Police In Canada Used BlackBerry’s Key To Read Encrypted BBM Messages

When it comes to mobile phones Blackberry pride themselves on their security, with many companies taking up the device as their go-to model thanks to its support and security features. It now appears that those security features may not have been so secure after all with the Royal Canadian Mounted Police (RCMP) gaining the ability to read encrypted BBM messages.

When it comes to encryption, companies are having to be careful with the likes of Apple going to congress to discuss just how much they can be expected to help and support law enforcement without oversight or detailed rulings on how and when they can access private data. In this case, the RCMP gained access to BlackBerry’s BBM (BlackBerry messenger) services by using the encryption that came with your everyday BlackBerry, meaning the only ones that were safe from this interception are those connected to enterprise servers.

If you weren’t connected to an enterprise server, your BlackBerry would have used a peer-to-peer key that is loaded into your phone when it’s built, something that the RCMP managed to gain access to and in turn granted them access to people’s encrypted BBM messages and conversations.

As part of an operating, titled Project Clemenza, the RCMP intercepted and decrypted roughly one million messages as reported by Vice news in a joint investigation with Motherboard, who in turn revealed that the RCMP actually had a server in Ottawa that acted like a mobile phone by simulating “a mobile device that receives a message intended for [the rightful recipient]”.

With BlackBerry looking to step away from mobile devices and into security consulting, this news couldn’t come at any worse of a time given that if the server is still operational (key and all) then without a large update to its phones, the RCMP could still be reading people’s messages to this day even after the operation ended in 2012.

Facebook Messenger Introduces Dropbox and Video Chat Heads

Facebook Messenger is a system built to help communicate through the popular social network, but the latest features look to bring it closer to email with Facebook Messenger introducing dropbox features and even adding a chat head imagine to your video calls.

The dropbox features allow you to add in dropbox files just like you would add an emoji, the end result being the ability to go through files and directories on your dropbox system and send them just like you would any other file. Any photos or videos sent linked through the messenger will appear as if  you had sent them normally while other files will either be sent to download via the Dropbox app or as a hyperlink to download the file through the web.

Ever had a video call on Facebook messenger? Your entire screen filled with someone’s face, stopping you from contacting or responding to other messages. The new chat head feature will display your callers video in a little circle that you can place and drag around your screen, letting you get on with your browsing while you chat away. The feature could even support video chat amongst different applications and with both features set for release within the next few days, just watch out for the latest download.

Employers In The EU Can Read Your Private Messages At Work

It’s a slow day. Really slow and you’re bored, so you decide to fire up Facebook and check to see who’s messaged you. Twitter, Facebook, even your personal emails, we all have a way of communicating online. Might not be the best time to open up your personal messages at work though with the ECHR deciding that companies can read your private messages at work.

The European Court of Human Rights (ECHR) declared that as a worker while checking his yahoo messenger at work, it was perfectly in its right as a company to read those messages. The Judges ruled that in the end he had breached the company’s rules and it had a right to check his activity while at work.

This ruling now means that all countries that are part of the European Convention on Human Rights, including Britain, must now follow this decision.

While at work the employee checked his Yahoo Messenger, something he used for both personal and professional contacts. As it believed the account in question was for work, the judges ruled that the company had not been in error on checking the contents of the messages.

While a scary president it lies on several factors, firstly a company would have to have a computer policy in place that means they can read your messages (this policy is something anyone who works with a computer on a daily basis should read, especially if you message on it). As a second step, how would you prove if an account is being used for “work”? Ultimately it’s something that Judges will have to step carefully with, with the ECHR even saying that policies must also protect workers against unfettered snooping.

Image courtesy of Wikipedia.

Meet the Guy With the Largest Number of Facebook Friends

How many friends do you have on Facebook’s popular social media platform? Studies say that the average person between 18 and 28 years old has around 300, while older users have around 200. I personally have around 300 as well, but this guy from Melbourne would really make true Facebook users jealous.

Justin Tayler, a nightclub promoter, has reached the 5000 friend cap, making him one of the most popular people on Facebook. He says that people constantly communicate with him and leave likes/shares and other dozens of notifications, so it makes it very difficult for him to leave his account unchecked for a long time.

The guy started out as a PE teacher at a university and created his account back in 2009. He also had around 300 friends at first, but once he switched careers and became a nightclub worker, his friends list started to grow exponentially. His passion for nightclubs made him a very popular figure, having people adding him to their friends list to see what events he is attending.

The whole Facebook hype also brought him some business opportunities too. Tayler found out about a 17-year old who was throwing underage parties and making up to $1200 in entry fees. Of course, when you mix underage with parties, you don’t get something that authorities would agree with. So Taylor struck a deal with the kid and now he can still sale his tickets, but under adult supervision.

Thank you News.com.au for providing us with this information

Skype for Web Rolls out in New Beta Version for US and UK Users

Have you ever been to an internet café or wanted to Skype a friend or family member from a shared computer? It is really frustrating when you try to use it and you see they don’t have Skype installed, isn’t it? Well, Skype just made things simple for you.

