Patrick Beja is on the show today and we’ll discuss whether Google’s use of U2F (like Yubikey) for login security is the wave of the future.

MP3

Multiple versions (ogg, video etc.) from Archive.org.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke, sebgonz and scottierowland on the subreddit

Show Notes

Today’s guest: Patrick Beja, DTNS contributor and host of Le Rendez-vous Tech

Headlines

Reuters reports augmented reality startup Magic Leap raised $542 million in funding led by Google and Qualcomm. This would be just another startup receiving another round of funding if it weren’t for the mystery. Very few people know what Magic Leap’s product is. CEO and founder Rony Abovitz has said Magic Leap will develop “the most natural and human-friendly wearable computing interface in the world.” Apparently the device will track your eyeballs and project images directly on them, meaning that images appear within the natural world. Sundar Pichai, senior vice president of Android, Chrome and Apps at Google, will join Magic Leap’s board.

PC World reports the US Federal Trade Commission has appointed privacy consultant Ashkan Soltani as its new chief technologist, beginning in November. Soltani is a security researcher who won the Pulitzer Prize for public service in 2014 along with his co-authors who covered the US NSA surveillance programs.

GigaOm reports China denies any involvement in a man in the middle attack on Apple’s iCloud within China. The attack coincided with the launch of the iPhone 6 in China according to Greatfire.org. Swedish security researchers at Netresec said the attacks seem are being performed from within China, on backbone networks belonging to China Telecom and China Unicom. Hua Chunying, a spokeswoman for China’s foreign ministry, told journalists the government was “resolutely opposed” to hacking. China Telecom also said accusations against the government were “untrue and unfounded.”

Nielsen, the company that tracks tv ratings has partnered with Adobe Systems to measure viewership of digital video across all Internet-connected platforms. According to Reuters, this includes desktops, smartphones, tablets, game consoles and over-the-top boxes. The system will launch in 2015 with ESPN, Turner Broadcasting, Sony’s Crackle, Viacom and Univision already signed up.

The Verge reports that the best features of music service Songza–including smart playlist creation– will now be a part of Google Play Music on Android iOS and the web. Google acquired Songza back in July. An update today will add a version of Songza’s Concierge service, offers a colorful list of activities (working out, sleeping, studying, calling Comcast, etc.) designed to match your activities and mood. The feature is available only to All Access subscribers, but there are no ads. A Play Music representative said it’s “business as usual” for the stand-alone Songza app.

Everyone, you can relax now, the continuity of our future timeline is assured. There WILL be a working hoverboard available for purchase in time for the Back to the Future ‘Oh My God It’s The Future’ deadline next year. Gigaom reports that a California startup called Arx Pax has created a board called the Hendo, which can hover three quarters of an inch above the ground, but only on certain types of metal capable of generating a magnetic field, like copper. And it definitely won’t work on water. Oh, and it will cost $10,000. The company’s ultimate goal is to create a small white box that adds hovering capabilities to anything in your home, office, or museum. So, hovering Mona Lisa, coming in 2015.

Hold on to your pants, people. Yahoo beat expectations in their Q3 earnings report, announced today. TechCrunch report that Yahoo with sales of $1.09 billion excluding traffic acquisition costs and non-GAAP earnings per share of $0.52. Revenues including acquisition costs were $1.15 billion. Analysts were expecting on average non-GAAP earnings per share of $0.30 on ex-TAC sales of $1.04 billion.Yahoo’s stock is up over 4% in after-hours trading, following this news. Now, what’s Yahoo going to do with their five billion dollars in Alibaba cash.

ReCode reports HP will demonstrate a new product called ‘Sprout’ at an event in New York Oct. 29. According to people who’ve seen it, the product combines a large flat-screen display with a flat touch-enabled work surface and an overhead assembly that combines a projector and a 3-D scanner. The overhead device projects images downward onto the work surface, which users can manipulate with their hands or with a stylus.

 

 

 

 

News From You

Kylde pointed out a Lifehacker post about what will be our main discussion story today. Google is implementing a new second-factor authentication scheme called Security Key which allows you to use a Universal 2nd Factor key, like Yubikey, to login. The key uses the open FIDO framework to authenticate you rather than typing in numbers that could be phished. In other words you just stick a special USB key in your device and press a button. For now Security Key only works with Chrome.

KAPT_Kipper submitted a TechCrunch article reporting that Microsoft will drop Nokia branding from its Windows phones. The phones will now be called “Microsoft Lumia” phones. The rebranding will begin in France and move around the world. That means the name Nokia will only be used by Nokia which still exists as a mapping and network technology company.

hometownrival submitted the iMore story that Apple has responded to a Washington Post story co-written by future FTC Chief Technologist Ashkan Soltani, pointing out the OS X Yosemite’s spotlight search sends data back to Apple. Apple said it limits what data is collected, does not even attach it so an IP address or any kind of persistent identifier and points out you can opt out of Spotlight Suggestions, Bing or Location Services for Spotlight.

