Thursday, October 29, 2015

Peeping Into Windows 10: Cortana

One of the great things about Windows 10 is, well I can't really think of any. On the flip side I can enumerate on a couple things I don't like about it. On top of my list is Cortana's collection of data.

Cortana is Microsoft's answer to Apple's Siri. 'She', as Microsoft likes to think of 'it', is a voice activated personal assistant.  According to Microsoft, "Cortana is your clever new personal assistant. Cortana will help you find things on your PC, manage your calendar, track packages, find files, chat with you, and tell jokes. The more you use Cortana, the more personalized your experience will be."

What is less obvious, unless you actually dig around the net, is this: As long as Cortana is turned on in Windows settings 'she' will be eavesdropping on everything you say. Yep, everything within microphone shot. All in an effort to further personalize your experience. Your device may also send 'speech data' back to Microsoft periodically, though it is unclear what that might include. If that isn't enough, Cortana also collects data based on email*, calendar, instant messages, OneDrive, and web history.

Fortunately, there are some things you can do to control what she hears. The links below dive deeper into what is collected and how it is used by Microsoft. Of primary interest should be the first link as it describes how to manage Cortana settings. The other links dive more into how Microsoft uses and manages user privacy.

Cortana-Privacy-FAQ

Microsoft's Privacy Statement

Microsoft's Corporate Citizenship

And, while this post hyper-focuses on Microsoft's use of personal data and collection, by no means are they alone. Microsoft will push targeted ads, but if you use other services such as Google Mail you already know that data mining occurs for this purpose. The difference here is how that information is collected, how much is collected, and how it is used.

*This is a bit ambiguous as some articles I have read state that Microsoft is mining emails, while other articles state the Microsoft has been clear about not doing so, particularly after some backlash from them looking at a customer's Hotmail account for illegally shared trade secrets from a former Microsoft employee.

Tuesday, July 14, 2015

Some Like It Hotspots: Comcast Xfinity WiFi

If you have ever looked at the list of WiFi networks that appear within the vicinity of your device you may have noticed one, or both, of Comcast's wireless networks broadcasting as xfinitywifi, or CableWiFi. On its face it doesn't seem like a bad thing, but Comcast is using customer's rented routers to provide hotspot access, and that calls into some question about whether this is legal, ethical, or secure.

CableWiFi and xfinitywifi SSIDs use dedicated bandwidth along with a dedicated antenna within the router to broadcast. This segregates traffic from the home user's private WiFi network. To connect to these SSIDs you have to be a Comcast customer. When connecting, you are asked for your Comcast credentials before access to the network is granted. You can connect to these networks from just about anywhere and have the convenience of 'free' WiFi.

Let's take a look at what this really means:

Comcast has only said that this network uses a separate antenna, and that these networks use a separate IP address from your home's private network. That may be true, but we don't know anything more about how this works or the security of this technology. There is no customer access to the settings of the Comcast networks, and therefore no way to look at the radio settings, the security settings, etc. Router vulnerabilities exist, and that an exploit could leapfrog Comcast's networks onto a home user's network is not outside the realm of possibility.

While Comcast does not tell their customers up-front about this network being enabled by default, it does state that customers can opt-out of having these networks broadcast. That is good news, but there have been numerous complaints that users are unable to successfully shut it down. Naturally, Comcast encourages people to leave it on.

There is some concern about how much electricity this additional broadcasting network uses. Comcast claims that it is 'nominal' at best. Speedify, a company that tested the electrical use while the network was broadcasting idle and with connections, suggests that it could cost customers somewhere in the $20 to $30 range depending on where they live in the US. Comcast disputes this claim stating that Speedify used business class hardware; not home-user hardware. It is also important to note that Speedify sells Internet services and are not a completely independent testing source. Despite this, Comcast welcomed Speedify to test again in the future using the latest home user hardware. Sounds like a great idea, but not every household will have the latest hardware. Testing older home user hardware and newer hardware would be a fairer gauge of electrical consumption. In any case, it hardly seems ethical to expect customers to not only pay for renting the modem/router and Internet access, but to also pay additionally in electrical supply costs.

The xfinitywifi and CableWiFi antenna radio signals can interfere with signals from a home user's private network. This can have a noticeable impact on the quality of service experienced with devices on a personal network, and has been a source of customer complaints.

Learn more about Xfinity WiFi and how to disable it here:
Comcast Xfinity WiFi
Disable Xfinity Hotspot

Purchasing your own modem and router give you more freedom to control costs, as well as the security of your network. It will cost less in the long run to purchase your own equipment, however; you will be responsible for maintaining it. If you are not comfortable setting up and securing your own network it still may be less expensive to hire a technologist to do it for you.

Wednesday, March 4, 2015

Broken Promises: Why Passwords Don't Work

In Ask Me Some Questions And I'll Tell You Some Lies I discuss security questions and why they should be random like passwords, which I discuss in my post Pass The Word About Passwords. So, what exactly is wrong with the current 'Login' and 'Password' model?

I’ll use a common scene in movies to illustrate what is fundamentally wrong with our current method of securing accounts. In the movie, we watch as an unauthorized [spy] [detective] [insert your own character here] knocks on a door in a dark back alley in the hopes of gaining entry. A tough looking bouncer slides open a small window and asks something like, "What's the secret code?", or “Who sent you?”. An attempt is made to validate the person looking to enter by asking him for something the bouncer knows. The detective provides the correct information and thus the door is opened.

No further information was required for the detective to prove his identity, and so it is with logins and passwords. There is nothing stopping an attacker from essentially doing the same thing to our logins. This is really a two fold problem as it relates to securing our data. First, we need to provide more than just the right answer to get into an account. Second, we need it to be something no one else has (including the site itself), or can get.

Sites hold onto our passwords by design. Like the bouncer at the door, they want to know if we have the right password. If we can match what they have on file we get access. This may have been a simple solution to a simple problem in the early days of making sure that only authorize persons had access to information in a pre-Internet world. We don't live in that world anymore, and that may play a part in why our account information is so often stolen and our accounts hacked.

Two factor authentication is a step in the right direction because it adds the burden of further proving our right to access an account. It requires us to provide additional information that only we would likely have at our disposal by giving us a one time use code via text message, or authenticator app. In my post titled, The Two Step Verification Dance, I discuss the pros and cons of providing additional information to access our accounts. We are always making sacrifices in security for the sake of convenience. Two factor authentication is stronger than passwords alone. However, as soon as we find it inconvenient we work around it (or flat out disable it) by allowing devices to remember a login as well as retain an app specific password. These app specific passwords can potentially weaken security because we now have a point of entry into an account that is no longer asking us for something we have. Not only are we explicitly allowing the site to validate using a password only, we are allowing the app to stay logged in.

On a base level, passwords are broken. Anytime we rely on a site to retain something that they know, and we know, we can almost bet on that information getting loose. We hear in the news all the time about account breaches and information leaks. These are companies who want us to use their services, but they need to do a better job of promising us they are doing everything technologically, and humanly, possible to safeguard our data. Fortunately, there is a community of security experts working to solve the login/password conundrum. It will take time for these newer solutions to reach the mainstream, and even more time for them to completely replace the traditional login and password method of validation. In the meantime, we have to keep ramping up security by continually improving our passwords, adding layers of protection, and being smarter about how we use technology.