Whether you have a Mac or Windows PC, or even a (compatible) mobile phone with internet access, you can now head on over to Skype for Web. I did mention compatible previously because I tried to sign into the web platform on my Windows Phone handset, to which I was redirected to a page telling me that my device is still not compatible with the web service.

Even so, you can grab any laptop or PC and sign in to view your conversations and get access to IM. On some platforms, the service even provides calls and video calls, though the feature may still be a bit buggy. But hey, that’s why you have “beta” in the service’s name, isn’t it?

Still, Skype really did a good job on providing a way to sign onto its service with just a web browser and even get the full Skype experience on some compatible hardware. You can head on over to Skype’s website to try it out. Also, let us know what you think about Skype’s new initiative!

Computers Can Now Talk To Each Other!


Sharing information between computers has long been an issue. Be it with a floppy disk or USB Memory Stick, or even other a wireless network, sharing information has long been limited by the hardware of the devices and occasionally a third device. Some companies wish to change this, and want to have your computer and phones talk to each other, in an almost literal sense.

Google’s latest extension, titled Google Tone, allows the transmission of URL’s via sound. By emitting a sound from one device, be it your computer or phone, and another device picking it up via Microphone the App plans to allow users to share URL’s with users as easily as just talking. The Extension for Chrome states that this will also work over phone calls or even google handouts, so next time you’re on skype or on the phone to someone you could send them a link to your favourite technology blog by simply pressing a single button. You can even send that funny cat video to all your friends at your restaurant table, be warned though, people on nearby tables with Tone would be able to pick up the link too.

Amid fears that the device would listen in on everything from the devices microphone, Google Tone can easily be disabled and even lowers the volume of devices it’s enabled on to allow transmissions to be picked up and sent clearer.

When broadcasting tone sends out a series of beeps that sound almost as if R2D2 was talking to you, so next time I’m watching Star Wars I’m going to see what websites R2D2 recommends.

Thank you Google for providing us with this information.

Voice Messaging Feature Arrives This April for the Xbox One

Microsoft is planning to get a voice messaging feature up and running on its Xbox One, which is due to arrive with the new firmware this April. Xbox One dashboard preview testers are said to be able to test the new feature this week, having them be the first to leave audio clips in their friends’ inboxes.

An interesting aspect of this feature is that it will allow Xbox One as well as Xbox 360 owners to exchange voice messages. Aside from the latter, Microsoft is said to be adding a new ‘What’s On’ section for the dashboard that would feature games and series tailored to a user’s preferences, as well as providing dedicated servers for users struggling with party chat connections.

Thank you Polygon for providing us with this information

Vector Smartwatch Says it Can Offer a 30-Day Battery Life

The Vector Smartwatch has been revealed at the annual luxury watch fair in Switzerland. The company stated that it will release the watch in two variants, a Luna round face and Meridian rectangular face. However, the most interesting thing about it is not its appearance, but its battery endurance.

Vector has announced that its smartwatch battery can last for 30 days. This however, is subject to a lot of debate, since nobody can believe a smartwatch can last that long during prolonged use.

The company is said to have former Timex CEO Joe Santana and ex-Nike Designer Steve Jarvis on board and although they haven’t revealed much about the gadget, it is said to give the user the ability to display messages on-screen, dismiss them with a flick of the wrist and even works with IFTTT commands.

In terms of compatibility, the Vector is said to be able to pair up with iPhones, iPads, Android and Windows devices. The smartwatch is expected to be released late this summer and come with a $340 price tag for the Luna model with brown leather strap or black nylon and a $199 price tag for the Meridian black nylon strap.

There are other models featuring stainless steel straps, but expect the price to match the quality of the material.

Thank you Endgadget for providing us with this information

Jaguar Working on Self-Learning Smart Car Personal Assistant

There have been a lot of talks about smart cars and their ability to make driving a lot safer suing self-driving technologies in order to eliminate human distractions and error from roads. There will even be a time where drivers can even send text messages, video call and browse the internet, but that time is still far away. Until then, Jaguar seems to have designed a piece of tech of its own for the Land Rover to make driving a lot safer, namely the Smart Assistant.

It is said that the Smart Assistant is able to identify the driver of the car based on a smartphone and learns his or her driving style and in-vehicle habits. The information is then ran through an algorithm which keeps track of background information, such as your calendar, traffic conditions and current weather, in order to predict and handle a variety of non-essential tasks. The Smart Assistant even starts before the driver enters the car, adjusting the seat, mirrors and steering wheel based on the individual’s likings.

Once the Smart Assistant learns the driver’s behavior behind the wheel, it can then handle tasks and perform small vehicle adjustments. For example, if a person calls his or her boss each morning, the Smart Assistant is said to ask you if it can initiate a call with your boss. The same goes when running late for work, having the Personal Assistant prompting if you would like to send a text message and notify about you being late.

There are a variety of activities which Jaguar’s Personal Assistant could help you behind the wheel, though the company states that the technology is currently in the works with no known release date planned. An interesting and unique feature present in the Personal Assistant’s design plans is the fact that Jaguar intends to make the tech cloud-based, meaning that if you want to rent a Jaguar when abroad on a business trip, it will still have your personal preferences available and in effect as soon as the car is available to drive.

