Beacons And iBeacons Create A New Market – Business Insider

Beacons And iBeacons Create A New Market – Business Insider.

An upcoming trend for business to look out for is the “Beacon”. This is small device which businesses can place within their business to either gather information on its customers or push information to the customers by interacting with their smart phones (typically by a low-energy Bluetooth connection).

While this is not new technology, recent advances in the cost and power-efficiency of such beacons and the greater prevalence of smartphone users in general and smartphone users who use their devices while shopping, dining, or otherwise engaged in commerce in specific has made beacon deployment a far more attractive proposition for data-savvy businesses. Beacons allow businesses to not only engage in very accurate location tracking of customers, but to push messages directly to customers based upon their location (ex. As customer walks by a rack of clothing, a message can be pushed to them, letting them know that everything on that rack is 20% off for today only.). Likewise, businesses can track the flow of customer traffic, where they do and do not go, what order they visit places within an establishment, and even, potentially what items they stop an look at. This can, clearly, be powerful data for businesses to use, not only for interacting with customers, but in choosing layout of a business and other “customer experience” considerations.

On the downside, there are potential privacy and security implications of this technology, not only for the customers / consumers, but also for the businesses collecting this data. The more intrusive (and non-anonymous) the data a business collects on its customers, the greater the need for policies, procedures, and infrastructure for dealing with this data safely, securely, and withing the parameters of what the law requires. That having been said, this is very exiting technology that can open many new doors for businesses in terms of business intelligence and customer interaction.

The Lavabit Shutdown and IT Security

How Lavabit Melted Down : The New Yorker.

The New Yorker has an excellent piece online which discusses in detail the events leading up to the shutdown of Lavabit, a secure e-mail provider which was used by Edward Snowden.

 

The article details the pressure placed upon Lavabit and its owner not just to turn over information that would shed light on Edward Snowden’s activities, but rather, information which would give the government wholesale access to all email passing through the services.

 

This article raises serious issues for IT companies who have committed to safeguard the privacy and/or security of its customers. It also raises serious concerns regarding the extent to which the U.S. Government is willing to (and in fact does) compromise the privacy of innocent U.S. citizens as a routine matter.

 

Adobe says hackers accessed data for 2.9 million customers – Oct. 3, 2013

Adobe says hackers accessed data for 2.9 million customers – Oct. 3, 2013.

If you have purchased products directly from Adobe, you need to be aware of this and (i) be on the lookout for notification for Adobe about whether this affects you, and (ii) monitor your identity (particularly with respect to any card used to purchase the Adobe product), to ensure you are not a victim of identity theft.

German Hacker Group Says It’s Broken The iPhone’s TouchID Fingerprint Reader – Forbes

German Hacker Group Says It’s Broken The iPhone’s TouchID Fingerprint Reader – Forbes.

Within just days of the release of the new iPhone 5s, it appreas that hackers have already found a way to break Apples new fingerprint-based biometric security feature, TouchID.

Apple indicates that it is working on fixes to this apparent vulnerability already, but in the meantime, it just goes to show that reliance on new security standards or features must be done cautiously until that system is thoroughly vetted.

Forewarned, fore-armed.

Exclusive: Anatomy Of A Brokerage IT Meltdown – Security –

Exclusive: Anatomy Of A Brokerage IT Meltdown – Security –.
InformationWeek.com has an excellent article up which details the breakdowns in IT policy and procedure which lead the now-defunct stock brokerage, GunnAllen Financial, become the first company to be fined by the SEC for failing to protect customer data.

The article is a hair-raising read and the actions of both GunnAllen and its IT company, The Revere Group, would be almost comical if not for the incredibly serious implications of the cavalier way in which they dealt with sensitive client information.

While this instance is an extreme one, it is an object lesson for companies handling sensitive client information. The consequences of poor data management and data security are dire!

Anonymous reminds Apple that UDIDs are creepy — Apple News, Tips and Reviews

Anonymous reminds Apple that UDIDs are creepy — Apple News, Tips and Reviews.

I am not sure which is more creepy, the way in which Apple has been using Unique Device Identifiers (UDIDs) to track iPhone and iPad users’ behavior or the fact that (if the claims of where these leaked UDIDs came from are true) the fact that an FBI agent had a trove of over 12 Million of them, along with other  personally identifiable information matched up to these UDIDs.

In any event, it goes to show that there remain many concerning security and privacy issues surrounding the use of mobile devices.

iPhone SMS security flaw uncovered by hacker

iPhone SMS security flaw uncovered by hacker.

Another day, another security issue. It appears that since at least 2007, the iPhone’s SMS protocol has permitted spoofing of the identity of sender of SMS messaged to iPhones.

As such, until this flaw is fixed, beware of seemingly legitimate SMS messages asking your for personal information!

The Problem with BYOD….

47% of BYOD employees don’t have passwords on their phone!
51% say their company doesn’t have the ability to remote wipe the BYOD!!
And 49% say their IT Departments never even talked to them about security on the device!!!
Survey says: FAIL!!!!

At Defcon, Hackers Show How to Bypass Android Encryption – Ina Fried – Mobile – AllThingsD

At Defcon, Hackers Show How to Bypass Android Encryption – Ina Fried – Mobile – AllThingsD.

More apparent insecurity in the Android platform: apparently the Android operating system from version 3.0 though the present use the same password for unlocking the device that it uses for encrypting the data on the phone. This opens up data on the phone to a relatively simple brute force attack, as few people use complex passwords to unlock their phones.

In light of this revelation, it is clear that Android continues to be a questionable choice in platforms for businesses / enterprise use.

GPS Weakness Could Enable Mass Smartphone Hacking – Technology Review

GPS Weakness Could Enable Mass Smartphone Hacking – Technology Review.

A researcher at the University of Luxembourg has discovered that a weakness in the A-GPS location process used by smartphone can permit malicious wi-fi sites to re-route the phone’s A-GPS location queries to the malicious site even after the smartphone has disconnected from the malicious site, permitting hackers to track the phone from that point on.
Furthermore, on smartphones where A-GPS signals are processed on the phone’s main CPU, hackers can use this exploit to crash the phoe and possibly make use of other bugs to compromise the phone.
This exploit was demonstrated on a umber of different Android phones by several manufacturers.