Another of the seemingly secure “TSA” approved luggage locks has fallen to good old fashioned reverse engineering.
According to SafeSkies Locks writer Steve Ragan, the key and the story behind how it was reverse-engineered using a number of store purchased locks was disclosed at a lockpicking conference.
If you remember, in 2015 a large number of TSA master keys became available after a picture of them was shared online, leading to the lockpicking community demonstrating how easy it is to convert an image into a working key. Now you can find the 3D files online to print your own. Read more…
Coldwell Banker teamed up with CNET to define what a smarthome really is – but they didn’t pay any attention to what is in my opinion the most important fact to smarthome buyers.
What technology is transferred to the new owners?
Their examples include very transitory things, like smart TVs and entertainment systems which you would normally expect to leave with the original owner.
And, they don’t cover the difficult process of how exactly do you transfer control of permanent things like your HVAC system to new owners? Do you give them your user name and password? Can they even set a new user name?
For the more complex integrated systems – is it even possible to transfer control over without giving them “your account”? – after all, you don’t want to move into your new smarthome and find you have to set up all the automation again.
Of course for the original owner, if you give someone your account – are you able to set up a new one for your new home? Does the new owner get to see all the logs from your residence? Read more…
This week there was another progression in the infamous and long running Microsoft vs State of NY case – the one if you remember where the New York, USA court is demanding that Microsoft Ireland aquise to a subpoena issued in the USA.
Well this week the Second Circuit court of appeals agreed with Microsoft USA that the USA had no jurisdiction over assets within Ireland:
§ 2703 of the Stored Communications Act does not authorize courts to issue and enforce against U.S.‐based service providers warrants for the seizure of customer e‐mail content that is stored exclusively on foreign server.
A great writeup of the case can be found at Lawfareblog.
This case can still be raised to the Supreme Court, but since there are other legal methods for the USA to request the assistance of the law authorities in other countries, the door is finally closing on trying to impose domestic law on USA companies with assets in other countries.
The current global data economy and the 1986 Electronic Communications Privacy act are woefully out of step, but this decision is the right one to support the global technology industry.
After all – if a court in the USA can compel the release of data from Ireland, surely a court in China can compel the release of data stored in the USA?
After surveying nearly 10,000 individuals crossing every continent, it’s obvious that concerns around personal data are the most pressing issue in adoption of smart home technology – more than 90% of people had concerns about cybersecurity.
People also had strong opinions on how things should be secured, with passwords being the most disliked option. It seems the future smart home will use fingerprints, voice and even eye scans instead.
Despite these concerns though, people are generally positive about “smarting up” their living spaces – 75% of participants expect to see real benefits, and were especially interested in smarter lighting, kitchen appliances and heating systems.
And, driving good design, 82% of our participants wanted “a single integrated security package” – another reason for the smarthome industry to drive towards consolidation.
You can find more information in the Atlantic Council smart home report, at http://www.atlanticcouncil.org/publications/reports/smart-homes-and-the-internet-of-things
This week BBC news reported that Apple would not help the FBI bypass the pin on one of their phones
The FBI have apparently asked Apple to create two assistive technologies :
“Firstly, it wants the company to alter Farook’s iPhone so that investigators can make unlimited attempts at the passcode without the risk of erasing the data.
Secondly, it wants Apple to help implement a way to rapidly try different passcode combinations, to save tapping in each one manually.”
Ignoring who is right or wrong in this matter – these are not uncommon requests – I’ve been asked by various governments and “three letter agencies” in the past to do exactly the same thing, which I too have politely declined.
Reading between the lines, the FBI requests would indicate an admission that the actual cryptography within the iPhone is robust and correctly implemented – and that there are no discovered back doors which would allow the FBI access to the data without Apple’s help.
So we can assume that the FBI cannot usually access data stored on iPhones. What help can Apple give?
This week I was introduced to the web site age-appropriate rating system Age-Label, sponsored by OMK in Germany. Proposed as a standard for self-regulation of web sites, it allows owners to insert a small xml file “age-de.xml” in the root of their websites which defines the appropriate age ratings of the site, or subsections of such. I dug deep into the system and did some trawling across the internet to find out how used it is.
You can read an English translation of the standard online.
It would seem like a good idea – instead of relying on a third party to analyse the content of your site and make a determination on what age groups it’s appropriate for, web site owners can define it for themselves. The XML file also allows you to specify different sections of your website for different age readers.
Of course, this requires some appropriate technology on the readers device to look for, interpret, and act on the age-de.xml file – but if you imagine a world where the majority of sites are (honestly) tagged, and browsers use the xml data, and parents set the browsers with the appropriate age information, we could indeed go a long way towards protecting minors from inappropriate content.
Following on from my article on Plumbing your smarthome here are my top tips for electrical work when you’re designing or remodeling a home. I’ve bought surprisingly featured homes designed with expansion and maintenance in mind, and also homes that though well built,were not built to be smart, maintainable or upgraded.
Don’t forget that most countries require permits for electrical additions, even if it’s just adding a new outlet so the more you plan ahead, the better use you can make of your electricians time.
1. Run Neutral wires to each switch location.
More common now than a decade ago, but still I see new homes with no neutral in switchboxes. This may seem obscure, but most modern smart switches need live and neutral to operate – but most lighting switches work on live only. Make sure your electrician runs neutral wires to all switch locations so you can add smart switches at some point in the future. Read more…