Thank you Gizmag for providing us with this information
Image courtesy of Gizmag

Large Number of Pinterest Accounts Hacked, Weight Loss and Asian Fruit Spams Appear

Pinterest, the popular ‘virtual discovery tool’, has apparently been hacked again. This time however, there were no butt pictures in the spams (unfortunately). Nevertheless, a large number of accounts have been hacked and posts have even ended up even on Twitter.

The spam messages are said to be made out of weight loss bragging and asian fruit. Some of the latter post can be seen below:

The messages and content are funny, but this second incident also comes as a strong reminder that weak passwords are what leads to this type of incidents. The threat also increases with the popularity of the social media service. ComScore is said to rank Pinterest as the 39th most popular website in the US as of February 2014, having a value mark of over $5 billion. This means that it is a potential target for spammers, as what the second incident already suggests, and also other malicious activities.

Users are therefore urged to reset their passwords if their account appears to have been hacked and deauthorize any suspicious apps and services the account is paired to. Also, users should obviously refrain from clicking the link inside the spam messages to avoid having their accounts hacked as well.

Thank you TheNextWeb for providing us with this information
Images courtesy of TheNextWeb

Wi-Fi Calling Software Makes Its Way Into Two Sprint Handsets, More To Come

When smartphones and Wi-Fi found themselves packed in the same handset, Wi-Fi calling has been the most impressive thing which made T-Mobile stand out of the crowd in the US. That was back in 2007, however it looks like Sprint has its eyes on the same thing and started offering convenient perks to subscribers around the US.

Wi-Fi calling and text messaging is completely free of charge and can be used on any Wi-Fi network the handset connects to. This could be very useful when you are indoors, where your phone’s reception is not adequate for making any calls. However, the downside is the range of devices, having only two options at the moment.

The Samsung Galaxy S4 Mini and the Galaxy Mega are said to be the first two handsets to support the feature at first, followed by other handsets in the future. It’s not that great compared to T-Mobile which has a wide array of handsets, however T-Mobile also has 7 years of experience in this domain. It is interesting to see the outcome in the future though.

For owners of the latter Sprint handsets, a software update needs to be downloaded before using the Wi-Fi service. Once downloaded, owners need to go to the handset’s Apps folder and select ‘Wi-Fi Calling’ to switch to the service from cellular network. Sprint has also mentioned to look forward to new handsets being added to the list by the end of this year.

Thank you The Verge for providing us with this information
Image courtesy of The Verge

Severe SMS Vulnerability In Nexus Phones Revealed



Details were revealed about a potentially serious SMS vulnerability found in all current Nexus phones at the DefCamp Security Conference in Bucharest, Romania. The person responsible for the discovery is Bogdan Alecu, a system administrator at Levi9 and independent security researcher in Romania. When exploited, the attack can force the phone to reboot or destabilize certain services.

The method of attack simply relies on sending a series of Class 0 “Flash” messages to the target phone. Flash messages are typically used for emergency or security purposes, appearing on the screen immediately instead of going to the default SMS application. When such a message arrives, no sounds are made but the background is dimmed and a single dialog box appears on top. Once 20-30 messages pile up, assuming the user isn’t clearing them, it overloads the system and leads to a few potential side-effects. Most commonly, the result is an unresponsive device or an immediate reboot, but the Messages app or cellular radio may occasionally crash or freeze up in some instances.

[youtube]http://www.youtube.com/watch?v=FwfIZBM-UGM[/youtube]

In the event that the cellular radio crashes, it may have some more serious consequences. If a target has their SIM locked with a PIN code, the phone will not be able to reconnect until the code is entered. From time to time, it’s also possible for the cellular radio to seize up, which can only be fixed by restarting the device. This is problematic because there are no audible prompts and the malfunction won’t be seen until the owner unlocks their screen, leaving them without service for potentially several hours.

Alecu first notified The Android Security Team to the issue over a year ago, but initially received only automated responses. Continued efforts were mostly unsuccessful, leading to the decision to disclose the vulnerability publicly. To mitigate potential threats, he collaborated with Michael Mueller, a Technical IT-Sec Auditor, to develop Class0Firewall, an app designed to protect the smartphone from Class 0 messages if they reach the threshold of becoming a denial-of-service attack.

Bogdan notes that the current attack is only capable of destabilizing a phone, but theorizes that it might be possible to force remote code execution. Based on limited testing with devices from various vendors, the vulnerability appears to only affect the Nexus line running on all versions of stock Android through to the current release of KitKat. None of the OEM variants checked were susceptible to the attack.

Hopefully the publicity will prompt Google to release a patch to block the issue as quickly as possible. Even if a fix is rolled out, it’s not entirely clear if the Galaxy Nexus will receive it now that it is no longer getting OS updates. A security update should be issues to all Galaxy Nexus device though in oder to patch the severity of this issue.

Thank you Android Police for providing us with this information
Video courtesy of mdforum.ru