Connect with us

Technology

Facebook Hello, a new dialer app for android

Published

on

Facebook on Wednesday introduced a brand new caller ID-type app for android phones that it says can block unwanted calls and facilitate look for people and places by drawing in information from the social network.

Phone calls might have fallen out of fashion, however Americans still make one billion of them a day. And yet the expertise of making a call isn’t all that great: phones don’t continually recognize numbers, contacts will be tough to manage, and they rarely benefit of newer technologies like Wi-Fi calling. currently Facebook is introducing associate app designed to repair that: hello, an Android-only dialer app that seeks to modernize phone calls whereas additionally working to place Facebook at the center of all of your communications. Among different features, it helps you to more simply make free calls over Wi-Fi.

hello app hello app

Technology

Find your unprotected Amazon S3 buckets with this free tool

Published

on

Services like Amazon’s S3 have made it easier and cheaper than ever to store large quantities of data in the cloud. Used properly, S3 buckets are a useful tool that can save time and money.

Used properly, I said. The problem is that plenty of companies fail to implement basic security. This, as I’m sure you’ve guessed, has resulted in an astonishing spate of (frankly) catastrophic data breaches. In October, researchers discovered an open S3 bucket containing the personal information of 1,113 NFL players and their agents. And in July, the details of three million WWE fans were chokeslammed onto the internet, after a third party contracted by the popular wrestling franchise set their buckets to ‘public,’ allowing anyone with an Internet connection to access and download content from it.

Sometimes, the leaked data is of a profoundly intimate nature. One leak, which emerged just last week, contained the blood test records of over 150,000 people.

Kromtech Security, a Cologne-based infosec firm, today released an open source script that should hopefully solve this problem for good. The tool, called S3 Inspector, is essentially a short Python program that uses your credentials to enumerate your S3 buckets. It will then identify which ones are secured properly, and which ones urgently require your attention.

Speaking over email, Bob Diamchenko, Head of Communications for Kromtech, explained the motivation behind S3 Inspector.

Amazon S3 is a popular storage service that is used by many enterprises, governments, and individuals across the globe. The service is fast, scalable and easy to use, but far too often we have seen cases where administrators fail to configure it properly or simply forget about configuration changes. This usually results in confidential user data or internal data is leaked online to anyone with an internet connection.

We began to see an increase in the number of instances of S3 misconfigurations. Recently we published a detailed guide, which explains how to protect your S3 buckets in detail. However, despite numerous warnings and a never ending cycle of data leaks, it seemed like those who store sensitive data online were not getting the message or unaware of the dangers.

When talking to the affected companies about the reasons for them to leave their repositories unprotected, we learned that oftentimes businesses have so many AWS S3 instances within their environment that it becomes hard for them to continuously check for their public availability.

We decided to make a simple tool that can help Amazon S3 users quickly check their S3 buckets for public access. We hope that by raising public awareness and giving people the tools to quickly check if they are protected from leaks. As responsible members or the cybersecurity community we hope that our hard work and dedication will reduce the occurrences of data leaks and financial, reputational damage, and cyber crimes.

S3 Inspector is available from today. You can download it from Github here.

Read next: Wicked Audio’s Outcry Extreme is my favorite Bluetooth speaker under $60

Readmore

Continue Reading

Technology

Wicked Audio’s Outcry Extreme is my favorite Bluetooth speaker under $60

Published

on

I tested out Wicked Audio’s Outcry Extreme Bluetooth speaker just in time for Halloween, and it’s been great to party with.

I used it in a number of environments and found a lot to like. It’s a quality speaker that literally growls and barks (more on this later), plus it sounds pretty good thanks to two 45mm drivers.

The Outcry Extreme is a sturdy dual-speaker that lives at the low-end of high quality. I give it top marks for manufacturing and durability. It’s over half a kilo (1.5 lbs) of plastic and metal sturdy enough to suffer some drops.

In the looks department, the Outcry Extreme had me at hello: its packaging was tailor-made to appeal to my inner geek. Once ripped from the box I was impressed with its squat stature and cool-as-jazz use of black on black embossed letters.

Credit: Nicole Gray
Credit: Nicole Gray

Glancing at the spec sheet had me concerned, it has a 4-5 hour charge time and a lithium ion battery that only lasts 7-8 hours. This isn’t very impressive, but I will at least point out it can be used while charging.

The two 3-watt, 45mm drivers aren’t going to fool anyone into thinking you’ve got a Sonos speaker hidden somewhere, but they don’t sound like “computer speakers” and they’re a very solid upgrade over streaming music through my phone or an Amazon Echo Dot.

I used the speaker in my living room for a couple weeks as my “morning music” player and found it has just enough low and mid range sound to provide excellent background music for morning conversations over coffee. It’s got simple buttons on top for playing, pausing, and volume — and the back features a 3.5mm jack, a micro-usb slot for the charging cable, and an on/off switch.

Credit: Nicole Gray
Credit: Nicole Gray

When I took it to bed it made a nice lullaby player to help put the baby asleep, I was grateful it lacked the tinny sound my smartphone’s speaker had. But for situations like this I found it was best that I got up and turned the speaker off by hand before I fell asleep, lest it lose it’s Bluetooth connection and get mad.

