Tag: google

Google Titan key security problem?

I was sure I tooted/tweet a thank you to the Google team in Berlin’s Re:publica conference. But it looks like it never quite happened due to connectivity issues with the wifi at certain points of the day.

So first of all I want to say thanks for giving me a titan security key for spending time listening to what changes Google had made to their security as announced in Google IO 2019.

I was surprised to see Google there with all the ill feeling about the 5 stacks, their monopoly and business practice.

But before I could get home try the key/system, I saw a bunch of problems with the key.

Google Titan Bluetooth Security Key Can Be Used to Hack Paired Devices

Titan-ic disaster: Bluetooth blunder sinks Google’s 2FA keys, free replacements offered

Obviously I was a little concerned, although I had not added the titan key to my google 2 factor auth yet.

After a bunch of reading, it seems its not completely flawed. The Google security blog confirms my research.

The problem is with the Bluetooth fob which to be honest is super convenient wasn’t the most secure idea in the world. The bluetooth stack is limited in its range but because of that, its not got as much security as most things on the net.

Due to a misconfiguration in the Titan Security Keys’ Bluetooth pairing protocols, it is possible for an attacker who is physically close to you at the moment you use your security key — within approximately 30 feet — to (a) communicate with your security key, or (b) communicate with the device to which your key is paired. In order for the misconfiguration to be exploited, an attacker would have to align a series of events in close coordination:

When you’re trying to sign into an account on your device, you are normally asked to press the button on your BLE security key to activate it. An attacker in close physical proximity at that moment in time can potentially connect their own device to your affected security key before your own device connects. In this set of circumstances, the attacker could sign into your account using their own device if the attacker somehow already obtained your username and password and could time these events exactly.

Before you can use your security key, it must be paired to your device. Once paired, an attacker in close physical proximity to you could use their device to masquerade as your affected security key and connect to your device at the moment you are asked to press the button on your key. After that, they could attempt to change their device to appear as a Bluetooth keyboard or mouse and potentially take actions on your device.

This all being a big mistake, Google has offered a replacement key. However because my key hasn’t been added to my account yet, I get a message saying no action is required but a email to override this. However after double checking my key is a type T3 meaning it wasn’t effected.

Good work Google…

Google starts transcribing podcasts?

Android police podcats transcribed

Google is finally transcribing some podcasts… It made sense a long time ago and its happening for real. No april fools.

Google Podcasts is now automatically generating transcripts of episodes and is using them as metadata to help listeners search for shows, even if they don’t know the title or when it was published.

Its a shame its only for use in Google podcasts, but I guess nothing is free when it comes to tech corps.  I remember thinking Google was going to start doing this when Google talked about podcasts, and what a time to start doing it I guess?

But there are questions about which podcasts are transcribed, is there a waitlist, how do you opt out and of course horrible errors from an automated process.

Google Stadia for Interactive digital narratives?

Yesterday Google announced Stadia, their cloud gaming project. The interesting parts of the announcement are…

  1. Play now on youtube
    I love the transition from watching to playing, 5 seconds and I’m sure with time it will drop down to even less.
  2. Play on any device and completely cross platform
    Really taking complete advantage of streaming and google’s massive cloud infrastructure.
  3. Record play state to the youtube
    Completing the circle, by sharing your state (not video) back to youtube, maybe even allowing others to play again with… This makes total sense because youtube is where they can start to show adverts too; although because its all generated it would be easy to advertise in the game its self.
  4. Share play state
    As mentioned above, you are not playing a video, but the game again complete with its world state, player position and player inventory.

Google Stadia on every platform

I think its quite a compelling idea and like everyone else, are interested in how much, how easy its to build for and will google get bored and kill it? I’m less interested in the exclusive games, game pad, etc but acknowledge  it will live or die by the games.

I do think theres some incredible possibilities for other types of media especially interactive digital narratives. It certainly could blow netflix’s interactive platform out the water. Said quite a few times, I find netflix’s interactive platform is horrible when you think, theres better more engaging experiences on the console attached to the same TV or even on the mobile you are using to drive it. With Stadia, its all the same thing.

