Privacy apps to help fight back against companies that track you

Adverts that pursue us around the web are a familiar experience, but they’re just the most obvious manifestation of an intricate tracking network that follows our every move online. Now, researchers are building tools to help us understand not just who is tracking us, but how they are doing it, what they know, and how we can take back control.

Giving users control over their data can be tricky, since companies have built profitable businesses around “black box” algorithms that gather, crunch and share that data. At the Data Transparency Lab Conference at MIT in Cambridge, Massachusetts, last week, researchers gathered to discuss new ways to poke holes in those boxes and show people what’s inside.

It’s an uphill battle. Surveys show that ordinary users have no idea about what happens to our data online. A team led by Blase Ur at Carnegie Mellon University in Pittsburgh, Pennsylvania, is helping to fill that knowledge gap.

They’re developing a browser extension that keeps an eye on every third party that tries to grab your data. Every time you go to a site, the extension takes a note of which advertisers are there, looking at what you’re looking at. It builds up a picture of what it thinks those companies have deduced about you: perhaps that you’re a fan of ice hockey, or where you go at weekends.

Ur is planning tests to see if the extension improves user awareness or changes their behaviour. “We just want to provide transparency and see what impact that has,” he says.

Web browsing isn’t the only way we’re tracked – social networks and smartphones are increasingly important. A system called the Facebook Data Valuation Tool, built by a team at Carlos III University of Madrid in Spain, tries to calculate the monetary value in real time of the data users generate while they’re browsing.

A project named ReCon, led by David Choffnes at Northeastern University in Boston, tracks how our smartphone apps connect to the internet, watching to see what information they are gathering. An experiment examining the top 100 most popular iOS, Android, and Windows apps detected information such as user location and contacts sent out in plain text, often from apps that had no need for that data.

“Users aren’t aware of just how much they’re being tracked,” says Choffnes. In early run-throughs with ReCon, even he was surprised to see certain apps broadcasting personal characteristics about him that they’d inferred, like his gender, location and date of birth.

“Advertisers are clearly inferring and learning a lot about us as individuals; properties that may or may not make users feel uncomfortable. I at least want users to be able to look at that data and make their own decision about if it seems reasonable or not,” Choffnes says.

His group is now working on a feature that will automatically notify users when it detects suspicious activity, giving them a chance to halt the traffic in its tracks if they want to.

Behavioural biometrics – the future of security

The jury is out on whether the humble alphanumeric password is dead, but the popularity of ‘123456’, ‘password’ and ‘qwerty’ doesn’t exactly breed confidence. Cue biometrics, in the form of a fingerprint sensor on an iPhone to power Apple Pay. But such ‘static’ biometrics is last year’s tech…

Typing recognition

What is static biometrics?

It’s all fingers, faces, eyes and even ears, with the theory going that while a credit card number, a password or a PIN number can be stolen, something unique to your body cannot.

Nobody is going to steal your face (although it does change over time, reducing accuracy), but like all static biometrics, there are serious shortcomings. For starters, fingerprint sensors and face recognition tech only tends to be on high-end smartphones, such as the latest iPhone and Samsung Galaxy S devices. Such phones are popular in certain markets, but they’re certainly not ubiquitous, and the biometric systems themselves use proprietary technology that limits their use.

Static biometrics relies too much on hardware for mass adoption

Static biometrics relies too much on hardware for mass adoption

As well as requiring significant hardware, static – also known as physical – biometrics don’t offer ongoing security. You face or finger might get you into your phone to do a spot of internet banking, but is it still you using the handset five minutes later? The banks need constant reassurance of your identification, which is why they’re turning to a new technology that monitors the way you use your phone, whatever the model. This is behavioural biometrics, and it’s devastatingly simple.

What is behavioural biometrics?

The search is on to find a uniquely identifying characteristic not of what you are, but of what you do. An example is gait – analyse someone’s walking style and you can easily determine their identity. However, that’s not going to work on a smartphone. The next example is rather ironic; a person’s signature – once the only security layer in banking – can be analysed since exact handwriting style is unique to everyone. It’s possible that devices could soon analyse the speed, style and exact position on the screen of how you sign your name, probably using a stylus.

Your analysed behaviour could soon become a security key

Your analysed behaviour could soon become a security key

However, it’s the recognition and analysis of something all of us do all the time on our smart devices that is quickly gaining traction as a new way of establishing identity. Some banks are turning to typing recognition on smartphones as an extra layer of security against fraud, and Google is showing an interest, too.

