Privacy and Security
Lawful access examples abroad a horror story of spending, abuse and minor benefits
Feb 17th
by Nestor E. Arellano
Proponents of Bill C-30, otherwise known as the Protection Children from Internet Predators Act, say that it will merely bring Canada in line with other countries that have some form of lawful access and data preservation and retention legislation.
Nestor Arellano
This is precisely why Canadians should be worried if Parliament decides to let the bill pass in its present form.
There is no shortage of research which indicates that implementation of an online surveillance regime in the European Union and the United States have been fraught with flaws, abuse and costs ultimately shouldered by Internet Service Providers tasked by government to essentially snoop on their customers. Read the rest of this entry »
Is Vic Toews against freedom?
Feb 14th
By Brian Jackson
It’s hard to imagine what points Public Safety Minister Vic Toews thinks he is scoring when he describes those concerned about the implications of increased government Internet surveillance as supporting child pornographers.
The Conservative MP made the statement in parliament yesterday while defending the government’s planned legislation that will require Internet service providers to hand over customer information to police without a warrant. Apparently the debate, in Toews own words, is reduced to “stand with us or with the child pornographers.”
Such stark extremes haven’t been presented to the public since George W. Bush earnestly told the world that “either you are with us, or you are with the terrorists,” shortly following the Sept. 11, 2001 attacks. (Toews’ quote has already been added to the “with us or against us” Wikipedia entry.) Not only does the approach harken back to what is now a passé neo-conservative mindset, but it is actually a logical fallacy. Toews is arguing that child pornographers wouldn’t support the government’s proposed “lawful access” bill because it could lead to getting thrown in jail. Therefore, his broken logic goes, all those who oppose the lawful access bill must support child pornographers.
Brian Jackson, Associate Editor, ITBusiness.ca
Is the iPhone secure enough?
Feb 13th
by Claudiu Popa
According to popular expert opinion, there are seven areas in today’s mobile devices where vulnerabilities can create security or privacy breaches. Nowhere is this more true than in the paragon of mobile digital success: the iPhone. Nothing short of a juggernaut, new versions of the quasi-ubiquitous device have all but evaded attempts at hacking it by consistently introducing innovative new features and by leveraging a strategy of built-in obsolescence.
Claudiu Popa
It follows then that each of these areas corresponds to specific security controls, tactically building a ‘defense in depth’ approach to securing the iPhone for personal use. In practice, the original seven risk areas map to the following five safeguards:
1. The operating system
Avoid jailbreaking the phone. As Apple never tires of repeating, once jailbroken, it is exposed to a set of clear and present dangers that at least risk compromising the data stored inside.
2. Data encryption
While encryption for iPhone data is standard on the handsets, it has already been cracked and free software can now be used to compromise it. Use third-party tools such as SplashID, FolderLock, iDiscrete or eWallet to encrypt the data you depend on. Read the rest of this entry »
Spammers adopt new attack strategies for ‘New Year’
Feb 9th
by Paul Wood
The New Year saw an increase in global spam levels as spammers continued to take advantage of holidays and major current events in an effort to entice users to click on links in email messages. Attracting email recipients with tempting content is a popular social engineering tactic used both in spam, scams and other types of malicious attacks. The email messages are designed to have some relevance to the recipient in order to increase the chances of them unknowingly clicking on the links and visiting spam websites or potentially becoming infected in a drive-by attack.
Paul Wood
Symantec’s January Intelligence Report found that the New Year event itself presented an opportune theme for spammers. Symantec Intelligence identified a new tactic in spam emails that included URLs that related to more than 10,000 unique domain names. Each of these domains had earlier been compromised and the URLs pointed to PHP-based scripts hosted on the compromised websites, many of which referred to “New Year” in the file name. Some examples include, “HappyNewYear.php,” “new-year-link.php” or “new-year.link.php.” The PHP scripts simply redirected the visitor to the real spam website, but the potential for malicious use also exists. Read the rest of this entry »
It’s NOT “just a number!”
Jan 26th
by Ann Cavoukian
I am becoming increasingly concerned about the lack of understanding of a key privacy issue – the ease of data linkages in an ever-increasingly online world, that renders otherwise non-identifiable information, identifiable.