Will breaking up GAFFA do any good?

Elizabeth Warren wants to break up the monopoly of the big tech companies (GAFFA) nothing that new as Tim Berners-Lee’s been saying similar for a year or so.

I do find it interesting watching the calls for Europe to get in the game, but then applying the same metrics to the European market? Something is not quite right there? Why would you want a copy of GAFFA’s, therefore recreating the cycle again?

I bought a Chromebook

https://www.youtube.com/watch?v=YDIhZZJQWRw

The other day my work Dell XPS 13 which has been running Ubuntu 16.04.1 asked me to upgrade. This message has been coming up for a while but I decided it was time for a upgrade, 18.04 was running well on my server and well it was time.

However the upgrade broke and I was left with Ubuntu 18.04 with Busybox. I had backups but as it was a BBC R&D build of Ubuntu, I needed to go to work for them to reinstall it. All of this was just before I went away to Mydata 2018 in Helsinki. On top of that my ubuntu server also had a problem.

Double wammy!

It was clear I could reinstall Ubuntu quickly but I would need to do a bunch of configuration and that takes time. I have a task to create a live CD with a bunch of configurations just for me, incase similar happens again.

I’d been looking at Chromebooks since I bought one for my parents ages ago and seen how ChromeOS has matured. I’m not the only one. It was the ability to run Android and Linux apps which pushed to get one.

Google Makes it Easier to Run Linux Apps on Chromebooks

So I bought the Asus chromebook flip c302, and I’m quite impressed with it. The size is good and the performance is good. As a backup laptop its ideal. It also kinda a solution to my lack of a decent tablet now my Nexus 7 is pretty much dead. I was tempted with the Google Pixelbook but it seemed too close to what the Dell XPS 13 is for.

I did consider getting a second hand XPS and sticking ChromeOS on it myself actually.

Google clip, decentralised intelligence?

https://www.youtube.com/watch?v=AD48ZEltaSo

The reviews are appearing about the Google Clip camera. Its not great but to be honest, the only thing I found interesting about it on the announcement, was all the logic/intelligence was onboard. Google has become well known for doing the logic via their own cloud systems, so this was a surprise.

the main reason Google Clips isn’t as worrying as “Google camera that recognizes your family’s faces and records them automatically” sounds is that Google made a few carefully considered technical choices to protect its users’ privacy.

The first is that everything on Clips happens locally. Nothing is synced with Google’s cloud at all — except the photos you save into Google Photos. All the facial recognition happens on the device using its own processing power. None of it is paired up with whatever facial recognition you may have set up in Google Photos. It doesn’t pair faces with names, it just recognizes faces it sees a bunch over time. It also tries to ignore faces it doesn’t recognize. So if you’re at a park with your kids, Clips will endeavor to only take photos of your kids.

The clips the camera takes are also stored only on the camera itself. They don’t try to sync over to your phone unless you ask for them. They’re also encrypted on the camera, in case you lose it.

On first look, I thought it might be a similar replacement for Google Glass, then I thought maybe its the Google GoPro but it doesn’t seem to operate like a point and shoot. So I thought maybe a lifeblogging devices like the autographer and narrative clip. But it seems to be a different category all together.

Its a interesting device, but certainly pricey for a new category camera.

Nexus 5x issues ongoing…

Google Nexus 5x
I like the irony of the good place paired with the problems of the phone

I recently got my Nexus 5x back from Carphone Warehouse. This follows the sudden bootloop of my Nexus 5x in November.  They replaced the motherboard as it was still under its 2 year warranty. I was hoping they would just refund me for it, as I bought the Google Pixel2 on its launch.

But it will do for now, till it happens again and I’ll be demanding more. Right now its a spare/backup phone with my pay-as-you-go 3 sim inside. I did pause to think if I should upgrade to Android Oreo, but decided I should do it.

In the mean while its interesting to see some of the solutions people have come up with including this one using salty ice to keep the CPU cool.

Nexus 5x under ice

Muzzling the Google Home Mini?

