The kickstarted Pebble smartwatch is now a division of Fitbit, so they may "reduce functionality" on all the watches they ever sold

pebble_watch_trio_group_04

If you're one of the 60% of Pebble employees who didn't get a job offer from Fitbit, the company's new owner, you're probably not having a great Christmas season -- but that trepedation is shared by 100% of Pebble customers, who've just learned (via the fine print on an update on the Pebble Kickstarter page) that the company may soon "reduce functionality" on their watches. Read the rest

Iphones secretly send your call history to Apple's cloud, even after you tell them not to

050-056c026d-1c66-4d42-9fae-a8

Apple has acknowledged that its Icloud service is a weak link in its security model, because by design Apple can gain access to encrypted data stored in its customers' accounts, which means that the company can be hacked, coerced or tricked into revealing otherwise secure customer data to law enforcement, spies and criminals. Read the rest

Kickstarting a tool to block robocalls and tie up scammers

jrtlogo-1440x221

Roger Anderson, a telephony expert, developed the Jolly Roger Telephone Company to block and madden robocallers. Read the rest

Vtech breach dumps 4.8m families' information, toy security is to blame

image_thumb11

Vtech is a ubiquitous Hong Kong-based electronic toy company whose kiddy tablets and other devices are designed to work with its cloud service, which requires parents to set up accounts for their kids. 4.8 million of those accounts just breached, leaking a huge amount of potentially compromising information, from kids' birthdays and home addresses to parents passwords and password hints. Read the rest

Incredibly strange and sublime cloud portal with a rainbow inside

1lN62mo

big_mac_heart_attack posted this gorgeous example of a "fallstreak hole" with a rainbow in a cloud formation over eastern Victoria, Australia. They are rare enough that some people think they are evidence of UFOs. Unfortunately, that isn't usually the case. From Weather Underground:

Fallstreak holes form in these high to mid-level (cirrocumulus or altocumulus) clouds which are comprised of tiny water droplets that are below the freezing temperature but have not yet frozen (called supercooled water droplets). Airplanes passing through the cloud help the supercooled water droplets freeze. Air expands and cools as it passes over the wings and the propellor blades, decreasing the ambient temperature just enough to allow the droplets to freeze. The ice crystals grow and start to fall, while causing the water droplets around the ice crystals to evaporate. This leaves a large hole in the cloud with brush-like streaks of ice falling below it.
Read the rest

LED cloud lights

The battery-powered LED cloud is handmade in Australia and projects a moon and stars on the ceiling above. Read the rest

FBI investigating Denver cops who erased citizen video of beatdown

Denver police were videoed savagely beating David Flores and his pregnant girlfriend by Levi Frasier, who had his tablet confiscated and the video deleted after one of the cops shouted "camera" -- but the video had already backed up to the cloud. Read the rest

Snowden: Dropbox is an NSA surveillance target, use Spideroak instead

A remarkable moment from last night's remarkable Snowden video from the Guardian. Read the rest

Copyfraud, uncertainty and doubt: the vanishing online public domain

In Enclosing the public domain: The restriction of public domain books in a digital environment, a paper in First Monday, researchers from the Victoria University of Wellington document the widespread proactice of putting restrictions on scanned copies of public domain books online. Read the rest

Bittorrent Sync seeks alpha testers

Bittorrent Sync is a Dropbox-like service through which the bittorrent protocol is used to synchronize all your devices. I recently used it to receive a large file from a friend in Los Angeles, and I was amazed and delighted by the speed an ease with which it came down. Bittorrent is calling for alpha testers to help it refine the product for its official launch.

Correction: An earlier version of this story got it wrong. I misremembered how the Bittorrent Sync product worked and erroneously believed that it used a cloud of bittorrent users to cooperatively share synch duties for one another.

It's exciting to see a more decentralized, redundant approach to cloud computing. Of all the resources we use with our computers, bandwidth is the scarcest and most fraught (since it's controlled by evil phone companies and mined by lawless spies). Storage, meanwhile, is fantastically abundant -- hard drives get so much cheaper so much faster that it's sometimes mindboggling. Many of us have storage to spare, and swapping that for cloud-based storage for backup, sharing and collaboration makes good sense.

The Bittorrent Sync architecture is reminiscent of the Freenet Project, a classic censorship-resistant file-sharing technology. I'm really looking forward to seeing what they come up with. Read the rest

US businesses stand to lose up to $35B as a result of PRISM

How Much Will PRISM Cost the U.S. Cloud Computing Industry? [PDF], a report from the Information Technology and Innovation Foundation -- a highly regarded DC think-tank -- estimates that the US cloud computing companies will lose $22-$35 billion as a result of customers' nervousness about PRISM and other spying programs. The US had been leading the world in cloud computing, but analysts are seeing a rush to European cloud providers that are (presumably) out of reach on the NSA and in jurisdictions with tighter rules on government spying. Read the rest

Ardent Industries to build raining voxel cloud on a forklift

Ardent Industries, the crazy people behind such large art installations as Dance Dance Immolation and SYZYGRYD, are building a giant 3D Mario cloud stuck to the top of a forklift so they can rain on people's parades. Their Kickstarter is fully funded and they're starting production and getting their forklift licenses! Rad!

Ardent Mobile Cloud Platform on Kickstarter Read the rest

Schools and the cloud: will schools allow students to be profiled and advertised to in the course of their school-day?

