Android takes aim at ISP surveillance with DNS privacy | Naked Security

Android takes aim at ISP surveillance with DNS privacy; John E Dunn; In Naked Security; 2017-10-27.

Mentions

  • Transport Layer Security (TLS)
  • Server Name Identification (SNI)
  • DNS-over-TLS
  • Port 853
    like Port 53, but with TLS.
  • Android, not specific to Android
  • Google DNS
    • 8.8.4.4
    • 8.8.8.8.
Implementations
  • none
  • <claim>even Google’s DNS service doesn’t support it yet.</claim>

Alternatives

  • DNSCurve
  • Confidential DNS
  • DNS-over-DLTS (DNSoD)
  • DNSCrypt
  • DNS-over-TLS
Separate
  • DNSSEC

Background

  • Investigatory Powers Act (IPA)
    • United Kingdom (UK)
    • commenced 2016-11
    • a.k.a. “Snooper’s Charter”

Referenced

Promotional

Previously

In Naked Security

How Smartphones Hijack Our Minds | WSJ

How Smartphones Hijack Our Minds; Nicholas Carr; In The Wall Street Journal (WSJ); 2017-10-06 (paywalled).
Teaser: Research suggests that as the brain grows dependent on phone technology, the intellect weakens

tl;dr → <quote>[people] aren’t very good at distinguishing the knowledge we keep in our heads from the information we find on our phones or computers. </quote>

Books

  • The Shallows: What the Internet Is Doing to Our Brains, W. W. Norton, 2011-06-08, 404 pages, ASIN:0393339750: Kindle: $9, paper: $10+SHT.
  • Utopia Is Creepy, and Other Provocations, W. W. Norton; 2016-09-06, 384 pages, ASIN:0393254542: kindle: 10, paper: $8+SHT.
  • and [many] other books
    …in the boosterist and anthologized thinkpiece longread blogpost genres e.g.

    • The Glass Cage: How Our Computers Are Changing Us, W. W. Norton, 2015-09-08, 288 pages, ASIN:0393351637: Kindle: $9, paper: $6+SHT.
    • IT Matter? Information Technology and the Corrosion of Competitive Advantage, Harvard Business Review Press, 2004-04, 208 pages, ASIN:1591394449, Kindle: $20, paper: $0.01+SHT.

 

Mentions

  • “available cognitive capacity”
  • “fluid intelligence”
  • “brain drain” (a technical term, attributed to Ward et al.)
  • “supernormal stimulus”
  • “data is memory without history”, attributed to Cynthia Ozick.
  • the “Google effect,” strictly, pertains to information retrieval.

Exemplars

…they are bad…
  • Apple, iPhone
  • Facebook
  • Google
  • Samsung [Android]

Who

  • Maarten Bos, staff, Disney.
  • Kristen Duke, staff, University of California, San Diego (UCSD).
  • Ayelet Gneezy, staff, University of California, San Diego (UCSD).
  • William James, boffo, quoted circa 1892.
    Expertise: psychology, philosophy.
    Honorific: pioneering .
  • Cynthia Ozick, self.
    Trade: scrivener, dissent.
  • Betsy Sparrow, staff, Columbia University.
    Expertise: psychology.
  • Adrian Ward, professor, marketing professor, University of Texas at Austin (UTA)
    Expertise: psychology, cognitive psychology
  • Daniel Wegner, Harvard.
    deceased.
    Expertise: memory

Referenced

  • Many Unlock Events Per Day; video segment; ABC News; WHEN?.
    …Where more Americans get their news than from any other source [grammar police be damned!]
  • Some Survey, Gallup, 2015.
    tl;dr → <quote>Over 50% “can’t image” life without a cellphone.</quote>
  • Adrian Ward, et al. A Study. That. Shows. In Journal of Experimental Psychology. 2015. pubmed:26121498
  • Some Authors. Another Study. That. Shows. In Journal of Computer-Mediated Communication, 2015.
  • Adrian Ward (U.T. Austin), Kristen Duke, Ayelet Gneezy (UCSD), Maarten Bos (Disney). Study. That. Shows. 2015.
  • Adrian Ward (UTA) et al.More Study. That. Shows. In Journal of the Association for Consumer Research. 2017-04. preprint. DOI:10.1086/691462.
  • Some Authors (University of Southern Maine). Another Study. That. Shows. In Social Psychology. psycnet:2014-52302-001
  • More Authors. Yet Another Study. That. Shows. In Applied Cognitive Psychology. 2017-04. another study. DOI:10.1002/acp.3323.
    tl;dr → N=160 & WEIRD (students) at the University of Arkansas at Monticello.
  • Even More Authors. Even More Study. That. Shows. In Labour Economics; 2016.
  • More Authors. More Study. That Shows. In Journal of Social and Personal Relationships. 2013. paywall. DOI:10.1177/0265407512453827.
    tl;dr → N=192, WIERD (students), University of Essex in the U.K.
  • Betsy Sparrow (Columbia), Daniel Wegner (Harvard), et al. Authors. Yet Another Study. That. Shows. In Science (Magazine). 2011. paywall.
  • The Internet has become the external hard drive for our memories; Staff; In Scientific American; WHEN?

Previously

In The Wall Street Journal (WSJ)…

W3C Payment Request API is Being Implemented in All Major Browsers | ProgrammableWeb

W3C Payment Request API is Being Implemented in All Major Browsers; Janet Wagner; In ProgrammableWeb; 2017-09-20.