Google Home Mini at home

When I bought my Google Pixel 2, I received a free Google Home Mini as part of the pre-order deal. While in Madeira it finally came and today I went to Irlam to go get it.

I’ve never liked the idea of the Amazon Alexia and all devices which are listening for an activation word. I get the convenance but it doesn’t equal the given up privacy in my view. I turn off on my phones unless my screen is unlocked and I’m on the home screen (actively using the phone). I’ve been watching and reading how The Google Home mini has already received a ton of privacy strikes and disabled the touch controls.

My justification for getting the Google Home mini was purely to connect it to my Philips Hue lights. They are great but only if you have the app as the controls on the wall are way too simplistic to change colours, brighten and dim.

Unboxing the Google Home mini and getting it online, was pretty straight forward. I currently have it set with the mic on mute and the touch controls seem pretty basic (volume only). I’m surprised its powered with a micro USB cable not USB C and if I had a choice of colours, would have picked a darker colour instead of Chalk. Out of the box the home mini’s top touch fuctionality is disabled, I assume the firmware was updated when I setup the wifi.

Google Home Mini

I’m dispointment that there seems to be no way to connect the google home mini to the hue lights without doing it via the Philips Hue web. I currently blocking external access at my router for hue lights, so theres no way to control them remotely, although everything is on the same network. Honestly find it annoying that it can’t talk locally, especially since there is a good API via the Hue Bridge. I understand it needs internet access to do some processing but to control the lights? Sure this can be done locally?

I’m keeping an eye on dev sites to see what might come up, but right now its little use and I’d like to see more ways to muzzle its use to keep things local unless essential.

Goodbye Nexus 5x?

I left my flat Thursday heading for a train to York. Turning on my bluetooth headphones I noticed my Nexus 5x wasn’t connecting. One look at my phone and I noticed the screen was off. So I turned it back on and noticed the bootloader loop I had heard so much about.

While I made my way to York University, I tried multiple times to turn it on using different methods and it was in the taxi when I could actually type in my code to unlock the storage. Of course once it rebooted, it was back to the loop again. I also remember at some point watching the boot loader animation throw a error message which I wasn’t quick enough to snap. But I do remember it saying the storage was corrupt and it needed servicing?

By the time I was home again, it was dead. No matter how much I held down the buttons nothing would happen. I charged it up but there was no lights. Luckily I still have my Nexus 5 with the messed up screen, I had also thought about switching to the Google Pixel 2, but at £629 for the 64gig version, I just can’t bring myself to hit order (its a serious load of money especially since my Nexus 5x was £200) especially since I wasn’t sure if I would be in Manchester to actually get it. I had not realised it not actually officially available yet!

In the end after working with my Nexus 5 for a day, I decided to get the Pixel 2 with 128gig and buy it from Carphone warehouse only because I can pick it up from Manchester or London if needed. Just he last 24hours has made realise how much I use my phone for things like Monzo, 2 factor auth and much more. In the meanwhile I’l struggle through with the minimum number of apps on my Nexus 5 & 7.

I may attempt to un-brick my Nexus 5x when I got more time and in our R&D lab with the right tools. But seeing how I was waiting for the Pixel 2, I guess its time really.

Android Oreo upgrade on my Nexus 5x

Nexus 5x with Oreo upgrade

3 days ago I received the OTA update for Android Oreo on my Nexus 5x. I wasn’t really expecting it, as I’ve been keeping an eye out for my next phone (which is likely to be a Google Pixel 2 even at its much higher cost than my Nexus 5x)

Honestly I haven’t seen much differences except the background tasks are now in your face. Which isn’t a problem as I don’t have a lot running all the time (Timeused, Pebble & Twlight), be interesting to see how long apps like Uber stay in the background

I have noticed a drain on battery, for example my battery is at 88% right now and will stay alive for the next 9 hours. But to be fair its a old battery, I think the same use on Android N would be closer to 92% maybe.

