Category Archives: Privacy

How to Turn-OFF App Recommendations in the New Store

image

Unless you’ve been living under a rock, you would have noticed people are raving seriously about the new Windows Store for the new and improved Windows 8.1 Blue. There have been lots of articles about the new Store on various Tech sites that I don’t feel compelled to write another about it here. That’ll be unproductive and a waste of your time. But one thing I want to mention out is the new Recommendation feature of the Store.

As you might have read, the Store is now powered by the awesome engines of Bing. For better or for worse, we are being followed everyday by the Search Engines we use, whether you belong to Google or to Microsoft or whatever, there’s no denying it, our lives is being interpreted by these AIs (almost AI then, have it your way!). So unless you don’t use the internet, there is no denying it that these machines know one thing or other about us. So, we have the advantage in this case that due to your usage and search patterns, these engines knows what it good for you. So you have recommendations of Apps that the AI think will be interesting to you.

But you may not want your patterns to be recorded, and the new Recommendation features of the new Store turned OFF, well how you do it is right there in that picture. Microsoft, worrying about your privacy as usual, has added an Option for you Tin-foil wearing conspiracy theorists to turn off machine recommendations. Not that it matters, the NSA has got your backside via PRISM, so you might as well leave the darned option ON and enjoy the discovery it brings to the Store. :-)

About these ads

TechCrunch, Scroogled: Why Not?

It’s a slow day today, so TechCrunch asked “Scroogled: Why So Negative, Microsoft?” with a post trying to bash MS for its rather un-Microsoft-like way of competition against Google. I mean everybody is used to everyone bashing Microsoft, while they happily turn their other cheeks. So where is this new aggressive Microsoft coming from?

The question that TechCrunch should have asked is “Scroogled: Why Not?”. There was a time Journalism was established as the public Third Arm of Democracy, in which Journalist were the Sentinels of Truth in the society, to tell the story the way it is after an investigative effort. They are supposed to keep the Government and businesses realms healthy by exposing what we’ve all commonly agreed to be against social norms being practiced by these entities. The World Financial Collapse is an attestation to the failure of Journalists in their role.

Today, journalism is a joke, the line between a journalist and a fanboy has merged. Journalist are now rather opinion shapers instead of harbingers of truth. Where was TechCrunch when Apple was raiding anything Microsoft with the Switcher Ads? Every soul that knows its salt in IT and Computing knows all the claims of Apple in the Ads were just one big crock. The claim of Apple that its devices don’t get viruses prompting massive run for Macs have been proven to be an illusion. Where where all the Tech journalists then that should have called Apple to its senses and exposed the fraud in the Ads. No, they where all cheering Apple on and empowering the Distortion Field further. Now Apple has removed virus-efficacy claim from its sites. MacOS is just another susceptible OS as any other.

imageAnd this brings me back to the question in focus. “Scroogled. Why Not?” The question is whether MS assertion is true or not. If the Journalist are failing to warn the masses about the dangers of using Google’s products, who is going to do it. Yes, there is inherent danger in using Google’s product. You mum has told you when you were small, nothing comes free in life; something has to give. You just don’t think Google as a commercial company is working for Santa Claus did you? Where do you think they are making those billions they declared recently as profit? Have you ever seen a Non-Profit organization declare billions in profit?

Yes, you are all paying for it by using Google’s products. Those Android Phones, Chrome Browsers and Chrome OS all phone home by using them. They are telling Google everything you’re doing. That is how they get to know you more than your mother does. To sell you things you don’t need. If you pitch your tent with an Ad company, you need to be aware of the consequences. That is what Tech Journalists are failing to do. They are failing to educate the masses about the dangers of exposure. Privacy Advocacy is not there for nothing, there are people that have been bitten by having their lives exposed online to all and sundry. You may think you are safe for now, but the incessant attack we are witnessing against big American companies these past weeks attest to the fact that security is an illusion. You can say you don’t mind Google knowing everything about you, but what happens when Google is hacked and brought to its knees by enemies, what is going to happen to you? These are the questions that Tech Journalists should have been asking, but almost all of them are fanboys in this age and time. Most of them have vested financial interests in these companies that they’ve lost their objectivity.