Courtesy: Techradar

Internet of Things: Life Simplified with Connected Devices!

A vision of how life is enhanced and simplified by connecting our possessions to the Cloud. The Connected Devices Laboratory at Brigham Young University is bringing this vision to reality.

Source: Yotube, Brigham Young University

How secure is Internet of Things ?

Poorly secured webcams and other Internet-connected devices are already being used as tools for cyberattacks. Can we prevent this from becoming a catastrophic problem?

As growing mass of poorly secured devices on the Internet of things represents a serious risk to life and property, and the government must intervene to mitigate it. That’s essentially the message that prominent computer security experts recently delivered to Congress.

The huge denial-of-service attack in October that crippled the Internet infrastructure provider Dyn and knocked out much of the Web for users in the eastern United States was “benign,” Bruce Schneier, a renowned security scholar and lecturer on public policy at Harvard, said during a hearing last month held by the House Energy and Commerce Committee. No one died. But he said the attack—which relied on a botnet made of hacked webcams, camcorders, baby monitors, and other devices—illustrated the “catastrophic risks” posed by the proliferation of insecure things on the Internet.

For example, Schneier and other experts testified that the same poor security exists in computers making their way into hospitals, including those used to manage elevators and ventilation systems. It’s not hard to imagine a fatal disaster, which makes it imperative that the government step in to fix this “market failure,” he said.

The problems with IoT devices are worsening because manufacturers lack incentives to prioritize security. Even if consumers wanted to assess the relative security of Internet-connected thermostats and other devices, there are no established ratings or other measures.

Read the full article here

A Secure Model of IoT with Blockchain

As the Internet of Things (IoT) adds more and more devices to the digital fold every day, organizations of all sizes are recognizing the IoT’s potential to improve business processes and, ultimately, accelerate growth.

Meanwhile, the number and variety of IoT solutions has expanded exponentially, creating real challenges. Chief among them: the urgent need for a secure IoT model for performing common tasks such as sensing, processing, storing information, and communicating. But developing such a model involves overcoming numerous hurdles.

Of course, there are multiple ways of looking at the IoT. For instance, the system view divides the IoT into blocks, such as connected things, gateways, network services, and cloud services, while the business view consists of platform, connectivity, business model, and applications. But one common thread connects all these views: security is paramount.

A prime illustration of security’s importance is the major distributed denial of service (DDoS) attack in October 2016. This massive assault affected millions of Internet addresses and temporarily crippled the servers of popular services such as Twitter, Netflix, and PayPal. One source of traffic for the attack: the countless IoT devices that had been infected and hijacked by Mirai, a simple malware program readily available online, and used against the servers.

The Blockchain Model

Blockchain’s big advantage is that it’s public. Everyone participating can see the blocks and the transactions stored in them. However, that doesn’t mean everyone can see the actual content of a transaction; that information is protected by a private key.

A blockchain is decentralized, so no single authority can approve transactions or set specific rules to have transactions accepted. As a result, the model involves a great deal of trust, as all the participants in the network must reach a consensus to accept transactions.

Most important of all, it’s secure. The database can only be extended; previous records cannot be changed—or, at least, there’s a very high cost if someone wants to alter previous records.

Read the full article here

3D Printing and the Future of Prosthetics

In Paraguay, there are a large number of upper limb amputations due to bad working conditions and motorcycle accidents. Many people are also in the low income category, and they cannot afford the prosthesis. With advanced manufacturing, particularly with the use of 3D printing, a company is able to create sophisticated prosthetics at a low cost.

The company, called PO, has combined 3D printing with a control mechanism to make an arm that can perform specific actions. They teamed up with a company called Myo incorporating their armband that controls the mechanical aspect of the hand. Their armband monitors bioelectric muscle signals and interacts with the prosthetic, allowing a user to grip items and gesture as if the arm was part of their body.

For more information read

The automated home is a mess?

That’s the bad news. The good news: it’s getting better, fast.

Automated home

We’ve been promised the smart home for decades and always been disappointed, but we’re told that this time is different.

The smart home – a home where even the humblest appliance, plug socket or light bulb is connected to everything else and controllable through apps – is absolute, positively, definitely ready for prime time.

