An Electrician Explains the Shaver Socket
It’s very tempting to plug American devices into these sockets when traveling, especially when (as is so often the case for me) a suitable converter is unavailable. But should they be used for anything but shavers? After all, they are very clearly labeled. And what’s so special about shavers anyway?
Chatting with a seatmate on my long flight to Australia, I discovered he was an electrician who works in commercial sites. I jumped at the opportunity to inquire about this hotel electrical puzzle, and he quickly laid bare the mystery.
Meh – compound eye plus aperture synthesis and basic depth perception.
An exabyte per day is pretty cool, though.
Sure, your phone can take a decent picture, but it’s not even in the same universe as the best camera the government’s got. At 1.8 gigapixels, the DARPA-developed ARGUS-IS the highest resolution surveillance platform in the world, and, when mounted to a drone, can single-handedly do the work of an army of 100 predator drones watching the area of one medium-sized city.
ARGUS’s view is both wide and precise. It can cover areas of up to 15 square miles at a glance while still spotting objects as small as six inches around from heights of 17,500 feet. ARGUS not only streams the footage to the ground live, but keeps a stash of video on board as well, a staggeringly massive stash of up to 1 million terabytes (one exabyte) per day.
Whether the ARGUS-IS is currently deployed right now is classified information, and likewise, we aren’t allowed to see exactly what it looks like either. But one thing is for sure: all-seeing eyes in the sky that never forget aren’t science fiction. They’re reality. And for all you know, they could be watching you.
MOUNTAIN VIEW, California — Want an easier way to log into your Gmail account? How about a quick tap on your computer with the ring on your finger?
…wait, no, stop already – it’s not even the first paragraph and you’re going wrong. I have already done this, long, long ago:
This is my Java Ring and aside from anything else it was also an authentication token, so when you say:
This may be closer than you think. Google’s security team outlines this sort of ring-finger authentication in a new research paper, set to be published late this month in the engineering journal IEEE Security & Privacy Magazine.
…the issue is that I have already been down that path and know what happens; but – dearest Wired – you are so intent on being neophiles:
In it, Google Vice President of Security Eric Grosse and Engineer Mayank Upadhyay outline all sorts of ways they think people could wind up logging into websites in the future — and it’s about time.
2012 may have been the year that the password broke. It seemed like everyone on the internet received spam e-mail or desperate pleas for cash — the so-called “Mugged in London” scam — from the e-mail accounts of people who had been hacked. And Wired’s own Mat Honan showed everyone just how damaging a hack can be.
The guys who hacked Honan last August deleted his Gmail account. They took over his Twitter handle and posted racist messages. And they remote-wiped his iPhone, iPad, and laptop computer, deleting a year’s worth of e-mails and photographs. In short, they erased his digital life.
Yes, and howeverso tragic the experience was, the conclusions which Honan drew from the experience were misconceived…
Passwords are a cheap and easy way to authenticate web surfers, but they’re not secure enough for today’s internet, and they never will be.
…and all of the problems with passwords are eminently addressable. It’s not hard, really.
Google agrees. “Along with many in the industry, we feel passwords and simple bearer tokens such as cookies are no longer sufficient to keep users safe,” Grosse and Upadhyay write in their paper.
Thus, they’re experimenting with new ways to replace the password, including a tiny Yubico cryptographic card that — when slid into a USB (Universal Serial Bus) reader — can automatically log a web surfer into Google. They’ve had to modify Google’s web browser to work with these cards, but there’s no software download and once the browser support is there, they’re easy to use. You log into the website, plug in the USB stick and then register it with a single mouse click.
Authenticating with a card? Where have I seen that before? Oh yes, one of these:
…that’s a SunRay card. My SunRay card. Fabulous bit of technology, but – security geek though I am – it wasn’t the card authentication which made it valuable, it was the thin-client session mobility. The authentication was just a nicety, and you still required a password to unlock your session because, just like the ring, if someone stole your authentication token your security was compromised unless your second “factor” was informational – ie: a password.
They see a future where you authenticate one device — your smartphone or something like a Yubico key — and then use that almost like a car key, to fire up your web mail and online accounts.
Just like in 1998.
In the future, they’d like things to get even easier, perhaps connecting to the computer via wireless technology.
google: bluetooth proximity unlock
“We’d like your smartphone or smartcard-embedded finger ring to authorize a new computer via a tap on the computer, even in situations in which your phone might be without cellular connectivity,” the Googlers write.
You’ve seen those movies where bits get cut off people because of biometrics?
