Author Archives: Nima

How “close” can google get to you?

googleLens

Ever since the google glasses came out, I had this idea/imagination of this program that someone is going to write for the google glasses that captures faces and recognizes them. Then it will pull up all the information about the person that you are looking at in matter of seconds (maybe not even that). At the meantime, I thought to myself that these glasses are so obvious it is hard not to notice that someone is staring at you while that little transparent screen on the glass is showing your information.

Today, I read about google patenting google lenses! It apparently started as “world’s smallest wireless glucose sensor ever made in a pair of smart contact lens” in January. Shortly after, they filed a patent for a series of micro-cameras to be integrated into their future smart contact lens.

As readwrite mentions in this article about Google lens, there are a lot of benefits that would come with this device such as the things that it could do for people with poor vision, or maybe people with diabetes. But we are not here to discuss those stuffs! There are always a lot of good benefits with the new things that come out in the world. For example, internet has A LOT of good impacts on nearly everyone’s lives today. But at the same time, it is used for almost any malicious idea in the world!

My question is now this: What if this device does make it to the market and becomes a very successful device? Now we have a camera attaches to everyone’s eyes that could potentially be compromised and . . .

I think this video sums up a lot of my points! Totally worth watching and it is only 2 minutes AND it is hilarious! Google Glass Contact Lens?!?

Heartbeat request caused a “heartbleed”

heartbleed_logo

What is heatbleed?

cartoon_heartbleed

The Heartbleed Bug defines this bug as “[A] serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet.” A lot of big security experts have called this bug the biggest security issues of the internet to date. It basically allows anyone on the internet to read a chunk of memory that OpenSSL uses to keep your stuff protected. This means your usernames, password, content, and even worst, the key that is used to encrypt all these information can be the object to this attach. If the attacker gets that key, they will then be able to read anything that OpenSSL tries to “hide”. Furthermore, OpenSSL is one of the most widely used encryption tool on the internet.

So all this sounds like a new thing that people usually find out when some hacker hacks a big server. However, this flaw has been around since 2012 and nobody knew about it until about 2 weeks ago when this bug was independently found by Neel Mehta, a Google Security engineer and a group of security engineers at Codenomicon

What did they do?

As far as I know, what they did is to report it to NCSC-FI and the OpenSSL team and somewhat publicized it. This caused all the big server holders such as Facebook, Yahoo, Microsoft, and etc. to solve this issue because now everybody knew about it. Five day after discovery of the bug, a this list was released containing the top 1000 sites and whether they were vulnerable or not. 48 of these websites were still vulnerable at that point of time. Among these vulnerable websites, we can see some of the big server holders such as Yahoo!, stackoverflow, and Flickr!

Ethical issues:

The main question that we can ask here is who to blame here? One answer could be that the people developing the OpenSSL are the people to blame. PCMAG writes about Robin Seggelmann, a programmer who uploaded the code with the heartbeat request feature on Dec 31, 2011. Seggelmann says “I am responsible for the error, because I wrote the code and missed the necessary validation by an oversight. Unfortunately, this mistake also slipped through the review process and therefore made its way into the released version.”

Another question can be who was taking advantage of this bug since it was out there for about two years?
As Bruce Schneier mentions in his blog post “[a]t this point of time, the probability is close to one that every target has had its private keys extracted by multiple intelligence agencies.” Supporting Schneier, Electronic Frontier Foundation (EFF) mentions two stories in this article about how the evidence show the possibilities that an intelligent agency could have been taking advantage of this bug all along.

I think if such thing is true, it is completely unethical to do such thing. This is like a company finding a way to access its employee’s data and instead of fixing the issue, taking advantage of their own employers. What do you think?

Copyright Battle over Obama Image

I know that we have passed the copyright stuff, but I thought that this was a really interesting article! This happened in second week of January (2009) when Shepard Fairey, who was a street artist and later he became a part of the Obama presidential campaign, made the famous “Hope” poster from the Obama’s Portrait.

As it is said in this BBC news article, Shepard Fairey is being sued for using the AP’s (Associate Press) photograph without their permission.

There is clearly an ethical issue happening here and we can look at the fair use and what we learned and try seeing whether or not his actions were right. I think it is also worth noting that he did not make any money from this poster while being sued for a lot of money.

Is it fair use?

The purpose of the use is for Obama’s presidential campaign. This has nothing to do with the original purpose of the portrait that AP used it. It is also not commercial by any means. (A lot of people made money from selling T-shirts or banners with this image, but not Shepard Fairey).

Nature of use: In my opinion the portrait had no characteristics of its own. It was a very basic portrait of Barack Obama when AP used it. Also, the work was published to public and was publically available. This is simply like the biography of Barack Obama (Which I am assuming you can freely copy and use)

The amount of the work that was copied is somewhat concerning. This is due to the fact that Shepard Fairey used the entire image. However, I think the reason that the poster became famous was because of the effects applied to the image and the word “Hope” underneath the poster.

Shepard’s action did not have any effect on the market that would be towards what AP had published. What AP had published was in 2006 and Shepard used the picture 3 years later.

All in all, I think that Fairey’s action is considered fair use.

It’s worth taking a look at this article from Stanford explaining Measuring Fair Use: The Four Factors