Hacker Disables Cars via the Web – Our Remote Controlled Life
Technology March 17th, 2010
This is what remote controlled toy cars looked like when I was a kid. Yes, the control box was connected to the car with a 3-4feet cable… not exactly the level of freedom you get with today’s wireless models.
But it was fun, nevertheless. I wonder if 20-year-old Omar Ramos-Lopez had a toy car when he was a kid. He seems to have found one now.. let me correct that: he seems to have found over 100 remote controlled cars to play with.
The laid-off employee of Texas Auto Center sought revenge and he found it in the Webtech Plus system, which allows dealers to remotely switch off ignition, sound the honk …etc. in the cars of non-paying customers. Our hacker immobilized over 100 cars and triggered their honks in the middle of the night… probably almost as much fun as a crazy SXSW party 
On second thought, it probably wasn’t fun for the drivers whose cars would not start going to work, or whose only remedy against a shrieking honk at midnight was to remove the car battery. But at least they were aware of the presence of the remote device… unlike students and families of Lower Merion School District in Pennsylvania (has Lower Merion just become the most famous school district in the US?). The Spy Cam District’s victims had no idea their homes could be monitored using the school issued laptops. (And the school district blew their chances of becoming a hit Reality TV show…)
Talk about remote sensors: I had no idea of the extended capabilities of the smart meter PG&E, the local utility has installed recently. These smart meters were all about remote reporting of consumption, and somehow the utility company forgot to tell us they came equipped with a wireless switch to shut off electricity supply.
Shall I go on? I’m not sure I even want to know how many aspects of our lives can be digitally controlled… all in the name of progress, but dangerous when falling in the wrong hands. 
(Cross-posted @ CloudAve )
Tags: big brother, CloudAve, hackers, hacking, privacy, remote control, remote sensors, sensors, smart meters, spy cam, SXSW, utility
Now We Know Why The City Never Sleeps
Business, Customer Service February 25th, 2010
Now we know why The Citi Never Sleeps: they are busy censoring their customers. If you are a Citibank customer and they dislike your blog, you may just get in trouble. (Disclosure: I do have a Citi account… so am taking a risk by writing this post.)
That’s just what happened to fabulis, a social network for gay men. Someone at Citi read their blog, decided that “content was not in compliance with Citibank’s standard policies” and froze their business account without advance warning. Fabulis Founder Jason Goldberg says:
for the life of us we can’t find anything “objectionable” on our blog besides some good humor, some business insights, and some touching coming out stories from some great and fabulis gay people.
Some speculate it’s images like that of this underwear with fabulis printed on it. If you ask me, these are not the most fabulis [sic] briefs, but who cares?
In fact it really doesn’t matter whether the fabulis blog has any “objectionable” material or not. Since when is it the business of a bank to read and censor their Client’s writing?
I’m pinching myself, thinking it’s a bad dream. But it’s not. This happened in the United Sates in 2010.
Something tells me within hours as management wakes up, Citi will be bending over backwards to dig themselves out of this huge PR nighmare – the damage is done, repairs will be costly.
In the meantime, enjoy Fabulis (almost) by Amanda Lear.
(Cross-posted @ CloudAve )
Tags: banking, censorship, citi, citibank, CloudAve, fabulis, free speech, gay, privacy, social network, Startup
Now You Have a Choice: GoogleZon or the Opt-out Village
Humor August 11th, 2009
It’s really simple. Here’s your default choice:
But now you can opt out of all google services. Welcome to the Village, courtesy of The Onion.
Skype Spam
Software June 22nd, 2009
The last place I expect to receive spam is on Skype, and so far it has remained clean, I assume due to my privacy settings:
So how on earth could this have popped up on my screen:
[12:05:42 PM] Zora Giannoni: hi! i’m briannahh from http://www.slutsdating.com are we still on for saturday?
No, Zora, or Briannah or whoever you are: we’re not on. Anyone with similar experience? Are we seeing major trouble with Skype?