 

Discussion Links: USB Security

https://gigaom.com/2014/10/21/this-usb-key-secures-and-unlocks-your-google-account-in-chrome/

http://googleonlinesecurity.blogspot.com/2014/10/strengthening-2-step-verification-with.html

http://www.zdnet.com/duo-security-announces-u2f-authentication-support-7000034911/

https://fidoalliance.org/

https://fidoalliance.org/specifications

http://www.biometricupdate.com/201410/nok-nok-labs-adds-apple-touch-id-support-unlocking-fingerprint-authentication-possibilities-for-app-developers

Pick of the Day: GAuth Authenticator via Stephen Funkhouser

Tom I agree with your skepticism about using a tool like Authy that syncs your 2nd factor authentication keys between machines. Security and convenience are always at odds, and in this case we don’t know enough about how Authy works to trust them blindly.

I personally use Gauth Authenticator as a chrome extension (there’s a Firefox one available also). It’s open source with a public repo on github. It stores your key data locally, so only you have it. I also like to backup the text version of my 2nd factor keys in LastPass in the notes section under each accounts record. Thanks for a wonderful, and insightful podcast.

Plug of the week:  DTNS artist in residence Len Peralta has a new comic out that’s burning up the charts on Amazon. It’s called Exterminite about a company that can go into your dreams and exterminate your nightmares. Check it out!

Wednesday’s guest: Eric Franklin, Cnet section editor covering how to and tablets / co-host of CNET’s The Fix

Iyaz Akhtar is back today and we’ll talk about the launch of Apple Pay, how it works in the real world, and what we bought with it.

MP3

Multiple versions (ogg, video etc.) from Archive.org.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke, sebgonz and scottierowland on the subreddit

Show Notes

Today’s guest: Iyaz Akhtar, senior associate editor CNET, podcasting on The GFQ Network

Headlines

iOS8.1 came out today which brings back the camera roll, enables handoffs of text and phone calls to OSX Yosemite and enables Apple Pay. The payment system is set up in the Passbook settings and does not store credit card info but creates tokens that are used to identify the phone’s owner. Near-field Communication is used to transfer the token to a credit card terminal that then conducts the transaction entirely with the bank. Personal information is not stored on the phone. 220,000 locations in the US can now accept Apple Pay as well as many apps.

Android Police reports that a forthcoming update for the Gmail app in Android 5.0 Lollipop, will be able to handle email accounts from other providers like Yahoo and Outlook. Users will be able to swipe the screen between accounts or choose them from a dropdown menu once setup. The accounts will still be separate from the user’s Google account so no forwarding or Pop access setup will be necessary.

The Verge’s sources confirm a Forbes report that Microsoft will launch its own wearable fitness band within the next few weeks. In fact sources say it will be stocked in time for sale during the holidays. While it will tell time the device will focus on fitness tracking things like steps, heart rate, and calories burned. It will also supposedly support Windows Phone iOS and Android.

Gigaom reports that Spotify has announced a family plan option, offering up to four extra accounts at a 50% discount. The accounts are under one billing statement, but each family member gets their own Spotify account, so no more confusing muddling of your listening history, recommendations and playlists. Existing accounts can be linked under the new plan. Spotify says the new feature will roll out globally over the coming weeks. “Family” could mean co-workers, roommates and/or chatrealmers, right? When you listen, you’re family!

The BBC reports 40,000 esports fans filled Seoul’s World Cup stadium to watch the 2014 League of Legends World Championship this weekend between the Star Horn Royal Club from China and Samsung White..Thousands more around the world filled up movie theaters to watch the match. For the record Samsung White beat the Star Horn Royal Club to win one million dollars.

 

 

 

News From You

KAPT_Kipper passed along the Gigaom report that IBM is reportedly paying a company Global Foundries 1.5 Billion dollars, but NOT to acquire them. Instead Global Foundries would take over IBM’s commercial chip-making unit, which had been losing up to $1.5 a year. IBM missed sales and profit expectations for the most recent quarter and earned a profit of $3.68 per share, which was 14 percent below the $4.32 that had been expected.

metalfreak submitted the slashdot posting that OS X Yosemite sends a lot of data back to Apple and there does not seem to be a way to shut it off. A GitHub repository says it “provides a corpus of network communications automatically sent to Apple by OSX Yosemite.” Among the info sent is when the user selects “About this Mac” and search terms entered in Safari, no matter what search engine is selected as default. It’s unclear if all privacy options were selected in the OS and what the network communication might be used for.

evilninja01 tipped us off to a stopthecap.com posting claiming South Korea is about to get 10 Gbps broadband. Digital Trends reports Sk Broadband was set to unveil the service at the 2014 ITU Plenipotentiary Conference today. The service could transfer 1 GB of data on0.8 seconds. Of course there’s no word when the service will actually be available to customers. Bell Labs showed off 10 Gbps over copper wire in July. South Korea has an average Internet connection speed of 24.6Mbps, ahead of No. 2 Hong Kong with 15.7 Mbps. No wonder they’re so good at esports.

