Stupid merchants doing stupid things – we need a flashmob for Apple Pay

 Shopping with iPhone

★ Retailers Are Disabling NFC to Block Apple Pay
[Via Daring Fireball]

Eric Slivka, reporting for MacRumors:

Earlier this week, pharmacy chain Rite Aid shut down unofficial support for the Apple Pay and Google Wallet mobile payments systems, resulting in an outcry from users who have been testing out Apple’s new system since its launch on Monday. Rite Aid was not an official Apple Pay partner, but the payments system generally works with existing near field communications (NFC) payment terminals anyway, and many users had had success using Apple Pay at Rite Aid stores early in the week.

It now appears that fellow major pharmacy chain CVS is following suit and as of today is shutting down the NFC functionality of its payment terminals entirely, a move presumably intended to thwart Apple Pay. Google Wallet services are obviously also being affected by the move.

These retailers are part of a group (Merchant Customer Exchange, “MCX”) working on an upcoming mobile payment system called CurrentC. Here’s an article about CurrentC by Debbie Simurda, writing for Mainstreet Inc., a point-of-sale provider:

CurrentC mobile payments platform by Merchant Customer Exchange (MCX) is a mobile wallet being developed by a group of major retailers who want greater control of payments, their mobile brand and mobile customer experience. They want to keep more of their customer data, rather than ceding to technology companies. MCX was established in 2012 and currently consists of 59 participating retailers, many large Tier 1 merchants, across all segments. […]

[More]

A stupid authoritarian response to a distributed approach. Of course it will fail.

So, let’s inconvenience millions of customers, not let them use theur credit cards the way they want, only use debit cards or store-bought gift cards.

What Apple gets and what no one else in the industry does is that using your mobile device for payments will only work if it’s far easier and better than using a credit card. With CurrentC, you’ll have to unlock your phone, launch their app, point your camera at a QR code, and wait. With Apple Pay, you just take out your phone and put your thumb on the Touch ID sensor.

These stores do not care about the customer’s experience. They see the customer in the same way many sociopathic corporations do – as sheep to he sheared. So, let’s make it impossible for millions to use a convenient payment system.

All so they can make a little more money. And by keeping the customer’s data for themselves.IN contrast, Apple Pay does not store any customer’s data.

They hope to win. To beat Apple. By making it harder for customers to pay. Idiots.

They’re doing this so they can pursue a system that is less secure (third-party apps don’t have access to the secure element where Apple Pay stores your credit card data, for one thing), less convenient (QR codes?), and not private.

So when I walk into Best Buy, select a $800 TV to buy, walk up to pay and pull out my iPhone (because why carry credit cards) to use their NFC system, I will find out that Best Buy has actually shut down its wireless payment system to prevent me from paying.

So I will just walk away and they lose a sale. What if 10 of us do this is a row? How about 10 of us at 100 different stores, at the same time? $800,000 lost in sales. Maybe they would get the message.

A flash mob for Apple Pay!

No, freezing eggs is not like Nazi Germany

Freezing Worker Eggs: Are Apple and Facebook Playing God? (Germany, France, Switzerland)
[Via The Moderate Voice]

human-egg-micrograph-hitler-caption_pic[1]

Over the past year and a half, as the scale of the global mass surveillance being pursued by the National Security Agency in collaboration with America’s tech giants has become clear, these corporations – Apple, Facebook, Google and Microsoft – have become objects of derision for Americans and people around the world. Now it seems there is new cause to look upon these firms with suspicion. Over the course of the past few days as news emerged that Apple and Facebook have instituted plans to pay for female employees to freeze their eggs for later use, columnists in other nations have expressed concern that they are blithely playing God with life itself. Worldmeets.US has translated columns from three countries on the subject, all outlining the likely ramifications of these policies:

[More]

This is just insane. Apple offers up to $20,000 for infertility treatments. They just increased the infertility procedures they will pay for/ That is all that is going on here.

Making it easier to have more children!

These procedures include all sorts of things, up to in vitro fertilization. As part of most in vivo fertilization protocols, many eggs are harvested at once, so that they only have to be retrieved one time. After the procedure, any extra eggs are frozen, to be used if the procedure does not work the first time.

So, Apple will pay for the eggs that are frozen, instead of the patient being forced to do this out of pocket. Making it easier for women to use in vitro fertilization to have more children.

This is not eugenics and not fascism. Apple is not forcing women to have their eggs frozen. It is not part of any genetic manipulation of eggs. 

It is an added benefit used mainly by those who want to have children. It is not preventing children from being born. It is providing added choices for FERTILITY! To have more children.

Just as Apple also provides money for adoptions. And for 18 weeks paid maternity leave. And 6 weeks paid paternity leave.