So, is it right for Google to be reading your mail, scouring you HDD and looking at everything you type on your computer. If a Virus does this, we are all up in arms, but it is OK for Google to be doing it. Just think about that for a while. The masses need to be aware of these issues and they need to be educated to be able to make informed choices. But how can the masses be educated when the Journalists are busy making money and cheering and hating at the same time. There was a time Journalism was devoid of emotion so as to maintain factual integrity, but these days we all read our news from fallible and raging fanboys. Obviously you’re doing one right now, but I don’t pretend to be a journalist. I just ask you to stop drinking that Cool-aid for a while and think; for Pete’s sake!

MX Apps Security and Devs’ Income Jeopardy

image

Since today is turning out to be a Plea day to Microsoft, I might as well add the following points that Devs have raised to me, and the points I could really understand looking from Devs perspective.

MX Apps (Metro Apps if you live in the past) have great promise for Microsoft and End-Users alike. They are highly portable, highly manageable and secured; if we could believe Microsoft on their promise for WinRT environment of Windows 8. Apps can be built with next to nothing experience, even script-kiddies are now top-notch coders on Windows 8. Its all fine and dandy till bread and butter comes into question. If you are a hobby developer, you wouldn’t mind what MS does with your code the moment you submit it to the Store, all you care about is to see your App published, hopefully featured in the Windows Store.

But when your app is your bread, and preferably your butter too, you do seriously mind what MS does with your code in the Store and on Users devices. MX Apps are scripted Apps, they are managed Apps, you either code in Javascript or in .NET both of which are translated Apps. This means there’s a file of yours somewhere with readable code for everyone who has the will and the intent. Here you are slaving away at a particular difficult routine in your app. You need to implement that killer feature that will differentiate your app as professional Dev, ergo, this is the source of your income! It took you two days to do the plumbing and debugging of this difficult routine, now it is part of your code for your app, submitted to the Store, and globally readable.

Of course you’ll feel cheated. Anyone who find your app awesome and wants to know how you carried out that impossible feat can now dive into your code and read how you did it, gone is your professional advantage. This will be an awesome scene in about 50 years when we don’t work for money anymore, the era of Star Trek has broken upon us where everyone works just for the pleasure of it. There is no hunger anymore, need has been banished by the Federation. This will probably remain in the realm of my dreams and many of you.

But for now, you need to pay your bills, but how could you if people could easily pilfer your code and earn money with it while you go hungry. So this brings me to my point. Microsoft, we know you protect MX Apps with Encryption from hackers and the likes, and that you can’t just copy and run apps on other machines, but what’s with people readable code. Why aren’t you protecting Devs labour? Why not encrypt Devs’ codes and files before publication so that only the system can unencrypt it at runtime? Why does my files have be readable to all? If you think I am joking read this from a concerned dev:

Hi McAkins,

I just want to explain, the security problem in Windows 8 store app, that can lead to another security problem:

First of all, when we install windows 8 store app, it will reside on %ProgramFiles%\WindowsApps folder, although the folder is hidden

by default, but through ‘folder options’ we can show the folder, and we access it after we take ‘ownership’  of the folder (we don’t need special tool to take ownership of the folder, only through windows explorer we can take ownership), after that, the problem begin;

1. All the application that we installed, user can take all the assets we use in our app. (Images, Sound, Video, and other assets). because we can access all the windows 8 store app application folder, for JS app we can see the code clearly if we not minified that code first before published to the store.(like skype app, I attach the source code I take from my laptop,).

2. Let say we develop windows 8 store app using JS, and use Windows Azure mobile service to push the notification to the user, or even worse if we have storage or other cloude services, the ‘client secret’ to access our Windows Azure service, can be seen by the people or malware, and then they can abuse our cloud servce / windows azure services.

3. Another problem if we develop using C#, we can decompile it also using .NET reflector or other related app. (but this is the nature of .net app either Desktop App or Windows 8 Store app).

Thanks

<Concerned Dev>

And here is the Skype Source Code he was talking about:

skype source code

How about that?! Even MS own Software is not protected! But then they can afford to loose a dollar or two to a script kiddie.

So there you have it, if you write in JS, you’re screwed as professional Dev. You are basically plumbing for other people. Period. This is not acceptable and should be mitigated Microsoft. The only way to guarantee App privacy right now is to hide your code in C++  dlls with JS as frontend, or to a lesser degree to code in .NET, at least it takes a bit of effort to get to the decompiled code. So here we are MS with another plea. Please either obfuscate publish codes or encrypt all JS and .NET files. That’s the only way Devs can resign from their day job and take up coding full time if they are guaranteed income source in the future. Do it now! Yes you can!

Thanks all for your attention.

– McAkins

Windows Outbound Firewall Settings

Windows Outbound Firewall Settings
How To Activate Outbound Firewall Protection in Windows 8. Click on Picture so see the whole instruction.

This post was prompted by the need of someone on Twitter who is having issues with ZoneAlarm on Windows 8. Of course ZoneAlarm is broken in Windows8 because ZoneAlarm has been known to dig too deep into the Kernels, and that is not possible anymore. MS is having everyone keep their paws away from the Kernel. So his argument was that there is no Outbound Firewall protection in Windows, told him there has been Outbound Firewall protection in Windows since Vista, only most people don’t know it. Even if you know it, its going drive you crazy if activated since windows will be asking you every second if you want to allow an outbound traffic. At least this shows Windows has Outbound firewalling feature.

For anyone that is driven to this kind of solution, you may be actually better off by running a Network Monitor tool that shows you what is going on in your Network. I have two tools for this, MS Sysinternal’s TCPView and the big gun MS Network Monitor. This tools are more effective in identifying scrupulous apps on your network instead of blocking outbound traffic which can be a pain.

Personal data could become commodity

By Maggie Shiels Technology reporter, BBC News, Silicon Valley

hands on a laptop The CEA said users need to more aware of what they reveal online

Companies that want to make use of the personal information people put online should pay for it, the US Consumer Electronics Association (CEA) has said.

It made the statement as it released a list of five technology trends to watch for the year ahead.

Privacy was top of the list, which also included mobile and green technology.

“The mining of personal data is here to stay; there is just too much money at stake to imagine otherwise,” said Sean Murphy, of the organisation.

“Privacy is only going to continue to get increased attention in the years and months to come,” said Mr Murphy who authored the report Selling The Stories Or Our Lives: Technology and Privacy.

Read the rest…

Google Owns You!

Android is #1 in US, Eric confirms its a Trojan

 

Today, news broke that Google’s Android OS phones has overtaken Apple’s iPhone as number one selling phones. Of course Eric Schmidt deserves the commendation, but his reaction to  the story is what got me foaming. If you read the following excerpt and still can’t see Android as Google’s trojan into your life, then you deserved to be milked as a cow.

Here is the excerpt:
“It may not exactly be a huge surprise given the recent market share numbers, but Google CEO Eric Schmidt has recently confirmed that Android is, in fact, profitable for the company. Of course, it doesn’t make all that money from Android directly, but Schmidt says that Android-based phones are already generating enough advertising revenue to cover the cost of development. What’s more, while he doesn’t provide any current specific numbers, Schmidt did say that he expects there to someday be one billion Android phones in the world, and that if each one generated just $10 per user per year it would be a $10 billion business…” (Source: http://www.engadget.com/2010/10/05/googles-eric-schmidt-says-android-is-profitable-could-eventual/)

This begs the question how can Android be so profitable without selling out on the users. It has already been shown that most of Android apps all send users’ data. Google keeps a tight control on the location based services; knowing where you are at any time in the world, and knows what and where you surf. A tag is being kept of your life. Hopefully it wont turn to bite you in the future.