a range of cloud-based security services around policy control both for apps in the cloud and on premises. We should expect to see more of that now being marketed to McAfee’s current roster of customers.

The deal is expected to close pending regulatory approvals and other closing conditions.

 

via:  techcrunch


Save pagePDF pageEmail pagePrint page

Amazon German, Italian workers protest on Black Friday, dubbed ‘Strike Friday’

Amazon has been one of the strongest driving forces behind the surge of e-commerce holiday sales around Thanksgiving, Black Friday, and the rest of the days leading to the end of the new year. Now, some of its workers in Europe have picked one of the biggest shopping days of the year to protest the company’s practices, dubbing the day “Strike Friday” instead.

Workers at Amazon facilities across Italy and Germany are striking outside Amazon’s warehouses to speak out against a wide range of company practices that they say “endanger the health of its employees,” covering such areas as leadership culture and performance controls.

Germany is Amazon’s second-biggest market globally after the U.S., and the strikes there took place in six major depots in Bad Hersfeld, Leipzig, Rheinberg, Werne, Graben and Koblenz, according to Verdi, a trade union in Germany. (And they actually first started earlier this week, and may go on through the weekend.) In Italy, workers associated with three different unions — CGIL, CISL, and UIL — have been striking in what appears to be only one location, in Piacenza.

In Germany, the Verdi union wants Amazon to adopt a new framework for “Gute und gesunde Arbeit” (‘good and healthy work’), potentially with some pressure from regulatory bodies behind it.

“Amazon permanently endangers the health of its employees with its way of working. High pressure to create more and more in less time, permanent performance controls and monitoring, a poor leadership culture and inadequate recovery times are health hazards in the Amazon labor process,” Stefanie Nutzberger, Verdi a board member, said in a statement(originally in German). “A special collective agreement can guarantee healthy and good working conditions. We should create the necessary regulations so that employees are no longer exposed to the arbitrariness of an employer who also conducts its business at the expense of their health.”

The complaints in Italy echoed this idea, too,

“Work is not a commodity,” said Annamaria Furlan, the secretary general of CISL in Italy (originally in Italian). “The dignity of workers must not be trampled on. Amazon needs to open a dialogue with unions over industrial relations, employment stability and better salaries.”

 

View image on TwitterView image on TwitterView image on TwitterView image on Twitter

image

Amazon tells TechCrunch that not all employees were striking today. “The vast majority of our employees in Italy and Germany came to work and remained focused on delivering the best customer experience. We are proud of our record of job creation and are confident we will deliver for our customers this holiday season,” a spokesperson said. “Amazon is a good employer. We are committed to ensuring a fair cooperation with all our employees, granting valuable working conditions and a caring and inclusive environment in all our workplaces.”

We’ve asked if Amazon is negotiating at all with the unions over their requests, and while not answering the question directly, this is what they told us:

“Everywhere we operate we offer our Fulfillment Center employees’ competitive salaries and very attractive benefits including an innovative program called Career Choice that provides employees funding for adult education, offering to pre-pay 95% of tuition and associated fees for nationally recognized courses,” the spokesperson said. “To make sure we remain competitive, we review compensation information and benefits that are offered for similar jobs in the local areas annually and make adjustments as appropriate.”

The protests come at a key time for Amazon in the region. On one hand, the company continues to be a juggernaut not only in the world of e-commerce and cloud services, but new developments in AI and voice interfaces — specifically around Amazon’s popular Echo hub and its Alexa interface — are laying the groundwork for Amazon to play an even bigger role in our digital lives.

On the other hand, the company has long been scrutinised for how it handles its taxes, and in some countries the impact that it is having on local and smaller businesses. In the former case, it appears that Europe and individual countries are now starting to take action.

The latter idea of Amazon affecting small and local businesses is less of a call to action these days than it was some years ago, although when and if tides turn and we see more protests against the company’s other practices, this could become an issue again.

Amazon has been lauded for its immense and efficient logistics operation, but protests like these point to how it’s not always smooth sailing, and that Amazon’s gains come at a labor price (for now, at least).

