Who is MiM and why is he here?

MiM, Man In the Middle, is the phrase of the day right now. Lenovo has been caught with their hands in the candy jar. They installed software that faked secure connections and placed ads on web sites you visited. Ads that were supposed to make money for Lenovo and likely replace ads of the webs site you went to so that they did not make any money, effectively taking the income away from them. Let me try to explain how this software is a bad thing for consumers.

In a MiM, you are contacting your bank to move some funds around.  You use the HTTPS link that makes a secure connection to your bank, This protocol swaps publics keys, high security certificates, to creates a key only known to each end of the connection allowing safe and secure communication over a public internet. Now comes the MiM part, the software installed by Lenovo routes your connection to a special server that makes a secure connection to you with a low security certificate, allowing it to see your communication to the bank, and then makes a second low security connection to the bank. No one else can see the transaction with the bank, except the Man in the Middle.

The Company used by Lenovo insists they are not monitoring these communications and perhaps they are not. The problem gets bigger when you realize the low security connection they use to put ads on web sites, you go to, is so weak that it can be used by the bad guys with ease.

Now for the even worse news. There are many other companies using this type of software than anyone realized. Here is a guide on checking your computers for this compromise.

If you want to expand your understanding of computer security, head over to Security Now at Twit.tv.

Posted in commentary, Security | Tagged , , , | Leave a comment

I count electric sheep

Today lets talk about AI, artificial intelligence. What is it and what will it do to us.

Even though there are mentions of intelligent machines like the mechanical Turk, I think the first artificial intelligence could be the Jacquard punch card loom.

So far the most apparent AI is decision making, if this then that. Based on a event, a yes or no question is answered. Our most recent AI innovation is the voice assistant on your smartphone. You are able to ask a question and have it parsed and answered by a system that takes into account your location, email, contacts and search history to offer up the most likely answer.

Will AI be in charge of our safety? We do have some robots protecting us, the intelligent cruise control that slows you down and brakes the car if needed. Anti locking brake systems. automated thermostats controlling the temperature of our homes.

Could they rise up against us? In Isaac Asimov’s collection of stories titled “I Robot”, he proposes that robots will help us and have three basic rules to control their behavior.

 

  • A robot may not injure a human being or, through inaction, allow a human being to come to harm.
  • A robot must obey orders given it by human beings except where such orders would conflict with the First Law.
  • A robot must protect its own existence as long as such protection does not conflict with the First or Second Law.

While there are several science fiction stories that propose our computer/robotic overlords are already in charge, for the most part, our robots have not risen to the level that these rules can be programmed. Some feel that the rules may fall short of protecting us in their simplicity.

 

Can AI have a soul?

Some religions believe that only man can have a soul. Others that animals carry the spirits of our ancestors as we make our way through existence. Still others that the whole of creation is in us all, evens the objects around us.

What’s your thoughts on AI and robotic servants?

Posted in commentary | Tagged , , , , | Leave a comment