Mark Pincus: Hey Mike, since you know we're in our IPO quiet period, can you write a rebuttal to that NYTimes article for me? I'll give you an interview or let you invest in my next deal.
Michael Arrington: Sure thing! You better speak at my next conference!
Mark Pincus: Okay, here are some talking points:
- Blame everything on EA.
- I actually think we offer too many perks, point that out
- I think Roger McNamee is still upset I never let him invest, so he's basically just a sore loser
Can you be sure to include that in the article?
Michael Arrington: This looks great! It will go well with my other piece defending your terrible labor practices!
Yeah, because an anonymous HN commenter knows more about the state of American education than the guy who ran the company that provided American schools with leading-edge technology for the past 3 decades.
How exactly does selling computers to schools make you an expert in education.
I think it would be better to focus on making schools better rather than just telling students to spend more time at them.
Or have the students there for 40 hours a week, but ban homework. Use the extra time to get it done at school.
Then students will actually do it, and they don't have to worry about it at home anymore. Plus you don't have kids going to school for 40 hours then being expected to do an extra hour of homework at night.
Okay, so you kissed up to Color's PR team, got access to the app early, participated in a carefully staged demo, and it seemed cool?
The problem here is that you have no incentive to tell us that Color sucks. Doing so means that you'll never get access to any previews or exclusives from them. Meanwhile, since we're just a bunch of anonymous nobodies, you can bullshit us about how Color's stupid idea about personal video broadcasting is "surreal."
This is the beginning of the end for Android as an open platform. Google will have a financial incentive to release the best phones as Motorola devices. I would not want to be HTC today.
I like how Larry Page talks about IP in the blog post. After all of that talk about how patents were overpriced, Google comes out and spends more money than anyone on acquiring what is basically a terrible handset maker with a large IP portfolio. At the end of the day, Google does what's best for Google.
Google has got to play the game until the rules of the game change. They need patents for protection. Yes, the patents are overpriced, but does Google have a choice?
Android tablets are being pulled from shelves. What should they do? Just concede the market to Apple for the decade or so a serious attempt at patent reform will probably take? They're still not offensively suing anybody.
But it's not clear how Google can break the cycle by themselves. If Google were to say no to patents, without there first being major reforms to the patent system, then they would be slowly squeezed by their competitors patents until they ran out of juice.
It's all about execution. It's not like it hasn't been in HTC/Samsung/Etc's best interest to release the best phones they could. Google showed as much with the Nexus line (same manufacturer, better handsets).
I don't think Google is interested in making profits with hardware sales. It is still about getting Google search into as many hands as possible (and collecting lots of data).
So it's clear: this post claims that there is a man-in-the-middle attack possible over 4G networks that allows an attacker to own and capture data from an Android device, including texts and calls. If this is true, and if the media gets around to this, enterprise deployments of Android devices are truly screwed.
It's not the same scope as a claimed 4G attack, but you can already intercept voice and some data on every US GSM network with openbts/gnu-radio; it's pretty trivial to set up an IMSI-catcher with them. This[1] is from Defcon 18 in 2010; I've recently watched someone set up a rogue tower in a lab environment.
(This probably goes without saying, but I'll say it anyway; if you do this in the wild and you don't take precautions for handling emergency calls, you're probably a bad person.)
GSM implementation insecurity hasn't affected iphone or blackberry enterprise deployment, not sure why it would affect android.
The exploit code targeted 4G users on Android, so yes, Android was (one of) the attack vectors. Or rather, certain carriers poor implementations of 4G on Android.
You can't mask wifi as a mobile broadband connection. (If you know how to do it, please share - I'd be interested to know!)
I'd venture to guess they hacked some of the femtocell gear, or maybe used for the evil the gear from openbts project.
It's sad, really. These people are not too stupid at least in the technology area. It would be so great to have their skills directed at making the world good. Like, providing the connectivity somewhere in the villages in lalaland far away. Alas.
I think doing it in a place where people will (eventually) figure it out helps. Hav fun at someone's expense, but get the genie out of the bottle and in front of the public a bit faster so we know it can be done and get it fixed.
Some of my friends bring burner/throwaway/blank phones to Defcon, and this is why.
I guess not everyone is as altruistic as you, dedicating their time to societally useful things like talking about intercepting cell phone communications on HN.
Not saying this was what happened, bu my netbook lists my broadband as Verizon Broadband Connection and displays it under wireless networks. If someone were to make a publicly available wifi hotspot under the same name, there is the possibility that someone not expecting the possibility of this to happen, to connect to the hotspot instead. Very low tech in nature, but just a random possibility.
While in the US I've seen devices that have a SIM card and WiFi. I don't remember if it was Verizon or not, though. It could be that you use one of these ?
Or you insert the SIM card into the notebook itself ? If yes, would be curious to know which OS is it - I remember seeing that Windows grouped the 3G and WiFi connection settings into the same dialog, but since I do not use windows at all nor have a laptop h/w which would grok a SIM card, can't check.