It’s designed to be “expressive,” meaning it makes noises to indicate status. When it loses Bluetooth connection it lets out a “grr,” and when it connects back it says “Ding!” in a goofy-but-happy voice. Both of these woke up my baby. In Wicked’s defense it isn’t called the “Outcry Sweet and Mild,” it’s the Outcry Extreme, and it’s more of a party animal than a bedside companion.

Despite the speaker waking up my baby, I still love those little noises. And they were quite the conversation starter when I took it to an actual party.

It doesn’t take much to fill my home with sound, so we threw a party outside at our local park and took the Outcry Extreme with us. It’s a no-muss-no-fuss speaker, I never had the slightest of problems connecting to it. Even better, it never dropped its connection unless I moved beyond 10m (32ft), with my phone in my pocket – which was as advertised.

The sound quality was just fine at the park and we kept it at about half-volume while we ate, talked, and listened to oldies and Motown classics. It got knocked off a picnic table at least three times, and never stopped playing. In fact there isn’t a scuff on it, much to my surprise.

I only had one problem with the Outcry Extreme: it doesn’t shut itself off if you disconnect Bluetooth and leave it inactive. This isn’t a deal-breaker, but I’d prefer it shut off after an hour or so.

The Wicked Outcry Extreme isn’t going to shake your floors or rattle your windows, but for less than $60 dollars it’s a fair offering that won’t cause you financial ruin if it gets lost or nabbed at a party.

It’s available at the Wicked Audio website for $54.99 here.

Read next: Apple CEO confirms new Mac mini in fan email

Readmore

Continue Reading

Contributors

Companies are collecting a mountain of data. What should they do with it?

Published

on

It’s called the information age for a reason.

From our tweets and status updates to our Yelp reviews and Amazon product ratings, the internet-connected portion of the human race generates 2.5 quintillion bytes of computer data every single day. That’s 2.5 million one-terabyte hard drives filled every 24 hours.

The takeaway is clear: in 2017, there’s more data than there’s ever been, and there’s only more on the way.

So what are savvy companies doing to harness the data that their human users shed on a daily basis? They’re finding meaningful ways to release it for public experimentation. By opening the kimono on their data, companies large and small can figuratively invite the public to have a hackathon that yields novel applications they wouldn’t otherwise have the time or resources to create.

From America Online to Netflix, companies across industries have released datasets to the public to differing ends.

In the case of crowdsourced restaurant review giant Yelp, its Dataset Challenge saw the company release more than 4 million reviews and 200,000 pictures pertaining to 156,000 individual businesses to the public as downloadable computer data. From students to computer scientists, interested parties around the world welcomed the ball in their court, finding novel ways to sort this data and build applications with it. “We think there is incredible promise in the ways people can use Yelp’s data to understanding food trends, build Yelp chat bots, or understand the visual content of local businesses,” says Yelp Senior Vice President of Engineering Jason Fennell.

For example, students from the University of Virginia’s computer science program fed Yelp’s data into a personalized sentiment classification model based on social psychology theory and the human tendency to associate with people like themselves. Fennell explained that “most text-based sentiment analysis models work at a global level and use localized group psychology, failing to capture wide-ranging opinions amongst users.” UVA’s project yielded a more nuanced picture of people’s regional tastes.

Whatever a company’s end goal may be, the experts generally concur: it’s good to release certain types of data to the public, where it can be received by an army of interested tinkerers. It’s an attitude that generally resonates with what is well-trod territory in the open source software community: sharing is caring, a rising tide lifts all opens.

“Releasing data is good,” says Richard Ford, chief scientist of computer security software company Forcepoint. “I come from an academic world, where we have tons of ideas and no data. Now I’m in the commercial world, where we have tons of data and no time to execute ideas. Releasing data lets other people experiment for us, but we always worry about the potential for deanonymization.”

Thus we’re presented with the double-edged side of releasing public data sets: if they contain sensitive information that can make someone personally identifiable, then that sets the stage for all kinds of trouble. It’s happened in the past.

On August 4, 2006, AOL released a database of 20 million internet searches made by 650,000 users over one three-month period. No names appeared in this data, but search terms were sortable by the user who made them, and many of these searches contained personally identifiable information. We humans are unique, but this uniqueness makes us identifiable. Knowing just a little bit about a person can make it easy to identify them in a sea of data. AOL pulled its dataset just three days later, but the genie was out of the bottle, copies already flying around the internet. CNN called it the 57th dumbest business moment of 2006.

In the same year, a pair of researchers at the University of Texas at Austin successfully deanonymized some entries from the Netflix Prize dataset, containing the movie ratings of 500,000 Netflix members. By knowing just a little bit about a particular Netflix subscriber, they could find his or her specific entries in the collection of data. The main takeaway here is that removing personally identifiable information from a database is not sufficient for anonymizing it — there are too many other ways in.

The consensus seems to be that the pros on releasing data widely outweigh the cons, especially assuming a robust privacy policy. It lets outside perspectives in, and can result in new, interesting features that company leadership may never have thought of. Public access to well-organized computer datasets can also play a meaningful role in educating a new community of developers and technologists.

“Respect for privacy is so important when you release a dataset,” says Ford. “Data is an asset, but it’s also a liability.”

This post is part of our contributor series. The views expressed are the author’s own and not necessarily shared by TNW.

Read next: POP!_OS is a developer-focused minimalist Linux distro from System 76

Readmore

Continue Reading

Subscribe to our Newsletter

Trending