Kate sez, "Technology companies are moving rapidly to get tools like email and document creation services into schools. This link to a recent survey of schools in the UK shows that use of such technology is expected to bring significant educational and social benefits. However, it also reveals that schools have deep concerns that providers of these services will mine student emails, documents or web browsing behaviour to build profiles for commercial purposes, such as serving advertisements. When data mining is done for profit, the relationship between the data miner and the consumer is simply a market transaction. As long as both parties are free to choose whether and when they wish to engage in such transactions, there is no reason to forbid them or place undue obstacles in their path. However, when children are using certain services at school and can neither consent to, control or even properly understand the data mining that is taking place, a clear line against such practices must be drawn, particularly when their data will be used by businesses to make a profit."

UK School Opinions of Cloud Services and Student Privacy [PDF]

(Thanks, Kate!) Read the rest

Debunking the NYT feature on the wastefulness of data-centers

This weekend's NYT carried an alarming feature article on the gross wastefulness of the data-centers that host the world's racks of server hardware. James Glanz's feature, The Cloud Factory, painted a picture of grotesque waste and depraved indifference to the monetary and environmental costs of the "cloud," and suggested that the "dirty secret" was that there were better ways of doing things that the industry was indifferent to.

In a long rebuttal, Diego Doval, a computer scientist who previously served as CTO for Ning, Inc, takes apart the claims made in the Times piece, showing that they were unsubstantiated, out-of-date, unscientific, misleading, and pretty much wrong from top to bottom.

First off, an “average,” as any statistician will tell you, is a fairly meaningless number if you don’t include other values of the population (starting with the standard deviation). Not to mention that this kind of “explosive” claim should be backed up with a description of how the study was made. The only thing mentioned about the methodology is that they “sampled about 20,000 servers in about 70 large data centers spanning the commercial gamut: drug companies, military contractors, banks, media companies and government agencies.” Here’s the thing: Google alone has more than a million servers. Facebook, too, probably. Amazon, as well. They all do wildly different things with their servers, so extrapolating from “drug companies, military contractors, banks, media companies, and government agencies” to Google, or Facebook, or Amazon, is just not possible on the basis of just 20,000 servers on 70 data centers.

Read the rest

Dropbox: "We wuz hacked"

A couple weeks ago, a few hundred Dropbox users noticed they were receiving loads of spam about online casinos and gambling websites, at email addresses those users had set up only for Dropbox-related actions. The online file storage service now admits that hackers snagged usernames and passwords from third party sites, and used this data to break into those Dropbox users' accounts. Dara Kerr, reporting for CNET:

"Our investigation found that usernames and passwords recently stolen from other websites were used to sign in to a small number of Dropbox accounts. We've contacted these users and have helped them protect their accounts," the company wrote in a blog post today. "A stolen password was also used to access an employee Dropbox account containing a project document with user email addresses. We believe this improper access is what led to the spam."

Over at Ars Technica, Jon Brodkin has more. Evidently, the illicit access happened because a Dropbox employee’s account was hacked.

Read the rest

Attorney General set to destroy tens of millions of users' legitimate MegaUpload files

An attorney for MegaUpload -- which was shut down by the US government earlier this month, and whose assets have been frozen, following copyright complaints from the entertainment industry -- says that the US Attorney General is planning to destroy all its user data within a week. With its assets frozen, MegaUpload can no longer pay to host its data with its service provider, and so the AG will cooperate with the erasure of tens of millions of users' personal files -- backups, family photos, personal videos, financial records, and even movies and music in production by independent artists who used MegaUpload as a file-locker while their produced their work. TorrentFreak characterizes this as the destruction of evidence, and I think that's right.

Rothken explains that MegaUpload is determined to protect the interests of its users, but that its hands are tied without help from the authorities. The looming data loss is linked to unpaid bills at Cogent Communications and Carpathia Hosting where MegaUpload leased some of its servers.

“We of course would like to think the United States and Megaupload would both be united in trying to avoid such a consumer protection calamity whereby innocent consumers could permanently lose access to everything from word processing files to family photos and many other things that could never practically be considered infringing,” the lawyer told TorrentFreak.

“Megaupload’s assets were frozen by the United States. Mega needs funds unfrozen to pay for bandwidth, hosting, and systems administration in order to allow consumers to get access to their data stored in the Mega cloud and to back up the same for safekeeping.”

MegaUpload has contacted the US Attorney’s office with a request to unfreeze assets including money and domains so users can get access to their personal data.

Read the rest

Dropbox CTO on their security policy

Arash Ferdowsi, CTO of Dropbox, wrote to me to clarify Dropbox's present and historical privacy policy:
first, I'd like to clarify what our intent was in how we represented privacy in our TOS. in our help article we stated "Dropbox employees aren't able to access user files" we didn't intend to mislead anybody with this statement - we prevent this via access controls on our backend as well as strict policy prohibitions. we don't feel this statement implies anything about who holds the encryption keys or what mechanisms prevent access to the data.

that said, it's become very clear to us that the statement wasn't explicit enough about what the barriers to access are. consequently, we've updated our help article and security overview to be explicit about this.

secondly, I'd like to clarify that we've never stated we don't have access to encryption keys. we've made quite a few posts in our public forums over the years about this very fact and we are quite open with our community: 1, 2, 3.

Dropbox's new security policy implies that they lied about privacy from the start Read the rest

More posts