After the Year of Datasec Fail, in the wake of breach after leak after hack, it’s time to cop to the fact that private data security is Serious Business.
Private sector titans like Google, Facebook and Yahoo, not to mention the actual flippin’ US government, have demonstrated that, if there’s anything in your life you’d rather Vladimir Putin and/or the entire Internet not know about, you’d better spit on your hands, boot up your robot of choice, and take responsibility for your own infosec.
Sounds awful, doesn’t it?
The mere notion of handling your own information security (“infosec” to professional nerds like your narrator) conjures images of command lines, spaghetti code and whatever else it is tech types actually, yknow, do. If only there was an easy fix! A simple, widely applicable one-shot that would make your precious 1s and 0s safe forever.
There pretty much is. It’s Linux.
Superficially, using the famous open-source operating system might seem like the opposite of security. After all, the point of open-source is that anybody can look at and futz with the code. How is that compatible with “make everything hidden?”
But that’s the not-so-secret shame of tech
As we’ve ceded more and more of our lives to internet-enabled services, nothing is hidden. Cloud-based services like Google Docs and online-only offerings like Facebook and whatever Yahoo’s doing these days are accessible to everyone, everywhere. That’s the point. That’s their offer. “Accessible to everyone” is incompatible with “accessible only to nice people.”
The Linux fix is twofold.
First, old-school hackers (cue pounding 90s electronica soundtrack) still trading on invading your personal system generally don’t bother with Linux exploits. Windows and the traditionally safer Apple are bigger, more valuable targets. Second, 5 popular distros – that’s “particular flavors of Linux some noble white-hat nerds put together for you” – incorporate fixes for increasingly common Internet breaches of the kind that felled Facebook and Google.
Tails is a live OS, which means you can put it on a USB stick or disc, run it on any computer, and when you pop it out again the computer goes back to the way it was. Local hacks work by reading your logs, huge quantities of nested information your operating system hangs onto for complicated reasons. Windows does it. Apple does it. Some Linux distros do it. Tails doesn’t. It also roots your internet traffic through the legendary Tor, benchmark of Internet anonymity. Tails’s commitment to zero-footprint computing also has the smaller but just as welcome convenience that, if you do prefer to use it sparingly and stick with your old, less-secure OS, it leaves no souvenirs on your system; your old setup will boot like nothing happened.
If this were a 19th century novel, this entry would be called “IprediaOS. Or, the Trouble with Tor.” Tor prioritizes security above all else and limits Internet access accordingly. There’s a lot of stuff it won’t go near, because it’s just not secure enough. That limits the mainstream usability of Tor, not to mention services like Tails that rely on it. IprediaOS uses a similar but less strict service, I2P, that affords access to the everyday Web with minimal loss of security. IprediaOS also comes with anonymous chat, email and BitTorrent clients.
Whonix is a unique beast. It’s a virtual machine, which is (incredible oversimplification incoming!) a program that thinks it’s a computer and convinces others to treat it likewise. Its big offer is that it can be run as a program on the Windows and Mac OSes, making it a perfect match for anybody who only has a job or three that demand anonymity – cloud-based business records, say, or anonymous blogging – and is otherwise good to go with a by-the-book setup. It’s also a great way to learn the basics of home infosec, since, being based on the venerable Debian distro of Linux, it plays well with Microsoft, Apple and other Linux systems.
Not a typo! This cleverly named beastie discreetly keeps your secrets by building a discrete structure, unconnected to anything else, for you to whisper them in. It’s limited in function compared to the other services listed, functioning primarily as data storage and anti-malware/spyware/Trojan solution, but it is very good at those things. It’s in beta at present, and as is a beta’s wont there’s a bug or two to shake out, but it has real promise as a data security tool.
Qubes is the Whonix solution raised to the level of an operating system. It compartmentalizes your work as separate virtual machines, limiting any compromise in security to one set of services, with no chance of spreading to more vulnerable areas. Qubes even color-codes your machines for you, with colored frames indicating the potential security vulnerability of a given VM. So, if you set up one machine as straight data storage with no access to the outside world, that’s about as secure as data gets and Qubes will tell you so. The machine you do your web browsing in will be coded otherwise. Better still, Qubes provides a secure data-transfer solution that lets you move information safely between machines. Last September Edward Snowden, a man understandably interested in information safety, tweeted “If you’re serious about security, @QubesOS is the best OS available today. It’s what I use, and free. Nobody does VM isolation better.” Can’t say fairer than that.
Don’t be intimidated
Obviously, as is made clear by the monolith of text above, infosec is an enormous topic.
That said, don’t let it scare you.
Get educated on the subject and in a week of digital futzing you’ll be warm in the knowledge that you do security better than the smartest, richest, most powerful people in the world. Happy (white hat) hacking!