Funny how a significant benefit for women to have more children is turned by the media into an exercise of Godwin’s Law.



The new iMac is what the Mac Pro used to be

New iMac 

Apple’s matchless iMac with Retina 5K display is its most expensive ever
[Via MacDailyNews]

// <![CDATA[

google_ad_client = "ca-pub-9654279268749293";
/* Article Body, 336x280, Above the fold */
google_ad_slot = "0670981169";
google_ad_width = 336;
google_ad_height = 280;
//-->

// ]]>

“Apple yesterday launched its most expensive-ever iMac, the $2,499 iMac with Retina 5K display, a desktop that will appeal to not only professional creative customers but also well-heeled consumers who want the very best money can buy, analysts said,” Gregg Keizer reports for Computerworld. “‘Clearly, it’s a good machine for creative professionals,’ said Ezra Gottheil of Technology Business Research, in an interview yesterday. ‘But it’s also for those where money is no object, who want a very good PC.’”

“‘It’s both a niche product and a premium mass-market product,’ said Patrick Moorhead, principal analyst at Moor Insights & Strategy. ‘It’s for professionals who don’t need the absolute best, like a Mac Pro, but also for prosumers who just want the best,’” Keizer reports. “Not surprisingly, Apple spent much of the iMac’s time in the spotlight yesterday touting the display, which offers 5120-by-2880-pixel resolution. ‘This is the world’s highest-resolution display,’ boasted Philip Schiller, Apple’s top marketing executive, who presented the 5K Retina iMac at Thursday’s event.”

[More]

I’m in the market for a new computer. While still very productive with my early 2008 Mac Pro, it  is beginning to slow down some. I looked at the new Mac Pro, because that is what I have always used for work – that is, the top of the line Macs with respect to speed, etc.

The current Mac Pro is just way too much muscle for me and way too expensive.

So I looked at the new iMac. And it fits exactly what I need. At close to the price I have always paid. 

Now when to pull the trigger?

How distributed democracy permitted a team to play top flight soccer

 Soccer 286

Meet the smallest team ever to play in elite European soccer
[Via Quartz]

Barcelona’s soccer team later today will host a match in its legendary stadium, Camp Nou, where the club regularly plays in front of 98,000. Barcelona has won La Liga 22 times and the European Cup four times. Its opponents are much less renowned, though, in their own way, no less remarkable.

The club from Eibar, a small town in the Basque country, is playing in Spain’s top division for the first time ever. Last year, its budget was €3.2 million ($4.1 million), which wouldn’t cover the annual salary of Lionel Messi, Barcelona’s star player. The team’s stadium holds 5,200 and average attendance last year was 2,900—which makes Eibar the smallest team ever in the history of La Liga. It is quite likely that that it is the smallest team ever to play in any of the top divisions of the major European leagues of England, Spain, Italy, and Germany. For example, in England, you have to go two divisions below teams like Manchester United and Chelsea to get to attendances below Eibar’s.

[More]

They qualified for the top division but did not have the money. After osing in court, they needed several million dollars to play.

Luckily for them, we now have to the tools for people around the world to support organizations that they like – the team crowdfunded the money.

The plucky team had the lowest budget of the 80 teams in the second division. They have no debt.They are a great example of how to succeed without  needing to spend huge amounts of money.

Yet they won enough games to be promoted up to the top league. So they used that same attitude to ask people from around the world to help.

And they did.

A 90-year-old who has been a member since 1945 bought the share that let the team reach its goal. Now all the names of the shareholders are on a wall in the Eibar stadium, primarily featuring locals but—in a sign of how much this plucky team caught the imagination of soccer fans everywhere—also people from more than 50 countries.

This is how distributed approaches can overcome obstacles to achieve success. we continue to see more of this every day.

Unbreakable Apple encryption – 80 milliseconds may be key

System Lock 

 Why can’t Apple decrypt your iPhone?
[Via A Few Thoughts on Cryptographic Engineering]

Last week I wrote about Apple’s new default encryption policy for iOS 8. Since that piece was intended for general audiences I mostly avoided technical detail. But since some folks (and apparently the Washington Post!) are still wondering about the nitty-gritty details of Apple’s design, I thought it might be helpful to sum up what we know and noodle about what we don’t.

[More]

Nice explanation of how Apple has secured the iPhone. No backdoors. Apple holds no keys. The phone takes your password, mixes it with a specific number for each phone (UID), and runs it through a slow derivation function to get the passkey used for all on phone encryption. What does the slow derivation function do?

The Apple Key Derivation function ‘tangles’ the password with the UID key by running both through PBKDF2-AES — with an iteration count tuned to require about 80ms on the device itself.** The result is the ‘passcode key’. That key is then used as an anchor to secure much of the data on the phone.