Ann Cavoukian, Information and Privacy Commissioner of Ontario
New analytic tools and algorithms now make it possible, not only to link a number with an identifiable individual, but also to combine information from multiple sources, ultimately creating a detailed personal profile of a personally-identifiable individual.
In this information age, people are sharing personal information about themselves in new ways, including through personal blogs and social networking sites. Imagine a scenario where your “anonymous” comments on a newspaper website or in an online chat forum could be tracked back to you personally, simply by linking your IP address and browser data across multiple platforms. Read the rest of this entry »
Wanted: Partners willing to take a leap of faith
Jan 24th
By Francis Moran and Leo Valiquette
In our last post, we spoke to Katie and Luke Hrycak, the sibling founders of CommentAir, about their challenges as technology entrepreneurs who do not have a background in technology. A process of self-education and aggressive networking to tap into the expertise of supportive advisors and mentors has been key.
The need to seek out external business and technical expertise of course extends to the team they must build to move CommentAir along. As a bootstrapped startup, they must not only find individuals who compliment their own strengths and weaknesses, but also share their passion and are willing to put in long hours without a regular pay cheque.
In this post, we take a closer look at what the siblings have learned about themselves, about building strong teams and how this must be applied to the business.
Who should be the next hire?
CommentAir took flight in early 2010. As we explored in the previous post, Zhu Li, a PhD candidate in wireless communication at Carleton, became Katie’s technical advisor and, now that he has returned home to Hong Kong, is on deck to serve as the company’s Chinese connection when the product is ready for mass production. (However, he has yet to join the company as a founder or employee.) CommentAir has also enjoyed the support of Carleton University professor Tony Bailetti and Ed Strange, coordinator of applied research and investigator of special projects at Algonquin College, who put together a student team with funding through Ontario’s FedDev program to work on CommentAir’s prototype.
While Luke and Katie have secured the support of a number of other advisors and mentors, their first true hire came this past summer, when they brought on board as chief designer and project manager Andrew Lowe.
“I went to go talk to him about manufacturing and plastics, and he liked the idea so we offered him equity in the company for his designs and knowledge on manufacturing and electronics,” Katie said.
For 2012, Katie and Luke are planning to add a technical cofounder as they work toward major field tests this summer.
“We need someone like this as soon as we start getting to either some major first tests or before a launch, because technical things are going to go wrong and it’s out of our knowledge base to fix them,” Katie said.
“I would like a telecom or electrical engineer, preferably someone who has many others to vouch for their work ethic and projects,” she added. “They have to also enjoy sports and understand why we are doing what we want to do. An entrepreneurial mentality isn’t a top priority, but definitely a creative mind that can work around unforeseen problems. It’s also important that it’s someone we can get along with.”
But there is a clear distinction between getting along with someone and always being in agreement with them.
“You won’t always see eye-to-eye with your team, and that’s a good thing,” Katie said. “Same goes with informal advisors and partners. It’s all about having different perspectives and taking them all into account. If you have anyone telling you the same thing as you’re thinking, that’s not good.”
“If they aren’t adding value, cut them loose,” Luke added. “Don’t wait and don’t look back. Trust your gut.”
What distinguishes a co-founder or partner from advisors, mentors?
“A partner is someone who is willing to get more involved in the day to day, and bring value beyond just advice,” Luke said. “They’re bringing a skill or trait that we lack, such as the technical know-how, or something to get us to the next stage.”
Or, to put it another way:
“Co-founders and team members are meant to cover each other’s butts when your reputation and product are on the line,” Katie said. “There are always people who will love your idea, but that doesn’t mean you should bring them on.”
But sometimes, an ideal team member may present themselves unexpectedly.
“Sometimes a team member will just fall into your lap, so always keep your eyes open and have in mind a checklist of what you want to add to your team,” she said. “If they believe in your idea and in you, they will come on for equity if you’re bootstrapping and not even question if there is a salary.”
Finding the right people depends on your qualities as much as theirs
Katie readily acknowledges that her greatest weakness as an entrepreneur is lack of life experience, something which cannot be acquired in a university lecture hall.