Germany last year generated over $14.2 billion in sales for Amazon, a distant second to the U.S. and its $90.3 billion of revenue, but still enough to make the it second-largest market in the world. Italy appears to be the fourth-largest market for Amazon in Europe, after Germany, the UK and France. Amazon last year earmarked an extra $550 million of investment into the country to build out its business, expand data centers and tap into an economy that is relatively underdevelopment in terms of Internet speed and online spend compared to other parts of Europe.

 

via:   techcrunch


Save pagePDF pageEmail pagePrint page

Snips lets you build your own voice assistant to embed into your devices

French startup Snips is now helping you build a custom voice assistant for your device. Snips doesn’t use Amazon’s Alexa Voice Service or Google Assistant SDK — the company is building its own voice assistant so that you can embed it on your devices. And the best part is that it doesn’t send anything to the cloud as it works offline.

If you want to understand how a voice assistant works, you can split it into multiple parts. First, it starts with a wakeword. Snips has a handful of wakewords by default, such as “Hey Snips,” but you can also pay the company to create your own wakeword.

For instance, if you’re building a multimedia robot called Keecker, you can create a custom “Hey Keecker” hot word. Snips then uses deep learning to accurately detect when someone is trying to talk to your voice assistant.

The second part is automatic speech recognition. A voice assistant transcribes your voice into a text query. Popular home assistants usually send a small audio file with your voice and use servers to transcribe your query.

Snips can transcribe your voice into text on the device itself. It works on anything that is more powerful than a Raspberry Pi. For now, Snips is limited to English and French. You’ll have to use a third-party automatic speech recognition API for other languages.

Then, Snips needs to understand your query. The company has developed natural language capabilities. But there are hundreds, or even thousands of different ways to ask a simple question about the weather for instance.

That’s why Snips is launching a data generation service today. I saw a demo yesterday, and the interface looks like Automator on macOS or Workflow on iOS. You define some variables, such as “date” and “location”, you define if they are mandatory for the query and you enter a few examples.

But instead of manually entering hundreds of variations of the same query, you can pay $100 to $800 to let Snips do the work for you. The startup manually checks your request then posts it on Amazon Mechanical Turk and other crowdsourcing marketplaces. Finally, Snips cleans up your data set and sends it back to you.

You can either download it and reuse it in another chatbot or voice assistant, or you can use it with Snips’ own voice assistant. You can also make your capability public. Other Snips users can add this capability to their own assistant by browsing a repository of pre-trained capabilities.

imageimage 

 

 

image

A Snips voice assistant typically requires hundreds of megabytes but is quite easy to update. After installing the Snips app on your device, you just need to replace a zip library file to add new capabilities.

You also need to implement the actual actions. Snips only translates what someone is saying into a parsable query. For instance, Snips can understand that “could you please turn on the bedroom light?” means “light + bedroom + on.” A developer still needs to implement the action based on those three parameters.

Developers are already playing with Snips to test its capabilities. But the company hopes that big device manufacturers are going to embed Snips into their future products. Eventually, you could think about a coffee maker with a Snips voice assistant.

Compared to Amazon’s or Google’s wide-ranging assistants, Snips thinks that you don’t need to embed a complete voice assistant into all your devices. You only want to tell your Roomba to start vacuuming — no need to let you start a Spotify playlist from your vacuum cleaner.

This approach presents a few advantages when it comes to privacy and network effects. Big tech companies are creating ecosystem of internet-of-things devices. People are buying lightbulbs, security cameras and door locks that work with the Amazon Echo for instance.

But if you can talk to the devices themselves, you don’t need to hook up your devices with a central home speaker — the central hub disappears. If voice assistants are more than a fad, Snips is building some promising technology. And Snips could get some licensing revenue for each device that comes with its voice assistant.

