Category Archives: Computers

Guarding against hacking gets more complicated

1 Reply

My post yesterday describing someone’s attempt to get access to my Facebook account brought a very interesting response from longtime techie Ryan Ozawa.

I’m taking the liberty of reposting his comment here, both because it describes a hacking technique I’m sure most people are not aware of, and for the great advice it offers on how to defend your online accounts.

Here’s Ryan’s comment:

Two-factor authentication is a must these days, and SMS-based codes are better than nothing. But this post is pretty timely for me, in that my Instagram account was hacked and stolen last month through SIM hijacking, also known as port-out scams.

The security of SMS as a second factor (“something you have,” your phone) is only as secure as your mobile phone carrier account. Someone called AT&T, pretended to be me, and had my phone number disconnected and assigned to a phone SIM they controlled. Bam, all accounts secured by text message were vulnerable. Fortunately (!), my hacker was only after one.

This is a great series of articles on these phone hacks. The one about Instagram is exactly what happened to me.

https://motherboard.vice.com/en_us/topic/sim-hijacking

You’ll definitely want to read the one on how to protect yourself from SIM hijacking. Short version? Set a separate PIN for account changes with your mobile carrier. And don’t use SMS as a second factor if there’s another option, usually a separate authentication app like Authy or using a VOIP service as your number like Google Voice (no SIMs to hack).

I was able to get my account back, against all odds, and was lucky. I lost all my photos posted since 2010, though. Starting over now.

Attempted Facebook hack

4 Replies

Don’t turn down any offers to set up two-stage authentication for access to your online accounts. With a two-stage setup, your password isn’t enough to access your important accounts. Usually you also receive a text message with an additional security code. I just had another experience demonstrating that it’s worth the occasional hassle to have this layer of security in place.

This morning I received an email that appeared to be from Facebook.

It was straightforward.

Hi Ian,

We received a request to reset your Facebook password.

Click here to change your password.

The email also contained a six-digit password reset code that could be used to authorize the new password.

And within about just over five minutes, I also received two text messages responding to requests for a password change.

The thing is that I hadn’t requested a password reset. So this appears to have been someone, or some bot, trying to get into my Facebook account.

Luckily, with the two-step authentication, they didn’t work.

And the Facebook email also advised: “If you didn’t request a new password, let us know.” I did respond, and was able to turn off routine requests for password changes.

Anyway, if you haven’t done so, I would say it’s a good idea to utilize two-step authorization wherever it is available. Today it helped to protect my Facebook account.

So you think Amazon must be incredibly well organized?

10 Replies

Quartz (qz.com) has a fascinating post about Amazon’s use of chaos as a basic operating principle.

Here’s the introduction:

Amazon promises unlimited two-day shipping on everything from toothbrushes to dressers for the tens of millions of people who have signed up for its Prime service. That’s a lot of packages—about 5 billion last year alone. Given that volume, “every opportunity to improve a process by a second is relevant,” a regional warehouse manager told Quartz.

To achieve one of the most efficient e-commerce operations on planet Earth, Amazon has set up warehouses that look like a live-action game of Chutes and Ladders—whizzing with a meticulously coordinated system of conveyor belts, slides, and machines that do various tasks, like attaching labels to boxes and checking weight for quality control.

The one thing it hasn’t organized at all? Inventory. Items aren’t arranged by size, shipment date, or any other system. They’re shelved 100% randomly, wherever workers can find a place to stash them.

In other words, one of the most efficient tech companies in the world embraces the organizational tactics of a teenager’s bedroom. How could this possibly work? (Spoiler: It does.)

Instead of being able to find things because everything has been put in its place, Amazon puts anything somewhere it finds a place. Then it scans the location of that item, and the robots do the rest.

“Instead of sorting and filing, in other words, products are basically indexed,” Quarts explains.

If you’re at all interested in how their system works, this is a fun and informative read.

How voice control is changing the internet

6 Replies

I have to admit being surprised by a Wall Street Journal story today predicting voice-activated digital assistants (like Amazon’s Alexa and Apple’s Siri) will have a disruptive influence on the internet and online commerce [“The Next Big Threat to Consumer Brands (Yes, Amazon’s Behind It)“].

One executive quoted in the story predicts voice will have as big an impact as, well, the internet itself.

“I believe voice is as big as the internet—and Google—when it came,” L’Oréal SA’s Chief Digital Officer Lubomira Rochet told the Journal.

The article focuses on how online shopping will be affected, but it’s implications are much broader.

In the next five years, half of searches on the web will be done via voice, estimates Sebastien Szczepaniak, a former Amazon executive who now heads e-commerce for Nestlé SA, the world’s biggest packaged-foods company. Consulting firm Capgemini says voice-assistant users will spend 18% of their total expenses via voice assistants in the next three years, up from 3% currently.

“Of all the disruptions that are taking place in all the things technology is bringing into our space, voice is among the most disruptive,” said Graeme Pitkethly, chief financial officer of Unilever PLC. “In digital investment this is our biggest focus.”

And that’s what surprises me. I’ve seen voice control as of limited utility, since there are so many settings in which giving voice commands would be difficult, impolite, or disturbing to others, even when they work as expected. I’m just much more comfortable with a keyboard, or touch screen, which seem to offer much more precise control when moving through digital space.

But these observers see it very differently, and they’re betting real money on the voice transition and scrambling to develop strategies to deal with it.

Their concern is that digital assistants like Alexa typically offer consumers a more limited number of options compared to what they would see visiting a web site.

Unlike in stores or online, where an array of brands get plenty of exposure, voice-search assistants like Amazon.com Inc.’s Alexa often steer shoppers to a single product, usually selected by an algorithm with no input from the sellers. That isn’t a big problem now, as voice searches account for a sliver of purchases. But it could be.

So what do you think? Is the future of the internet made up of people constantly mumbling into their digital assistants and accepting what they have to offer? Where are things moving?