Tag Archives: Lifestyle

AVG

Will humans soon be banned from driving?

Leave a comment

A driverless car recently made the journey from the Golden Gate Bridge in California and drove cross-country to New York City. The voyage was the longest autonomous drive attempt in the U.S., and has put driverless vehicles in the news again.

The successful journey brought to mind a recent prediction from Elon Musk, the founder of electric car manufacturer Tesla:

“[Legislators] may outlaw driving cars because it’s too dangerous… You can’t have a person driving a two-ton death machine”.

While at first this might seem radical, I feel it’s a potentially realistic image of the future.

With Tesla, Google, Apple, and most major automakers working on self-driving cars, it’s a safe bet they will be commonplace in the next decade.

For his part, Musk drew a relationship with elevators: When elevators first came about, each had an elevator operator.  But as people became more used to the technology, and elevators became more safe and efficient, the operators went away.

Certainly, there is a lot to consider with the day of the self-driving cars coming. At the Nvidia conference, which debuted the firm’s computer platform for driverless cars, security issues with autonomous cars were also highlighted.

As Musk noted, there are some basic security concerns to deal with to make sure that people won’t be able to hack into vehicles.

“We’ve put a lot of effort into that, and we’ve had third parties try to hack it,” Musk said. He also said the threat of hackers taking over cars becomes more significant if the steering wheel and brake pedal disappear. Until then, he says drivers can override any potential problems.

As we’ve reported previously, car hacking is already happening today with automated, smart devices including car locks. Imagine when the entire car is vulnerable?

According to a recent congressional inquiry by Senator Ed Markey, there is a widespread absence of security and privacy protection being taken into consideration as automakers race to embrace the technology without considering the implications.

Clearly, the automotive and cybersecurity industries need to monitor autonomous technology very carefully, and adapt where needed.

Put simply, cars are another piece…a big piece… of the entire landscape of the Internet of Things, and if we are going to leave the driving to technology, we must make sure that it’s safe and secure.

AVG

VIDEO: Gary Kovacs’ Keynote Address at MWC 2015

Leave a comment

In the keynote, Kovacs outlined AVG’s mission to create a safer Internet for everyone.

In our modern connected world, the lives of consumers are more exposed now than ever before in history. A wide range of our actions online are monitored, tracked and scrutinized, not always towards benevolent ends.

AVG recently conducted a round of research with MEF which shows that more and more people are demanding trust, and it is becoming a real factor in decision making around technology.

To end, Kovacs issued a call to arms to challenge the existing model and create what he calls a Trust Revolution.

AVG

Online Tax Identity Fraud on the rise

Leave a comment

I recently called my friend Mary to wish her a happy 83rd birthday. She was having a fine day, but had just received a disturbing phone message from the IRS requesting that she call back urgently to settle a tax debt, and that she could use her credit card to do so.

Thankfully, Mary was too smart to trust a blind call from a purported IRS representative – because the call was a one of the “imposter” tax fraud scams making the rounds. In this case, a con artist impersonates a government official and tries to bilk trusting taxpayers for un-owed back taxes. (This type of scam also happened to me last year, though not at tax time!)

Of the 2.5 million consumer complaints received by the Federal Trade Commission last year received, the imposter scams were the third most common.  Debt collection scams ranked second. But at the very top of the list is identity theft. (You can see the full list here.)

In tax identity theft, scammers steal Social Security numbers to file for a tax refund before the real taxpayer can. In many cases, victims may not even learn about the fraud until they file a return, at which point IRS notifies them that the return has already been filed and paid!

The IRS announced  that the number of tax identity theft cases has doubled each year in recent years. It estimated it has paid out $5.8 billion in fraudulent tax refunds in 2013 because of identity theft. The IRS also reported it also was able to stop another 5 million attempts to get fraudulent refunds, which saved taxpayers another $20 billion.

Many tax fraud cases involve stolen social security numbers. CNNMoney reports that hackers stole more than 6.5 million Social Security numbers last year, with up to 80 million more at risk this year as part of the Anthem data breach alone.

2014 is sometimes called the year of the hack and it is clear that while large-scale breaches continue we will surely see elevated rates of identity theft, especially in the tax season.

All is not lost though, by following a few steps you can help keep all your credentials in the right place:

  • Always keep you AntiVirus up to date! If you don’t protect your device, your data could be vulnerable to attack.
  • Never click a link you don’t trust. If in doubt, visit the official website and log in to your account there.
  • Shred physical copies of important documents when they’re no longer needed.
  • Don’t trust urgent phone calls or emails from the IRS demanding action and personal information. The IRS will never contact you by phone or email!
  • If you do get contacted, make a note of their number, and report it to the IRS at its fraud report site.

 

Here’s wishing you many happy returns!