Erniev23 flagged us to a Guardian report that The Twelfth Doctor has a new mission: teach children to code. A new “Doctor Who” online game debuts Wednesday October 22nd on the CBBC website, and includes voice narration by Peter Capaldi, who portrays the current incarnation on television. The free web game is aimed at children 6-12, using puzzles based on programming concepts to help The Doctor rebuild a Dalek.

And another quick note from Metalfreak. Looks like the ChromeOS devs have changed their mind on EXT2/3/4 file support. NetworkingWorld reports the team changed its mind and plans to re-enable ext2/3/4 support in Files.app immediately. They say “It will come back, just like it was before, and we’re working to get it into the next stable channel release.”

Discussion Links: Apple Pay in the Wild

http://techcrunch.com/2014/10/20/ios-8-1-with-apple-pay-now-available-heres-what-else-it-brings-to-your-iphone-and-ipad/?ncid=rss

http://www.usatoday.com/story/tech/columnist/2014/10/20/apple-pay/17612285/

http://blogs.wsj.com/riskandcompliance/2014/10/20/why-apple-pay-faces-lighter-compliance-than-paypal-google/

http://9to5mac.com/2014/10/20/ios-8-1-apple-pay-icloud-photo-library-continuity/

http://www.businessweek.com/articles/2014-10-20/apple-pay-is-too-anonymous-for-panera-starbucks-and-other-retailers

Pick of the Day: Raspberry Pi w/ XMBC

I know I’m a little late on this, but I’m just catching up on the podcasts this week. I wouldn’t normally dredge up stories mentioned six days ago. However, I’ve been in search of the best HTPC solution for almost a decade. I’ve tried and owned everything, Roku, Apple TV, Google TV, Chromecast, and of course simply hooking my PC up to my TV. The BEST solution though came in unlikely package, it was a Raspberry Pi with XMBC. Obviously a PC is the best solution, but computers are big, loud, hot, and expensive and when it comes to the UI it can be a bit clunky. The Raspberry Pi w/ XMBC (RaspBMC is the official name) gives you all the power and ports you need in an affordable package. I’ve got a Panasonic Viera smart TV’s in the house, so you simply hook the Pi to the TV via HDMI, and it automatically integrates with the TV remote. It’s a little long winded but this video goes into all the details:

This is my first time writing in, but I just had to share this solution because I never hear it mentioned and it’s so incredibly brilliant. You can run 1080p video, with all the features of XMBC, all from an affordable Raspberry Pi that has such a tiny footprint. Hope you find this as interesting as I did.

Plug of the week: Exterminite!

DTNS artist in residence Len Peralta has a new comic out that’s burning up the charts on Amazon. It’s called Exterminite about a company that can go into your dreams and exterminate your nightmares. Check it out!

Tuesday’s guest: Patrick Beja, podcasteur extraordinaire

Mary Jo Foley joins the show to talk about the future of Microsoft under Satya Nadella, particularly Windows. Can Microsoft survive without the Windows cash cow? And Len Peralta illustrates the show.

MP3

Multiple versions (ogg, video etc.) from Archive.org.

Please SUBSCRIBE HERE.

A special thanks to all our Patreon supporters–without you, none of this would be possible.

If you enjoy the show, please consider supporting the show here at the low, low cost of a nickel a day on Patreon. Thank you!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, TomGehrke, sebgonz and scottierowland on the subreddit

Show Notes

Today’s guest: Mary-Jo Foley, All About Microsoft for ZDNet & Len Peralta, artist

Len has a new comic out that’s burning up the charts on Amazon. It’s called Exterminite about a company that can go into your dreams and exterminate your nightmares. Check it out!

Headlines

Fortune Magazine reports that the iPhone 6 and 6 plus went on sale in China today and there were long lines and throngs of people–just not at the Apple store. Turns out the actual Apple store was only selling unlocked phones at the full subsidized price. China’s three major mobile carriers had the discounted, subsidized phones, so that’s where the crowds were.

