What was viewable online yesterday is not today
Yesterday, AG uncovered that some names, emails, locations, and document names of customers were publicly visible online, discovered through a simple Google search.
Realtor Frank Llosa tells the story of how this information was visible to everyone, noting that he was emailing with a user of his website who said they had a house to list and sell. As part of his “who is this person” background, he did a Google search on the prospect’s email and found that they had signed a listing agreement with a broker a couple of days prior.
Overnight, DocuSign took action
“Rest assured that DocuSign follows national and international security standards, including strict security policies and practices that set the standard for world-class information security,” said Chief Security Officer, Joan Ross in a statement last night.
The company tells AGBeat that “While DocuSign always encourages customers to save their DocuSigned documents on the secure DocuSign Global Network, it’s come to our attention that a small number of customers have saved personal copies of their documents on publicly accessible websites that are being indexed by search engines.”
DocuSign says they are taking the following actions to help their customers:
- “DocuSign is contacting the few customers we’ve found who have personal copies of DocuSigned documents on publicly accessible websites to either confirm that is their intent (which in some cases it is), or if not to suggest ways to secure them.
- To make information on signature validation even less accessible, DocuSign has added a second step that requires any party searching for information on a DocuSigned document to provide additional transaction details.
- To make personal copies of documents that DocuSign customers have saved on the public Internet less discoverable, DocuSign is working with search engines to block indexing of links to DocuSign within public documents.
- DocuSign will also proactively provide on-going education to customers and the market around best practices for securing personal copies of documents and data. Content will be made available through the DocuSign Trust Site and the DocuSign blog at https://www.docusign.com/blog/.”
All URLs that AGBeat was able to click and view yesterday now require a user to know the Envelope ID, in other words, the link is no longer indexed, and put behind a wall to everyone except those with the specific identification number given to the document.
Although AG uncovered additional documents and email addresses visible to the public, out of concern for DocuSign user privacy, we are not publishing any of that information, rather have turned it over to DocuSign to make necessary changes out of a shared concern, which the additional layer of requiring the Envelope ID number before viewing any details appears to have resolved.
The company tells AGBeat that “A benefit of DocuSign that customers value is that signatures on documents are verifiable through a hyperlink to a customer-created DocuSign ID card. This helps parties to a transaction validate who has actually signed a document and displays a legally binding audit trail. Search engines cannot and do not index documents saved on the secure DocuSign Global Network. Search engines do index hyperlinks from publicly accessible websites. Leaving personal copies of documents on public sites where they can be indexed rather than within the secure DocuSign Global Network is like leaving copies of documents from a locked filing cabinet out on a public table for others to see.”
DocuSign recommends that customers store documents in the secure DocuSign Global Network and limit saving personal copies only to secure locations that meet the security requirements of all signing parties. AG would add that some third party locations may seem secure, particularly document hosting and sharing sites, but it doesn’t take much for those hyperlinks to be shared and indexed by any search engine.
3 awesome ways bug sized robots are changing the world
(TECH NEWS) Robots are at the forefront of tech advancements. But why should we care? Here are some noticeable ways robots are changing the world.
When we envision the robots that will (and already are) transforming our world, we’re most likely thinking of something human- or dog-sized. So why are scientists hyper-focusing on developing bug-sized (or even smaller!) robots?
Tiny robots could assist in better drug delivery, as well as conduct minor internal surgeries that wouldn’t otherwise require incisions.
We’ve all heard about the robot dogs that can rescue people who’ve been buried beneath rubble or sheets of snow. However, in some circumstances these machines are too bulky to do the job safely. Bug-sized robots are a less invasive savior in high-intensity environments, such as mine fields, that larger robots would not be able to navigate without causing disruption.
Much like the insects after which these robots were designed, they can be programmed to work together (think: ants building a bridge using their own bodies). This could be key in exploring surfaces like Mars, which are not safe for humans to explore freely. Additionally, tiny robots that can be set to construct and then deconstruct themselves could help astronauts in landings and other endeavors in space.
Well, perhaps the most important reason is that insects have “nature’s optimized design”. They can jump vast distances (fleas), hold items ten times the weight of their own bodies (ants) and perform tasks with the highest efficiency (bees) – all qualities that, if utilized correctly, would be extremely beneficial to humans. Furthermore, a bug-sized bot is economical. If one short-circuits or gets lost, it won’t totally break the bank.
Something scientists have yet to replicate in robotics is the material elements that make insects so unique and powerful, such as tiny claws or sticky pads. What if a robot could produce excrement that could build something, the way bees do in their hives, or spiders do with their webs? While replicating these materials is often difficult and costly, it is undoubtedly the next frontier in bug-inspired robotics – and it will likely open doors for humans that we never imaged possible.
This is all to say that in the pursuit of creating strong, powerful robots, they need not always be big in stature – sometimes, the tiniest robots are just the best for the task.
Extend your smart home to the mailbox with the Ring Mailbox Sensor
(TECH NEWS) With the rise of the smart home and mail theft, Amazon’s new Ring product is the perfect addition to protect your letters and packages.
Pop the wireless, battery-powered motion sensor in your mailbox, and it will alert you when someone opens the lid or door. You can get a notification in the Ring app on your smartphone and, because Ring is an Amazon company, through any Alexa-enabled device. (So your Ecobee thermostat can tell you you’ve got mail. Cool.)