AVG

Is the rise of biometric security a good thing?

Leave a comment

Whether we like it or not, it seems that biometric security is rapidly becoming the norm.

In March alone, Samsung unveiled new iris scanning technology, Microsoft announced facial recognition for Windows 10, Asus introduced fingerprint scanning and Qualcomm, Fujitsu and Intel all jumped in with biometric tools of their own.

Why are we seeing such rapid adoption?

Although it may still seem futuristic, modern biometric security has been around for a number of years. You could argue though that it was only with the launch of the iPhone 5S and its fingerprint scanner that people really started to take notice.

Now, fuelled by convenience, biometric security is at the forefront of our minds. After all, why remember a password or have to input a code when your device can simply scan you and authorize access?

Is it secure?

While few people can argue that biometric security is not convenient, there are still question marks over its viability as a robust security measure.

SRI, who developed Samsung’s iris scanning technology claim that “tests have shown this purely iris-based solution to be more than 1,000 times more accurate than published fingerprint data.” This begs the question, how secure is fingerprint data?

Not all that secure it turns out. In October 2014, a hacker known as Starbug accurately replicated the fingerprint of the German Minister of Defense from nothing other than hi-res images taken of her at an event.

More recently, AVG’s own researchers from the Innovation Lab in Amsterdam developed a set of ‘Invisibility Glasses’ that used specialist materials and technology to successfully counteract facial recognition technology.

We’ve written many times before about the pros and cons of biometric security, from speculating on the future to busting myths.

However for now, it’s clear that if biometric security is really going to become our de-facto method of authentication, we need to make sure it is rigorously tested.

AVG

How safe are one-time passwords?

Leave a comment

Most people have dozens of passwords, for dozens of online accounts.  At times it can be tricky to remember them all, as best practice says they should all be slightly different.

If you’re one of these many people, Yahoo’s recent announcement may get you excited. Earlier in March, Yahoo revealed an innovative idea that would mean we never have to remember a password again.

The concept is very simple. By selecting to use one-time passwords in your account settings, the next time you login it will send a password to your phone that you can use to login in with via a SMS.

While this seems very convenient, is it secure?

Generally speaking, there are three types of authentication in use today

  • ID and Password
  • ID, Password, Verification Code (using SMS)
  • Two Factor authentication using ID, Password and another device providing a unique password

The Yahoo solution seems to be half way between the least secure option A and Option B.

Sending a password on demand to a device is a step in the right direction, but there may be other security risks involved when transmitting data over SMS and to a potentially unprotected device.

The phone may not have a passcode and could be infected with malware that reads the SMS. This could mean the email account and all the data inside gets compromised.

If you do want to enable one-time passwords, I would recommend you have both of these: a passcode and AVG AntiVirus for Android on the phone to keep yourself protected.

 

What would I do differently?

Using the mobile device to add another layer of security is a smart idea as most people have one. Most of us also use apps regularly and if you’re a Yahoo user then you probably have the Yahoo app.

I would change the delivery method of the password from SMS and instead deliver it, in an encrypted format, via their own app.

On top of this, the Yahoo app with this one-time passwords enabled should require the device to have PIN security.

This would mean that an attacker would need the ID, the phone and the PIN in order to access the account. The app could even go further and check for the presence of an Anti-Virus product to ensure that it’s being scanned regularly.

It could be that there are currently technical limitations with one-time passwords, and that in the future we’ll see a lot more secure and comprehensive process.

My top advice right now though is if you’re going to use this service then be sure to have a security app and a PIN on your phone so you can help ensure that the password is being sent to a secure device.

Follow me on Twitter @tonyatavg

 

AVG

Backlash against the “Selfie Stick”

Leave a comment

If you’ve been to a museum or tourist attraction recently you’ll have likely seen the now ubiquitous “selfie stick” in action. Users say the sticks provide better perspective and help avoid the fish-eye view of the hand-held phone camera. You could even argue that it’s also more secure than handing your valuable camera or phone over to a stranger(although I don’t know that there is much from preventing someone dashing by and snatching your stick along with your smartphone).

However the backlash against selfie sticks has appeared almost as quickly as the trend itself.

Many museums and other institutions are now taking the matter into their own hands and banning selfie sticks. For example, the Forbidden City in China joined the Palace of Versailles and Britain’s National Gallery, which both announced bans this past week. London’s National Gallery said it outlawed the “Narcisstick” in order to “protect paintings, individual privacy and the overall visitor experience”.

Earlier this month in the U.S., the Smithsonian museums in Washington also banned selfie sticks. Cameras and pictures are still allowed, but selfie sticks, tripods and monopods are not.

