How do you hold your phone?
Hackers can get hold of your cell phone pin numbers and other passwords just from the tilt of the device when you type it in, a new research study shows.
The culprit: your smartphone’s motion sensors.
Newcastle’s new discovery
The study, by computer scientists and security experts at United Kingdom’s Newcastle University, is causing an uproar in the entire tech community for its alarming findings.
In a report released this week, the study found that hackers can analyze your motion sensors and figure out your four-digit PIN with very high accuracy.
Researchers could correctly guess the pin 74% of the time on their first attempt, which increased to 94% accuracy after three tries. With only five attempts, the accuracy of the team was 100%.
Hackers love loopholes
This theoretical hack is possible because of a loophole in how web browsers share data between smartphones and websites. While highly sensitive information, such as location require explicit user permission, other data, such as device orientation, or size of the device screen (not seen as sensitive information) is shared with websites freely so that webpages can be responsive and interactive.
As shown by the researchers, such information is enough for a malicious website to hack into your device and decode your PIN.
Of the 25 sensors found to be playing a part in this issue, only a few require user permission before activating for certain apps. The rest are always on by default.
Dr Maryam Mehrnezhad, a research fellow in the School of Computing Science, said: “On some browsers, we found that if you open a page on your phone or tablet which hosts of these malicious codes and then open [another one], then they can spy on every personal detail you eventually enter.”
“And worse still, in some cases, unless you close them down completely, they can even spy on you when your phone is locked.”
The public need not worry too much about this latest news, however. It seems that the methods used by the experts in the study itself faces many significant hindrances “in real life,” that would make the hack unlikely to be successful in the real world.
For example, the researchers needed a lot of data to train its hacking system, an artificial neural network, to acceptable accuracy levels.
Each user had to type 50 known pin numbers in, five times over, before the system learned enough about how users hold their phones to guess a hidden pin with 70% accuracy—a very unlikely scenario in the real world.
Stopping hackers early
Research studies like these are usually welcome by the tech world, as loopholes can easily be fixed before malicious parties can take advantage of such web weaknesses.
In 2014, for instance, hackers at the Hamburg Chaos Communications Congress demonstrated how pin codes could be extracted by simply taking a video of the user’s cornea movements, dubbed the “corneal keylogger,” as they entered data. Similarly, Firefox had loopholes that allowed hackers to track user activities via their battery status.
The latest sensors scare, although overhyped, shall need a sophisticated solution.
There seems to be no practical solution readily available. Apple and Google have been contacted about the issues by the university researchers, but there has been no official statements from either company.
Quickly learn the basics of UX and UI (for free!)
(TECHNOLOGY) For the all-time low price of—well, free—Invise gives you the option of learning a few basic UI and UX design techniques.
There’s no denying the strong impact UI and UX design has on the success of a website, app, or service—and, thanks to some timely altruism, you can add basic design understanding to your résumé for free.
Invise is a self-described beginner’s guide to the UI/UX field, and while they do not purport to deliver expert knowledge or “paid courses”, the introduction overview alone is pretty hefty.
The best part—aside from the “free” aspect—is how simple it is to get a copy of the guide: You enter your email address on the Invise website, click the appropriate button, and the guide is yours after a quick email verification.
According to Invise, their beginner’s guide to UI and UX covers everything from color theory and typography to layout, research principles, and prototyping. They even include a segment on tools and resources to use for optimal UI/UX work so that you don’t have to take any risks on dicey software.
UI—short for “user interface”—and UX, or “user experience”, are two critical design aspects found in everything from websites to app and video game menus. As anyone who has ever picked up an outdated smartphone knows, a janky presentation of options or—worse yet—a lack of intuitive menus can break a user’s experience far faster than slow hardware.
Similarly, if you’re looking to retain customers who visit your website or blog, presenting their options to them in a jarring or unfamiliar way—or selecting colors that clash for your landing page—can be just as fatal as not having a website to begin with.
The overarching problem, then, becomes one of cost. Hiring a design expert is expensive and can be time-consuming, so Invise is a welcome alternative—and, as a bonus, you don’t have to dictate your company’s vision to a stranger and hope that they “get it” if you’re doing your own design work.
