Wass Up Tech: Leaking Out, Blowing Out, Running Out

|September 16, 2016 0
Hacks, explosions and stock-outs are keeping the technology industry occupied, serving it new lessons and directions

INDIA: When a hacking group gets a hand into passwords for the Rio Olympic database and spills them out, there is more than just doping fears that pour out.

It also re-affirms the way phishing, specially spear-phishing is working, when someone really wants it to work. A phishing attack usually gives the user a bait to open a link from a supposedly-trusted source and then infects a device, but when this becomes acutely narrowed down and personalised for a target with specifically-designed hooks, the outcomes resemble the one that the Olympic-hack has presented.

In this latest episode, the hacking group could not only access athlete data, like confidential medical information, Therapeutic Use Exemptions delivered by International Sports Federations (IFs) and National Anti-Doping Organizations (NADOs) in context of the Rio Games; but also gave public a peek into some of that information. Worse, there can be more information coming as it hinted in a threat.

As per initial affirmations from the WADA or the World Anti-Doping Agency, a Russian group did get access to some drug-test results and confidential medical data connected to Olympics in Rio de Janeiro. Tennis stars Serena and Venus Williams, four-time gymnastics gold medalist Simone Biles and Elena Delle Donne came under the ambit while the International Olympic Committee cleared the names of any inappropriate substance violation. This incident dovetails interestingly with the FBI investigation into possible Russian government hacking and apprehensions around U.S. Elections as well as the account-hack of Russian whistleblower Yuliya Stepanova.

The group Fancy Bear or APT28, is also surmised to have hacked the French TV5 Monde station recently and may soon disclose exclusive information about other national Olympic teams as it reminds strongly about its posture for fair play and clean sport.

On the other side of the world map, mooncakes came up as addictions of a new variety drugging employees enough for an underhand hack into their employer’s model.

Around China’s Mid-Autumn Festival, Chinese e-commerce site Alibaba saw four of its employees exploiting an internal website loophole to grab discounted mooncakes. These software engineers, as per media reports, managed this by embedding plug-ins additional software into the website, and re-routed some extra mooncakes to themselves because they were not able to buy a cake through the internal website earlier.

Fun and festival are being escorted by hacks everywhere – and Pokemon keeps taking the spotlight again and again here. In a latest example, some security researchers spotted a malicious application on Google Play which appeared to be a guide for the game but actually intended to usurp complete control over Android devices.

Multiple layers of bypassing Google Play’s malware detection mechanisms were observed in this case by researchers from Kaspersky Lab and what was notable that the app did not execute immediately but rather counted its time till another application got installed or uninstalled to ensure it was on a real device and not in an environment simulated for malware-detection.

When it was sure, it would deploy its malicious module, connecting to a remote server and sending data about the device, downloading exploits for escalation vulnerabilities or getting access to the highest privileged account on Android. Although Google has issued patches for all of these vulnerabilities, Android ecosystem presents its own unique barriers of fragmentation.

If Google was worried, rival Apple was facing problems of its own flavour.

The craze around the latest Apple launch iPhone 7 Plus did calm down concerns of Apple losing its steam in this market but the company faced pre-order demand pressures and is struggling to manage enough inventory inside stores even as fans line up in long queues, offline and online.

Is the new version indeed worth all the madness and frenzy though? With improved cameras, water-resistance coming in and the headphone jack going out, this launch firms up Apple’s leaning towards wireless audio as the future. But when one specifically looks out for something revolutionary or mould-breaking, this version could be as flat and inconsequential as some of the recent ones, thus making the impression strong that Apple could be pushing smartphone innovation to the fringes. Hence, small, incremental features in a 5 or 6 or 7 but nothing very jaw-dropping.

Experts are speculating Project Titan as another big hint of iPhone dissolving into a blur as cloud, IoT, smart vehicles and integrated devices take over. The age of smartphones could be slowly dissipating as a new age of connected-world emerges.

Apple may or may not explode a new white space but phones were busy with explosions of a different sound the last few days in Samsung’s corner.

Its latest flagship smartphone, the Galaxy Note 7, was found to be explosion-prone and recalls, first voluntary and then formal, kept Samsung busy in mitigating the damage. Note 7 sales were halted as soon as the flaw came to surface (one phone was found burning down a customer’s Jeep) and subsequent follow-ups marked the battery cell as the source of the problem leading to a blow during anode-to-cathode contact highlighting a rare manufacturing process error.

Samsung had to spring into action with many phones already out into shipments and stores, and methods of many shades – new bar code label for box-identifications, advisories to customers, caution-high packaging as well as online IMEI database efforts -were some steps that the company has been up to. (There was even mention of a software upgrade which could intervene and lessen the power during a charge for a Note, but it could not get official enough).

So that was what technology biggies were generally busy with for the last few days.

Regulators were not idle either, it appears. Your next coffee shop visit may have changed already going by what EU was doing last week. When Europe’s top court rules that Wi-Fi providers are not subject to any copyright infringement liability that happens on their network, a lot changes for the user and the Wi-Fi provider.

Specially when it adds a strong recommendation that a Wi-Fi provider should however demand identity proofs from users for password-access.

This might mean a good bye to free and anonymous Wi-Fi access in bars, cafes, or hotels etc across the 28-member-state bloc. Carry an ID proof along when going for a coffee next.

Another issue stirred up and found a stand from EU when its competition chief Margret Vestager looked into anti-competitive accusations that manufacturers and content producers are imposing on online retailers. A report indicates that as many as 40 percent of retailers find themselves confronting some form of price recommendation or price restriction from manufacturers. Geo-blocking by sellers is also on the rise.

But EU might direct the wind in a new way when it feels strongly about businesses having the freedom for outlining their sales strategies online. This move will also help customers of e-commerce with better choice and prices while it simultaneously protects interests of small and mid-sized businesses and fair competition.

The way things are unfolding, the industry is about to witness many path-defining changes and alarm-bells ahead. Disruption, whether in cyber-security alleys, in smart-phone aisles, in Wi-Fi cafes or online markets, is definitely astir.

No Comments so fars

Jump into a conversation

No Comments Yet!

You can be the one to start a conversation.