GigaOm notes Snapchat announced Friday it will begin putting ads in your snapchat feed. In the official blogpost Snapchat wrote: “It’s going to feel a little weird at first, but we’re taking the plunge.” The ads will appear under “Recent Updates,” the section of the app where people’s daily “Stories” show up.

Android Headlines passed along the WSJ report that Google’s BVp of engineering for Andoird, Hiroshi Lockheimer is now also in charge of ChromeOS. Sundar Pichai is in charge of Android, Chrome and Apps. Last month some Android apps were made available for ChomreOS and a hack made practically all of them run. Google has said the two operating systems will remain separate, but it sure looks as if they’re making it easier for them to merge.

PC Mag reports MasterCard and Zwipe announced a contactless payment card with an integrated fingerprint sensor. It’s the magic of TouchID with Google’s NFC Wallet Payment minus the phone. A ssuccessful live pilot was conducted with Norway’s Sparebanken DIN bank. The device is set to roll out internationally next year.

The Verge reports Facebook announced it has been searching anonymous posting sites for leaked passwords and proactively trying them on Facebook. If one works, that user’s password is reset and the user is notified.

The Washington Post reports US President Barack Obama has nominated a former Google executive to lead the US Patent and Trademark office. Michelle K. Lee has been deputy director of the Patent office since January, and has degrees from MIT in electrical engineering and computer science, so confirmation would represent a win for Silicon Valley over the pharmaceutical industry which had wanted the president to appoint one of its own. The position has been vacant for two years.

BusinessWeek reports Argentina launched its first domestically buil communicatiosn satellite Thursday. The ARSAT-1 was launched from French Guiana and will provide digital TV, cellphone service for Argentina, Chile, Paraguay and Uruguay for 15 years. It will also improve phone and Internet connections in remote areas, including Antarctica.

Ars Technica reports Whisper CTO Chad DePue took to Hacker News to dispute Guardian claims that Whisper tracks its users even when geolocation has been turned off. DePue called many assertions laughable and ridiculous but did say the company wants to know “where a user is in a general sense for things like tracking time zone so when we send pushes we know not to send pushes at 3 in the morning.” Security researcher Moxie Marlinspike responded that DePue’s comments seemed to confirm Guardian reports and wrote, “if you haven’t designed something that gives you truly unlinkable anonymity, don’t claim to provide it.” The Guardian also responded with more information backing up its claims.

After being accused on Reddit of misrepresenting it’s hardware, the Anonabox router has been suspended by Kickstarter. Anonabox purported to create a simple to use Tor router that you could plug into any computer to provide instant anonymity, especially when used with the Tor browser. As we mentioned earlier this week, the device had not been audited.

 

 

 

News From You

TheGavW let us know about a BBC report that it will begin publishing a continually updating list of its own articles removed from Google searches under the European Union’s right to be forgotten ruling. In a meeting hosted by Google, BBC editorial head David Jordan said that the BBC felt some of its articles had been wrongly removed from the search index, including a blog post by its Economics Editor, which may have been requested for removal by a commenter on the article. An EU spokesman said this particular removal was “not a good judgement” by Google. In turn Google went and banged its head against the wall, saying “that’s what WE TOLD YOU.”

And finally, h82or8 sent us the Boing Boing report that James Comey, head of the FBI said in a speech on Thursday that the “post-Snowden pendulum” is too blame for Apple and Google offering properly-encrypted cellphones and its “gone too far.” He hinted that the administration might seek regulations and laws forcing technology companies to leave a backdoor open for spies on smart phones and other devices. Mr. Comey did not suggest ways to prevent hackers and foreign spies from using the same door.

 

Discussion Links:

http://www.zdnet.com/microsoft-os-chief-myerson-on-the-future-of-one-windows-7000028286/

http://www.zdnet.com/blog/microsoft/

http://www.citeworld.com/article/2835278/development/universal-apps-is-the-future-of-windows-development.html

http://thenextweb.com/microsoft/2014/10/11/future-microsoft-depends-windows-free/

http://news.microsoft.com/2014/09/30/microsoft-unveils-the-future-of-windows/

Pick of the Day: Boxcryptor via Scott from Terrific Toronto and Terrific Tom from the internet:

Tom,

I love your shows, DTNS and Cordkillers are my top two.

I was listening to your story yesterday about the leaked Dropbox accounts and I was wondering if you have ever used or heard of Boxcryptor?

https://www.boxcryptor.com/

Its a 3rd party app that encrypts your files locally before sending them to what ever cloud storage service you use (DropBox, Google Drive, Box etc…) I use it on my windows 7 laptop, Blackberry 10 smartphone and Android tablet. I enjoy the piece of mind knowing that even if my cloud storage account is hacked, all my files are encrypted.

Monday’s guest: Iyaz Akhtar, senior associate editor CNET