How psychologists are using VR to profile your personality
(TECH NEWS) VR isn’t just for gamers. Psychologists are using it to profile your personality, but does it come at the cost of privacy?
When you put on a VR headset for the first time, most people have that ‘whoa’ moment. You’ve entered an enchanting otherworldly place that seems real, but you know it isn’t. You slowly tilt your head up to see a nicely lit blue sky. You turn your head around to see mountains and trees that weren’t there before. And, you finally look down to stare at your hands. Replaced by bright-colored gloves, you flex your hands to form a fist, then jazz hands, and back.
Playing VR games is exciting and interesting for a lot of gamers, and you would (or maybe wouldn’t) be surprised to know that psychologists think so, too. According to The Conversation, psychologists have started researching how people emotionally respond to potential threats using VR.
Do you think this is weird or cool? I’ll let the following help you decide.
In earlier studies, psychologists tested “human approach-avoidance behavior”. By mixing real and virtual world elements, they “observed participants’ anxiety on a behavioral, physiological, and subjective level.” Through their research, they found that anxiety could be measured, and “VR provokes strong feelings of fear and anxiety”.
For the study, 34 participants were recruited to assess how people have a “tendency to respond strongly to negative stimuli.” Using a room-scaled virtual environment, participants were asked to walk across a grid of translucent ice blocks suspended 200 meters above the ground. Participants wore head-mounted VR displays and used handheld controllers.
Also, sensors placed on the participants’ feet would allow them to interact with the ice blocks in 2 ways. By using one foot, they could test the block and decide if they wanted to step on it. This tested risk assessment. By using both feet, the participants would commit to standing on that block. This tested the risk decision.
The study used 3 types of ice blocks. Solid blocks could support the participant’s weight and would not change in appearance. Crack blocks could also support the participant’s weight, but interacting with it would change its color. Lastly, Fall blocks would behave like Crack blocks, but would shatter completely when stepped on with 2 feet. And, it would lead to a “virtual fall”.
After looking at the data, researchers found out that by increasing how likely an ice block would disintegrate, the “threat” for the participant also increased. And, of course, participants’ behavior was more calculated as more cracks appeared along the way. As a result, participants opted to test more blocks before stepping on the next block completely.
They found that data about a person’s personality trait could also be determined. Before the study, each participant completed a personality questionnaire. Based on the questionnaire and the participants’ behavior displayed in the study researchers were able to profile personality.
During the study, their main focus was neuroticism. And, neuroticism is one of the five major personality traits used to profile people. In other words, someone’s personality could now also be profiled in a virtual world.
So, it all comes down to data and privacy. And yes, this isn’t anything new. Data collection through VR has been a concern for a long while. Starting this month, Facebook is requiring all new Oculus VR owners to link their Facebook account to the hardware. Existing users will be grandfathered in until 2023.
All in all, VR in the medical field isn’t new, and it has come a long way. The question is whether the risk of our personality privacy is worth the cost.
Failure to launch: Quibi’s short-form platform is short-lived
(TECH NEWS) Despite receiving major funding from big players, Quibi is shutting down only 6 months after launch. What led to their downfall?
Only 6 short months after launching its platform, Quibi has decided to pull the plug.
The mobile-only streaming service’s vision was to create short-form videos with higher production value than that of competitors like YouTube or TikTok. Having enlisted big names such as Steven Spielberg, Ridley Scott, Jennifer Lopez, and Lebron James, Quibi had high hopes for what the service could accomplish. In an open letter posted to Medium, founding company executives Jeffery Katzenberg and Meg Whitman cited timing and the idea of mobile-first premium storytelling not being strong enough as the primary reasons for shuttering.
“As entrepreneurs our instinct is to always pivot, to leave no stone unturned — especially when there is some cash runway left — but we feel that we’ve exhausted all our options.” The letter stated, “As a result we have reluctantly come to the difficult decision to wind down the business, return cash to our shareholders, and say goodbye to our colleagues with grace. We want you to know we did not give up on this idea without a fight.”
The move is somewhat surprising considering that back in March the service managed to raise an additional $750 million in funding, bringing its total fundraising to $1.75 billion. At the time, Quibi CFO Ambereen Toubassy had touted that the second-round of cash had provided the organization with “a strong cash runway,” that would give Quibi “the financial wherewithal to build content and technology that consumers embrace.”
Originally called “New TV”, the initial investors of the service included Hollywood titans Disney, NBCUniversal, and Sony Pictures Entertainment just to name a few. While the amount of money raised was minuscule compared to services like Netflix, it was still an impressive start for an untested idea.
