Episode 478 – Aussie Tech Heads Shownotes

posted in: Show Notes

Malware hijacks big four Australian banks’ apps, steals two-factor SMS codes

Commonwealth Bank, Westpac, National Australia Bank and ANZ Bank customers are all at risk from the malware which hides on infected devices waiting until users open legitimate banking apps. The malware then superimposes a fake login screen over the top in order to capture usernames and passwords.

The malware is designed to mimic 20 mobile banking apps from Australia, New Zealand and Turkey, as well as login screens for PayPal, eBay, Skype, WhatsApp and several Google services.

other financial institutions including Bendigo Bank, St. George Bank, Bankwest, ME Bank, ASB Bank, Bank of New Zealand, Kiwibank, Wells Fargo, Halkbank, Yapı Kredi Bank, VakıfBank, Garanti Bank, Akbank, Finansbank, Türkiye İş Bankası and Ziraat Bankası.

the malware can also intercept two-factor authentication codes sent to the phone via SMS — forwarding the code to hackers while hiding it from the owner of the phone. With access to this information, thieves can bypass a bank’s security measures to log into the victims’ online banking account from anywhere in the world and transfer funds.

The infected Flash Player application does not come from Android’s official Google Play app store, instead phone users are tricked into installing via infected websites or bogus messages. To become infected Android owners must override the default security option and accept apps from unknown sources. The download comes from a range of bogus domains including flashplayeerupdate.com, adobeflashplaayer.com and adobeplayerdownload.com.

A Google spokesperson warned against allowing your phone to install any applications downloaded from the web.

Bogus login screens are targeting Android-wielding customers of Australia's largest banks


Square’s card reader coming to Apple, Officeworks, Bunnings

According to the company, “Square Reader is the smallest, most mobile and most affordable credit and debit card reader available in the local market that allows you to accept card payments quickly and securely on a smartphone or tablet device.”

The device, which plugs directly into the headphone jack of Apple and Android smartphones and tablets, costs $19 and is immediately available from the company’s website with free shipping anywhere in Australia. In “the near future” it will also be available at Bunnings, Apple and Officeworks stores.

It allows Visa, MasterCard or American Express credit or debit card payments, charging 1.9 percent per transaction.

Paypal is 2.6% plus $0.30 AUD of the amount you receive. For example, if you are sent $100.00 AUD by credit card, the fee would be $2.90 AUD ($2.60 + $0.30).


First-known Mac ransomware targets Apple users

Palo Alto threat intelligence director Ryan Olson said the “KeRanger” malware, which appeared on Friday, was the first functioning ransomware attacking Apple’s Mac computers.

“This is the first one in the wild that is definitely functional, encrypts your files and seeks a ransom,” Olson said i

The malware is programmed to encrypt files on an infected personal computer three days after the original infection, according to Olson

n Apple representative said the company had taken steps over the weekend to prevent attacks by revoking a digital certificate from a legitimate Apple developer that enabled the rogue software to install on Macs. The representative said he could not immediately provide other details.

Transmission is one of the most popular Mac applications used to download software, videos, music and other data through the BitTorrent peer-to-peer information sharing network, according to Olson.

www.transmissionbt.com, on Sunday carried a warning saying that version 2.90 of its Mac software had been infected with malware.

It advised users to immediately upgrade to version 2.91 of the software, which was available on its website, or delete the malicious one.

It also provided technical information on how users could check to see if they were affected.


Toshiba’s robot is designed to be more human-like

designed to look as human-like as possible – has had the German language added to its repertoire.

upgraded  machine’s control system to make its movements smoother.

Prof Noel Sharkey – a roboticist at the University of Sheffield – said he thought the machine still fell “clearly on this side of the uncanny valley”.

The term refers to the fact that many people feel increasingly uncomfortable the closer a robot gets to appearing like a human being, so long as the two remain distinguishable.

Chihira Kanae


Headphones use ear canals to carry out ID checks

works by playing a sound and then checking how it resonates in the wearer’s ear canal.

