After years of frustration with TypePad, this blog has moved. It’s still here, though, in that you don’t actually need to do anything. The URL is the same. Thanks.
Podcast: The Usual Suspects
Here I discuss on my regular slot with Adelaine Ng of Radio Australia patent wars, Amazon’s pricing policy and anything else we can think of. (This is from last Wednesday, so probably of historical interest only, unless you like hearing me say ‘er’ a lot.)
Thanks to the ABC for allowing me to reproduce it as a podcast.
Phishy Facebook Emails
Facebook phishes are getting better. Compare this one:
and this:
Notice how the key bit, supposedly defining that it’s a legit email, is successfully and convincingly faked: 
The only difference that stands out is the domain: facebookembody.com. Although Google classified it as spam they didn’t warn that it would go to a website that contains malware. So be warned. Notification emails aren’t such a good idea anymore, if they ever were.
The Siri Thing
I was asked to pen a few lines for a Guardian journalist on why I thought Siri was male in the U.S. and female in the UK. My quote was taken a tad out of context and so offended some folk who either didn’t know I was a technology columnist who makes a living out of irony and flip, or that I’m the most egregious, line-forming mumbler in British history. So here’s my contribution in its entirety. Make of it what you will.
I don’t know the reason why they chose male and female voices that way: it’s probably something prosaic about licensing or they didn’t have a Female British voice handy, or someone thought it would be good to try it that way first to see what happened.
But there’s plenty of literature to suggest that the gender of a voice is important to the listener. Men, according to researchers from Kansas State University, tend to take more financial risk if they are given a video briefing voiced over by a woman; the opposite is also true. (Conclusions from this are undermined when it’s added that men are willing to take even more risks if there’s no voice-over at all, which possibly means the less information they’re given, the more comfortable they feel about charging off into the unknown. This might sound familiar.)
Indeed, the problem with most research on the subject is that it tends to be as confusing as that. A paper from academics at the University of Plymouth found that “the sex of a speaker has no effect on judgements of perceived urgency” but did say that “female voices do however appear to have an advantage in taht they can portray a greater range of urgencies beacuse of their usually higher pitch and pitch range.”
We do know this: male German drivers don’t like getting navigational instructions delivered in a female voices. There’s also something called presbycusis—basically hearing loss, where older people find it easier to hear men’s voices than women’s, and can’t tell the difference between high pitched sounds like s or th.
But the bottom line is that Apple may have erred. Brits are notoriously picky about accents: class and regional, and, according to a study by the University of Edinburgh, can’t stand being told what to do by an American female voice. So far so good. But they also found that people don’t like what the researchers called a Male Southern British English voice either. Conclusion: until Siri can do regional female voices, it’s probably not going to be a huge success in the UK.
My tuppennies’ worth: Americans speak loudly and clearly and are usually in a hurry, so it makes sense for them to have a female voice. British people mumble and obey authority, so they need someone authoritative and, well, not American female.
ASEAN Phishing Expeditions
Mila Parkour, the indefatigable phish researcher from DC, points to some recent spear-phishing attacks which to me help confirm that Southeast Asia, and ASEAN in particular, has become something of a focus for the chaps in China.
They also highlight just how vulnerable diplomats in the region are because of poor security.
One is a phish apparently coming from the Indonesian foreign ministry, in particular one Ardian Budhi Nugroho, whom the email correctly describes as from the Directorate of ASEAN Political Security Cooperation. The subject matter is topical and credible:
Dear Sirs/Mesdames,
Enclosed herewith letter from Director for ASEAN Political-Security Cooperation, informing the date of the next Direct Consultations between ASEAN and P5 Nuclear Weapon States, which will be held on 4 – 6 October 2011 in New York. A Tentative Programme of the Direct Consultations is also attached for your kind reference. Thank you for your attention and continued cooperation.
The only good thing about these phishes is that they reveal something of the attacker’s interests. These attacks are timed carefully a week or so ahead of key meetings–in this case a Oct 4-6 meeting in New York of ASEAN and P5 Nuclear Weapon states (one of those states, of course, is China). The email was sent on Sept 20.
The email address given, aseanindonesia@yahoo.com, doesn’t appear to be genuine, but it could easily be. Look, for example, at the email addresses listed here. More than half are either ISP or webmail addresses.
Diplomats need to get wise to these kinds of attacks by using their domain’s email addresses and being more sophisticated about their communications (not sending attachments, for one thing, and telling me they don’t.)
How does all this work? We don’t know who received this but it’ll probably be a list of diplomats attending the talks–not hard to find, as we can see from the above list. It only needs one member of each delegation to open the infected attachment for their whole delegation to be in danger of China–or whoever is behind this attack–to be able to monitor everything they do.