But is it? This year’s CES may have been packed with smart home devices, but behind the home hub hype, there’s a mess of incompatible standards, security worries and the odd manufacturer behaving badly.

Why standards matter

Let’s start with the language these machines speak. Standards are those languages: gadgets can only communicate with each other if they understand what you’re saying. In smart homes, those languages are standards such as Apple’s HomeKit, Google’s Weave and Samsung’s SmartThings, and unfortunately, those standards aren’t compatible with one another.

Let’s say you’ve got an iPhone and you want to control your smart home with Siri. None of the major smart thermostats currently on sale in the UK – Heat Genius, Hive, Honeywell Eco home, Nest, To and Heat Miser – are compatible with Apple’s HomeKit, so Siri can’t control them.

Belkin WeMo smart switches aren’t HomeKit-compatible either, and neither is the first generation of Philips’ Hue smart lighting system (the second generation, launched in late 2015, does have HomeKit).

It’s a similar story with other standards. Google’s Nest thermostat runs a version of its Weave software, although Nest Weave isn’t the same as the Google Weave that’s been published for others – so future Weave products may not work with Nest, even though they apparently share the same language.



The automated home is a mess | TechRadar

Amazon’s Echo requires Amazon-specific apps. And there are tons of smart home products from other manufacturers who use their own proprietary technologies and software too.

Kevin Meagher is vice president of business development for ROC-Connect, which works with some of the world’s largest telecommunication firms, device manufacturers, utility firms and retailers to create smart home products and services. “I think the problem is not technology, but business models,” he told techradar.

“Many businesses don’t want compatibility; they want to sell as many of their own proprietary branded products and services as possible… it is simpler to deploy point to point – single device, single app – in this early market.”

That’s where the incompatibilities come from. Remember the early days of the internet, when the likes of AOL, CompuServe and The Microsoft Network offered competing walled gardens that didn’t want you to go anywhere else?

The smart home has its own walled gardens, and like the internet ones they’ll have to go. As Meagher says, “the market has already started to recognise that consumers will not want to stand on the doorstep opening the door with one app, controlling the heating with another and so on.”

Getting smarter

In addition to multiple standards, there are multiple ways for devices to connect to one another. Wi-Fi is currently ubiquitous, but it’s too complex and power-hungry for smaller devices.

To date smaller smart home devices have used low power mesh networking based on a different wireless standard, 802.15.4.


The big names here are ZigBee (which powers the likes of Hue) and ZWave (which is used by firms such as ADT). ZWave is proprietary – to use it, devices need to include Sigma’s radio chips – but ZigBee is more open and more flexible.

ZigBee became even more attractive this year, when at CES 2016 the ZigBee Alliance announced a partnership with Thread. Thread aims to create a standard protocol – like the internet’s TCP/IP – for smart home devices, and its members include Google, ARM, Samsung and Qualcomm. Thread, like ZigBee, is based on 802.15.4.

The thread is all about the connection; the software sits on top of it and could be Google’s Weave, ZigBee’s software or anybody else’s. It’s like web browsers: whether you use Chrome or Firefox, you’re talking TCP/IP.

Google’s backing gives Thread a lot of weight – with Android on phones, the Brillo operating system on simpler devices, Thread communications and Weave tying everything together, it’s a compelling system for device manufacturers – but there’s another standard emerging, called HaLow.

That’s the Wi-Fi Alliance’s name for the 802.11ah standard, which uses lower frequencies than traditional Wi-Fi for longer range and lower power consumption.

Remember when Bluetooth LE sparked a boom in connected devices for smartphones? The Wi-Fi Alliance is hoping that HaLow is the milkshake that brings all the boys to the yard, where the boys are smart devices and the yard is your router.

Meagher explains that manufacturers are working on what he calls “curated technologies”, where the smart home systems use whatever technology they like best but plug into the key ecosystems such as Weave or HomeKit.




“The good news for consumers is that if they buy into any of the ecosystems using curated technology, the devices are usually compatible across all platforms so the only expense to move between service providers might be a new hub,” he says.

That hub might be a brand new router – routers that offer Thread or HaLow support alongside the normal Wi-Fi channels are on the horizon – or it might be a dongle that plugs into an older router to enable specific smart home technologies.