The future may not exactly be password-free, but it will at be least free of those complex, hard-to-remember passwords, says Grosse.
eg: by using 1password
“We’ll have to have some form of screen unlock, maybe passwords but maybe something else,” he says, “but the primary authenticator will be a token like this or some equivalent piece of hardware.”
The word “two” in “two factor authentication” rather negates the concept of “primary”; it’s not like We have received half the launch code, General, so we should launch half the missiles!
That means that if someone steals your card or your smart-ring, you’d better report it stolen pretty quickly.
Exactly so. I cannot take the rest of this article seriously; yes, more authentication is better, but cascading multiple forms of “what you have” is never going to be the right approach. You need to remember shit, just enough to bootstrap. See the summary.
ps: I have Yubikeys. I play with them. I love them:
…but I would never seriously trust to a system dependent upon them or any other token without a password; and ideally the token should be challenge-response.
Excellent sound, discreet, and enough punch to fill a sizeable room.
Each about the size of a coffee can.
The question is in the subject line. I still do…
I’ve done some work for Penrillian in the past, and I am rather liking Charles’ blogging:
The prospect of mobile money is exciting to Network operators, phone manufacturers, payment networks and banks: They’re all looking forward to consumers making payments with intelligent devices, creating better opportunities for customer engagement, and bringing benefits in terms of greater money security. Moreover, the devices are paid for by the consumers. There’s a vision of a ‘cashless society’ where we really don’t need cash at all; where all payments can be through electronic services.
Of course there are a number of barriers to the take-up of such a service. At the moment everyone’s concentrating on the most obvious ones: lack of technology, smartphones, infrastructure, commercial agreements and lack of ‘anonymity’.
Yet if the vision of a cashless society is to be realised, the UK has two further barriers […]
Continues at Two further barriers to UK mobile money | Penrillian.
The numbers are in and the $35 Raspberry Pi Linux PC is a success. After pre-orders sold out in less than 24 hours, the credit card-sized computer faced a number manufacturing hiccups and distribution problems. In April, the first batch of Raspberry Pis finally arrived at distributors and begun to ship worldwide. The company announced this week that one of its two distributors, Premier Farnell, has sold more than half a million units.
There’s this Garmin video that Dan Cuthbert pointed me at, earlier:
…and it’s timely because January sales are still on, and only yesterday I was perusing ChainReaction and ordering bits and bobs.
I’d been out on the MTB for an hour or so, exploring the heathland around Blackbushe Airport.
I had my Nexus 7 in a pouch running Google My Tracks – it recorded the whole thing, with much battery to spare, plus now appears to have options to Bluetooth-pair with numerous cadence and other sensors.
I’ve been round this loop of thinking before, of course:
- One thing Google have got going for Android (and Garmin haven’t) is “network integration”
- A small set of negative reviews for #Android #GPS #Cycling applications
- More on #Android #GPS #cycle applications: #Maverick failage & Google “My Tracks”
…but the big problem last time was only having a phone upon which to run the apps; and when the GPS killed that battery, I would be phoneless.
Whereas MyTracks has clearly been updated since I last played with it, has better usability, and can run for ages on the Nexus’ huge battery; and I can pre-load several huge chunks of GoogleMaps onto the Nexus for offline consumption.
So – £160..£240 for a Nexus, versus … I dunno, £250..£380 for a Garmin with maps? The latter are waterproof / weather-hardened and toughened and all, but the former is cheaper, general purpose and not locked-in.
It probably depends on what you want to do with it / whether you are sprinting or touring / how little you are wearing… but for the moment I’ll take the Nexus with me.
…or maybe there will be something huge and retina-like, real soon now? <hope/>
For the past few months I’ve been implementing an X11 server to run natively under Android. In the near future I may have need for a serializable user interface, so to get a better understanding of how they work I decided to implement the de facto standard, X11.
Well, it turns out the X protocol is bigger than I thought, but through sheer bloody-mindedness I got it finished. And it might actually be useful.
I had assumed that all internet-enabled smartphones would be sitting behind NAT-ing routers, both for security reasons and to conserve IPv4 addresses. But no, on the ‘3’ network in Australia at least, phones all have externally-accessible IP addresses, meaning they can run servers. So you could potentially launch a Linux X application out in the cloud and have it display on your phone.
The user interface is fairly simple: touch the screen to move the pointer, and use the directional pad to activate the left/middle/right buttons. Update: the volume up/down buttons now work as mouse left/right buttons. Both virtual and physical keyboards are supported.
The source code is available at http://code.google.com/p/android-xserver/ under an MIT licence, and the application (called X Server) is available for free through the Android Market.
For me, though, the money quote is:
on the ‘3’ network in Australia at least, phones all have externally-accessible IP addresses, …