post

Bitcoin: Is It Time To Get In?

bitcoin

Is it time to buy in to the cryptocurrency bitcoin? Is now the time when you should expend time, energy and effort to become a “bitcoin miner“, get a bitcoin wallet, or is bitcoin risk still too high?

At one point in late 2010 I read this article in Slashdot about bitcoin and started poking around to learn more about it. As I thought about this new digital currency in downtime during the holidays that year, I strongly considered getting in to bitcoin mining and was even online looking at hardware to buy.

My enthusiasm was muted, however, since all of us were just coming off the global economic crisis of 2007-2008. After having struggled to keep our business afloat, slashing costs and personnel, and getting into lines of business solely to generate cash—my trust level in entering in to the fray surrounding an unregulated, digital currency with a bunch of unknowns was pretty dang low.

It is also likely I probably would have not made much—or had seen my bitcoins stored, and then lost, at Mt. Gox—but even a few dozen bitcoins mined in early 2011 (when each one was worth US$1.00) means selling them at today’s value of $684 each would have yielded a nice little gross of nearly US$25,000.

Sounds like a lot of money, right? Not so fast there cowboys and cowgirls. The bitcoin space is still the wild, wild west and a tenderfoot often got shot or died of thirst crossing the desert. [Read more…]

post

The Internet Revealed in 1993

stewart-cheifet-on-set

Stewart Cheifet and guest on the set of Computer Chronicles

Stewart Cheifet‘s show Computer Chronicles was one that chronicled the evolution of personal computing, digital devices as well as enabling technologies like this networking technology we know as “The Internet.” His Computer Chronicles YouTube channel is an archive of shows that reported on some of the most important developments in all of those areas, especially this particular show which covered this nascent networking technology we now cannot live without.

Fun Factoid
For those of you in Minnesota, at 9:37 you will see a brief demonstration of Gopher, a protocol developed and released in 1991 by a Mark P. McCahill-led team at the University of Minnesota. Since universities were heavy pre-commercial-and-world_wide_web-internet users, they needed something to make it easier to find stuff. Gopher was “...designed for distributing, searching, and retrieving documents over the Internet. The Gopher protocol was strongly oriented towards a menu-document design and presented an alternative to the World Wide Web in its early stages, but ultimately HTTP became the dominant protocol. The Gopher ecosystem is often regarded as the effective predecessor of the World Wide Web.” (my emphasis).

 

post

Is Congress Really Gearing Up for an Encryption Battle?

bitsAfter the attacks in New York on September 11, 2001, Congress passed the poorly thought-out Patriot Act. Friday’s Paris attacks seem to be (once again) providing Congress with another excuse to try and legislate making United States encryption weak and putting another obstacle in the way of U.S. technology companies selling overseas.

That’s right….weak. Virtually every single cryptography expert on the planet knows that a force-mandated “backdoor” in software or devices will not work and will make the systems vulnerable to attack by black-hat hackers or state-run military cyberattacks.

Today’s Wall Street Journal had this front-page article, “Paris Attacks Fuel Debate Over Spying – Growing belief that terrorists behind assaults used encrypted communications prompts re-examination of U.S. policy on surveillance.” A few things from the article leapt out at me:

“A growing belief among intelligence officials that the terrorists behind Friday’s Paris attacks used encrypted communications is prompting a far-ranging re-examination of U.S. policy on data collection and surveillance.”  

No kidding. Anyone on this planet with intermediate technical skills can encrypt their communications.

Senator Richard Burr

Senator Richard Burr

Sen. Richard Burr (R., N.C.), chairman of the Senate Intelligence Committee, said Tuesday his panel will launch a review of encryption use. “It is likely that end-to-end encryption was used to communicate in Belgium and France and Syria,” Mr. Burr said. He said encryption was likely because no direct communication among the terrorists was detected.”

Really Senator? Maybe they met in person?

But this is the part of the article that made me choke on my breakfast muffin:  [Read more…]

post

Olga Wants Me!

