It’s another week, another roundup. I wasn’t able to publish last week as I travelled to Portugal for Bsides Lisbon. You can read all about my adventures, see a video recap, and a recording of my keynote here. But the TL;DR version is that Lisbon is a lovely city, and Bsides was a great event.
But enough about me, let’s jump right in to it.
Blockchains
Blockchains are a bit of a running joke in that few people properly understand what it is, but are content to throw it around as a solution to everything and anything. You know something is over saturating the market when a simple search for blockchain brings up more memes than actual articles.
Do check out this article by Jack Preston which gives a great breakdown on hashes, and the structure of a basic blockchain.
Everything you wanted to know about blockchains but were too afraid to ask | Unwttng.com
The Motherboard guide to not getting hacked
The good folk over at Motherboard have put together a handy guide to not getting hacked. It covers the basics, mobile security, privacy, messaging, and even avoiding state and police surveillance.
It’s worth a read, and even better, it’s worth sharing with people who may not be overly familiar with security.
The Motherboard guide to not getting hacked | Motherboard
Smart Drugs
It was only a matter of time – but digital pills are here that talk to your doctor. The idea is that the pill will signal a smartphone once it reaches the gut so doctors can track whether patients are taking their medicine.
The main use-case discussed so far has been to ensure mental health patients are taking their medication on time. There could probably be other uses, maybe an app could helpfully remind people to take their medication, and automatically log what was taken and when. Reducing the need for those annoying multi-compartment boxes that some people have which carries all their medicine for the week.
However, there are definitely darker uses for this technology. Given how poorly secured medical devices have been, it’s probably not too difficult to spoof the messages, to make it appear as if a patient has taken an overdose. Or even blocking the fact that someone has taken their medication, resulting in the doctor forcing an overdose... I should stop spending time with so many bad hackers.
Digital pills that talk to your doctor are here | The Wall Street Journal
Major Malfunction
Most people in the industry have heard of Adam Laurie aka Major Malfunction. He’s been involved in DefCon and the London chapter for – well, as long as I can remember.
A lot of Adam’s research is focussed around RFID / NFC security. It was great to see him featured in a Vice video on hacking passports and credit cards. It’s well worth the watch – if for nothing else to be jealous of his impressive house!
Hacking passports and credit cards with Major Malfunction | Vice.com
How Facebook figures out everyone you’ve ever met
How do these things happen?
- A social worker whose client called her by her nickname on their second visit, because she’d shown up in his People You May Know, despite their not having exchanged contact information.
- A woman whose father left her family when she was six years old—and saw his then-mistress suggested to her as a Facebook friend 40 years later.
- An attorney who wrote: “I deleted Facebook after it recommended as PYMK a man who was defense counsel on one of my cases. We had only communicated through my work email, which is not connected to my Facebook, which convinced me Facebook was scanning my work email.”
Spoiler alert; a lot of it is down to your smart phone. The long answer is in this Gizmondo article.
How Facebook figures out everyone you’ve ever met | Gizmondo
UK Mass surveillance
There are three separate cases being brought against UK authorities, all of which stem from Edward Snowden’s 2013 revelations about mass state surveillance around the world.
According to The Intercept, a panel of 10 judges at the European Court of Human Rights in Strasbourg, France, held a hearing to look at the large-scale electronic spying strategies of the UK government.
The ECHR is still applicable to the UK despite its decision to vote for Brexit in June 2016, and the court’s judgments could mean major changes for how these surveillance operations will be carried out in future.
European Court challenges UK intelligence on mass surveillance | Silicon Republic
Amazon Key
A lot has been said about the Amazon Key in the last couple of weeks since it’s been announced, but are we looking at it in the wrong way? Are our homes really our prized possessions? Or is that a myth?
Privacy? The Key Problem Here Is Not The ‘Amazon Key’ | ITSP magazine