The service did itself no favors, however, in trying to gain new subscribers. Along with being mobile-only, the service started at $4.99 per month for an ad-supported subscription, only slightly cheaper from more robust offerings like Hulu and ESPN+. While you could pay $7.99 per month to get rid of ads, you were also forbidden from taking screenshots, limiting the ability of content on the service to go viral.
Quibi was also financing content, meaning that ownership would revert back to creators after just a few short years. This means building a growing library of content owned by the service was an uphill battle from the start.
“This was flawed from the start, down to the idea of financing content and then giving it back to the creators after a few years.” Said a veteran producer who refused to work with the company, “There is anger in town right now, because it just makes it harder to raise money.”
Quibi is set to be inaccessible starting around the beginning of December, according to a post on the company’s support site. While much of the service’s content will not be missed, one still wonders what might have been had the company managed to gain some traction, or the COVID-19 pandemic had not come to pass. Either way, Quibi’s business partners may want to read up on some of these tips as they discuss where things should go from here.
Acorns launches job searching tool, but is that what job hunters need?
(TECH NEWS) When it comes to job searching, many people are able to find jobs online, it’s getting the interview where people need help.
If you are currently job searching, you are likely going to sites like Indeed (250M unique visitors monthly) and LinkedIn (260M users monthly). You may also be checking out ZipRecruiter because they’ve advertised on every single podcast you’ve ever listened to. Just for fun, you might also be looking at jobs on Craigslist for your local area. This could have excited you or depressed you.
If you want an easy way to aggregate several job search sites, you may like the app Huntr that will pull in job postings (after you put in some preferences) from Glassdoor, Google, LinkedIn, ZipRecruiter, GitHub, the muse, Dice, Monster, Indeed, Angel.co, Dribbble, etc. so you have them all within one place.
Acorns has joined in on the job postings board by implementing a Job Finder within their app, in an effort to help people find work which makes sense if they want more people to save through their platform. “Acorns is an American financial technology and financial services company based in Irvine, California that specializes in micro-investing and robo-investing. As of 2019, Acorns had over 4.5 million users and over $1.2 billion in assets under management.”
The article from The Press that describes it tells consumers about adding in a Job Finder to help millions of people find jobs. But really, it’s great as a positive public relations initiative (and likely will drive more visits to ZipRecruiter postings) since it’s within their app. The gesture is nice but will it really help?
“Within a few taps, Acorns customers at every tier can find millions of full-time, part-time, and remote job opportunities, set job alerts, and explore custom career development content to support their financial wellness at no additional cost. By introducing Job Finder to its financial wellness system, Acorns is looking after the financial best interests of the up-and-coming and removing a main barrier to its customers achieving their money goals.”
Most people know where to find job postings. What they don’t know is why they aren’t hearing back from their applications or how to be invited for more interviews. It would be great if companies really wanted to help make an impact on unemployment by:
- Offering career coaching services or references to candidates that do not fit what the hiring manager or HR person is looking for.
- Giving people access to what key skills they need on their resume within the job posting (less vague and generic descriptions).
- Within the automated rejection letters, including a referral or resources that will help them break through the clutter or introduce them to current employees or how to get to know the company better – in case there’s a position that is a better fit.
- Ensuring that all job postings are for real jobs and real openings – it should be made clear to candidates if the job posting is for pipelining talent and/or not going to be offered to an external candidate.
- Bringing back some humans in to the automated process. Yes, ATS (Applicant Tracking Systems) are great for the employers and companies who are fielding hundreds of applicants. They are terrible for the 40 million currently unemployed. More about ATS here from Jobscan if you are curious. They are built to knock out candidates.
- Considering hosting webinars, educational speakers, or events where candidates can get in front of you versus solely relying on online submissions.
- Contemplating implementing an apprentice program so that less experienced applicants may gain knowledge and learn from more experienced workers – but you would also be getting fresh ideas and new talent for growth within your organization.
There are many caring people and organizations out there so it would be great to see some more assistance for job seekers versus just more places listing job postings or the same job boards but in different formats.
There also seems to be a mismatch in looking to hire someone based on what they have done in the past – when really, the best qualified candidate may have a different background and be looking to make a switch to continue to grow and learn. The perfect match of key words in a database to a resume are not always the best way to find the right fit.
Business Entrepreneur5 days ago
How to effectively share negative thoughts with your business partner
Business News2 weeks ago
5 factors driving the reshoring movement in America
Business News1 week ago
The future of work from home will be a hybrid, says Google CEO
Business Entrepreneur2 weeks ago
The success of your business could be tied to your succession plan
Business Finance1 week ago
Did… the US government just agree to start funding a cryptocurrency?
Tech News2 weeks ago
Google plans to make YouTube an integrated e-commerce destination
Tech News2 weeks ago
Snapchat is among the first to leverage Apple’s new powerful AR tools
Tech News1 week ago
What is “Among Us”? The meme sensation two years in the making