Left: The photo that 'Olga' sent me. Right: Likely the 'real' Olga

Left: The photo that ‘Olga’ sent me. Right: Likely the ‘real’ Olga

The increasing sophistication of spammers constantly amazes me. This one, however, was the best yet. Not that I’d get sucked in to this phishing attempt, but the text was good enough that it got through to my ‘real’ email…and not just in to my spam folder.

Helo Steve,

My name is Olga. I am a 22 year old college student living by Moscow. I go to Bauman University (Moscow State University of Technology) and will be cumming to Minesota for a visit next month.

I have seen you on the internet and would very much like to meet you in person. Please email me or click this link: http://link-redacted.ru

Sweetly, Olga

Of course I didn’t click the link (and you NEVER should either*), but even as I write this I’m sort of stunned it arrived intact. Just goes to show you how careful we have to be when this crap is sent our way.

*What should you do? Hover over the link and look in the bottom of your browser window. You will see the REAL address they’re sending you to. The text for a hyperlink can be anything (e.g., Bank of America) but go to any URL. Don’t click on it…just delete the email.

post

NSA: Why are you not focused on protecting the nation?

nsa-logoReading the German publication Der Spiegel’s article called Prying Eyes: Inside the NSA’s War on Internet Security this weekend, like them I was struck by something that has been on my mind for over ten years. Why does the U.S. intelligence services, and specifically the National Security Agency (NSA), do more to protect the nation?

What came out in the Edward Snowden revelations was that the NSA is, without question or doubt, working feverishly to crack all encryption and are also working hard to build a quantum computer that will crack the little unbreakable encryption we still enjoy today.

Any of us in information technology, web or mobile app creation, and any sort of data security at all, know that if something has been cracked—regardless if it’s some kid in Norway or a state-based intelligence service—it is only a matter of time before the blackhat hackers discover it and exploit the crack.

[Read more…]

post

Takei Tours YouTube Space LA

George Takei’s YouTube show, Takei’s Take, tours YouTube Space LA (there are also London, Tokyo and New York locations currently). If you haven’t yet heard about this space, and what they’re trying to accomplish, this is a perfect overview in 4 minutes (and always enjoyable due to George’s take on things and his delightfully positive attitude and outlook)!

post

You're in Danger on Public Wifi!

wifi-publicIllustration by Kristina Collantes

If you ever connect to a public Wifi hotspot, you owe it to yourself to spend 4-5 minutes and read this article by Maurits Martijn called, “Maybe It’s Better If You Don’t Read This Story on Public WiFiWe took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.”

I want to make thousands of copies of that article and give them to every single person I see in every public Wifi location everywhere!

Let me say it as emphatically as I can if you’ve read this far: You are an idiot if you connect to any public Wifi without running a virtual private network (VPN) connection (like the one I use, Private Internet Access for $39.99/year for 5 devices). If you don’t it’s not “if” you will get hacked, but rather “when” it will happen to you.

To show you how pervasive and simple it is to hack your laptop, smartphone or tablet when you connect willy-nilly to some public Wifi hotspot, let me give you a glimpse at what I can only describes as a…

HACKER’S DREAM MACHINE
The Wifi Pineapple, a $99.99 black box

The Wifi Pineapple, a $99.99 black box
which makes it trivial for a hacker to steal you!

Because I’ve technically known the risks for nearly ten years, I’ve been paranoid about public Wifi locations since 2005 and wrote about being “naked in a coffee shop” here, here and here. But to show you how brain-dead-simple it has become to BE a hacker, wait until you read about a black box called the Wifi Pineapple you can buy, for $99.99, which lets anyone who has one:

  • Run a man-in-the-middle attack, essentially spoofing a public Wifi connection and even impersonating the actual, real network connection (whether open or secured). How many times have you connected to Wifi that said “Coffee Shop Guest” or “Free Public Wifi”? Sometimes they’re real, mostly they are not. You can almost never be certain.
  • The attacker can monitor all network traffic flowing between an Internet gateway and the connected clients (like your laptop, smartphone or tablet!) as well as manipulate this data in transit such as through captive portals, DNS spoofing, IP redirection and even the substitution of executables in transit (so that file you’re downloading might be coming off of the attacker’s laptop!).