In a statement, the Smithsonian said, “For the safety of our visitors and collections, the Smithsonian prohibits the use of tripods or monopods in our museums and gardens. Effective today, March 3, monopod selfie sticks are included in this policy.” You can see the full statement here.

Other U.S. museums that ban selfie sticks include the Art Institute of Chicago, and New York’s Museum of Modern Art.  As do other international favorites such as the Uffizi in Florence and the Colosseum in Rome. A Collosseum spokesperson noted that the twirling around of hundreds of sticks can become unwittingly dangerous when “fully extended with outstretched arms, the devices take up over half the width of the monument’s interior corridors.”

Selfie Stick

Image courtesy of the BBC

 

In Canada, the Montreal Museum of Fine Arts and the Pointe-à-Callière Archaeology Museum called the stick the “wand of narcissism” when it placed it on the do not enter list.

The consensus among critics is that selfie sticks are obnoxious and a danger as well as a privacy concern.

The additional field of view that makes the selfie stick such a boon to the photographer also increases the chances that unsuspecting passersby  may get caught in the shot.

It’s a safe to say that if you’re traveling this spring or summer, it’s best to check to see what the policies are at the attractions you plan to visit before you consider taking a selfie stick along…

I personally have mixed feelings about selfie sticks. I’ve found them equal parts intrusive, (as I’ve tried to enjoy some art) and practical (as I’ve struggled to capture myself and friends in a unique moment).

For me it comes down to safety and privacy concerns. Crowded tourist attractions and exhibitions are enough of a ruckus without adding selfie sticks to the equation.

 

Title mage courtesy of New York Post

AVG

Wearables will evolve beyond screens

Leave a comment

A healthy human has multiple biological senses he or she was born with. Sight, hearing, taste, smell and touch are the five traditionally recognized. The ability to detect other stimuli beyond those governed by the traditional senses exists, including temperature, kinesthetic sense, pain and balance.

If I had to explain a human sense, in our digital world, I would describe it as a biological sensor that responds to a specific physical stimuli and transmits the data to brain cells that later interpret them for us and may lead to a response.

Our biological senses respond to physical stimuli, but could we develop a sensor that responds to stimuli created in the digital world?

I believe the answer is simple; yes.  For example, I could get a notification delivered directly to my brain when something important is happening, such as my child has not returned from school on time or when my glucose level is high.

The idea isn’t unprecedented. Many animals have unusual biological sensors that to support their surroundings and lifestyle. This however, took millions of years; we could create something in just a few.

Over the last few years, we’ve developed new technologies to help people with different disabilities to gain back their lost senses. Advances include a tiny eye implant that restores sight to the blind and electronic hearing devices that help people with severe hearing loss.

While these technologies are very important for our society and for the people who need them, their main goal is to restore (or provide an alternative to) the damaged/missing sense that respond to a physical stimuli.

How do we create a digital sense?

Digital senses aren’t as far away as you may think. Smartwatches have started to emerge. Although they are still in their first release version people struggle to understand the benefit of them. Is it yet another screen to look at? Does it just save me from having to take my phone out of my pocket? Will it replace some tasks I do on my smartphone? Or is it just another input peripheral to my smartphone? Where is the value to me?

While most of the available applications of a smartwatch are to bring the smartphone notifications to my eyes via a screen on my wrist, there is another – hidden- value in such devices and that is to develop a new sense. I call it the Digital Sense.

A digital sense can respond to digital events, convert them into physical ones and transmit that information to our brain cells in non-invasive methods – for example, with a combination of one or more micro vibrations. The human brain will then interpret them and respond.

In the digital mobile world, smartphones receive data from many sources: the web, email, embedded sensors and cloud services. However, the main method smartphones use to convey all this data to the human brain is via a screen. As a result, we find ourselves spending many hours in front of multiple screens in order to consume data.

Google Glass introduced new possibilities in the way we interact with and respond to our digital world. Some would say that Google Glass failed as it was too intrusive and harmful to real world social experiences.

A sensor would never do this. A sensor should be part of the body and transmit information for the brain cells to process – not to form another obstacle as we saw with Google Glass.

I believe that by taking advantage of wearable technologies and using them to transform digital data into a physical stimulus that our biological sensors can interpret, in a non-invasive way, will be the most valuable application of wearables. I believe it will dramatically increase the adoption of wearable tech as the value proposition can be immediately understood.

Imagine a smartband on your wrist or a smart device on your shirt that will vibrate or move when your glucose level is high or when your family or colleagues urgently need you.

This is not the notification sound, as we know it from our smartphone today.  They are intrusive, not necessarily private and not properly secured. It is more advanced than that. It’s a new sense that we wear and transforms our digital data into something our biological sense can transmit to our brain cells in a non-intrusive, secure and private way. This is where wearable technologies will find their home, not as an additional tiny screen.