Apple used a dedicated line on the chip to put the key into the secure enclave. Software can put it in when you change a password but cannot extract it out. The only thing that can be done is to brute force the password by trying every single combination.

Now, normally, the authorities can use a class F supercomputer, capable of trying a billion passwords a second. This means that even if your password mixed lower case, upper case and special symbols and was 8 characters in length – 96 possible characters and a whopping 7.2 quadrillion possible combinations – the class F could find it in less than 3 months.

The authorities know that any phone they want to crack can be with a brute force approach. Well, that used to be true.

See that 80 ms requirement. Since the only thing to do is brute force the password, that 80 ms becomes important, as I wrote before. It slows down even the Class F. Instead of a billion tries a second, it can only do 12.5. 

This means that even an 8 digit passcode using only numbers would now take 3 months. Instead of instantly.

Before, they could just ask Apple to crack it for them. Because it held a backdoor key. But now Apple no longer can do that.

It means that pretty much no one can get the data off your phone, especially if you use even a simple password with 6-8 characters.

And Apple lets you use a passcode up to 37 characters long.

The only way to get an iPhone cracked is to get a warrant requiring the owner to open it. No more being able to use a third party to do it for the authorities.

So we are back to what used to be the status quo.

Apple wins at Global Thermonuclear War by refusing to play the game the FBI wants it to.

 War Games (1983)

iPhone Encryption and the Return of the Crypto Wars
[Via Schneier on Security]

Last week, Apple announced that it is closing a serious security vulnerability in the iPhone. It used to be that the phone’s encryption only protected a small amount of the data, and Apple had the ability to bypass security on the rest of it.

From now on, all the phone’s data is protected. It can no longer be accessed by criminals, governments, or rogue employees. Access to it can no longer be demanded by totalitarian governments. A user’s iPhone data is now moresecure.

To hear US law enforcement respond, you’d think Apple’s move heralded an unstoppable crime wave. See, the FBI had been using that vulnerability to get into people’s iPhones. In the words of cyberlaw professor Orin Kerr, “How is the public interest served by a policy that only thwarts lawful search warrants?”

Ah, but that’s the thing: You can’tbuild a backdoor that only the good guys can walk through. Encryption protects against cybercriminals, industrial competitors, the Chinese secret police and the FBI. You’re either vulnerable to eavesdropping by any of them, or you’re secure from eavesdropping from all of them.

Backdoor access built for the good guys is routinely used by the bad guys. In 2005, some unknown group surreptitiously used the lawful-intercept capabilities built into the Greek cell phone system. The same thing happened in Italy in 2006.

[More]

WarGames was a prescient movie. The scene above could almost be used today, with authorities complaining about iPhone security.

We have fought this battle many times. Personal security always wins and the authorities find other ways to legally do their business.

All this means is that the authorities can no konger go around the user and seek out third parties to threaten, third parties who seem to have no skin in the game,

But, in the post-Snowden age, this approach has signifiant and detrimental effects on the business models of the third parties. Now they do have skin in the game as countries where they sell their goods become suspicious.

So, Apple takes the very smart path – simply remove itself. The only way for it to win is to not play the game.

Now the FBI and others still have lots of access to data – anything on the cloud or in teleco servers.  They just need to get a specific court order to access a smartphone from Apple.

Distributed democracy wins again. For now.

DEA creating fake social media pages – another reason to lockdown your phone

 Handcuffs

 

Drug agency sued over its fake Facebook account
[Via AP]

The Drug Enforcement Administration set up a fake Facebook account using photographs and other personal information it took from the cellphone of a New York woman arrested in a cocaine case in hopes of tricking her friends and associates into revealing incriminating drug secrets.

The Justice Department initially defended the practice in court filings but now says it is reviewing whether the Facebook guise went too far.

Sondra Arquiett’s Facebook account looked as real as any other. It included photos of her posing on the hood of a sleek BMW and a close-up with her young son and niece. She even appeared to write that she missed her boyfriend, who was identified by his nickname.

[More]

Yep, they simply created a fake Facebook page using photos from a confiscated phone:

In a court filing in August, the Justice Department contended that while Arquiett didn’t directly authorize Sinnigen to create the fake account, she “implicitly consented by granting access to the information stored in her cellphone and by consenting to the use of that information to aid in … ongoing criminal investigations.”

The photos showed her in sexy, provocative positions as well as including family members  who appear to be underage.So if you ever give the DEA access to your phone, they can use whatever information they find. For anything if they call it an ongoing criminal investigation.

Glad I have an iPhone 6. That way they will have to get a warrant which should spell out exactly what they can and cannot do.

Follow

Get every new post delivered to your Inbox.

Join 451 other followers

%d bloggers like this: