Category Archives: 6PR Tech Hour

No Website of the week this week.

empty_chairI will be skipping website of the week this week as well as tonight’s show with Chris Ilsley as I deal with a bit of water in parts of the house where it should not be.

Provided all goes well, I should be able to follow up with a WOTW later this week and be in the studio with Paul Murray on Thursday afternoon.

Thanks for your patience and catch you all really soon.

Website of the Week 2014 #13

webbyawards.comwebbys

If you could picture an Academy Awards for the internet, this would be it. A large collection of nominees, lifetime achievement awards and some of the biggest names in technology and entertainment attending this annual event.

Currently voting is under way for the 18th Webby Awards as nominees are vying for the top in their category as well as the People’s choice awards for 2014. There are some excellent nominees including wired.com, KLM Airlines and the fascinating Melbourne Remote Control Tourist.

You can not only vote for your favourite website but look at the winners and nominees of years gone by all the way back to the “what were we thinking” entries of 1997. If anything this has shown the role of graphic design and user experience has influenced websites over the years.

Have a look around at the nominees or look back at the past winners. One that particularly got my attention was www.ro.me, an interactive short film  from last year with great music and a stunning graphics for a website that takes you on a post-apocalyptic psychedelic trip mixed with bright interactive graphics.

Just so you know, I might feature some of the winners in weeks to come just in case you don’t find the time to explore some of the Internet’s finest.

Share what you find on the EZiWireless facebook page.

Website of the Week 2014 #12

LastPass.com – The Last Password You Have To RememberLastPassLogo329x40

This is a repeated website of the week but I think with the latest on the Heartbleed vunerability the recent action from the people at lastpass.com definitely warrants a mention for this week’s website of the week.

Lastpass.com is a password vault that allows you to keep your passwords safe and locked away with a single password but that is only part of the magic. Lastpass.com also has some really nice browser plugins for your Windows computer or Mac that will generate secure passwords for websites you use, store them encrypted and online and when you revisit sites you have previously logged into will automatically log you into the website. All done securely and easily.

The security model used by lastpass is known as TNO which stands for Trust No One. This security model is one of the most secure encryption methods where only the end user holds the decryption key and the encryption/decryption is performed on the end user’s computer. Lastpass is unable to look at the encrypted information you keep on it servers even if compelled by law enforcement. It is not technically possible to do so.

Here is the latest for the free browser plugin that really takes the cake.

You may of heard of the Heartbleed issue over the last week or so and you might be a little confused on how to combat this issue. The trick is that timing password changes is critical. If left too late, you may leave yourself open. Too early and your password change does nothing to fix the issue. The trick is to change your password as soon as the security modules in the affected website are patched and new security certificates are issued. The problem is that this is not happening at the same time for all websites.

Only some of the websites are affected and each team managing the websites are moving at their own pace on closing the holes. Keeping track of who is patched is a bit of a headache but if you are using lastpass.com you can find out which sites are ready for your new password.

On the lastpass plugin, click tools, security check and then start the security challenge to run an audit on your online security including heartbleed affected services.
Or, you can simply go directly to the challenge by following the link to https://lastpass.com/?securitychallenge (you will need to be logged into your lastpass account).

This was above and beyond the usual service that Lastpass has provided in its free and paid (US$12/yr) services. This has been acknowledged widely in the online security and technology sectors and has gained Lastpass a great deal of respect in the online community.

The only thing missing on the Lastpass team is the capes. These guys are flat out heroes.

Website of the Week 2014 #11

Fitocracy.com – What if fitness could be turned into a game?fitocracy

Back in August 2010 Richard Talens and Brian Wang asked the question “What if fitness could be turned into a game?”. Playing games is one of the most motivating forces behind humans getting things done if they don’t involve survival. We don’t run from threats any more and we certainly don’t track and chase down food. The reason to work out is pretty much left to those with copious amounts of self-discipline while the rest of us will relentlessly pursue the next level or high score.
When it comes to games, it is not hard to see that there is a slight addiction to that particular game that grabs your attention and coaxes you to have “just one more go”. This is where Richard and Brian looked at how to apply the concept of a game into fitness.

Fitocracy is a website, an application and a kind of social network where you can track your progress, send messages to other “Fitocrats”, duel other members, claim awards and share workouts with other members. There is also team fitness that lets you join small personal fitness groups led by a coach that tailors your program, diet and schedule to help you reach your goals.

The idea seems pretty good and I am actually interested in giving this a go. The website has apps for your Android and Apple device so you can take fitocracy with you.

Go on, jump in. If you are like me you have nothing to lose except maybe a couple of kilos.

OK maybe more than just a couple.

Website of the Week 2014 #10

Thinkgeek – stuff for smart masses.thinkgeek

Again..

Those that have been following from the beginning of Website of the Week would know that Thinkgeek has already made it to website of the week but this time it is special.

This is a special time of year when we get some really awesome things for sale at the Thinkgeek site.

Each and every April, we find wondrous things in the Thinkgeek store. Some of them are downright out there like the Mr. Beard® Beard Machine that I am sure will never see the light of day then we have other items that might just make production if demand is high enough like the Flux Capacitor Car Charger (ask your parents that grew up in the 80’s about this) and more!

This has happened before where a prank item in previous years got so much demand from visitors that Thinkgeek decided to get on it and produce gems like the iCade, Chocolate Zombie Bunny (just in time for Easter) and the Star Wars Tauntaun Sleeping Bag.

Thinkgeek have turned mischief-making into an worldwide product focus group. For a list of previous years April sale products go here.

Website of the Week 2014 #9

XKCD – a webcomic.xkcd

This website is a personal favorite of mine. Peppered with witty comments and observations, XKCD the brainchild of physics graduate and robotics engineer Randall Monroe is a simple series of stick illustrations. That is not where the magic is.

Randall Monroe brings a good deal of intelligence and witty humor to make these simple comics stand out. From simple and informative comics like Password Strength (good password tips for everyone!) to simply massive panels, that you have to work to see all of the story like Click and Drag (called that because you have to actually click and drag to see more of the final panel).

There is also a recent favorite of mine. It is a world clock that illustrates the different time zones AND it keeps the time! I know I posted it the previous story but it is so smart I thought I should post it again.

Grab a tea/coffee/whatever, pull up a seat and hit the random button. You going to be here for a little while.

If you do find a gem that strikes a chord with you, share it.

Talking Technology 19th March

Chris Ilsley and I spent some time talking about some of the theories surrounding the disappearance of Malaysia Air Flight MH370. Here are some of the notes I made after some research on aircraft and similar systems and how in some cases these have been compromised in the past.

In the news arena we are seeing endless speculation surrounding the disappearance of Malaysia Air flight MH370. One of the theories have postulated that the aircraft could have been hijacked remotely by an external party and directed hopefully to an airfield or possibly crashed. I will not go into the actual event but I will talk about the possibilities of this happening and cite other cases where this has been successful with similar scenarios.
This is more to do with exploring the technology and how it has been comprimised in the past. It is not speculation on the actual MH370 incident, rather it is investigating the speculation of cyber-hijacking in most modern systems commonly found on commercial, private and military craft and vehicles.

It should come as no surprise that the Boeing 777-200 is packed full of all sorts of technology responsible for many functions on board from communications and navigation to climate control and entertainment.

This has led to speculation that it might be possible to compromise flight control systems or navigational data and effectively take control of an aircraft.

Here are a few examples of compromised systems that could give credence to the possibility of hacking or cyber-hijacking.

  • 31/7/2010 Defcon presentation exposes security hole.
    http://www.networkworld.com/community/blog/defcon-hacking-tire-pressure-monitors-remotel
    A talk given by Mike Metzger revealed that the wireless communication used to monitor tyre pressure uses unencrypted RF signals to talk to the ECU potentially exposing not only the tyre pressure sensor systems but the entire ECU to outside control. The same RF receiver on most models is also used by other systems including the ignition and security systems.
    Interestingly the tyre pressure sensor systems has been legislated in the USA to be installed in all vehicles manufactured after 2007 but there were no standards enforced in regards to encryption or security.

  • 2/7/2012 Drone Hijacked by researchers from Texas College.
    http://nakedsecurity.sophos.com/2012/07/02/drone-hackedwith-1000-spoofer/
    This report shows how researchers using a device built from US$1000 worth of components was able to take control of a surveillance from a ground based location. This was done to demonstrate to Department of Homeland Security officials the risks of using current technology to control thousands of drones in US airspace. Currently the Pentagon is in talks with FAA to open up the rules to allow the use of government and commercial drones by 2015.

  • 10/4/2013 Hack In The Box conference demonstrates airline hack possible from mobile phone.
    http://blogs.computerworld.com/cybercrime-and-hacking/22036/hacker-uses-android-remotely-attack-and-hijack-airplane
    The 2013 Hack In The Box conference in Amsterdam is where security consultant Hugo Teso demonstrated how it would be possible to remotely access and assume full control of an aircraft without the need for physical access to the aircraft. This was made possible through the Automated Dependent Surveillance-Broadcast system which has no security and was made known at Def Con 20. Also the Aircraft Communications Addressing and Reporting System (ACARS) operates without any substantial security measures.
    Using this knowledge and knowledge of vulnerabilities of the flaws in software used by aircraft, Teso was able to hijack virtual aircraft and take control of pretty much all systems on the aircraft with the only failsafe being the pilots themselves.
    All this was demonstrated on an android powered mobile phone. The big flaw here is in not only in the lack of authentication and encryption systems but also the age of the software used in aircraft and the extended times it takes to install software upgrades.

  • 30/7/2013 – Texas University Students take control of a super-yacht by spoofing GPS signals.
    http://www.itnews.com.au/News/351659,students-hijack-luxury-yacht-with-gps-spoofing.aspx
    This was done with the permission of the owners of the 65 meter White Rose and with a team of engineers onboard with a breifcase-sized device that sent faint GPS signals at the ships GPS reciever. Using this method they were able to alter the course of the yacht without setting alarms in the navigation systems even though everyone on board was aware of the change in course.

  • 2/12/2013 Skyjack hardware and software package released.
    http://samy.pl/skyjack/
    Samy Kamkar, released and demonstrated his technique for launching a modified Parrot AR drone to find, intercept and assume control of other Parrot AR drones within wireless range.
    Using software, a Raspberry Pi Computer and other cheap off-the-shelf components, Kamkar was able to use his drone to find other AR Drones, break the wireless connection to the legitimate owner, assume control of the drone and assign control over to the skyjack-equipped drone where the drone can be controlled remotely by Kamkar.

These cases have demonstrated that cyber hijacking of an aircraft is possible and the old industries that use computerised systems for reporting and control need to take security seriously as the reliance on computer technology in common transport continues to escalate.

Website of the Week – Yuletide Edition

This is a good two for one deal and is for the young and the young-at-heart.

We have two great sites and both are dedicated to tracking the flightpath of a certain big red guy as he zips around the globe on December 24, 2013.

We have both Google and NORAD/Microsoft tracking Santa at two different websites. Both full of music, videos and games based around the whole Christmas theme.

Bringing their respective technologies into play, children all over the world can watch Santa cover the world in one night and while they are waiting for the big day, they can explore the advent-style websites to help count down the days.

To look at the NORAD/Microsoft website, go to www.noradsanta.org/ or to have a look at what google has to offer by clicking on www.google.com/santatracker/#.

Seasons greetings everyone!

Talking Technology on Drive 12th December 2013

Hot on the heels of the last show just posted, here is this weeks show with Paul Murray during 6PR’s drive.

With the festive season approaching, I have one more show before the break and will be back early in the new year.

Thanks for a great year everyone and all the best as we head towards a new year.

Talking Technology on Drive 5th December 2013

A little hitch in the system meant that this podcast has been delayed.

Better late than never, here is my chat with Paul Murray on the 6PR Drive show.

You can catch the show live every Thursday from 3:30PM to 4:00PM by tuning in 882 on the AM band or by listening to the live stream at www.6pr.com.au.

Circle – what is it?

circleapp.comCircle_-_Whos_near_you

Today I got a link from a facebook friend that I thought I should check out. It is called Circle and it is a “hyper local” social network that can allow you to connect with existing friends in your area but also to meet new people in your suburb that might share your interests.

You can think of it as twitter but you don’t need to follow to see what others post and the collection of people using the network is limited to a tight geographical area. It is kind of taking a global concept and shrinking it down to your immediate area.

It is not exactly new as it has been around since April 2012 but Circle seems to be reaching Australia and gaining traction. The concept is not really too different from what Facebook does except for the design in much nicer and the location sharing only goes as far as the suburb. As with all social networks though you have to keep in mind that everything you are sharing is available to the general public (so no personally identifiable or other sensitive information should be shared) as well as pulling in almost all of your facebook data.

In Perth, people seem to be working out what this thing does but in other places where circle seems to have been established a little longer there are stories of people getting help when broken down, finding local events and helping businesses promote local specials on goods and services.

Of course with the hook into facebook, Circle has also annoyed some people that seem to constantly get requests to join circle. This is where setting up your Circle app carefully pays off. My recommendation is to turn off automatic posting to your social media streams for almost all for your posts to circle and only turn it on for when you are absolutely sure that you want to share circle posts with the other social media networks.

As with other social media apps, how it is used comes down to the end users and mostly will determine how successful the service becomes. I for one will be watching this one closely. I like the concept and the design of the app and I think it will be fascinating to see how this network matures.
Good luck Circle.

Website of the week 11th December 2013

The nicest place on the internet.nice

This is an oldie but a goodie and the concept is so incredibly simple. There is no money, no membership, no registration and it can really make someones day. It is http://thenicestplaceontheinter.net.

If you are feeling down and you need a little pick-me-up then this might be just the place to visit for a few minutes. It is a string of short videos submitted by strangers (not the scary kind) smiling at their cameras and then just simply hugging the camera.
Normally this might creep people out a little but there is something that is a little infectious about people giving warm smiles and leaning in as if to give you a hug.
This site is just simply about giving.
Some of the video is grainy and choppy, some of the people are downright cheesy but the sentiment is not lost on the basic concept of a smile from a stranger.

This site was created as a collaborative project between Kenny Crosby (http://www.kennycrosby.com/about.php), Lauren Perlow (http://laurenperlow.com/) and Jeff Lam (http://jeffmade.me/) and the music is “I Have Never Loved Someone” (https://itunes.apple.com/us/album/i-have-never-loved-someone/id466432429?i=466432442) by My Brightest Diamond.

Website of the Week 3/12/2013

-Suggested by Grum via Facebook-

Thatsnonsense.com – busting the latest hoaxes in social media.false

A friend of EZiWireless, Grum recommends this site every morning to keep up to date with what is genuine and what is not BEFORE you visit facebook or other social network services.

Thatsnonsense.com is a volunteer site dedicated to cleaing up the internet by identifying and annoucing false stories, scams, hoaxes and rumours.

Not only does it save you the time and hassle of working out if that amazing story is true or not, it also offers a wide range of tips and tricks that can help protect you against the cybercriminals by forewarning you about how the bad guys are carrying out their scams.

This site is ad supported via affiliate programs and also by donations and is staffed by volunteers. It would be hard to find better good guys on the internet in my opinion.

You can visit the site and also keep up to date via Facebook, Twitter and Google+.

Talking Technology – Late AGAIN!

Whoops..

OK, I know I took a while to get this out. I have been kept busy with getting the site finished to a point that I am happy with it as well as my usual day-to-day operations.

Here’s the good news though.. I have started to submit these recordings to iTunes as podcasts. I will also be featuring this podcast feed with Villagecast.net, my side project that will be used to provide information and community announcements to local areas.

Please check out Villagecast.net here.

This episode is pretty much the usual stuff. Website of the week, Security, Privacy, The Australia Tax and helping everyday people that call in with questions.

DEF CON 21

This weekend we saw the DEF CON security conference in Los Angeles.dc-logo

DEF CON is a hacker conference where hackers (good and bad kinds) come together to share security findings and clever hacks. Usually the result is some pretty scary news as well as a brief insight into the hacker culture.

DEF CON to FBI/NSA/CIA : “We need some time apart”
Even though DEF CON is all about hacking and security it is not only attended by hackers. Delegates from the FBI, NSA, CIA and the press also attend and often with the consent of the organisers. Last year there was even a keynote speech given by NSA Director Gen. Keith Alexander to the conference attendees.

This year however was different due to the revelations surrounding the PRISM surveillance program and the FBI’s initial denial of such a program existing when queried in an official government hearing last year. The feelings towards the US based intelligence and law agencies have soured very quickly as more evidence of the extent of the PRISM has surfaced. Organisers of this years event simply stated that it would be best for everyone if US intelligence agencies just kept away. The DEF CON culture only just tolerates the presence of government organisations and the press as long as they don’t try to pretend to be hackers or pull a fast one over the attendees. In previous events it was not unusual to see members of the press and government agencies singled out, heckled and ridiculed to the point where they simply left. It would be safe to say that this year would have seen much the same.

Cars hacked – industry put on notice.

http://news.cnet.com/8301-1009_3-57596847-83/car-hacking-code-released-at-defcon/

The big news to come out of DEF CON this year is that most modern cars are vunerable to hacking and this has been proven with a report from CNET. Three computer security experts attending DEF CON gave a talks to packed rooms of over 1000 people. The hacks performed on two very popular cars in the US demonstrated the impact this could potentially have on road safety by messing with functions such as disabling the brakes, jerking the steering wheel, operating the horn and lights, accelerating, taking full control of the steering, firing pretensioning in the seatbelt and even showing a full tank when it was not.

It must be noted that the dashboard had to be removed and a laptop needed to be hooked up to a few of the EMS (electronic management system) that control almost every aspect of the vehicle but it does highlight the need for security and caution when incorporating wireless technology such as bluetooth, Wifi and Cellular connectivity.

The two models that were hacked were the Toyota 2010 Prius and the Ford 2010 Escape which no doubt left many people feeling very uneasy.

Hopefully the auto industry takes notice of this sooner rather than later.

http://www.youtube.com/watch?v=oqe6S6m73Zw

 

Home Automation = Home Invasion 2.0

Another scary keynote from the weekend included security problems within our own homes. From the Smart TV to electronic door locks. This trend of having many things attached to your home network is expanding the digital playground for hackers. Demonstrations over the weekend included the bypassing of smart door locks to taking over a child’s toy containing a camera and even the Smart TV with built in cameras and access to apps can put your banking at risk if you bank on the TV and even watch you in your own home without you knowing. People have to very careful when putting together a home network and attaching these devices to the network.

http://money.cnn.com/video/technology/security/2013/08/01/t-tv-is-watching-you.cnnmoney/index.html

 

Snapchat is not as secure as you thought.

Another scalp claimed at DEF CON is snapchat and facebook poke. Both revealed to not securely delete old pictures taken by two digital forensic investigators. By examining the phones internal storage, monitoring the data sent and pinging the servers used by the app, it is possible to obtain a copy of the messages, before during and after you send a picture to a friend.

 

GoPro hacked to become a spycam.

This is a feature you do not want. The old story that increased features also increase the chances for thing to go wrong was proven in this presentation from Todd Manning and Zach Lanier. With all the smarts built into these cameras, the avenues for mischief are many resulting in your shiny GoPro camera acting as an audio or video bug. Great that you get to share your rad mountain biking or surfing adventures live but not so cool when your private life is shared with people that might not have the best plans for you.

 

Power plants are not safe.

Even the humble control gear used to run industrial installations like power plants are vunerable to attack. Once again, adding connectivity without proper security in place has opened the door that can allow ne’er do wells to send radio signals to the control and sensor gear to trick the power plant to shutting down from up to 60km away.

The potential effects could range from a small fluctuation to actual damage to the installation depending on the kind of information sent to the power plant.

 

Not even medical technology is safe.

Pacemakers were also on this years agenda as they also have been given wireless capabilities without adequate security. Of the hundreds of thousands of pacemakers and internal defibrillators implanted over the last few years, many of them include wireless communications for the purpose of reprogramming and monitoring by medical professionals. Unfortunately this also allows scenarios where hackers can stop your heart from 10 meters away.

Even with all these scary stories coming out it is important to note that in most cases, the manufacturers responsible for the faults have been notified well in advance of DEF CON and hopefully are attending to these issues if they have not already been fixed. The whole purpose of this exercise is to help manufacturers find better ways to secure their products instead of hold an anarchist’s how to lecture.

Bear with me..

I have been messing with stuff and I think it is starting to work.

Click the microphone to listen to last weeks episode.
Click the microphone to listen to last weeks episode.

I am getting back on top of posting podcasts to the blog. Hopefully everyone will have access to the files (please let me know if it does not work for some reason).

Just click this link or the microphone and start listening to what I did last week.

BigDog gets an arm

Boston Dynamics’ BigDog is given an arm.

Click the creepy robo-dog to go to the story on BBC.
Click the creepy robo-dog to go to the story on BBC.

Boston Dynamics has been developing a four-legged robot known as BigDog for some years now in conjunction with the Pentagon to continue to tweak the design to work in a combat support role as well as search and rescue operations. The robot the size of a large dog previously came equipped with 4 legs and would noisily stomp over pretty much any terrain and carry heavy loads but now if has been fitted with an arm mounted where you would expect its head to be. With the arm and pincers there are demonstration videos showing this slightly unnerving robo-hound pick up a breeze block, lift and hurl the block a good 3 to 4 metres behind the machine.
Sure there are the humanitarian aspects to this but the applications in the battlefield are also very easy to imagine. An entire platoon of these clattering platforms bearing articulated turrets would be a positively frightening sight.

Read the original story here.

Talking Tech 30th Jan 2013

Boy I am tired…Boy-listening-to-portable-radio

It has been a short week and a busy week. I would normally give a rundown of what made up this weeks show but to be honest I am exhausted and just decided to upload the file and go after editing it.

Credit for the intro and outro music goes to Timberman (http://ccmixter.org/people/Per/profile) for producing DLDN Instrumental (http://ccmixter.org/files/Per/24866)

Click this link to listen now or go to the 6PR recordings folder to browse all the available offerings.