post

Chrome & Firefox Users Are Leaking Their IP Address…Even While Using a VPN

conf-com-usrThe only way you can guarantee your privacy while using a computer or mobile device, is to just disconnect them from the network. Or become a security expert. But if you must be online and want (or need) to be as secure as possible, you won’t want to use Google’s Chrome or Mozilla’s Firefox browsers until you make some changes since your IP address can be easily discovered.

You may know about (and already use, as I do) AdBlockPlus or Ghostery. These browser add-ons are used to block advertisements and also let you control who can track you by blocking services and advertisers from doing so.

So imagine how stunned I was to learn that the very cool and new WebRTC technology (for using video, audio and screensharing right inside your web browser) can leak your internet (IP) address.

Advertisers, and tracking services, love to set tracking cookies that map to your IP address. Then they can follow you around as you use that browser to surf the internet. Intelligence agencies love to discover the IP address of someone since they then can go right to the spot from where they’re connecting.

This flaw in WebRTC is especially troublesome since it would compromise someone whistleblowing, in a country with an oppressive regime in power, businesses communicating online with WebRTC, or anyone legitimately wanting their online activities to be private…especially when they believe they are safe while using a VPN.

Using Chrome or Firefox? Click here to check and see if you are vulnerable.

That IP address leakage is bad enough, but what is worse is that your IP address leaking is NOT able to be detected by any current plugins (e.g., Ghostery) or even the developer tools in Google’s Chrome or the Mozilla Firefox browsers (the primary ones that support WebRTC currently).

ThreatPost has this excellent article on this leak problem:

A recently publicized hole in WebRTC, a protocol for web communication, is revealing the local IP addresses of users, even those who go to extra lengths to hide theirs by using a virtual private network.

Daniel Roesler, a San Francisco-based researcher who’s dabbled in encryption, posted a demonstration on GitHub last week to illustrate how the vulnerability works.

Roesler’s proof-of-concept shows how websites make requests to STUN servers. STUN – or Session Traversal Utilities for NAT, servers – send a ping back that contains the IP address and port of the client–from the server’s perspective. The local and public IP addresses of the user can be gleaned from these requests via JavaScript.

So basically an advertiser, tracking service or intelligence agency can easily setup a STUN server and all requests to a page on that server—with special javascript code loading in a Chrome or Firefox browser—would reveal the IP address of the visitor and allow that page to set a tracking cookie.

Of course, you shouldn’t be doing anything online—even if using a VPN—that’s illegal like pirating movies or music, or buying stuff from a drug ecommerce site like Silk Road. But be especially careful if you are in a country, or situation, that means your life might be in danger if you are caught communicating using something like WebRTC.

How to Disable WebRTC

In Firefox:

  • To disable WebRTC, go to about:config and click-to-toggle media.peerconnection.enabled to false.
  • Or install this Firefox add-on

In Chrome:

  • Bad news? You CAN’T turn off WebRTC on desktop version of Google Chrome.
  • Good news? Install this Chrome Extension: WebRTC Leak Prevent
post

John Oliver on Surveillance

Love how he can wrap very serious content with enough funny stuff to keep us paying attention…and understanding what’s coming is exactly what we all need to do (and yes, that includes you):

post

Would Steve Jobs have thought STEM dangerous?

stem-sj-fzIf you care about American education, our kids and our future, you should take a few minutes to read one of the best defenses of a liberal education I’ve read in a long while.

The article by Fareed Zakaria in his Washington Post column, Why America’s obsession with STEM education is dangerous, argues that a liberal arts education

Mr. Zakaria starts of with an understanding that most of us agree that the current state of education in the United States is flawed. That education is a critical precursor driving our ability to compete in the world, and that America’s seeming defocus on science, technology, engineering and math (STEM) is at the root of our nation’s perceived competitive decline in the world.

What does this have to do with Steve Jobs?

[Read more…]

post

NSA: Why are you not focused on protecting the nation?

nsa-logoReading the German publication Der Spiegel’s article called Prying Eyes: Inside the NSA’s War on Internet Security this weekend, like them I was struck by something that has been on my mind for over ten years. Why does the U.S. intelligence services, and specifically the National Security Agency (NSA), do more to protect the nation?