Google Health & Microsoft HealthVault: the Sorry State of Health 2.0
SaaS, Technology February 5th, 2009
Today’s joint IBM – Google announcement about enabling personal health monitoring devices to send data directly to Google Health gave me the grand opportunity for a (not-so) quick rant that’s been boiling in me for a while.
Ever since I started actively managing my parents’ health care I’ve been a heavy user of electronic health records and communication systems, and I am immensely frustrated. Frustrated at the paper-based world we’re facing in the 21st century, but also at the current attempts to change all that. Grand ideas, alliances, announcements, but they all feel like IT-talk, losing sight of the very people these systems supposed to serve: patients. That’s you and me and our relatives who have health issues.
Tags: Google, google health, health, health 2.0, health care, health records, healthvault, hipaa, microsoft, privacy, usability, windows live
Privacy Advice from the Last Century
Misc, Software, Technology December 27th, 2007
I’m still wondering if the How to Safeguard Your Privacy Online post on GigaOM is real or a parody. No, I’m not talking about the advice for the paranoid, which includes gems like:
Do not make international phone calls.
Do not have a home broadband connection.
After all, these are for the paranoid… but let’s look at some of the tips for most of us, assuming we fall under the Feeling Practical But Not Paranoid category:
Do not use desktop search tools like Google Desktop or Microsoft Desktop Search.
Do not use webmail from a service provider like AT&T, Google or Microsoft.
Do not use browser toolbars or desktop gadgets.
Remove all social network accounts.
Clear your browser cookies after every session.
Change your local username daily.
He is so right, yet so wrong. Yes, the above are all real dangers on our privacy – but hey, we all know since Scott McNealy we don’t have privacy anyway. He got chastised for his famous declaration in 1998 – perhaps he was a bit ahead of his time, but things got a lot worse (better?) since then.
Let’s just look at cookies. The obvious Privacy 101 principle in the 90’s was to control them. Since then we’ve seen an army of cookie-washer products, the popular browsers all offer their own privacy/cookie settings – yet all this works less and less. Quite a few sites – including blogs – will fail to load properly when seemingly unrelated, third-party cookies are blocked. Sometimes they work, but next time you come back to the site, there’s just a white, blank screen. This is ugly. Since I can’t easily figure out what blocked the site, I typically end up deleting all browser cookies as well as all cookie-rules. Then the game starts again – some of the sites / blogs take minutes to rotate through dozens of cookie-requests, literally making it impossible to read their own content. I’m about to give up: might as well just enable cookies – privacy is long gone, anyway. Besides, if I am getting ads served up, they might as well be better targeted.
Not using search? Web-mail? Changing user-names daily? C’mon… it would be completely impossible to live with these rules. We have long given up any resemblance to privacy for the sake of convenience. Get used to it. Unless you want to shut down the Internet, remove any computers from the house and lock yourself up in your home. Better yet, move to a remote island, where everything is low-tech and healthy. 
Tags: advertising, convenience, cookies, inetrnet, privacy
SaaS Will Never Be the Same – Again
Business, Enterprise Software, SaaS December 4th, 2007
The first time I said SaaS would never be the same was referring to Freshbook’s launch of their benchmarking service:
It’s *the* hidden business model enabled by SaaS. An opportunity not talked about, but so obvious it has to be on the back of all SaaS CEO’s mind. Benchmarking is a huge business, practiced by research firms like Forrester, Hoovers, Dunn and Bradstreet, as well as by specialized shops like the Hackett group – none of which are affordable to small businesses. More importantly, all previous benchmarking efforts were hampered by the quality of source data, which, with systems behind firewalls was at least questionable. SaaS providers will have access to the most authentic data ever, aggregation if which leads to the most reliable industry metrics and benchmarking.
Hosting customer data offers a lot more opportunities, beyond benchmarking. Tomorrow CRM provider Salesforce.com will launch a new service called Salesforce to Salesforce (S2S) that facilitates the sharing of data between customers -reports TechCrunch. I believe, just like Freshbook’s move, the ramifications of this new Salesforce service will go way beyond the immediate opportunities it brings to customers ( not that those are negligible: see first reaction by Echosign CEO Jason Lemkin, another business innovator in my book.)