Original Sources

Mentions

Participants

  • Chrome,
  • Edge,
  • Firefox,
  • WebKit.
  • Facebook
    • Facebook Messenger Extensions SDK
  • Samsung
    • Samsung Internet for Android 5.

Quoted

For color, background & verisimilitude…

  • Ian Jacobs, Lead, Web Payments Working Group, W3C.
  • Lukasz Olejnik, expert
    • Dr. Lukasz Olejnik
    • site

A Tale of Two Industries: How Programming Languages Differ Between Wealthy and Developing Countries | Stack Overflow

David Robinson (Stack Overflow); A Tale of Two Industries: How Programming Languages Differ Between Wealthy and Developing Countries; In Their Blog; 2017-08-29.

Promotions

Previously

In Their Blog

Actualities

Does disabling Wi-Fi prevent my Android phone from sending Wi-Fi frames? | INRIA

Célestin Matte, Mathieu Cunche, Vincent Toubiana; Does disabling Wi-Fi prevent my Android phone from sending Wi-Fi frames?; Technical Report, RR-9089, hal-01575519; INRIA; 2017-08-21; 15 pages.

tl;dr → No. Betteridge’s Law.

Abstract

No. We show that another option, called “Always allow scanning”, when activated, makes a device send Wi-Fi frames which can be used to track this device, even if the Wi-Fi switch is off. This option is not clearly described in all Android versions, and sometimes even not deactivatable. Besides, the Google Maps application prompts the user to activate this option.

Nearby Connections 2.0: fully offline, high bandwidth peer to peer device communication | Android Developers

Announcing Nearby Connections 2.0: fully offline, high bandwidth peer to peer device communication; Ritesh Nayak M; Android Developers; 2017-07-31.
Ritesh Nayak M, Product Manager, GoogleAlphabetGoogleAndroidThatTheyThem (Whatever it is they call themselves these days in the Android Division).

Mentions

  • As foretoldpromised at Google I/O 2017.
  • Google Play Services 11.0 and up
  • Nearby Connections uses
    • WiFi
    • Bluetooth LE
    • Classic Bluetooth

Concept

  • Offline mode (no need to contact Google’s mothership
    <snide>I’ll believe it when I see it</snide>
  • Fully Peer-to-Peer.
  • Switches among radio devices when possible.

Semantics

  • “Socket-like” connection semantics of ordered, guaranteed-delivered byte streams.
  • Topology
    •  Star: → 1:N topologies
    • Cluster → M:N topologies

Promotions

Sneaky devs could abuse shared libraries to slurp smartphone data | The Register

Sneaky devs could abuse shared libraries to slurp smartphone data; Richard Chirgwin; In The Register; 2017-08-04.
Teaser: Privilege escalation is baked in to mobile OSes, if you look for it

Original Sources

Vincent F. Taylor, Alastair R. Beresford, Ivan Martinovic; Intra-Library Collusion: A Potential Privacy Nightmare on Smartphones; 2017-08-11; 17 pages; arXiv:1708.03520

Mentions

  • Intra-Library Collusion (ILC)
  • Combined set of permissions across all instantiations of the library.
  • Privilege Separation

Michael Flossman (Lookout) reports that more than 4,000 Android apps secretly record audio and steal logs | Ars Technica

Researchers report >4,000 apps that secretly record audio and steal logs; ; in Ars Technica; 2017-08-12.

tl;dr → Some pro bono work results in a bug report.  Google has already remediated.

Original Sources

Michael Flossman (Lookout); SonicSpy: Over a thousand spyware apps discovered, some in Google Play; In Their Blog; 2017-08-10.

Mentions

  • SonicSpy
  • SpyNote, is similar

 

Users of the main smartphone operating systems (iOS, Android) differ only little in personality | Götz, Stieger, Reips

Friedrich M. Götz,, Stefan Stieger, Ulf-Dietrich Reips; Users of the main smartphone operating systems (iOS, Android) differ only little in personality; In Public Library of Science | One (PLOS | One); 2017-05-03; DOI:10.1371/journal.pone.0176921

Abstract

The increasingly widespread use of mobile phone applications (apps) as research tools and cost-effective means of vast data collection raises new methodological challenges. In recent years, it has become a common practice for scientists to design apps that run only on a single operating system, thereby excluding large numbers of users who use a different operating system. However, empirical evidence investigating any selection biases that might result thereof is scarce. Henceforth, we conducted two studies drawing from a large multi-national (Study 1; N = 1,081) and a German-speaking sample (Study 2; N = 2,438). As such Study 1 compared iOS and Android users across an array of key personality traits (i.e., well-being, self-esteem, willingness to take risks, optimism, pessimism, Dark Triad, and the Big Five). Focusing on Big Five personality traits in a broader scope, in addition to smartphone users, Study 2 also examined users of the main computer operating systems (i.e., Mac OS, Windows). In both studies, very few significant differences were found, all of which were of small or even tiny effect size mostly disappearing after sociodemographics had been controlled for. Taken together, minor differences in personality seem to exist, but they are of small to negligible effect size (ranging from OR = 0.919 to 1.344 (Study 1), ηp2 = .005 to .036 (Study 2), respectively) and may reflect differences in sociodemographic composition, rather than operating system of smartphone users.

References

There are 80 references.