Recently I experimented and implementation of such new sense on my wrist, and I do not feel like I will let it go any time soon.

AVG

Five Tips for choosing a Cloud Storage Service

Leave a comment

Cloud services are incredibly convenient and can also be a great cost saving measure. But you shouldn’t blindly place trust in cloud services without doing some research first.

If you are considering using a cloud service, I would strongly advise finding the answers to the following questions before signing on the dotted line.

Is it for personal or business?
There are plenty of free options, but you need to determine which is the most reliable and secure, especially if your business will depend on it.

What are you storing and why?
The different cloud services that are currently available offer a variety of features and options that may be better suited to a particular need.

What sort of encryption is available?
Does the cloud storage service offer encryption? If the provider is hacked, your data will be vulnerable. So if they don’t offer encryption then you might want to encrypt your vital documents before uploading

Does the service offer extra security?
Where possible use additional security features like two-factor authentication and login notifications to ensure you have the added layer of security to prevent unwanted breaches.

Do you have adequate backups?
Don’t rely on a single backup, especially for your critical files. You should also backup regularly.

AVG

The Internet of Things Made Simple

Leave a comment

The Internet of Things is one of the hottest terms in the technology industry. It seems that hardly a week goes by without hearing about our connected world or the Internet of Things.

So what does the Internet of Things really mean and how can we explain it in a way that everyone can understand?

I was recently asked how I would explain the Internet of Things to a five year old and I came up with the following:

 

We all like to talk to our family and friends, our electronic devices (TVs, tablets, cameras) like to speak to each other too. They speak a different language – their own computer language, called the Internet of Things.

Just like when your parents ask you to tidy your room, or you ask them for help with your homework, our devices speak to each other to solve problems and get things done.

For example, if a bad guy came in to steal your toys, the burglar alarm would tell the police to come over and stop them, or the smoke detector could call the fire engine if there was a fire at home.

By talking to each other through the Internet of Things, our computers work together as a team to help us – just like we help our families and friends.”

 

While this is of course simplistic, it is the fundamental function of the Internet of Things, our connected devices sharing information over the Internet.

What kind of connected devices are we talking about? The Internet of Things is made up of all sorts of connected devices including:

  • Smartphones
  • Televisions
  • Alarm Systems
  • Fitness Trackers
  • Games Consoles

Any Internet connected device has the potential to be part of the Internet of Things, all that is required is that they connect and communicate with each other in order to fulfil a wider function.

If you’d like more information on the Internet of Things and the challenges that it presents, read my recent blog on Privacy and The Internet of Things.

AVG

Legacy Contacts and managing a Digital Legacy

Leave a comment

Emails, photos, random postings… We all have a digital footprint and depending on your privacy settings, it’s available to many people including strangers.  Not to mention our passwords to accounts, and other digital assets, including financial ones. Who can access them when we pass on? What happens to the data?

In the world of Internet services, digital legacies and the policies around them have been murky at best.

Because of our position as a leading provider of security for data, devices and people this is an issue we at AVG have long been concerned about. And that’s why we’ve been focused on educating our users on this sensitive topic and advocating for people to provide a digital codicil to their wills, specifying a digital executor to act on their behalf.  (You can see our most recent article here. We also published an ebook dealing with digital death.

 

Today, different sites have different policies, and requirements vary on the actions that can be taken, and the forms of identification and proof that are required in case of a user’s death.  Twitter has a policy to deactivate accounts after six months of prolonged inactivity, but also will work with authorized individuals to delete a deceased user’s account and or certain imagery. Until last week, Facebook’s policy was to allow users to specify if they wanted to “memorialize” or permanently delete their accounts. Last Thursday, Facebook moved to a step further to allow account holders to appoint what it calls a “Legacy Contact” to manage their memorialized accounts.

Facebook legacy contact

 

You can read the full announcement here that Facebook released Feb. 12.

But briefly: Facebook now allows the appointee to write a post for your profile, and update your profile picture and cover photo. It also allows the appointee to respond to new friend requests, for example a friend who hadn’t been on Facebook at the time of the user’s death. The Facebook executor, however, can’t go back and delete material, log into the account or remove any of your friends.

In its statement, Facebook said: “By talking to people who have experienced loss, we realized there is more we can do to support those who are grieving and those who want a say in what happens to their account after death.”

The Facebook move is good news, in many ways, not the least of which is that it helps bring this important issue of Digital Legacy to the forefront in one of the largest social venues, where many of us are living our digital lives. It also recognizes that users need more control of their accounts, including deciding how they want them managed when they pass.

Digital legacy is something that everyone online needs to consider. No one wants to consider their own death, but as the physical world morphs into the digital, it’s a very important part of our legacies. One we shouldn’t ignore.