This is a first step in a paradigm-shift: while current concerns about SaaS mostly focus on the security, privacy, and consequently isolation of business data, eventually a culture of controlled sharing for business benefits will develop. Forget CRM; think of more complete business suites, like NetSuite, or when it really kicks in, SAP’s Business ByDesign, the most comprehensive SaaS business suite ever. Procurement, manufacturing, inventory, resources…etc data – can you envision the improvements in Supply Chain visibility? SaaS will never be the same – again.
Update (12/5): Larry Dignan at Between the Lines sees the same opportunity:
Today, the service is predictably focused on sharing sales lead and CRM-type information. But as Salesforce.com grabs more large customers its possible that the latest service could be used to exchange supply chain information and link other business processes.
Tags: A1S, benchmarking, business bydesign, crm, data security, data sharing, freshbooks, netsuite, On-Demand, privacy, SaaS, salesforce.com, sap, sap bbd
Is Your Online Content Really Yours?
Business, Misc, SaaS August 29th, 2007
Industry Analyst and fellow Enterprise Irregular Josh Greenbaum had a shocking discovery:
…the Terms of Service posted on the Google Docs and Spreadsheets site assigns content rights of anything saved on Doc and Spreadsheets to Google. It’s almost too incredible to believe, so here’s the wording from the mighty Google maw itself:
“… you grant Google a worldwide, non-exclusive, royalty-free license to reproduce, adapt, modify, publish and distribute such Content on Google services for the purpose of displaying, distributing and promoting Google services…”
His conclusion:
I’ve said it before – Google is the new evil empire – but now I really am beginning to believe it. I know that user agreements are typically ignored by most users, but anyone in the corporate world who ignores this risks seeing their IP in a Google marketing campaign, or worse.
All I can say is this: Are they out of their minds?
Unlike Josh, I’m not sure this is part of Google’s Evil Master Plan, more a case of careless wording. Google’s very own Privacy Policy spells out more proper intent:
Files you create with Google Docs & Spreadsheets may, if you choose, be read, copied, used and redistributed by people you know or, again if you choose, by people you do not know. Information you disclose using the chat function of Google Docs & Spreadsheets may be read, copied, used and redistributed by people participating in the chat. Use care when including sensitive personal information in documents you share or in chat sessions, such as social security numbers, financial account information, home addresses or phone numbers.
It’s all about warning me and you, users, to be careful about protecting our content, which to me would be contrary to the “Evil Plan”. I think in this case Dennis Howlett is right, there are inconsistencies between the legal terms of various Google Services, that’s all:
I leave it to the lawyerly brethern to chew over this lot but as an advisor to business decision makers, I don’t need a lawyer to tell me this is an unholy mess where my rights are unclear and where my privacy is at risk. Unlike Josh, I find it hard to believe Google wants part ownership of my data. It wants to send contextual advertising. To that extent, it needs to analyze and understand what’s going on in the things I commit to GAPE. The conclusion I’ve come to is that like so much that comes out of Google, it is half baked and poorly thought through.
In the above Dennis refers to Google Apps for the Enterprise. Now, Google and other online services are certainly targeted to small businesses, too (some more than others), which will look at usability, convenience, cost, and don’t typically comb through legal documents. This is not very reassuring. In fact it got me outright worried – are my friends at Zoho equally lax about legalities? I’m using their services and never bothered to check the TOS. Ignorant, I know – but you see, I am a Very Small Business.
My worries only lasted 5 minutes, until I found this in Zoho’s Privacy Policy:
We assure you that the contents of your Account will not be disclosed to anyone and will not be accessible to employees of AdventNet. Neither do we process the contents of your Account for serving targeted advertisements.
It’s affirmative, plain and simple, black and white: does not take a lawyer to decipher 
. This may very well be one of the differentiators I’ve hinted at before. Case closed.
Further reading: CNET/News.com, Open The Dialogue , Read/WriteWeb, CyberNet.
Tags: data ownership, Google, google docs & spreadsheet, online privacy, online services, privacy, terms of service, tos, zoho
Zoli Erdos