“Every single meeting or conversation I’ve had with a mentor has left me pretty much floored in just how much I don’t know but should, and how much work I have left to do,” she said. “In order to get over this, I’ve had to self-educate to become an expert in my areas of interest as well as in the business I want to run.”
On the other hand, she considers her greatest strength to be her people skills, which she has already used to her advantage to win advisors and mentors willing to share their expertise.
Luke, on the other hand, has come to realize that his biggest weakness is “assuming any obstacle can be overcome quickly, when in reality, it takes a while to overcome it. My strength is just the perseverance to keep at it over time.”
While they believe their strengths will serve to create a strong and close-knit culture in the business as it grows, they both agree that the best way to overcome their weaknesses is to seek out the input of others before making decisions.
“If we can do this bootstrapping and without having to take money from anyone, that’s the way we’re going to do it,” Katie said. “Keep it in the family and just build relationships with mentors to get the expert advice we need.”
Thinking about the future
While the expert advice they need may someday require bringing on board a savvy investor for a share of equity, Katie and Luke are not yet willing to give up that degree of control.
“It can obviously be beneficial to have someone hands on overlooking the entire operation,” Katie said. “I just don’t think we’re there yet so I haven’t put too much thought into who I would want to invest in us. Would I turn down money if the investor fit wasn’t right? We’ll cross that bridge if we get there!”
Meanwhile, the siblings are intent on building a business with the staying power to continue on without them.
“Some entrepreneurs just want to make big money and go retire on a beach, so they build their companies that way,” Luke said. “In our case, we want to build something that will continue on without us, but we will want to always have a hand in it. We want to take what we build and continue on to grow other businesses as well.”
In our next instalment, we will explore the challenges of paying the bills on a bootstrap budget.
This is the fourth article in a continuing series chronicling the growth path of CommentAir Technologies, a startup based in Ottawa, Canada. CommentAir is developing a wireless technology fans can use at sports venues to receive the same real-time commentary as fans watching from their televisions, a wireless technology that also creates a platform for targeted consumer interaction. We invite your feedback.
5 reasons why SOPA has to die
Jan 22nd
If you are wondering what SOPA is then you probably didn’t Wikipedia last week when it shutdown in protest. SOPA is a bill which the UScongress wanted to pass and it stands for Stop Online Piracy Act (SOPA).
It sounds harmless enough, after all we all want to stop piracy…don’t we! While we are against piracy we certainly aren’t against FREE SPEECH and SOPA takes it too far suggesting a China like authoritarian rule where record labels and cable companies have the power to shut down website because of alleged piracy acts, no matter how small the piracy act is….it may be as simple as you uploading a video of you and your family at a family bar-b-que with Lady Gaga playing in the background. You may be in violation and your website may be shut down.
Still not convinced, here are 5 reasons why SOPA needs to die…
Should You Feel Bad About Blocking Online Ads?
Jan 12th
by Claudiu Popa
I’m not a fan of banner ads, browser pop-ups nor of what’s come to be called behavioural advertising. I find that such promotion largely falls into two categories. The kind that has nothing to do with what I’m interested in, and the kind that is surprisingly well targeted to my personal interests.
Claudiu Popa
Since the former is irritating and the latter is downright creepy, I’m not likely to click on any online ads anytime soon. And I don’t think you are either.
That said, I’m certainly not against commercial promotion and far be it from me to pass judgment on one of the most profitable ways to spend – and make – money online ($25B in 2010 and an estimated $31B in 2011). I’m even sympathetic to the argument that online advertising keeps the Internet humming along as the subsidized services we practically depend on in turn depend on advertising dollars to resist the temptation to charge us. Read the rest of this entry »
3 awesome security tips for 2012
Jan 3rd
by Claudiu Popa
Everything I’m reading these days indicates that hacking and malware infections are going to increase in 2012. I don’t need to provide references here because everything you’re reading does too. Yet all the software you need to secure computers, both corporate and personal, is available for free. There’s everything from scanning and blocking to diagnosing and disinfecting the computing devices you depend on.
Claudiu Popa
So how come we’re poised for continued growth in data theft and general cyber-mischief?