What came out in the Edward Snowden revelations was that the NSA is, without question or doubt, working feverishly to crack all encryption and are also working hard to build a quantum computer that will crack the little unbreakable encryption we still enjoy today.

Any of us in information technology, web or mobile app creation, and any sort of data security at all, know that if something has been cracked—regardless if it’s some kid in Norway or a state-based intelligence service—it is only a matter of time before the blackhat hackers discover it and exploit the crack.

[Read more…]

post

Housing America’s Older Adults

seniorsYep. I’m getting older, but so are you. Since some of my work is with non-profits focused on seniors and aging, I re-read a study from the Joint Center for Housing Studies at Harvard University called Housing America’s Older Adults you might be interested in the huge number of 50+’ers there will be in just over 15 years:

America’s older population is in the midst of unprecedented growth. With the aging of the large baby-boom generation and increased longevity, the 50-and over population is projected to increase about 20 percent by 2030, to 132 million. In just 15 years, one in five people will be at least aged 65.

Wow. At least I’ll have some company! Take a peek at the Harvard Symposium AGING + PLACE at YouTube or look at the infographic below for some fun factoids…

[Read more…]

post

Climate Change & Big Cars

Often I wonder if the vast majority of people are just stupid. Or to be a bit kinder, perhaps they’re illiterate or they get their strategic decision-making “data” from watching the climate deniers on Fox News since that’s the only channel available to them.

But when I saw this in today’s Minneapolis StarTribune I shook my head in disgust and sadness that confirmed my worst fears about my fellow human beings:

climate-change_big_cars

Loudest climate warning issued,” was replaced last evening online by a much clearer one: UN climate panel says emissions need to drop to zero this century to keep warming in check. It states that, “Climate change is happening, it’s almost entirely man’s fault and limiting its impacts may require reducing greenhouse gas emissions to zero this century, the U.N.’s panel on climate science said Sunday.” That means NO greenhouse gases. You know…like the ONES PRODUCED BY BURNING FOSSIL FUELS IN BIG CARS!

From the report:

“Emissions have risen so fast in recent years that the world has used up two-thirds of its carbon budget, the maximum amount of CO2 that can be emitted to have a likely chance of avoiding 2 degrees of warming.”

Two degrees of warming would devastate the world’s coastlines…you know, like Florida’s (more on that in a moment).

So then I was taken aback when I saw this article on the front page of the StarTribune’s Business section that said, “Small-vehicle sales seen slumping as low fuel prices benefit SUVs. Larger SUVs are looking good to buyers as gas hovers near $3 a gallon in much of the nation.

What?

BUYING BIGGER CARS

Some quotes from that second article that illustrates why I said all that stuff about people in my opening paragraph:

The price of gas per gallon is drastically low — I’m really celebrating and enjoying that at the moment,” said Andrea Turner, a Tennessee mother who last week bought a 2014 Buick Encore sport-utility vehicle. The Encore has extra space to fit her 5-foot-11 frame and 10-year-old son’s soccer gear.

You just feel so much better when you look at the pump, and you’re pleasantly surprised,” said Jeff Schuster, an analyst for LMC Automotive in Troy, Mich., who sees a direct link between gasoline prices and small-car sales. “You say, ‘Maybe I’ll splurge on something and treat myself.’ ”

Right now, gas mileage is not that much of an issue for consumer choice,” said Greg Williams, new-car sales manager at Holman Honda of Fort Lauderdale, Fla.

It’s not gas mileage…it’s the carbon going in to the atmosphere dummy. Hope Greg Williams has plans to get out of Florida since this is what the National Geographic climate change map shows for Florida when all Arctic and Antarctic ice melts (the absolute worst-case scenario, I should add):

Florida completely submerged if/when all ice melts in the Arctic and Antarctica

Florida completely submerged when all ice melts in the Arctic and Antarctica

 

post

Privacy Does Matter

Glenn Greenwald was one of the first reporters to see — and write about — the Edward Snowden files, with their revelations about the United States’ extensive surveillance of private citizens. In this searing talk, Greenwald makes the case for why you need to care about privacy, even if you’re “not doing anything you need to hide.”

post

NSA Files Decoded

guardian-nsa-files-decodedThe Edward Snowden revelations about the U.S. National Security Agency (NSA) and its vacuum surveillance, sadly seems to be fading from the public consciousness. Undoubtedly this is viewed as a positive by the intelligence community since they are continuing to accelerate their programs now seemingly unabated.