This provides a biometric check that serves as an alternative to a fingerprint sensor or eye scanner.

NEC said it intended to make products using the facility available before the end of 2018.

One expert praised the innovation for offering a fresh alternative to passcodes –

the shape and size of each person’s ears are unique, the firm said, the resulting data could be used to distinguish an individual.

NEC graphic


Skype ditches support for smart TVs

the move reflected the public preference for using mobile devices to make video calls from the living room, despite the size advantage TVs offered.

It will continue to maintain the service until June.

Afterwards, it will be up to individual manufacturers to decide whether to remove the app or continue offering an unsupported service.

Skype for TV was first unveiled at the CES tech show in January 2010 and was marketed as a way to let families “share the limelight [from their sofa] so there’s no more huddling around the computer or missing an out-of-shot moment”.

It required TVs to be fitted with either a built-in camera or a plug-in peripheral.

Didnt give it long enough – not eveyone has smart tv – typical of MS-remeber first with the tablet. How much to maintain anyway

Skype for TV


Driverless lorries to be trialled in UK

The Department for Transport said the UK would “lead the way” in testing driverless “HGV platoons”.

The technology enables vehicles to move in a group, using less fuel, it said.

plans could result in platoons of up to 10 computer-controlled lorries being driven metres apart from each other.

It said the chancellor was preparing to fund the trials as part of plans to speed up lorry deliveries and cut congestion.

Daimler's self-driving truck took to a German autobahn to prove its capabilities


EBF

Microsoft’s Surface Book Ads Borrow Music From Apple to Focus on Things a Mac ‘Just Can’t Do’

Following thelaunch of a few ads focused around the advantages of Windows 10 PCs over Macs, this week Microsoft continued its campaign with new commercials showcasing the Microsoft Surface Book. The ads feature wildlife photographerTim Flach describing the pros of the Surface Book, pointing out a few things that he “just can’t do” on a Mac.

The first video showcases Flach’s “initial impressions of the Surface Book,” with the photographer commenting on the detail provided by the two-in-one laptop/tablet device. Flach also detaches the top half of the Surface Book to directly edit and manipulate his photographs. He ends the video stating, “I can’t do that on my Mac.”

The second ad delves deeper into the powers of the Surface Pen and its 1,024 levels of pressure sensitivity, with Flach comparing the experience he had with Microsoft’s device to his time as a painter. Despite the touch-screen similarities the Surface Book shares with the iPad Pro, Microsoft keeps the comparison specifically to Apple’s Mac line in each video.

http://www.macrumors.com/2016/03/09/microsoft-surface-book-ads/


Early iPhone 7 Case Has No Headphone Jack and Stereo Speaker Cutouts

While theiPhone 7 is not expected to launch until September, French leaker Steve Hemmerstoffer hasshared photos one of the first cases prepared for Apple’s next-generation flagship smartphone.

The case has a larger cutout for either a traditional camera and LED flash setup, or possibly dual cameras. There are also two openings forstereo speakers in lieu of a 3.5mm headphone jack on current iPhones.

iPhone-7-Case-OnLeaks.jpg

The aftermarket case’s form factor closely resembles an iPhone 6s overall, with cutouts for a possibleall-in-one Lightning connector, pill-shaped volume buttons, and side-facing power button in their traditional places.

Early case leaks have historically been fairly accurate indicators of new iPhone designs, though there have been a few notable exceptions. Thefirst cases for Apple’s purportediPhone SE also surfaced last week ahead of itsexpected March 21st launch.

Multiple rumors have also claimed the iPhone 7 will feature adual-lens camera system. The hardware could be based on technology Appleacquired from LinX Imaging, which could lead to brighter and clearer DSLR-quality photos and severalother major advantages for the iPhone 7 cameras.

Meanwhile, Barclays analysts believe the iPhone 7 will havedual speakers supplied by Cirrus Logic, an Austin-based provider of analog and digital signal processing components for consumer electronics. Stereo speakers could be louder and route audio signals through two channels to simulate direction perception.

