Signed, Entangled, Encrypted, I’m Yours

From DCTVpedia
Revision as of 19:39, 9 July 2016 by WScottis1 (talk | contribs) (Created page with ".2804 {{Infobox Episode| title = Signed, Entangled, Encrypted, I’m Yours | number = 2804 | date = JULY 8, 2016| length...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search
Signed, Entangled, Encrypted, I’m Yours
Number 2804
Broadcast Date JULY 8, 2016
Episode Length 39:04
Hosts Tom Merritt
Guests Darren Kitchen, Len Peralta

Facebook is adding an end-to-end encryption option to Messenger with disappearing messages. Darren Kitchen talks with Tom Merritt about how secure it really is. Plus a robot jellyfish made of rat parts. What will Len Peralta illustrate?

Guest

Headlines

Microsoft is open sourcing Project Malmo, its platform that uses Minecraft to improve AI problem solving. It will also have an overclocking feature to run experiments faster than the normal Minecraft game speed. The platform has a mod for the Java version of Minecraft and code to help AI agents act within the game. The code runs on Windows, Linux or MacOS and can be found at github.com/Microsoft/malmo.
Google announced it is switching the TLS encryption in a test portion of Chrome installations from using just elliptic curve cryptography to also having Ring Learning With Error or Ring-LWE. In other words it's testing a type of encryption that cannot be broken easily by quantum computers. Traditional encryption is also still used so that the experimental connections are at minimum as strong as all others. The experiment is only enabled in Chrome Canary, the developer edition. You can see if your installation is by looking for CECPQ1 in the key exchange visible in the Security Panel.
Google announced Thursday it has acquired Anvato, a video platform for cloud editing, on-demand and live streaming. NBC, CBS, Fox and Univision are among its clients. This puts Google in competition with Amazon, Microsoft and to some extent BAM.
Research conducted by teams from the department of electrical and computing engineering at the Stevens Institute of Technology and Binghamton University in New York State how motion sensor data in a smartwatch could be used to deduce a user's PIN. The algorithm was tested on 5,000 key entry traces made by 20 adults using one of three different wearables with 80% accuracy on the first attempt rising to 90% after three tries. An exploit would need to capture packets from Bluetooth or by malware on a phone or watch. It could be foiled by using another hand or introducing random movements while entering a PIN.
Wendy's continues its investigation of malware that infected its point of sale systems AKA what used to be called cash registers. Wendy's has raised its estimate from 300 to 1,025 affected locations. Wendy's has put up a Web page where you can check to see if the location you've visited has been affected. That's at payment.wendys.com/paymentcardcheck.html
Researchers from Harvard University have developed a robot made of silicone, gold wire genetically engineered rat heart cells infused with photosensitive algae - that can swim like a stingray and follow a light source allowing for remote control. It cannot survive outside the lab. Yet.

Discussion

Submitted by tm204

Pick of the Day

I've been using this fingerprint reader (Eikon Mini Fingerprint Reader for Microsoft Windows) for nearly two weeks on my Win 10 desktop. It works well with the Win 10 Hello feature and has always worked on the first scan. I used double sided tape to attach it and a USB extension to the edge of my monitor. I have my system to lock after five minutes of idle, unless a video is playing. Paul Thurrott mentioned this device on Windows Weekly in an earlier episode.
Submitted by Bill

Messages

Hi Tom,

Just thought you might want to hear from someone 20 years in the future.

As a listener who is approaching the early stages of late youth I was interested in your discussion of how different generations get their news.

I still read the LA Times every day. On my iPad.

I've never been one to write to the newspaper, but now that I can send a response to an Op Ed piece by touching a link at the end of an article I'm writing in all the time.

I also get breaking news from Twitter and Facebook, plus The Morning Stream, DTNS & other podcasts.

Given the confirmation bias at our house we tend to watch Rachel Maddow & the Daily & Nightly Shows instead of network news or a 24 hour news channel.

I'm 66 for the next 5 days. (Still counts). I suspect I'm atypical for my age. 😉
Sent by Gary (SeniorGeek) Fisher


Hey Tom, Jermaine from seesawing temps Champaign

I think the question of having a real game controller on a touchscreen display may be a chance to reaffirm the link between technologies being used first by persons with disabilities and then in some cases being adopted by the tech community at large.

Text to speech was first "mainstreamed" as a way to allow blind and visually impaired persons to access computers, and is now a technology that I don't think many of us wants to live without.

Braille displays are screens which create tactile dots for a blind person to be able to read on a portable device, and as they get cheaper to manufacture I envision they will be used in many different ways. I expect that one of these uses could be to help solve the touchscreen gaming conundrum.

So I imagine within five years, you might have an iPhone 9 gaming Edition which creates clear tactile buttons on the screen for use during gameplay.

Thanks for the show Tom
Sent by Jermaine from seesawing temps Champaign


I wanted to give you some feedback on the IOT security question that came up recently, and the solution I used at my house.

I'm in IT (Nuclear IT Architect), so I've got more advanced networking gear than most people, but I imagine that things like this will trickle down to consumer focused gear in the next couple of years (Like the onhub).


I have three wireless networks, all VLAN'd and segregated from each other
Family Name
Family Name Guest
Family Name IOT

Family name is password protected, not filtered, and has unlimited speed.

Family Name guest is open, but enforces speed limits (5/1 mbps), and is subject to content filtering. Devices on this network also can't connect to each other, only the internet.

Family Name IOT is secured with a long password, speed limited, and I restrict via my firewall what services it's allowed to reach on the internet. The devices are restricted from contacting eachother, and there is no UPNP, meaning there shouldn't be the possibility of any incoming connections I didn't setup manually.

I wanted to give the IOT devices a secure connection to the internet (hence not just putting them on guest), while preventing a possible out of date, infected IOT devices from infecting the rest of my network, while still giving them access to the internet.

Currently the IOT network hosts my fitbit scale, wifi cameras (that record to a cloud server I run), several smart light bulbs/power sockets, as well as the management traffic for my software defined networking equipment (access points and switches).

I think it's a good solution for me, but I hope doing so will get easier for people like my parents sooner rather than later because 99.9% of the public can't/won't set something like this up.

Love the show, and a proud patreon supporter. Keep up the good work guys!
Sent by Dustin

YouTube

Links



Preceded by:
"Headline: People Just Read Headlines"
Signed, Entangled, Encrypted, I’m Yours
Followed by:
"TBD"