About Apple Pay, no kidding!

24 04 2017

A shopaholic’s best friend

If a new technology or service hits the market it shouldn’t be accepted without qualification.

Here are my thoughts and reservations not only about Apple Pay but also about electronic payments with smartphones or smart watches in general.


Well, in your everyday life the easiest way to get rid of your -bogus- money is to pay cash. But carrying cash with you is followed by two risks: loss and mugging. Both may also happen to your password.

So there is a need to innovate and make payments secure and fast with something you always carry with you: eyes and fingers.

Admittedly you also carry your belly with you but after intense scientific researches it turned out that the waist circumference isn’t as unique as required.

Apple decided to use the fingerprint as the biometric identifier.

Your fingerprint might be unique but the technique to transform it into bits and later retrieve you as the actor can be buggy according to Murphy’s law.

So, what happens if things don’t go your way?

If you need support the worst case that can happen, a customer’s nightmare, is, that you have more than one partner. Here it’s Apple and your bank. Apple will say that they don’t have access to your data because the transaction isn’t done with real data but with generated tokens. The bank will tell you, that it’s not responsible for the technique and it suggests to contact Apple or, that your Axx processor should be repaired.

And what about the lost money?

It’s way to complicated to explain the strange redemption of John Doe’s or Mr A.N. Onymus’ money. Refunds are announced many times, according to legislation. But it seems that there are some unexpected black holes implemented in laws.

For God’s sake do not invest in any technique except your pillow (only halfway filled but secure). SMSs are winging it’s way to recipients in a jiffy but money still uses the Silk Road on the back of turtles.
Abso-fucking-lutely fuckers, that’s what bankers are when returning money or gaming via Investment Fonds, sorry, ASFs, aka Arrant Scoundrels Fonds.

Btw, did you know that ASF is also the official abbreviation for ‘African swine fever virus’?

Bankers are responsible for the financial crisis, they dashed people’s hopes, force people into poverty, and forward a very special legacy to our children, valuelessness.

So we learn:

Isn’t the law – still not adapted to activities in the Internet – a nicely flexible and bendable thing?

If you are a shopaholic or not don’t use the ultra-modern techniques. Get rid of your money by paying cash or using the old-fashioned credit card. Don’t trust all the involved techniques and transfers of data over thousands of miles via cables, servers, and through the air. They are not qualified to build up confidence.

I’m an Apple fan and trust in what Tim Cook tells us about privacy. But there should be limits because even Tim and his excellent engineers can’t kill all bugs living in Apple’s ecosystem. Some bugs are like bacteria, they are resistant. Some others are doing their job on the way to Maiden or other data centers.

Summary …

New kinds of electronic payment systems are not designed to reduce the costs but to get more personal data and force people to spend money they don’t have.

Why going a long way round? The next level of paying is to do it even without any device, just with your fingertip or your eye.

Follow Roman poet Ovid’s slogan Nip things in the bud (“Principiis obsta”) to prevent the society getting fully electronic instead of improving humanity.

Thanks for reading and
sorry for going ballistic.

If you ask me “Are you serious?”
my answer is “Nine times out of ten.”.





Bad Boys

4 04 2017

Strong efforts have to be undertaken to secure data in the digital world. Even your identity can be countermined if you think about a hacked social media account where a bad guy publishes using your name.


Sometimes hackers behave like terrorists and try to destroy everything they are able to. A victim could suffer humiliation, identity theft, and lifetime suspension from services and social networks.

So turn on 2-Factor Authentication.

2-Factor Authentication means “something you know” (like a password) and “something you have” (like a smartphone). Once you activated 2-Factor Authentication you have to use both, your password and an authorized device to sign in. To increase usability Apple as well as Google let you authorize a device to not asking for an authentication code again.

With 2-Factor Authentication security is drastically increased but not perfect at all. The only way to further increase the level is to use biometric identifiers (like a fingerprint) which are actually not supported for mobile devices. A standardized solution implemented in all operating systems would be a great step forward.

Many authentication processes could be made much more easier if “something you are” (fingerprint, iris) would replace “something you know” and it would increase security drastically if all these three methods are combined to identify yourself.

Regarding codes for 2-Factor Authentication …

There is an app for that. It’s AUTHY.

Running on your iPhone (even in the Notification Center) and on your Apple Watch it provides generated codes for the 2nd step of logging into your account.

Some background information

More about Bad Boys

Thanks for reading.





Overheating

9 10 2016

It happens not only with Samsung’s Galaxy Note 7 devices. So it’s good to know more about your smartphone’s energy pack.


If a Li-ion battery overheats, hisses or bulges, immediately move the device away from flammable materials and place it on a non-combustible surface. If at all possible, remove the battery and put it outdoors to burn out.

A small Li-ion fire can be handled like any other combustible fire. For best result use a foam extinguisher, CO2, ABC dry chemical, powdered graphite, copper powder or soda (sodium carbonate). If the fire occurs in an airplane cabin, the FAA instructs flight attendants to use water or soda pop. Water-based products are most readily available and are appropriate since Li-ion contains very little lithium metal that reacts with water. Water also cools the adjacent area and prevents the fire from spreading. Research laboratories and factories also use water to extinguish Li-ion battery fires.
(batteryuniversity)

More …

Li-Ion Batteries

Safety Concerns

Take care and thanks for reading.