Update: A previous version of this article said the case has a cutout for dual cameras, but the opening may only be large enough for a traditional single camera and LED flash setup. Some rumors claim the dual camera setup may beexclusive to the iPhone 7 Plus, which reportedly may be called theiPhone Pro.

iPhone-7-Case-OnLeaks-2.jpg


Google tests app that lets you pay with little more than a smile

Google has announced that it’s testing a payment program called “Hands Free” that lets users pay for goods without having to reach into their pockets.

Old EFTPOS machine.jpg

The days of swiping or inserting cards, or paying cash, could soon be over if Google gets its way. Photo: Michele Mossop

The idea behind the program is that anyone can walk in to a store, find what they want and head to the register, requiring only their face and a moment’s conversation to purchase something.

Hands Free is in a limited pilot program at select stores in the Silicon Valley area. Google said that it uses a variety of sensors in a users’ smartphone, including Bluetooth and WiFi, to detect when shoppers are in a particular store. When at the cash register, the users simply have to say, “I’ll pay with Google” and give their initials to the cashier. The store employee checks the initials and a picture that users have uploaded to their payment accounts to verify that they are who they claim to be.

According to the company’s website, stores never get access to consumers’ full credit card information. Users also get a notification when their Hands Free account has been used, as a fraud-prevention measure.

Googlereleased a video illustrating how the process works, showing a woman buying goods with little more than a smile and some magic words. The promotional video from Google has strong echoes of the way Apple first promoted its Apple Pay program, highlighting that the current ways we pay — cash or card — are not as convenient as they could be. Why, the video illustrates, do we still have to fumble around with things in our hands to pay?

But the real push toward mobile payments has come from companies that see the appeal of controlling mobile payments. In addition to payment-focused start-ups and traditional credit card companies, tech firms such as Samsung, Amazon and Apple have turned to mobile payments as an opportunity to raise their profile with customers and become more indispensable in their daily lives.

Hands Free demonstrates that Google has larger plans in this space. The company said it’s also planning a program that works solely based on matching your Google Hands Free picture with an image of your face taken at the register.

“Images and data from the Hands Free in-store camera are deleted immediately, can’t be accessed by the store, and is not sent to or saved to Google servers,” the company said.

The Washington Post


German Court Says Websites Need Consent to Send Visitor Data to Facebook

Ruling is latest setback for company in Germany, where it has faced backlash over privacy laws

Facebook Privacy.jpg

By FRIEDRICH GEIGER

March 9, 2016 1:46 p.m. ET

BERLIN—A German court ruled Wednesday that domestic websites may not transfer visitor data toFacebook Inc. via its “like” button without the visitors’ knowledge or consent.

In a case focusing on e-commerce, a Düsseldorf court ruled the “like” button could only be embedded on a website if the site informed users that visiting would send their data to Facebook, or asked them to consent to the data transfer.

In the case, the Consumer Advice Center of North Rhine-Westphalia sued a subsidiary of Peek & Cloppenburg KG, a clothing retailer, alleging its website FashionID.de transferred data to Facebook without consent.

The ruling is the latest setback for Facebook in Germany, where it has faced a backlash from politicians and consumer groups allegingit violates privacy laws.

Facebook recently amended its terms for Germany after a court forbid a clause related to users’ intellectual property. Separately, the Federal Court of Justice said Facebook’s find-a-friend function was a form of intrusive advertising and ruled it illegal.

Germany’s Federal Cartel Office is also currently investigating whether Facebookabuses its market position to harvest personal information.

Facebook wasn’t a party to the “like” button lawsuit, but is nevertheless affected because the ruling restricts usage of the ubiquitous plugin.

A Facebook spokesman said “this case is specific to a particular website and the way they have sought consent from their users in the past. We understand the website has since been updated.”

The ruling can be appealed.