Some of regular menus are shifted around and the small text which I have my phone set to, really is actually small. I am surprised there is no native bluelight filter (redshift, twilight, etc) but I guess it might upset all those apps which do this.

The upgrade was painless, it took 42mins as I was watching an American TV show as it upgraded its self.

Generally I’m happy with the state of the upgrade and although I know this is the last upgrade for the Nexus 5x; it might keep the phone going even longer.

Google apologizes again for bias results

Google once again was in hot water for its algorthim which meant looking up happy families in image search would return results of happy white famalies.

Of course the last time, Google photos classified black people as gorillas.

Some friends have been debating this and suggested it wasn’t so bad, but its clear that after a few days things were tweaked. Of course Google are one of many who rely on non-diverse training data and likely are coding their biases into the code/algorithms. Because of course getting real diverse training data is expensive and time consuming; I guess in the short term so is building a diverse team in their own eyes?

Anyway here’s what I get when searching for happy families on Friday 2nd June about 10pm BST.

logged in google search for happy families
Logged into Google account using Chrome on Ubuntu
incognito search for happy families
Using incognito mode and searching for happy families with Chrome on Ubuntu
Search for happy families using a russian tor and chromium
Search for happy families using a russian tor node on Chromium on Ubuntu

 

Imagine 60db with Object based media?

60dB logo

When I first heard about 60dB, I thought great someones finally made a object based podcasting client.

60dB brings you today’s best short audio stories – news, sports, entertainment, business and technology, all personalized for you.

Unfortunately I was wrong.

Its a bit like stitcher which is well loved by some people.s

It does seem to pick and play news stories. But the sources are specially crafted (ready for syndication like this) rather than the client processing the audio and picking out the parts most relevant to your listening preferences.

Its understandable because to do this you would need well thought-out metadata created by the original author/production. Without it you can’t have objects, without objects you are reliant on serious processing of the audio to build the metadata which the player can use (that or some serious computational power).

I had heard and thought it was a logical move for Google Play’s podcasting support would include some kind of basic automated metadata/transcript but it never happened. Another missed opportunity to show off the power of google and make themselves a essential part of the podcasting landscape, like how Apple did with itunes.

Seems like a great opportunity for some enterprising startup, specially since podcasting might save the world. Dare I say it again, perceptive podcasts could be incredible for all the reasons podcasting originally captured peoples attention.

 

How to copy contacts from Windows phone to Android, without going crazy

Nokia Lumia 635 and HTC Desire 635

Short answer: Setup a Microsoft Outlook account on the windows phone, sync everything to it then export a CSV of all the contacts on a laptop. Login to your Google account on the laptop and import them all. Sync that google account with the Android phone.

My painful experience

My dad has had a Nokia Lumia 635 for a while (over a year). He wanted to upgrade his ageing Nokia and went into Carphone warehouse to get a upgrade. The sales person must have rubbed their hands (I felt they took advantage of my dad saying he wanted a Nokia) and sold him a Nokia Lumia with Windows Phone on it. I was pretty pissed about this because my dad already has a google account, chromebook and my mum has this and a Samsung android phone.

On Boxing day we went back and looked into buying him out of his contract. This was fine and he choose a HTC desire 626 as it had a big screen and didn’t cost anything to his contract. After taking it home, I set it up for him and boy did the fun start.

Some quick things… I’m running Ubuntu on a laptop, my parents have a chromebook, we all have google accounts and we now all have android phones. My parents are not technical and mainly use text and voice. They have broadband with wifi in the house plus a chromecast I bought a few years ago. The Nokia couldn’t connect to any wifi unless it was open with no security/encryption (I tried many ways to get this working but it seems to be a common fault, which requires a total wipe!)

Nokia Lumia 635

I plugged the Nokia into my Ubuntu laptop then copied everything off it I could see. Then copied it to the HTC phone, I also turned off my WPA security on my Nexus 5x phone to allow the Nokia to actually connect to the internet without using my dads low 4g data usage. Then setup his google account which I set to sync everything. When trying to sync contact information with the google account nothing would sync. I had my laptop open with the google account so I could see what was syncing and what wasn’t. I tried forcing the sync and Windows phone kept forcing me to sync with Outlook.com. In the end I setup a temporary outlook account and synced everything with that. I could see things syncing correctly on my laptop screen.