Hub-aaagh hub-aaagh

Updating your smart home with a new hub sounds like a great idea, and it’s how Philips brought HomeKit compatibility to its ZigBee-based Hue lights: the new hub made your existing bulbs HomeKit compatible.

Unfortunately, the upgrade also showed the dark side of smart home systems when a firmware update removed compatibility for cheaper third party bulbs. Philips said it was due to security and performance concerns, but the internet thought something more sinister was going on.

For Meagher, shutting out other products is a move that can only hurt. “The more difficult they make it for customers to scale Philips products and force them to interoperate with other platforms, the less they will ultimately sell. Like a lot of manufacturers, they need to decide whether they are a service provider or a device supplier.




Philips has since promised to reverse the update, and its “Friends of Hue” programme will certify non-Philips bulbs as safe to use with Hue systems. Google has a similar programme, Works With Nest, which turned the closed Nest system into a home automation hub for third-party devices.

One of our own concerns is of backing the wrong horse by choosing the wrong platform – which could be an expensive mistake. Meagher recommends “those with the most labels” detailing the smart home standards they support; ultimately, “devices with open APIs using the mainstream technologies will win the day.”

Samsung agrees: speaking at the Samsung European Forum, Rory O’Neill said that he wanted to see the industry “breaking down any barriers to entry and keeping things simple… we have to use common standards so things will work together.”

We’re some way from smart home systems where we can control absolutely everything with a single word to Siri, Cortana, Alexa or Google Now, and the likelihood of a single home automation standard rising to encompass everything seems rather unlikely.

However, manufacturers are increasingly aware that compatibility matters, and there’s every chance that devices will emerge that support Apple’s HomeKit, Google’s Weave and the wider Thread simultaneously.

Courtesy: techradar

Visible Light Communications

What is Visible Light Communication?

There is now a lot of talk about Visible Light Communication (VLC) and indeed this blog site is dedicated to the topic, but what is VLC?

On this site when we talk about VLC we tend to be referring to an illumination source (e.g. a light bulb) which in addition to illumination can send information using the same light signal. So in our terms:

VLC = Illumination + Communication

Imagine a flash light which you might use to send a morse code signal. When operated manually this is sending data using the light signal, but because it is flashing off and on it cannot be considered to be a useful illumination source, so it is not really VLC by our definition. Now imagine that the flash light is switched on and off extremely quickly via a computer, then we cannot see the data and the flash light appears to emitting a constant light, so now we have illumination and communication and this does fits our definition of VLC. Of course we would need a receiver capable of receiving the information but that is not too difficult to achieve.

Visible Light Communication

In literal terms any form of information that can be sent using a light signal that is visible to humans could be considered to be VLC, but by our definition we should be able to see the light, but cannot “see” the data. So although there seems to be no universally agreed definition of VLC is, we can at least agree what we mean by VLC.

The opportunity to send data usefully in this manner has largely arisen because of the widespread use of LED light bulbs. LEDs are semiconductor devices similar to silicon chips. Consequently we can switch these bulbs at very high speeds that were not possible with older light bulb technologies such as fluorescent and incandescent lamps. The rapid adoption of LED light bulbs has created a massive opportunity for VLC. The problem of congestion of the radio spectrum utilised by Wi-Fi and cellular radio systems is also helping to create the market for VLC.

There are other terms used in the VLC space which are quite widely used but have slightly different meaning to VLC. Three terms closely associated with VLC are:

Free space optical (FSO) communication is similar to VLC but is not constrained to visible light, so ultraviolet (UV) and infrared (IR) also fall into the FSO category. Additionally, there is no illumination requirement for FSO and so this tends to be used in narrow beams of focussed light for applications such as communication links between buildings. FSO often uses laser diodes rather than LEDs for the transmission.

Li-Fi is a term often used to describe high speed VLC in application scenarios where Wi-Fi might also be used. The term Li-Fi is similar to Wi-Fi with the exception that light rather than radio is used for transmission.  Li-Fi might be considered as complementary to Wi-Fi. If a user device is placed within a Li-Fi hot spot (i.e. under a Li-Fi light bulb), it might be handed over from the Wi-Fi system to the Li-Fi system and there could be a boost in performance.

Optical Wireless communication (OWC) is a general term which  refers to all types of optical communications where cables (optical fibres) are not used. VLC, FSO, Li-Fi and infra-red remote controls are all examples of OWC.


The real value of bitcoin and crypto currency technology