It may not be the best year to break the bank on design choices, but the importance of UI and UX in your business can’t be overstated. If you have time to read up on some design basics and a small budget for a few of the bare-bones tools, you can take a relatively educated shot at putting together a modern, desirable interface.
How to safeguard your small company’s data without distrusting staff
(TECHNOLOGY) Even a tiny company has valuable data that can be stolen from inside – without adopting a policy of distrust, you can take preventative action
Data breaches are scarily common in today’s digital world, and even gargantuan businesses can easily be brought to their knees should a wayward phishing attempt (or a disgruntled former employee) succeed in making off with valuable information.
While your small business probably doesn’t have all of the same calibre of worries as your more monolithic counterparts, don’t make the mistake of thinking that your data can’t be stolen to devastating effect, even if you think the data you have is irrelevant and not worthy of being stolen (you’re wrong).
Cloud storage and increased collaborative tool use means that things like sensitive documents and files are at increased risk of theft. Small businesses are especially susceptible to this due to a lower likelihood of advanced security usage, so it pays to know what kinds of things you might be at risk of losing.
According to MUO, employees are most likely to steal collaborative documents, consumer databases, and any resources devoted to research and development.
Safeguarding these items can be tricky due to their relatively high-traffic use, so a preventive strategy is your best defense.
It should be noted that trust in your employees is crucial, and treating them like they’re poised to steal from you at any moment is not a particularly effective management strategy.
However, it’s important to be aware of the following reasons – and possible preventive measures – for employee theft of data.
Firstly, corporate espionage (as dramatic as it sounds) is still something you have to worry about as a small business owner. It isn’t uncommon for competitors to bribe (or even simply persuade) current employees to share data, even if your competitors are relatively small themselves.
Your employees should know that data is sacred (and confidential), but employing things like intrusion systems and holding trainings for recognition of espionage can help prevent this problem.
Those competitors might also try to snag some of your employees, and not just for their work ethic. Employees may save their own copies of documents that they think will be helpful in their new workspace; in doing so, they can unwittingly aid your competitor with much more than their skillset. Again, reminding your employees that all work documents are both confidential and property of your brand can cut down on accidental data theft in this category.
Non-Compete agreements and NDAs can also prevent this kind of theft, intentional or otherwise; if an employee chooses to leave your business, making sure they are aware of their contractual obligations is key. Perhaps the worst competitor you can have is a former employee who launches their own business in your field, though, and this is a situation in which data theft can be intellectual. Once again, Non-Competes and NDAs are helpful in mitigating damage in this context.
Finally, angry employees can find themselves doing a myriad of dumb (and harmful) things, up to and including data theft.
As mentioned earlier, early prevention is the best way to keep your data on your servers and out of your departing employees’ hands. Restricting employee access to files and folders can limit the number of possible breaches, and the aforementioned Non-Compete and Nondisclosure agreements are absolutely crucial in any business that deals in data–just make sure you’re discussing the terms of those agreements with employees as they come and go.
Twitter bid on hold, Tesla stock plummets: What’s next for Musk?
(SOCIAL MEDIA) The surprising bid of $44B coming in for Twitter from none other than Elon Musk is now on hold and Tesla stock is down. Is Musk in hot water?
In the largest corporate privatization deal in U.S. history, Twitter has accepted Elon Musk’s offer to buy 100% of Twitter for 44 billion.
Musk plans to privatize the company and do away with ads, a nearly 5-billion-dollar revenue source for Twitter, which accounts for 90% of their total income. Musk’s plan to do away with ads was nothing short of strategic. Musk is a free speech absolutist – or someone who believes that free speech should be unrestricted at all costs.
Advertisers are the main reason speech is restricted on social media platforms. For social media giants like Facebook, Instagram, and Twitter who rely on advertisers buying space on their platforms, as well as sponsored content, to make most of their profits eliminating this revenue stream is not a decision that should be taken lightly. Without these restrictions or community guidelines, advertisers would not advertise on social media, and the sites could not generate much of their revenue.
But, when your pockets run as deep as Musk’s, I suppose revenue doesn’t particularly matter.