I thought with both accounts on the Windows phone it would now sync but no. So I had to export the lot out of Outlook.com on the laptop as a CSV file then import them into the google account via my laptop. Once syncing, I could setup the google account on the Android phone and everything was good except Gmail automatically creates a group for the imported contacts which I had to delete but keep the contacts.

HTC Desire 820_11

Once that was done, I forced a system update and greeted with the Android 6.0 (Marshmallow) upgrade, meaning my mums new phone and dads phones are very similar making the learning experience a little easier between both my parents.

Ultimately I was quite shocked how difficult a simple thing task was. I mean dataportability should be simple and at one point I was going to give up and get my dad to write out all the contacts to a new his new phone. It wasn’t helped by not having wifi access on the Nokia. I did try Bluetooth and sending contacts as emails but nothing quite worked.

I hope this helps others as I was tearing my hair out to get such a simple thing working. No wonder Nokia has dumped Windows mobile and gone Android.

Little diversity changes in the valley?

Nancy Lee

Google’s head of diversity, Nancy Lee, is retiring from Google after several years of leading the company’s global diversity and inclusion team

In Google’s latest diversity report, we saw that overall representation of women went from 30 percent female in 2014 to 31 percent female in 2015. But the overall percentage of black and Hispanic people did not increase at all, with overall representation of blacks remaining at 2 percent and Hispanics remaining at 3 percent. In 2015, only 4 percent of Google’s hires were black and 5 percent of its hires were Hispanic.

It’s not clear who will take over as head of diversity or when Lee’s last day is. Google declined to comment for this story.

Although still (at the moment I write this) not confirmed and this isn’t a criticism of Nancy’s initiatives. But its not great news and looking back at the afrofutures talk I gave a while back, little seems to have changed when it comes to non-white or non-asian people in tech. I would have hoped the increase in women would be higher too, especially with all work and attention.

Seems little is going to change in the valley, at least for diversity and inclusion. I’m sure we will find out about Nancy’s difficult position very soon.

Data portability and the internet of things

Nabaztag on the Microwaves
I can’t help but laugh and partly shake my head at the crazy things which are being networked. You only have to follow internet of shit to get this.

I said heck no when a friend who I’d expect more thought from, suggested I should get one of the internet connected door locks; following my thoughts about Airbnb hosting. Not sure if they were being ironic or serious.

It comes as almost no shock, when reading the time that Tony Fadell sold me a container of hummus.

On May 15th a critical Nest product will go dark. I’m shocked this isn’t bigger news.

I don’t mean that the Nest product will reach end-of-life for support and updates. No, I mean that on May 15th they will actually turn off the device and disable your ability to use the hardware that you paid for.

Google/Nest’s decision raises an interesting question. When software and hardware are intertwined, does a warranty mean you stop supporting the hardware or does it mean that the manufacturer can intentionally disable it without consequence? Tony Fadell seems to believe the latter. Tony believes he has the right to reach into your home and pull the plug on your Nest products.

This littarly tingle’s of ethics of data; as I lumped data portability in the class of ethics a while ago. Theres been a few scary stories such as Berg cloud, the end of aibos and the famous nazbaztag saga. This is just the start, imagine when its your whole home system like in the example of Nest

Is the era of IoT bringing an end to the concept of ownership? Are we just buying intentionally temporary hardware? It feels like it. I own a Commodore 64 that still works.

The point is perfectly made. We have moved into a world of renting and/or licencing. I have many things which past their support date ages ago. For example my old Nexus 7 2012 edition, still runs and even has the latest Android 6.0 operating system on it. My pacemaker is coming up on 9 years old and there was a beta update 6 months ago! Even my Pebble smartwatch just recently got a update. And I can go back far further with other devices and machines. Heck my original Xbox and Playstation 1 still run and work..

Interesting to see Tony Fadell has stepped down too…