Tag Archives: SGD

Social Engineering, Part XIV

image

Further to my earlier piece about the scamming potential of Web 2.0, here are a couple more examples of why social engineering is a bigger problem than it might appear.

First off, governments and organisations are not as careful with your information as you might expect them to. There are plenty of examples of CD-ROMs and laptops going missing, but often even that doesn’t need to happen. Some governments openly publish such information on the Internet. Indonesia’s minsitry of education, for example, has published the names, addresses, age, date of birth, school and education number of 36 million Indonesian students in easily downloadable XLS format.

Who might use such information? The mind boggles at the possibilities. But one hint might be found in this Straits Times article from neighboring Singapore, which reports a growing wave of faux kidnappings: Gangs phone someone with enough information about their loved one—child, spouse, or whatever—to convince them they’ve been kidnapped and the mark must pay the ransom immediately. In the past six months employees at one bank alone have foiled 14 such attempts—merely by alerting the victims trying to withdraw large amounts of money that they’re being conned.

In the first half of this year, according to the newspaper, 21 people have been scammed out of S$322,000 ($216,000) in this way. Such scams rely on having access to just the kind of information contained in the ministry of education’s database: Knowing kids’ names, their class, their home address, their school chums—all would be invaluable in doing a scam like this. Or any other number of scams.

The point is that we need to think beyond the narrow confines of single channels of data. Scammers don’t: They use a combination of techniques to build up enough information about their mark to be able to either impersonate them or convince them of something. In the above case, it’s that they have kidnapped a relative. In this (still ongoing) Hong Kong-based scam, it’s that they are their bank.

I’m not suggesting Web 2.0 is going to breed a different kind of scam, it’s just going to breed a new kind of opportunity. Social engineering relies on gathering just the sort of data that social networking and presence tools base themselves on.

Internet Radio in the Bedroom

 

I’ve lately been looking for a way to listen to Internet radio away from my computer. This looks like a good, albeit somewhat expensive, answer: the WiFi Radio from Acoustic Energy (about S$600, that’s $415ish).

The WiFi Radio connects to your router and stores more than 5,000 radio stations by country, updated each time the machine is switched on, which you can scroll though via the somewhat pokey LCD display on the top. There’s a buffering delay but once the station kicks in the sound is great. You can also use it to stream music from your computer.

It’s a classy solution to the problem. But I think there might be a simpler one, if you’ve only got a handful of stations you want to listen to, and just want a small device you can carry around the house with you. Perhaps I could even use an old PDA with WiFi built in? Where’s that Tungsten T3 I saw lying around?

wifi radio – further information : acoustic energy

Technorati Tags: , , ,

The Merits Of Online Publishing

Jason Fried of 37 Signals, the guys behind web applications like Basecamp and Tada List and Backpack , have published a book on how to build web apps. And they’ve proven a point — that publishing online can be the smart way to go. Jason tells me they’ve sold 4,000 downloadable digital copies of their new book Getting Real in the first week — at $19 a copy, or $49 for a site licence that allows users to make up to 10 copies for co-workers.

That’s $85,000 in pure profit, Jason says. Which I have to say is pretty good. I can’t imagine the same thing would happen, or does happen, for every tome. I asked Jason why he thought the numbers were so high. Here’s his response:

  • It’s easy. buy it now, get it now. you just download the PDF
  • we’ve been talking about our Getting Real process for a long time on our blog, and now people can get the whole thing in a $19 book
  • Lots of interest in how we work. How we’ve been able to build 5 products, write a book, and write Ruby on Rails in 2 years with only 7 people

Interesting. In other words, if a book really adds value to something that has already attracted a lot of interest, you have a ready audience. Even if you keep a blog, and tell everyone what you’re doing and how to do it, there will still be people interested enough to buy the book to read more. And $19 isn’t cheap: That’s a hardback book where I come from, but somehow online, being able to just grab it in PDF in a second, somehow makes the price seem reasonable. As Jason puts it:

I think there’s a big story here… The idea that authors with audiences don’t need publishers anymore. You can take your message direct to your audience. AND you own the rights to your work.

Say Goodbye To The USB Flash Drive?

I had an interesting conversation the other day with Trek 2000’s chief financial officer, Gurcharan Singh. Trek, a Singapore company, claim to be the originators of the USB drive, or thumb drive as they call it, and are currently sueing a company called M-Systems in a test case over who owns the patent for putting flash memory on a USB plug.

That’s all going through the courts, and has been for some time, but clearly Trek 2000 are playing a central role in the whole flash-drive-on-a-stick thing, since besides selling their own products, they are the OEM manufacturers of several dozen such USB drives, including folk like iomega. But what intrigued me, among several things, was a gadget he had in his display case that he hinted was the future of USB drives. I had asked him about concerns over the durability and reliability of flash memory (my own experience making me less than sanguine) and while he was careful not to play up such concerns, he pointed to a device that was barely larger than a USB drive, but which contained a 0.85 inch 10 gigabyte hard drive, manufactured by one of Trek 2000’s main strategic partners, Toshiba. “This will address the issues of flash that you’re talking about,” he said. At the moment flash drives get no larger than a 2 gigabytes.

Toshiba has promised to lauch the 0.85” drive early this year, according to The Register, who point out that these drives are about 80% smaller than the hard drives you’ll find in an iPod or similar device. If Gurcharan is correct it sounds like these hard drives will have a larger capacity than earlier expected and they’re likely to be as popular, if not more so, than the USB flash drive.

So will this cause a splash? Yes, I think, because they’re so small. They’ll wow us and make us do a lot more with our USB stick. Not that there aren’t options beyond flash out there already. Of a similar ilk, but using the older, larger drives, take a look at Sony’s new 2.0 GB Micro Vault Pro, which I saw in Singapore’s malls for about S$450 ($275, see illustration) or Z-Cyber’s 1 or 2 GB Zling Drives, which I’m guessing use the same hard drives, but seem to sell for a lot less: I saw the 2 GB version selling for S$200, and the 1 GB for S$129. Then there’s the Emprex range of Micro Storage, from 2.2 to 4.0 GB, selling for S$190 and S$275 respectively. All of these are basically small hard drives on a USB dongle. They’re nice, but they’re not nearly as small as what Trek 2000 are likely to unveil some time this year.  

(If you’re looking for larger storage you’ll have to go to iomega’s Mini Hard Drives, which come in 20GB and 40GB capacities. )

What I think we’re going to see are these microdrives really pushing out flash as folk come to rely on them more and more. It’s yet to be proven that these very small hard drives are as rugged as they claim to be, but I think we’re safe in saying that flash, while excellent, is not reliable enough to be anything other than a short-term means of storage. What’s more, with bigger capacities, micro drives are going to be able to do things, and go places, that flash drives just can’t do: Storing whole feature-length movies, an evening full of musical entertainment on a key-ring, a cellphone that doubles as your hard drive. There’ll be a role to play for USB flash but we may soon be looking back nostalgically at these devices as charmingly limited in what they could do for us.