Some changes Musk plans on making are as follows: He claims, that despite the lack of advertisements, he will quintuple Twitter revenue by 2028. He plans on doing this while cutting Twitter’s reliance on ads to less than 50% of the total revenue. He also plans on growing the platform’s user base. He claims by 2025 there will be 69 million users on Twitter (however, considering 69 is his favorite number I’m not sure if this is accurate or another one of his famous trolling stunts). He also plans on offering a paid service, Twitter Blue, which will allow users to customize their Twitter experience for only $3 a month.
However, advertising is not the only hurdle to free speech on a social media platform.
Now Musk will face a barrage of questions and restrictions from government watchdogs, regulators, and activists. Twitter could even end up being banned in other countries if Musk attempts to skirt regulations. Musk wants to strip back content moderation rules and stop the censorship of new organizations; he has also not answered questions about how he plans to go about this, only stating that he’d only allow free speech that “matches the law”.
However, several European countries are changing their laws. New laws in the United Kingdom and The European Union (which comprises 27 European countries). The EU, for example, has enacted the Digital Services Act and The Digital Markets Act which aims to create a safer digital space, while protecting the rights of users and leveling the playing field for businesses. These acts extend to social media. The acts, in part, heavily fine companies that refuse to curtail illegal content on their platforms. However, as of May 9th, 2022, EU Industry Chief, Thierry Brighton, met with Elon Musk in Texas and they have reached an agreement regarding free speech and The Digital Services Act. Yet, the pair has not gone into detail about what exactly their agreement entails. When asked, Musk simply stated that it “totally aligned with his thinking”.
Musk may have circumvented the largest spanning cyber laws, but that does not mean he’s out of the woods regarding governmental regulation of Twitter around the world.
Now, the decision for Musk to purchase Twitter, and go public was a polarizing one and was met with mixed reactions. People did not hold back, and many roasted Musk for his decisions.
Some of my favorite reaction tweets are:
Okay, but they make a good point. He’s been heralded as a “Real-life Tony Stark” and there’s nothing technically stopping him from being Iron Man.
Live your dreams I guess, Elon.
Sure some people are disgruntled by the whole ordeal, but there’s really not a way to boycott this. In fact, the user base is only projected to grow for Twitter, with Elon at the helm.
And, in true Musk fashion he trolled Twitter users, critics and fans by tweeting a series of Tweets detailing which companies he was going to buy next.
Musk then said would buy America’s most popular fast-food chain, and fix the most common complaint. I have to admit, I kind of want him to follow through on this one.
First, he threatened to buy Coca-Cola and put the cocaine back in, referring to the inception of the popular soft drink, when it first contained cocaine.
Lastly, the new Twitter CEO threatened to shut down the entire platform altogether, so that all the users go outside.
As of Friday the 13th (spooky), Musk announced his Twitter bid of 44 billion dollars is currently on hold.
He claims he still plans on following through with the acquisition, and he will owe Twitter a one-billion-dollar breakup fee if he does not follow through. However, if he can afford to spend 44 billion on a social media website, I have to assume one billion dollars isn’t much of a deterrent for him. The bid could be on hold for multiple reasons.
He could be trying to negotiate a better price for Twitter, the deal could be falling apart or he could simply be walking away. One issue is that he was going to borrow against his smart car company, Tesla, but Tesla stock has been plummeting as of late. A part of me wonders if this is some kind of bizarre stunt in order to get media coverage and attention prior to unveiling a new concept at either Tesla or SpaceX. After the frenzy the news of Musk purchasing Twitter has caused, the deal may not even go through, and once again, the future of Twitter remains uncertain.
Business Entrepreneur2 weeks ago
Entrepreneurs face higher rates of mental illness [part one]
Business Entrepreneur2 weeks ago
Many entrepreneurs facing mental health issues don’t get help [part two]
Business Marketing1 week ago
The use of offline marketing can still be advantageous in a digital world
Business News1 week ago
How to apply to be on a Board of Directors
Business Finance2 weeks ago
Follow these 7 steps to get outstanding invoices paid to you ASAP
Opinion Editorials1 week ago
3 reasons to motivate yourself to declutter your workspace (and mind)
Business Entrepreneur6 days ago
Having client difficulties? Protect yourself with an exit strategy clause
Business News1 week ago
Average age of successful startup founders is 45, but stop stereotyping