Dan Patterson and Jill Duffy join the show and we talk about the latest Dropbox hack (not hack) and where the line of security responsibility is between you and your services.
Multiple versions (ogg, video etc.) from Archive.org.
Please SUBSCRIBE HERE.
A special thanks to all our Patreon supporters–without you, none of this would be possible.
If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!
Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!
Big thanks to Mustafa A. from thepolarcat.com for the logo!
Thanks to our mods, Kylde, TomGehrke, sebgonz and scottierowland on the subreddit
Show Notes
Today’s guests: Dan Patterson, tech journalist and Jill Duffy, writer and software analyst at PC Mag.com
Dan and Jill are also the hosts of the upcoming podcast The Signal – check out their site!
http://www.thesignalpodcast.com/
Headlines
TechCrunch noted that Dropbox confirmed 400 account credentials posted to pastebin were in fact for Dropbox accounts. Security chief Anton Mityagin dropbox was not hacked, these were users who had the same password at dropbox as other services. Most of the credentials had already been caught and deactivated and the rest have now been reset so none of the posted credentials are valid. Several hundred more credentials were posted later but Dropbox says those are not associated with Dropbox accounts.
The Next Web reports that Google’s same day delivery service is no longer free. It also got a name change. Google Shopping Express is now just Google Express and brings groceries and other purchases from various stores to your door at a convenient time. The service now costs $4.99 per order, though you can subscribe for $95 a year or $10 monthly, and get first dibs on delivery windows. Memberships can be shared with people in your house. Google also added new retailers, including Barnes&Noble and Nine West shoes and expanded from San Fracnisco, LA and New York to include Chicago, Boston, and Washington, DC.
PC Mag reports August SmartLocks will be coming to Apple store shelves this week for $249.99. The smart lock works in single cylinder deadbolts and lets you create virtual keys on smartphones. Keys can be given to friends through the app and even revoked when necessary. Physical keys work too.
Skype has a new mobile messaging service call Qik. Yeah remember they bought Qik then ignored Qik then shut down Qik. Well now the name is back. Users can share video clips up to 42 seconds which disappear after two weeks, but the sender can delete the video any time. There’s a also Qik Flix which are 5-second clips available on the Android and iPhone apps and coming to Windows phone “in the coming months.” Blocking other users is available for Android and Windows phone but NOT the iPhone App.
The Washington Post reports that the FCC is considering Aereo’s request to be classified as a ‘multi-channel video provider‘ — like a cable or satellite company — subject to all the rules and regulations. This means Aereo could start negotiating with the broadcast networks for ‘retransmission fees.’ Right now no Internet video providers are classified as MPVDs and are basically ignored by the networks. If Aereo gets classified as an MPVD it would have to pay more for content, but the networks would have to let them.
PC Mag reports iSight Partners announced a zero-day Windows vulnerability today that it says Russian attackers are using against US, European and Ukrainian government agencies, NATO, telecom companies and an unnamed US academic organization. The attacks are attributed to a group nicknamed “Sandworm Team” because of their frequent references to the book Dune. Security experts have been tracking the five-year-old group, referred to as “Quedach” by F-Secure, since late 2013.
Android police report on leaked Google ads featuring little Android characters with the slogan “Be Together, Not The Same.” It includes an animated version of the the Nexus 6 running Android L. The video comes with a link to a page on the Android site that isn’t yet live, but probably will be after the Nexus 6 is announced, which Forbes speculates may be as early as tomorrow.
News From You
AllanAv submitted the TechDirt story about a comment on the US FCC’s open Internet guidelines filed by VPN company Golden Frog. The company describes evidence that a wireless broadband provider actively blocked STRTTLS encryption, preventing a user from encrypting SMTP email traffic. Golden Frog described the provider as modifying messages in transit in one case from 250-STRATTTLS to 250-XXXXXXXA causing encryption not to be started.
tm204 passed along the Science Daily report that researchers at Nanyang Technological University have developed a battery that can be recharged to 70% capacity in 2 minutes and have a more than 20-year lifespan. NTU Singapore’s scientists replaced the graphite used for the anode (negative pole) in lithium-ion batteries with a new gel material made from titanium dioxide. Yeah the same stuff in your sunscreen. The nanostructure of titanium dixoxide helps speed up chemical reactions.
AllanAv posted the Wired story about the launch of Kickstarter funding for Anonabox. The $45 open-source router directs all data through Tor, hiding the user’s IP address. The box is tiny enough for two to fit in a pack of cigarettes. While not the first Tor in a box, the hope is that it strikes the best balance of cost, setup, size and security. The project is open source but has not been audited yet for security.
And finally, Bishma submitted the TechCrunch story that Dorian Nakamoto is suing Newsweek for writing an article claiming that he was the creator of Bitcoin. Nakamoto denied creating the crypto currency, and says he was “targeted and victimized by a reckless news organization.” Nakamoto has created a web page asking for donations to his legal case. And yes, in case you were wondering, you can donate by check, money order, credit card and yes, Bitcoin.
Discussion Links:
http://techcrunch.com/2014/10/14/dropbox-pastebin/?ncid=rss
https://blog.dropbox.com/2014/10/dropbox-wasnt-hacked/
http://blog.snapchat.com/post/99998266095/third-party-applications-and-the-snapchat-api
http://www.theverge.com/2014/10/13/6958745/is-snapchats-api-too-easy-to-hack
Pick of the Day: Splashtop via Ken Shabby
On Monday’s show you discussed attaching pc’s to televisions and the problems controlling them with wireless mice/keyboards. My pick, Splashtop, is a free remote desktop app that makes controlling your computer with your mobile device easy. Splashtop consists of an app you install on your tablet and a streamer program you install on your mac or pc. Some features are:
You can control your old XP pc using new touch gestures on your tablet. No more trying to use a mouse while in a Lazy Boy. No more having the giant wireless keyboard laying around the living room.
If your mobile device doesn’t run Flash, you can still view Flash web pages by running them on your pc and streaming them to your mobile device.
Splashtop allows you to mute the sound on the pc and listen via your mobile device. This way you can plug in head phones watch without annoying anyone else in the room. It works like the Roku 3 remote with head phone jack.
Not sure how well it would work on a phone, unless you have really small fingers. It might be hard to control your computer on a smaller screen. Works fine on my Nexus 7 and would probably work even better on a 10 inch tablet.
Tomorrow’s guest: Andrew Zarian of the GFQ Network