The consumer center that brought the case requested six companies amend the “like” button in a privacy-compliant way last year. Four agreed, the center said. It sued the remaining two, Fashion ID and Payback, a subsidiary ofAmerican Express Co.

A Payback spokeswoman declined to comment on the lawsuit. The center said Payback’s hearing was scheduled for May.

The consumer center said there were ways around the problem for German websites that want to embed the “like” button. One is a solution developed by information technology magazine c’t, in which data are transferred only after a visitor has clicked a button indicating consent.

Another c’t solution transmits data about the website’s server to Facebook, rather than sending visitor data.

Write to Friedrich Geiger at friedrich.geiger@wsj.com


Stuart – 10/3/16 – stuarts got the death roll for the week

Destinations on Google Is a One-Stop Travel Planning Tool for Your Mobile Phone

Google wants to make it easier for you to plan a trip with its new Destinations on Google tool. You’ll find flight and hotel prices for flexible dates, itineraries and attractions, and more in one spot just by adding one word to your mobile search.

Add “destination” or “vacation” after the location you want to visit, and Google will quickly show you all your options. You can compare airfare and hotel costs across popular cities in a region, see popular itineraries, and find out when the weather is good and when the destination is most popular for travelers.

In the “Plan a trip” tab, find the highs and lows for hotel and airfare over the next six months—an awesome feature if your travel dates are flexible.

Filters let you customize the recommendations by hotel class, number of travelers, and more.

The new feature is sure to spark your wanderlust.

Lumino City

Lumino City is a wonderful puzzle adventure crafted entirely by hand out of paper, card, miniature lights, and motors.

Through this gorgeous environment weaves a clever, charming and puzzling adventure. Lumi’s grandfather, the caretaker of Lumino City, has been kidnapped. To find him, you must explore the city and figure out the fascinating mechanisms that power this unique world.

Winner of numerous international awards, including the BAFTA for Artistic Achievement alongside nominations for Innovation and Best British Game, Lumino City now finds its home on the App Store as the perfect tactile experience for iPhone and iPad. Lumino City has an estimated 8 – 10 hours of gameplay and no In-App Purchases.

First time on sale for iPhone/iPad – usually $7.99, now $2.99.

Email inventor Ray Tomlinson dies

It’s a sad day for the Internet: Ray Tomlinson, widely credited with inventing email as we know it, has died from a suspected heart attack at 74. In 1971, he established the first networked email system on ARPANET (the internet’s ancestor), using the familiar user@host format that’s still in use today. It wasn’t until 1977 that his approach became a standard, and years more before it emerged victorious, but it’s safe to say that communication hasn’t been the same ever since. When’s the last time you sent a physical letter?

In some ways, Tomlinson also changed language itself. His choice of the @ symbol for email popularized a once-niche character, making it synonymous with all things internet. Arguably, he paved the way for modern social networks in the process. Twitter would be a very, very different place without the @ mentions that help you chat with other users, and numerous other services use it as an easy way to share status updates.

Tony Dyson, Creator of R2-D2, Has Passed Away

Tony Dyson, the creator of one of the most iconic and well loved robots in modern pop culture has passed away. Dyson was found in his home in Malta, and likely died of natural causes. He is most widely known as the person who constructed the R2-D2 used on the sets of Star Wars in 1977. Originally designed by concept artist Ralph Mcquerrie, R2-D2, a shining example of practical movie props, went on to be a major feature in every single Star Wars movie since then.

Fresco News teams with Fox stations for crowd-sourced coverage

Back in January, Fresco News launched an Apple TV app to deliver a curated feed of crowd-sourced breaking news coverage. Now, the citizen journalism app is working with local Fox affiliates to make user-submitted photos and videos part of regular new coverage. Television stations in 11 cities will be able to send out location-based alerts through the Fresco iOS app in hopes of getting first-person coverage.