There’s alot more you can do with this device and Hak5, the group that makes it, is certainly gleeful about all the rogue crap it can do:

“…the WiFi Pineapple is more than a platform – it’s a community for creativity. Rickrolling clients, powering off WiFi drones mid-flight, tracking commercial airliners and logging WiFi connections are only some of the creative things being done within the WiFi Pineapple community.”

On the Hak5 forums they even have a section entitled, “WiFi Pineapple University” to help users teach users about this ‘fun’ little box.

The good news? If you run a VPN and inadvertently connect to “Coffee Shop Guest” and it’s actually a spoofed connection through one of these black boxes, the hacker would only see encrypted traffic! Everyone else’s internet traffic—Facebook login, bank password, credit card data—would mostly be going in the clear. (Note: I know that an actual SSL connection would encrypt traffic in the browser, and so do most smartphone and tablet apps, but more sophisticated hackers can even spoof SSL connections so that your browser thinks it is securely connecting…but it is not).

I must admit that, even though I’m more appalled by the activities of our government and mass surveillance of U.S. citizens in what I believe is a direct violation of our Constitution, boxes like this one target individuals with a lot to lose. It’s not right and not fair and I hope I never catch someone using one in a public place or…

post

Privacy Does Matter

Glenn Greenwald was one of the first reporters to see — and write about — the Edward Snowden files, with their revelations about the United States’ extensive surveillance of private citizens. In this searing talk, Greenwald makes the case for why you need to care about privacy, even if you’re “not doing anything you need to hide.”

post

NSA Files Decoded

guardian-nsa-files-decodedThe Edward Snowden revelations about the U.S. National Security Agency (NSA) and its vacuum surveillance, sadly seems to be fading from the public consciousness. Undoubtedly this is viewed as a positive by the intelligence community since they are continuing to accelerate their programs now seemingly unabated.

Awareness is one reason I was pleased to see this article that The Guardian wins an Emmy for coverage of NSA revelations. Their multimedia piece NSA Files Decoded is one of the best, most comprehensive and informative (dare I say “entertaining?”) pieces I’ve seen yet. Congratulations to The Guardian team!

If you care at all about the world our children and grandchildren will inherit, then you owe it to yourself to watch the videos or read articles at NSA Files Decoded. You might also consider paying attention to a relatively new website, The Intercept, so that you can stay aware, stay informed, and not be one of those who are naive about the unprecedented and growing power of the intelligence community and its surveillance of all U.S. citizens.

post

Frontline's United States of Secrets

frontline-ussecrets

Last night was part two of the PBS Frontline program called United States of Secrets. It was one of the best, most thorough overviews of what is going on with the NSA’s vacuum surveillance that I’ve ever seen.

You owe it to yourself, and the future of our children, to be aware of what’s going on.

NSA Finally In The Light

nsa-logoI’ve been deeply concerned about the massive, sweeping surveillance going on for over TEN YEARS! Whenever I bring up this topic (and online security in general) too many of my family and friends just shrug and say, “Oh well.” Frankly, I just don’t understand why most people don’t seem all that concerned about our fundamental erosion of liberty caused by the NSA’s mass surveillance.

Thankfully the Edward Snowden whistleblowing finally shined a light on what I intrinsically knew was going on shortly after 9/11 (see Snowden’s revelations and the overall controversy at The Guardian’s NSA Files website section). Yes, I feel vindicated for my paranoia but that attestation is not something I longed for…instead I hoped the government’s drive to classify their constitutional violations and illegal activities as “keeping America safe from terrorism” would stop.

Unfortunately that whistleblowing has made it increasingly hard for companies who sell their technology outside of the United States. For example, the NSA was inserting hardware in Cisco routers which caused CEO John Chambers to write a letter to President Obama asking for it to cease…now.

We’ve only seen the beginning of the backlash and erosion of our competitiveness around the world since no one trusts us anymore.  [Read more…]