Stupid Patent of the Month: Microsoft’s Design Patent on a Slider | Electronic Frontier Foundation


For the first time ever, this month’s Stupid Patent of the Month is being awarded to a design patent. Microsoft recently sued Corel for, among other things, infringing its patent on a slider, D554,140, claiming that Corel Home Office has infringed Microsoft’s design. The design patent, as detailed by Microsoft in its complaint, is titled “User Interface for a Portion of a Display Screen” and entitles Microsoft to own this:

Source: Stupid Patent of the Month: Microsoft’s Design Patent on a Slider | Electronic Frontier Foundation

NSA Planned to Hijack Google App Store to Hack Smartphones

The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.

The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.

The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012.

The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting “at this time.”)

As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.

Previous disclosures from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for iPhones and Android smartphones, enabling them to infect targeted phones and grab emails, texts, web history, call records, videos, photos and other files stored on them. But methods used by the agencies to get the spyware onto phones in the first place have remained unclear.

The newly published document shows how the agencies wanted to “exploit” app store servers — using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.

Link (The Intercept)

Hello Barbie: Hang on, this Wi-Fi doll records your child’s voice?

Toymaker Mattel has unveiled a high-tech Barbie that will listen to your child, record its words, send them over the internet for processing, and talk back to your kid. It will email you, as a parent, highlights of your youngster’s conversations with the toy.

If Samsung’s spying smart TVs creeped you out, this doll may be setting off alarm bells too – so we drilled into what’s going on.

The Hello Barbie doll is developed by San Francisco startup ToyTalk, which says it has more than $31m in funding from Greylock Partners, Charles River Ventures, Khosla Ventures, True Ventures and First Round Capital, and others.

Its Wi-Fi-connected Barbie toy has a microphone, a speaker, a small embedded computer with a battery that lasts about an hour, and Wi-Fi hardware. When you press a button on her belt buckle, Barbie wakes up, asks a question, and turns on its microphone while the switch is held down.

The child’s replies are recorded, encoded, and sent in an encrypted form to ToyTalk’s servers, CEO Oren Jacob explained to The Register. The audio is processed by voice-recognition software, allowing ToyTalk’s systems to figure out what was said and how best to reply.

The doll is loaded up with scripts to read, and one of these is selected depending on what the kid said. If the tyke shows an interest in a particular past-time or thing, the doll’s backend software will know to talk about that – giving the kid the impression that chatty Barbie’s a good, listening friend.

Crucially, the recorded audio of children’s voices (and whatever else happens to be going on around them when they push the buckle button) is kept on ToyTalk’s computers. This material is supposed to help Mattel and ToyTalk improve Barb’s scripted replies. It’s also good test data for developing the voice-recognition code.

Link (The Register)

Samsung’s spying smart TVs don’t encrypt voice recordings sent over the internet

The telly only records what’s said in front of it after the wake-up command, such as “Hi TV”, is spoken – so it’s not recording all the time. This could change in a future firmware update, Lodge points out, but for now this is reassuring.

However, recorded voice commands are sometimes sent as encoded audio to an outside organization for processing – this applies to any commands more complex than, say, changing the volume. For example, spoken web search requests are piped to a company called Nuance to analyze and turn into query results sent back to the TVs.

A specific server receives data from the televisions in plaintext, and replies with unencrypted responses; for those itching to firewall off access, it is:

av.nvc.enGB.nuancemobility.net 208.94.122.45
The information is sent over port 443, normally used for TLS-secured HTTPS connections and typically not firewalled off. The stream is not encrypted, Lodge said. This allows a man-in-the-middle in the network to eavesdrop on the data and tamper with it.

Link (The Register)