Note
No, it’s not true that I took this photo of a burning Note 7 with my iPhone 6S Plus.





Insecurity of Security Apps

1 06 2016

Open systems are almost always open to bad guys. Only limitation (a rigorously implemented “sandbox mode“) adds value to your digital life. Openness is only needed if smartphones are designed to be play stations.

It’s the job of manufacturers to offer security.

Think of it like this:

You buy a car. Then you have to visit a market for accessories to separately buy the safety belts. Nobody would accept that.


Regarding mobile devices without wheels everybody should know that there are many bad as well as innovative guys often behaving like terrorists and always on the way to compromise digital identities.

So …

Again it turns out that running iOS is the best way to stay secure.

Here is the latest analysis of Fraunhofer SIT …

Insecurity of Security Applications


Note

If you want to keep a secret, you must also hide it from yourself.

(George Orwell)

Thanks for taking your time.





The new Porsche 911

20 12 2015

The new 911 only has Apple Car Play because Google is Nicht Gut.

So much for “Do No Evil.” There’s no technological reason the 991/2 doesn’t have Android Auto playing through its massively upgraded PCM system.

But there is an ethical one.

As part of the agreement an automaker would have to enter with Google, certain pieces of data must be collected and mailed back to Mountain View, California. Stuff like vehicle speed, throttle position, coolant and oil temp, engine revs – basically Google wants a complete OBD2 dump whenever someone activates Android Auto.

Not kosher, says Porsche.

Obviously, this is “off the record,” but Porsche feels info like that is the secret sauce that makes its cars special. Moreover, giving such data to a multi-billion dollar corporation that’s actively building a car, well, that ain’t good, either. Apple, by way of stark contrast, only wants to know if the car is moving while Apple Play is in use. Makes you wonder about all the other OEMs who have agreed to Google’s requests/demands, no?

(motortrend com)

  
Dire straits for companies whose business model is based on selling customer data, especially in Europe. Google damaged their reputation with collecting data extensively. People don’t trust this data kraken any longer.

Thankfully Apple just sells exciting products.

More …



13 Cool Facts about the 2017 911



Apple and Porsche, about similarities



When government comes knocking



CarPlay by Apple


Thanks for visiting iNotes4You.





I want you(r data)!

13 12 2015

Good news for customers of the “iPhone company” …

Apple earns five stars in this year’s Who Has Your Back report. This is Apple’s fifth year in the report, and it has adopted every best practice we’ve identified as part of this report. We commend Apple for its strong stance regarding user rights, transparency, and privacy.

(Who has your back? report, EFF 2015)

  


More …

About privacy

XcodeGhost Q&A


Always keep in mind this saying of George Orwell …

If you want to keep a secret, you must also hide it from yourself.


Thanks for dropping by.





Tim Cook about privacy

26 03 2015

An open letter from Tim Cook, CEO at Apple Inc. since August 24, 2011, regarding Apple products, services and beliefs …

At Apple, your trust means everything to us. That’s why we respect your privacy and protect it with strong encryption, plus strict policies that govern how all data is handled.

Security and privacy are fundamental to the design of all our hardware, software, and services, including iCloud and new services like Apple Pay.

And we continue to make improvements. Two-step verification, which we encourage all our customers to use, in addition to protecting your Apple ID account information, now also protects all of the data you store and keep up to date with iCloud.
We believe in telling you up front exactly what’s going to happen to your personal information and asking for your permission before you share it with us. And if you change your mind later, we make it easy to stop sharing with us. Every Apple product is designed around those principles. When we do ask to use your data, it’s to provide you with a better user experience.

We’re publishing this website to explain how we handle your personal information, what we do and don’t collect, and why. We’re going to make sure you get updates here about privacy at Apple at least once a year and whenever there are significant changes to our policies.

A few years ago, users of Internet services began to realize that when an online service is free, you’re not the customer. You’re the product.

But at Apple, we believe a great customer experience shouldn’t come at the expense of your privacy. Our business model is very straightforward: We sell great products.

We don’t build a profile based on your email content or web browsing habits to sell to advertisers. We don’t “monetize” the information you store on your iPhone or in iCloud. And we don’t read your email or your messages to get information to market to you.

IMG_3625.PNG

Our software and services are designed to make our devices better. Plain and simple.

One very small part of our business does serve advertisers, and that’s iAd. We built an advertising network because some app developers depend on that business model, and we want to support them as well as a free iTunes Radio service. iAd sticks to the same privacy policy that applies to every other Apple product. It doesn’t get data from Health and HomeKit, Maps, Siri, iMessage, your call history, or any iCloud service like Contacts or Mail, and you can always just opt out altogether.

Finally, I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.

Our commitment to protecting your privacy comes from a deep respect for our customers. We know that your trust doesn’t come easy. That’s why we have and always will work as hard as we can to earn and keep it.

Tim
September 2014

Thanks for a remarkable statement.

Summary …

I cannot validate any of Tim’s statements. It needs technicians to look at the details. But what I know is that there is no evidence to not trust in Tim’s announcement.

Related links …

Tim Cook, the job after Jobs

2-Step Verification

Apple and the NSA

Thanks for dropping by.








%d bloggers like this: