Monday, November 30, 2015

Your Amazon order may soon be delivered in 30 minutes or less with Amazon Prime Air

Amazon announced Amazon Prime Air, a service that promises to deliver your Amazon order in 30 minutes or less. Using a small drone to deposit packages of up to 5 pounds in your yard, Amazon could give its users one more reason to pay for a Prime membership.

There are numerous drone prototypes in the works, but the one showcased just recently by Amazon is a hybrid design that can take off and land vertically, and then once airborne, assume a horizontal orientation and become a mini airplane. The drones will fly under 400 feet and employ "sense and avoid" technology to deliver packages within approximately 10 miles of an Amazon warehouse. The consumer marks the landing zone with a placard featuring an Amazon logo on it and the drone leaves the package and takes off in a matter of seconds.

While Amazon Prime Air still has many regulatory hurdles to overcome before it goes into regular production, there are also a number of other potential risks that must be considered. For instance, what about people shooting down drones that pass over their property? Would Amazon's overall loss prevention strategy improve with Amazon Prime Air?

What if I placed my own landing marker in my yard continuously, just to fish? Would I be able to catch a stray drone delivery if it were close enough within the tolerable range of another drop off location? Are the landing markers unique enough to distinguish one customer from another? It will be fascinating to see how Amazon solves these technical security challenges.

All risks aside, there appears to be enough of a potential benefit to Amazon and to the consumer that Amazon is even proposing revising the way airspace is managed today. Let's just hope they've thought about how to deal with those pesky Tusken Raiders.

Tuesday, October 27, 2015

Interactive 46-Gigapixel Image of Milky Way Galaxy

Researchers at Ruhr-Universit├Ąt Bochum, Germany have compiled a massive, 46 billion pixel image of the Milky Way Galaxy, and made it available via an online interactive viewer. The images were captured in Chile over the course of 5 years, and the entire image weighs in at 194GB.

Friday, August 28, 2015

How to Transfer a Windows 10 Boot Camp Partition to another Mac

I recently got a new Mac, and found myself needing to move my Windows 10 Boot Camp partition from my old Mac to the new one. There's a great program called Winclone that can help backup and restore Windows Boot Camp partitions from within OS X. It is $40, but is a worthwhile investment, especially if you don't want to go through the hassle of re-installing and re-configuring Windows.

Although I was able to use Winclone to backup and restore my Windows partition on my new Mac, no matter what I did, I could not get the Windows partition to boot. When restarting my Mac and holding down Option, it would give me the option to select either OS X or Windows, but when selecting Windows, it would immediately boot into OS X, and wouldn't even attempt to start Windows. I re-imaged a few times, but nothing would work. This was perplexing, since I could see a properly formatted NTFS Windows partition from within OS X after restoring the image, and I was even able to browse the contents of the volume.

After much back-and-forth with Winclone support (which is great, by the way), a lot of research, and trial and error, I was finally able to get it to work using the following steps:
  • Make a backup image of the old Windows Boot Camp partition on the old Mac using Winclone
  • Delete any existing Windows partitions from the new Mac using the Boot Camp Assistant or Disk Utility in OS X
  • Download the Windows 10 ISO
  • Use Boot Camp Assistant to create a Windows install disk with a USB drive, and create a new partition, using the slider to adjust how much space you want the Windows partition to consume
  • With the Windows install USB drive plugged in, restart and hold down Option, then select EFI Boot to begin the Windows installation process (boot to the USB drive with the Windows install disk)
  • Go through the Windows 10 install process, clicking "Skip" when asked for the product key (we will be overwriting this partition in a later step--this is just to get the boot partition table--or GPT--setup properly)
  • After the machine boots successfully to Windows, and you are able to boot into Windows by holding down Option when rebooting, boot back into OS X
  • Assuming you've already imaged your Windows 10 partition with Winclone on the old Mac and transferred it to the new Mac (or loaded it from a shared network drive), launch Winclone, open the previously saved Windows image, and restore it to the newly created Windows 10 partition (it will wipe away the temporary install just created)
  • Use Boot Camp Assistant to create a USB disk with the correct device drivers for Windows
  • Reboot and hold down Option, then select the restored Windows partition, and it should boot into Windows (alternatively, you can boot to Windows using System Preferences -> Startup Disk)
  • Install the updated Windows device drivers using the Boot Camp drivers USB disk just created, then restart
Perhaps the partition table did not get setup properly when migrating from the old Mac to the new one in my first attempts using Winclone. I believe that going through a plain vanilla install of Windows 10 using the ISO and Boot Camp Assistant properly sets up the partition table and enables you to then restore and boot into the restored Windows image. Hooray for not having to re-install and setup Windows and configure apps and settings again!

Tuesday, April 28, 2015

Photos and Videos in Picasa Showing up as Recently Modified in Google Drive

Lately, when viewing my most recent items in Google Drive, I am seeing a random assortment of photos and videos show up as recently modified even thought I haven't touched them in a long time:

You'll notice the file shows a most recently modified date as 9:40 am this morning (4/28/15). However, when I view the actual file, OS X shows that the file was last modified 12/3/14 at 10:42 am:

I saw some files that had recently modified times at 1:00 am and 4:00 am, when I know I was not modifying these files. I began to suspect that someone had breached my network and was somehow accessing or modifying my files, but the more I investigated, the more I think that there's something happening on Google's side which is modifying my files, perhaps generating an online preview or something. The strange thing is that the files showing up as recently modified are not even stored in Google Drive.

Here's my setup: I use Picasa to sort and manage all of my photos, which are stored in my Pictures folder on my Mac (/Users/Username/Pictures). I do not use Picasa's Google+ Auto Backup, because I manually choose which folders in Picasa I want to sync to an online album (previously called Picasa Web Albums, now called Google+ Photos). I also use Google Drive on my Mac (/Users/Username/Google Drive). None of the photos and videos in Picasa are being backed up using Google Drive, although Picasa Google+ Auto Backup and manual synchronization of albums in Picasa do share the same Google Drive storage space.

So, if I'm not backing any of these files up using Google Drive, then what is randomly modifying these files and causing them to show up in my most recently modified files when I view my Google Drive files on the web? The only thing I can think is that Google is starting to include photos and videos uploaded through Picasa with the contents of my Google Drive folder. Within Google Drive on the web, there is now a Google Photos menu item on the left, which leads to a Google help article that describes this feature, I also noticed this curious message at the bottom:

So, my conclusion is that this new feature within Google Drive that enables you to view photos and videos backed up via Picasa (Picasa Web Albums/Google+ Photos) is slowly migrating my older photos (remember, they share the same storage space), and including them in my Google Drive view on the web (even though I have not explicitly requested any such action). While I can understand this approach, it is still confusing and a bit alarming to me that random files are showing up as recently modified. I'm counting on Google for reliable, long-term storage of my files, including my precious family photo archive. Whenever anyone else but me touches my photo archive, I get really nervous.

Tuesday, April 14, 2015

Make Sure Google Isn't Indexing Your External Hard Drive

There's a great article on CSO that highlights the danger of misconfigured "personal cloud" services, such as hard drives or routers that enable you to backup your documents, and access them anywhere remotely. Take a look at examples of personal documents that were out there on Google, in the public domain, free for the taking, all because someone inadvertently made their files available remotely without fully understanding the impact.

The article states:
The files were easily located on Google, using standard search operators.

allinurl:ftp:// XXXX filetype:txt | xls | doc | docx | jpg | jpeg | pdf

You can replace XXXX to match any host name you choose, such as:
The bottom line: ensure that you don't inadvertently or knowingly enable public FTP access to your "personal cloud", and never store sensitive account or other information in an unencrypted document or text file.

Thursday, February 12, 2015

What happens to your accounts after you die? Designate a "digital heir" for your accounts

What happens to your accounts after you pass away? When I pass away, I will hopefully have sufficient local backups of meaningful content, such as any notes, journal entries, works that I have created, or our treasured family photo library. But, there would still be a good portion of family history and valuable content in my email, and social networking accounts. And, what if something happened to the local backups? It is important to make preparations for family members to gain access to any content that may still be available in your online accounts after you pass away. Here are some options with a few sites where you can designate someone to have access to your data after you pass away:
  • Google Inactive Account Manager: Share data with trusted friends or family members after a certain inactivity period, or delete your data altogether.

    Google states, "...You can choose to have your data deleted—after three, six, nine or 12 months of inactivity. Or you can select trusted contacts to receive data from some or all of the following services: +1s; Blogger; Contacts and Circles; Drive; Gmail; Google+ Profiles, Pages and Streams; Picasa Web Albums; Google Voice and YouTube. Before our systems take any action, we’ll first warn you by sending a text message to your cellphone and email to the secondary address you’ve provided."
  • Facebook Legacy Contact: Facebook allows users to designate a contact that has permission to download a copy of everything you shared on Facebook, write a pinned post, respond to new friend requests, update profile picture and cover photo after your account is memorialized. A friend or family member can submit a request to Facebook to have your account memorialized after you pass away.
  • Microsoft Next-of-kin Process: Once a request is received, Microsoft can provide a copy of all of the email, attachments, address book, and contacts list on a DVD.
  • Yahoo: As of the publication date of this article, Yahoo does not provide the option to recover the contents of your Yahoo accounts if you pass away. A family member can, however request that the Yahoo account be closed and all subscriptions and billing associated with your account terminated after you die.
  • Twitter: Twitter has a process that will allow a family member to request that your account be deactivated after you pass away.
There is still much progress to be made in this area, and I'm sure that "digital estate planning" will continue to evolve over the next few years as more companies provide users with options for controlling the access to your digital accounts after you pass away. In the meantime, don't forget to make local backups.

Wednesday, September 03, 2014

How celebrity photos were likely stolen from iCloud backups

Wired has an interesting article that discusses how sensitive celebrity photos may have been leaked from iCloud backups. The article describes using a password guessing tool called iBrute that leverages a flaw in "Find My iPhone" infrastructure to brute force a user's iCloud username and password. Once the iCloud credentials are obtained, attackers can use the forensics tool Elcomsoft Phone Password Breaker (EPPB) to impersonate an iPhone and download the entire iCloud backup, which includes not only photos, but texts, email, and much more sensitive information.

Apple has apparently fixed the "Find My iPhone" flaw that allows iBrute to guess iCloud passwords (it now times out after 5 attempts). And there is currently an investigation into the data leaks. In the meantime, if you're an iCloud user, it might be a good idea to setup two-factor authentication, and make sure that you're using a unique, hard-to-guess password. Also, don't do stupid things with your smartphone.

UPDATE: Tim Cook addresses iCloud security issues and promises increased security and account activity notifications.

Also, Ars Technica has a great article that details some real-world testing they did trying to crack their own devices using some of the techniques mentioned above.

Wednesday, June 11, 2014

Mario Maker

This is a pretty compelling argument for buying a Wii U. Combine the awesomeness of the Mario platformer franchise with the creativity of Minecraft and you get Mario Maker. Cue the awesome community-created levels, a la Little Big Planet, and Nintendo may have a huge success on their hands. Now if they would only release it for iOS and Android.