The sensor’s biggest benefit: You can immediately collect your mail when you get an alert that it’s been delivered. If you’re home.
There’s no camera with live view or speaker for yelling at the thief to drop your stuff, although you can do that with any microphone-enabled cameras near your mailbox.
But if you’ve ringed your home with Ring products, you can set the sensor to turn on Smart Lights or to make the video doorbell or security cameras start recording. If your mailbox is near your front door, however, that will probably already be happening after those devices detect motion. The sensor could be very useful for mailboxes at the end of a long driveway and out of sight of any cameras.
You can preorder the Mailbox Sensor ($29.99) at Ring.com and Amazon.com starting on Oct. 8. To connect the sensor with the doorbell, smart lights, and Alexa devices, you’ll need the Ring Bridge ($49.99).
You may want to keep an eye on Amazon’s new Sidewalk technology, however. Sidewalk is designed to extend the range of your Wi-Fi network. It siphons off a small part of your bandwidth, and that of your neighbors with Amazon-related devices, to create a crowd-sourced neighborhood network.
Amazon has released a list of devices – mostly Echoes and cameras – that will act as bridges themselves, and it’s not yet clear how the Mailbox Sensor will interact with all of that in the future. By the way, if privacy concerns were the first thing that popped into your head when you read that, check out Amazon’s Sidewalk white paper on privacy.
FYI: If your mail is stolen, You should report to the USPS, using their online form. You could report to the police via 311 but know that it’s unlikely officers will pursue the crime.
The best defense against thieves is still a locked mailbox. It’s not fool-proof, of course, but it can make thieves take longer to get at your mail. But if they take the sensor with your mail, or even your whole mailbox, Ring will replace the Mailbox Sensor for free.
You can find out more about the Mailbox Sensor in Ring’s support FAQ.
Degree holders are shifting tech hubs and affordability
(TECH NEWS) Tech hubs are shifting as degree holders move, but it’s causing some other issues and raising some interesting questions about the future of jobs.
Bloomberg recently announced their annual “Brain” Indexes. The indexes are an annual reckoning of STEM (Science, Technology, Engineering and Mathematics) jobs and degree holders. The “Brain Concentration Index” approximates the number of people working full time in computer, engineering, and science jobs (including math and architecture.) It measures the median earnings for people in those jobs. It also counts how many people have a bachelor’s degree in a STEM field, or an advanced degree of any kind. It blends those things together to determine how “brainy” a city is.
Since they started in 2016, Boulder, CO has been at the top of the list. This year it’s followed by San Jose, CA, which many people might expect to be at the top. Many of the more surprising cities, like Ann Arbor, MI, Ithaca, NY, and even Lawrence, KS, are bolstered by the presence of a strong university.
It’s an interesting methodology. It’s worth noting that anyone with an advanced degree, whether it’s an MBA, a law degree, or a Ph.D. in literature, contributes to which city is a “tech hub.” It’s also worth noting how expensive many of these places are to live.
If you follow this kind of national data collection at all, you may also know that Boulder is one of the least-affordable cities in the country. So is the San Jose/Sunnyvale/Santa Clara metro area, with a median home price of 1.25 million dollars and a median household income of $117,474. (That means that the average mortgage is more than half of the average paycheck). However many people tech hubs like San Jose and San Francisco attract, they’re also hemorrhaging talent. Every day, 8 Californians move to Austin. Of the people who stay, more than half are thinking of moving.
They aren’t doing that for fun. As much flak as Californians get for gentrifying places like Austin, they’re being megagentrified out of their own homes. As salaries rise and CEO gigs attract the wealthy (and turn them into the Uberwealthy), the people who wait on tables or teach their children can’t afford to stay there anymore.
Speaking of people leaving, Bloomberg also measured what they call “brain drain,” the flow of advanced degree holders out of cities. They pair that with a decline in white-collar jobs and a decline in STEM pay to come up with their annual list. It includes places like Lebanon, PA and Kahului, HI.
All in all, it’s interesting information. But there are other factors at work that it can’t speak to. What does wage stagnation in the U.S. mean for the flow of education workers? If San Jose and San Francisco can be tech hubs based on the number of people with degrees, but people are still fleeing, what does that say about rankings like these? What human stories get lost in the shuffle? And is “tech hub” even something a city wants to be if that means running out of teachers (or making them sleep in garages)? Where does the next generation of tech hub workers come from?
Knowing the people behind the numbers makes it clear just what a mixed bag this is. Maybe we need more tech hubs like Lawrence, Kansas. Or maybe we need rent control. Or maybe we need to embrace remote work. Maybe there are no answers. As interesting as data like this is, there’s something sort of wistful about it, too.
Business Marketing2 days ago
Use the ‘Blemish Effect’ to skyrocket your sales
Opinion Editorials2 weeks ago
The actual reasons people choose to work at startups
Tech News2 days ago
Degree holders are shifting tech hubs and affordability
Business News2 weeks ago
Hobby Lobby increases minimum wage, but how much is just to save face?
Business Finance2 weeks ago
Small business owners furious over more PPP fraud this week
Social Media1 week ago
We watched The Social Dilemma – here are some social media tips that stuck with us
Tech News1 week ago
What is UI/UX? Take a little time to learn for free!
Social Media2 weeks ago
Instagram makes IGTV videos more accessible with automatic closed captions