Captured footage and stills will then be vetted and curated by the folks at Fresco before being passed along to the local newsrooms. And yes, if your video or photos are used, you’ll be compensated for them. The going rate is $50 for video and $20 for a photo that’s used on-air during a broadcast. Fresco actually began testing the system with a Fox station in Philadelphia last month. With the newly announced expansion, news teams in New York, Los Angeles, San Francisco, Austin, Atlanta, Houston, Phoenix, Tampa, Charlotte and Orlando will also take advantage of the on-the-ground coverage.

Shayne – 10/3/16

Microsoft to court: Make Comcast give us the Windows-pirating subscriber’s info

  • Microsoft is going after Comcast in order to unmask the person behind an infringing IP address which activated thousands of Microsoft product keys stolen from Microsoft’s supply chain.

  • Microsoft wants the court to issue a subpoena which will force Comcast or any ISP reseller to hand over the pirating subscriber’s info.

  • From 2012 to 2015, Microsoft maintains that an IP assigned to Comcast pinged its servers in Washington over 2,000 times during the software activation process.

  • As TorrentFreak pointed out, the Microsoft complaint (pdf) filed in a federal court in Washington state’s:

    • Cyberforensics allows Microsoft to analyze billions of activations of Microsoft software and identify activation patterns and characteristics that make it more likely than not that the IP address associated with the activations is an address through which pirated software is being activated.

  • It would be a significant gaffe on behalf of the alleged pirates if the IP address data pointed to their real identities.

Embrace mining technology innovation, urges Ryan Stokes

  • The world-class breakthroughs in mining technology achieved in Western Australia and their potential broader applications around the world should not be forgotten in the wake of the mining boom, Ryan Stokes says.

  • Mr Stokes pointed to the progress made by the likes of Rio Tinto, BHP Billiton and Fortescue Metals Group in installing automated trucks and drill rigs across some of their Pilbara iron ore operations as an example of the cutting-edge technology used in the mining industry, comparing the huge automated trucks to the self-driving vehicles being developed by the likes of Google.

  • Mr Stokes, whose Seven Group owns the WesTrac mining equipment business, said the growing use of autonomous mining fleets was just one example of how Australian miners were using innovation to improve their cost positions.

Snowden: FBI’s claim it can’t unlock the San Bernardino iPhone is ‘bullshit’

  • The FBI says that only Apple can deactivate certain passcode protections on theiPhone, which will allow law enforcement to guess the passcode by using brute-force.

  • Talking via video link from Moscow at a conference, Snowden said: “The FBI says Apple has the ‘exclusive technical means’ to unlock the phone. Respectfully, that’s bullshit.”

  • Microsoft founder Bill Gates said in a discussion on Reddit: “I think there needs to be a discussion about when the government should be able to gather information. What if we had never had wiretapping? Also the government needs to talk openly about safeguards.”

  • Apple co-founder Steve Wozniak also spoke out against the FBI on the Conan O’Brien show on Monday, saying: “I side with Apple on this one. [The FBI] picked the lamest case you ever could.”

  • I had heard on TWiT that it is not so much about the content on the phone anymore but about setting a precedent.

Google ordered to hand over names of fake reviewers in Dutch court case

  • Fake reviews have been an occasional and frustrating by-product on sites like Google, Yelp and Amazon for years.

  • A nursery in Amsterdam has won a case against Google in a civil court in the city this month, in which Google was not only forced to take down several negative fake reviews that appeared on Google sites, but also disclose the details, such as IP addresses, of the people who posted the reviews in the first place.

  • The lawyer for the nursery, Paul Tjiam of Simmons & Simmons, believes this is the first time that the search giant has ever been forced by a court to reveal contact and registration details of fake reviewers.

  • Google so far has no comment on the case. “We’ve received the ruling and are reviewing it but nothing else to share at this time,” a spokesperson told TechCrunch in an email.

  • While the case appears to be a landmark ruling — it’s the first time that Google has been required to provide contact details and IP addresses for Google reviewers — it also highlights the challenges for a search platform like Google when navigating questions of freedom of speech and more recent developments that touch on user privacy.

Leave a Reply