And the theory you describe with the same SSID - indeed that would be very much possible to pull off. Assuming there is a nation-wide standardized SSID, it could easily trick people into connecting to it.
Mine has it built in, and it's a Windows netbook. The wifi and 3g are indeed grouped together and the name is pretty standardized, and I am pretty sure other 3g providers might offer the same standardization of their naming schemes.
Additionally, there are times my 3g connection does not show up correctly and I have to initiate it by dialing out (#777 I believe) as if it's a modem - but if the SSID of a wifi connection were there I could see someone who was not fully paying attention to click on that by accident when the default one does not show up right away.
Wow, interesting, thanks! Hopefully at least the icons are different... If not - it's worth complaining about that somewhere so the MS folks can fix that - since it's a fairly obvious hole to exploit (and not too difficult to fix).
Any chances you might find some time to make some screenshots and blogpost them ?
The Mobile Broadband Connection doesn't always show up leaving the Wireless Network Connection list at the top. In this case you now see two entries for "Verizon Wireless" - the top being my broadband connection, the second one being my wireless routers SSID. Without paying attention and just working off of muscle memory it is feasible to go to an open network acting maliciously without realizing it.
Indeed - in a hurry it is very much possible indeed to make a mistake (also, an average mom or pop would not necessarily know the difference between the "wireless" and "broadband"...
Mind if I steal this pic for a blog post ? (Or if you planned a write-up, I'd be interested in a URL. It's worth making a bit of noise around it so the MS guys think of it as a problem worth solving.)
> You can't mask wifi as a mobile broadband connection. (If you know how to do it, please share - I'd be interested to know!)
No argument here, I'm not an expert... but isn't this exactly what the microcell devices that AT&T (etc) are giving to customers do? You set it up on your home broadband and nearby users invisibly use that "tower" and it goes over your home network.
There are multiple kinds of devices. Femtocell is basically a little cell tower that is in your home/business. UMA is when you can do voice over WiFi and it was backed by T-Mobile, but they have shied away from it and not introduced it with Android. It's somewhat tricky and needs phone support (for the handoffs between networks), whereas any phone can support femtocell.
Good to see, I had missed that T-Mobile made the UMA move on Android. Does it do the seamless handoffs or do have to make a call either over the cellular network or WiFi?
Have you ever tried to collect a claim against insurance? They will find any loophole possible to avoid a payout. Have fun trying to turn that $50,000 guarantee into something real.
Absolutely, I couldn't agree more - the devious way they've tried to manipulate this whole situation, I would honestly be shocked if normal victims (i.e. people who don't have the energy and determination that EJ did) ever got to see a cent of that $50,000.
Effectively, what we will see in the future is that Airbnb will make quick assessments and zoom in to shut victims who have the potential to attract publicity, while the less savvy will be swamped in insurance red tape until they give up and quietly slink off.
The $50,000 means nothing - after the incredible amount knocked off their value this week, Airbnb was obviously going to have learnt the financial wisdom of paying off some people, that is the only real change.
Sadly, not everyone has the determination, tenacity or communication skills to drum up the necessary attention.
Corporations have learned that, with the vast majority of people, you just have to fob them off until inertia kicks in.
The irony is that the victim in this case probably wouldn't have been a problem if they hand handled here a little more professionally in the first 24hrs. Given all that was at stake as they entered a funding round that valued them at $1.3bn, Chesky should have gone to see her in person the minute he became aware of the situation and put her straight into a five star hotel while he organized and paid for a complete deep clean, fumigation, redecoration, refurnishing and whatever else it took to soften her. Then he should have tactfully proposed that he give her a reasonable sum, perhaps ten grand, in return for her signing an NDA.
In three or four days he would have saved his company from $100m in longterm damage, possibly much more if this starts a meme of wariness about Airbnb that derails their IPO plans.
This post is entirely self serving and misses a key point: Why would I want the world's largest advertising company to have access to my healthcare data?!
The answer is, supposedly, data portability, which is a pain in the ass from hospital to hospital, or even doctor to doctor in the same hospital system. My wife, a nurse, has horror stories about how they sometimes have to fax info to other departments, just to have it re-entered into the same software.
Also, Google doesn't advertise on their Health product.
Just a silly story: some hospitals here in Norway print out patient-information, get an ambulance (an ambulance!) to drive it to the other hospital, and a nurse will type it into the other system (45 minutes she says it takes her). 2011 AD. http://www.nrk.no/nett-tv/indeks/250622/
Mr. Nguyen said the company had taken the criticism to heart and charted a new course. He fired Color’s president, Peter Pham, and its engineers are building a new version of the app to be released later this summer.
I'm guessing Peter and Bill aren't exactly best friends right now.
Mark Pincus: Hey Mike, since you know we're in our IPO quiet period, can you write a rebuttal to that NYTimes article for me? I'll give you an interview or let you invest in my next deal.
Michael Arrington: Sure thing! You better speak at my next conference!
Mark Pincus: Okay, here are some talking points:
Can you be sure to include that in the article?Michael Arrington: This looks great! It will go well with my other piece defending your terrible labor practices!
Mark Pincus: You're the best.