 

via:  techcrunch


Save pagePDF pageEmail pagePrint page

New York attorney general slams the FCC for ignoring net neutrality comments investigation

If the FCC’s refusal to acknowledge the vast public outcry against its plan to gut net neutrality isn’t enough of an outrage, its total disinterest in investigating how that same comment system may have been gamed by fake users posing as real Americans adds a bit more insult to injury.

Suspicions arose earlier this year that a person or an organization of some kind was manipulating the FCC feedback system, flooding it with canned anti-net neutrality comments. While form letters around activist causes like this are nothing new, many of those comments were linked to real names, addresses and zip codes of people who denied having ever left feedback on the FCC website. In an open letter on Tuesday, New York Attorney General Eric Schneiderman wrote that his office pursued an investigation of the incident, but that the FCC basically ignored all of its requests for cooperation.

In a Medium post, Schneiderman writes:

“Successfully investigating this sort of illegal conduct requires the participation of the agency whose system was attacked. So in June 2017, we contacted the FCC to request certain records related to its public comment system that were necessary to investigate which bad actor or actors were behind the misconduct. We made our request for logs and other records at least 9 times over 5 months: in June, July, August, September, October (three times), and November.

We reached out for assistance to multiple top FCC officials, including you, three successive acting FCC General Counsels, and the FCC’s Inspector General. We offered to keep the requested records confidential, as we had done when my office and the FCC shared information and documents as part of past investigative work.

Yet we have received no substantive response to our investigative requests. None.”

Likening the manipulation of real names and addresses to more traditional forms of identity theft, Schneiderman expresses concerns about how the fake comments could have warped the FCC’s assessment of public sentiment on net neutrality.

“In an era where foreign governments have indisputably tried to use the internet and social media to influence our elections, federal and state governments should be working together to ensure that malevolent actors cannot subvert our administrative agencies’ decision-making processes,” Schneiderman said.

Earlier this year, at least two journalists filed lawsuits against the FCC for its failure to comply with Freedom of Information Act requests on the same topic, one of which sought information about the FCC’s claims that a DDoS attack took its commenting system offline. While the fate of net neutrality may be something of a foregone conclusion at this point, the agency’s brazen lack of transparency around its commenting system shows just how little regard Ajit Pai’s FCC has for the concerns of the American people.

 

via: techcrunch


Save pagePDF pageEmail pagePrint page

Macy’s credit card processors stop working on Black Friday

Customers have been waiting in lines across the United States to buy discounted items, only to find out that the machines won’t take credit cards or gift cards. Some Bloomingdale’s stores, which are owned by Macy’s, may have also been impacted.

Update: The company says it has resolved the issue and has provided the following statement.

“We have fully resolved today’s system issues. We highly value our customers and sincerely apologize for any inconvenience today’s system slowdown may have caused during their shopping experience. The delays we experienced this afternoon were due to a capacity-related issue that caused some transactions to take longer to process. We do not anticipate any additional delays.”

Black Friday, the day after Thanksgiving, has become a shopping holiday, with retailers offering heavily discounted items. Macy’s even kicks off the occasion with its big annual Thanksgiving parade in New York, which is televised throughout the country.

The company also experienced an outage on its website during Black Friday 2016. Holiday sales play a significant role in the company’s quarterly earnings and Macy’s disappointed Wall Street last season.

Its stock is trading at less than half of what it was a year ago and about one-third of what it was three years ago. The company presently has a market cap of $6.4 billion.

Last year, Terry Lundgren, who was Macy’s CEO at the time, said in an interview with Fortune that the company started opening its stores earlier on Thanksgiving Day because of industry pressure. “If you’re not open and your competitors are, there’s going to be a number of customers who simply will go shop elsewhere,” he told Fortune. “You’ll never recover that sale.”

Lundgren is now executive chairman.  Jeff Gennette took on the role of CEO in March, after being promoted from president.

Gennette told CNBC earlier Friday that Black Friday was off to a stronger start than last year.He said that the company had fewer discounts this year, which would lead to better profit margins.

According to the National Retail Federation, 164 million Americans planned to shop during Thanksgiving weekend.

 

via:  techcrunch


Save pagePDF pageEmail pagePrint page