In short, you’re the weakest link. If it weren’t for you, your computer would have a much higher chance of leading an infection-free existence, gracefully growing old and slowly descending into obsolescence. Instead, you may hear yourself thinking out loud: “it was fast at the beginning, but now it’s so slow I’m thinking of getting a new one”. This platform-independent mantra is no doubt very depressing for laptops and smartphones to overhear and even the shiny new tablets, smug in their reliance on a firmware-based operating system, aren’t too far behind.
What are your options? Panic? Trade in your new tablet for a stone tablet? Pester the one social recluse in your family with open-ended questions?
The latter is always a good idea (although you can’t go wrong with the first two either). Make sure you corner him (it’s always a ‘he’) at the family party this holiday season and don’t let him take another sip of the eggnog until he makes an effort to put his answers into plain English. Pull up a chair, make him feel special, for once!
Stone Tablet
In the failing case, here are three (because no one can really retain more than that anyway) tips for you to better understand computing security in general, and in particular over the next few months, as the reliance on technical attacks on all platforms (not just on mobile devices, PCs, or ‘in the cloud’) gives way to plain old abuses of trust). At the very least, you’ll sound smarter about this stuff, so here’s some sage advice:
1. Sometimes things that increase convenience may increase your security risk
Just one example: URL shorteners. These handy little tools (aside from the fact that they build clickthrough statistics) may send you to malicious destinations and may contribute to the security problems that plague social networking sites. So click wisely.
2. Sometimes it’s better to focus on the things that go out of your computer
We’re on the Internet for a reason: to explore and access information. Each click is a request, an a consensual invitation, an implied permission and an open door to receiving information. So when that response happens to be malicious, it’s difficult to see exactly what it’s doing inside your computer, but it’s relatively easy to block unauthorized software from ‘calling home’ and initiating outbound connections of its own. So look for personal firewalls with egress filtering and be cautious about approving connection requests.
3. Sometimes things that protect your privacy may decrease your security
You know that little ‘lock’ icon everyone tells you to look for when completing online purchases? And the ‘secure tunnel’ your IT guy tells you about when installing your remote access VPN into the office (so you can be ‘productive‘ from home, naturally)? Those are great things. They protect the confidentiality of the data that you exchange with the big bad Internet, and also serve to protect your privacy. But they also make it next to impossible for security tools to inspect data traffic, see malicious code and the details of hacking attacks as they come and go. So use with caution, and appreciate that once encrypted, both good and bad data is protected from prying eyes (and be sure to have a memory resident scanner to detect the latter just before or immediately after scrambling).
Enjoy 2012 and if you know someone who could use the information, don’t hesitate to suggest this blog.
Burning the candle at both ends as the clock ticks down
Feb 22nd
Posted by Francis Moran in Managing Business
1 comment
As we have discussed before, Katie and Luke Hrycak, the sibling founders of CommentAir, are bootstrapping their venture around their day jobs, an approach that calls for certain sacrifices.
Business meetings after 9 p.m., letting the wardrobe grow threadbare and valuing every dollar of friends and family financing is par for the course.
“I think the most difficult aspect about bootstrapping is resisting the urge to job search for something that will pay a ton, and also letting it take up all of your time,” Katie said in our first post. “People get accustomed to certain lifestyles and it is very difficult to let that go. You have to commit to a job that is less challenging for less money, but ultimately allows you more time for your own venture.”
In this post, we will talk in more detail about what it takes to keep the lights on, the need to delay gratification and at what point an outside investor may come into the picture.
Taking the lean approach to heart
There is no doubt that these dogged entrepreneurs are living on hope and aspiration. Katie works 30 hours a week, while Luke is full-time and saddled with debts from a previous failed venture. Christmas gifts were covered by credit cards that have yet to be paid and the pair must live vicariously through friends when it comes to trips or shelling out for that fancy new smartphone.
Katie, however, focuses on the upside of having to monitor and curtail expenses.
“It’s made me a bit of a minimalist in a way,” she said. “I’ve sold a lot of my things and live much leaner and without any clutter. If you’re bootstrapping, any spare dollar you earn either from your day job or (any other source) is invested back into the business.”
Lack of a cash reserve keeps them working around the business, which requires a great deal of self-discipline. But the siblings realize that, as CommentAir moves along, they will at some point need to make a choice and commit to building the business full time. Read the rest of this entry »