Awareness is one reason I was pleased to see this article that The Guardian wins an Emmy for coverage of NSA revelations. Their multimedia piece NSA Files Decoded is one of the best, most comprehensive and informative (dare I say “entertaining?”) pieces I’ve seen yet. Congratulations to The Guardian team!

If you care at all about the world our children and grandchildren will inherit, then you owe it to yourself to watch the videos or read articles at NSA Files Decoded. You might also consider paying attention to a relatively new website, The Intercept, so that you can stay aware, stay informed, and not be one of those who are naive about the unprecedented and growing power of the intelligence community and its surveillance of all U.S. citizens.

post

Are We Living in a Bizarro Universe?

Bizarro: art from the cover of Superman #202 (Dec. 1967). Art by Curt Swan & George Klein.

Superman’s alternate universe doppelganger ‘Bizarro’: art from the cover of Superman #202 (Dec. 1967). Art by Curt Swan & George Klein.

Unless my family and I are living in an alternate Bizarro universe, it’s pretty clear that we all will soon be paying a lot more for our internet broadband connections and our internet choices will be throttled.

I say that because of the net neutrality battle going on right now, one the internet service providers (ISPs), and especially the cable providers who also provide television, think this is one they cannot afford to lose.

None of the ISPs want Netflix, Apple’s AppleTV, Google’s $35 Chromecast, or a service like Aereo to either continue to succeed or be in a good or better position to do so.  Unless, of course, the ISPs are allowed to make the internet a toll road where only those who pay can get through or go fast.

If the cable companies and other ISPs “win” the net neutrality battle, our TV streaming options will collapse, we will all pay more for our internet connections, all while having to continue to pay “bundled” prices for cable TV channels we never watch.  [Read more…]

post

Become a Free Agent Now

If you haven’t recognized that work is quickly shifting toward free agency and away from longer term employment, you really must understand what is happening to the nature of work if you hope to perform it and make any money going forward. Depending upon whom you read, the last several decades have seen an accelerating shift to an information, knowledge or creative age. However you choose to term it, they all mean the same thing: humans are moving toward ever-higher value work and away from more rote, assembly, industrial or lower value effort.

The difference now is that the internet and our tools (e.g., mobile devices, Wifi, collaborative web and app tools, etc.) has made it easier than ever before for us to work when, where and for whom we want.

The concept of free agency came from professional sports (via Wikipedia): In professional sports, a free agent is a player who is eligible to sign with any club or franchise, i.e. not under contract to any specific team. The term is also used in reference to a player who is under contract at present, but who is allowed to solicit contract offers from other teams. In some circumstances, the free agent’s options are limited by league rules.

free-agent-nationThat free agency concept was built upon by the author Daniel Pink (a guy whose books I embrace) but with a twist: sports free agency means a player can consider offers from other teams while the business concept means that one is essentially doing work for multiple companies, organizations or individuals.

The term free agent for business is believed to have been coined by Pink, author of a 1997 cover story in Fast Company titled “Free Agent Nation” and his subsequent book by the same name. From a Wikipedia article on business free agencyIn business, a free agent refers to someone who works independently for oneself, rather than for a single employer.These include self-employed workers, freelancers, independent contractors and temporary workers, who altogether represent about 44 percent of the U.S. labor force.

Besides the internet, there are other influences catalyzing the shift to a new, free agency age. For instance, the Affordable Care Act (i.e., “Obamacare”) is being looked at by many in the venture capital community and elsewhere as potentially one of the biggest catalysts to entrepreneurship ever (see Obamacare & the Coming Entrepreneurship Boom and Affordable Care Act Could Be Good for Entrepreneurship). The latter article points to this report (PDF) that says the number of self-employed people is expected to rise by 1.5 million as a direct result of the health care overhaul. Good news to anyone who is still stunned by the lack of hiring going on in the U.S. even today.

You might already be participating right now as a free agent. Many of my colleagues and peers are and they vary in age from 28 to 64. You may also be thinking right now, “OK Borsch…I get it that work is transforming and that I should be doing something about it. But what exactly?

Thought you’d never ask.  [Read more…]